Description
Systrace before 1.6.0 has insufficient escape policy enforcement.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
http://www.citi.umich.edu/u/provos/systrace/
Third Party Advisory x_refsource_misc
http://taviso.decsystem.org/research.html
Third Party Advisory x_refsource_misc
http://taviso.decsystem.org/research.t2t
Third Party Advisory x_refsource_misc
https://www.provos.org/index.php?/archives/2007/12/C2.html
Scores
CVSS v3
9.8
EPSS
0.0174
EPSS Percentile
74.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-415
Status
published
Products (1)
systrace_project/systrace
< 1.6.0
Published
Jan 15, 2020
Tracked Since
Feb 18, 2026