RUSTSEC-2026-0148
- Source
- https://rustsec.org/advisories/RUSTSEC-2026-0148
- Import Source
- https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0148.json
- JSON Data
- https://api.osv.dev/v1/vulns/RUSTSEC-2026-0148
- Aliases
-
- CVE-2026-46703
- GHSA-f396-4rp4-7v2j
- Published
- 2026-05-16T12:00:00Z
- Modified
- 2026-05-20T10:15:04.018246806Z
- Severity
-
- 10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- OCI layer symlink escape → arbitrary host write
- Details
-
Affected versions of
boxliteextract OCI image layer tarballs without fully containing path resolution to the extraction root. A crafted layer containing a symlink whose target is an absolute on-host path (e.g.escape -> /tmp) followed by a file entry that resolves through that symlink (e.g.escape/<path>/pwned.txt) caused the extractor to write the payload to the host filesystem outside the intended rootfs directory.The fix in v0.9.0 routes every destructive filesystem operation through a
SafeRoothandle (openat2(RESOLVE_IN_ROOT)on Linux, lexical fallback elsewhere) so that no tar entry can resolve outside the extraction root, even with adversarial symlinks placed by earlier entries in the same layer.This is a container-escape during image extraction, exploitable by any user who pulls or loads a malicious OCI image — including via
SimpleBox(rootfs_path=...)from an untrusted local layout. - Database specific
{ "license": "CC0-1.0" }- References
-
- https://crates.io/crates/boxlite
- https://rustsec.org/advisories/RUSTSEC-2026-0148.html
- https://github.com/boxlite-ai/boxlite/security/advisories/GHSA-f396-4rp4-7v2j
- https://github.com/boxlite-ai/boxlite/pull/429
- https://github.com/boxlite-ai/boxlite/pull/446
- https://github.com/boxlite-ai/boxlite/pull/461
Affected packages
crates.io / boxlite
Package
- Name
- boxlite
- View open source insights on deps.dev
- Purl
- pkg:cargo/boxlite