In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Improper Access Control vulnerabilities in an interactive lesson.
Start learningA fix was pushed into the master
branch but not yet published.
Affected versions of this package are vulnerable to Improper Access Control due to the incorrect handling of TCP bind()
and connect()
operations in the BestEffort
mode. An attacker can bypass intended networking (through landlock.V4
, landlock.V5
, or self-configured) restrictions by exploiting the lack of proper restrictions in this mode.
This is only exploitable if the user employs Landlock rulesets intended to restrict networking and uses them in best-effort mode.
Note: This vulnerability was fixed in version v0.0.0-20241013234402-fb3ad845df46