CVE-2026-28406

High CVSS: 8.2

kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without enforcing that the final path stays within `dest`. A tar entry like `../outside.txt` escapes the extraction root and writes files outside the destination directory. In environments with registry authentication, this can be chained with docker credential helpers to achieve code execution within the executor process. Version 1.25.10 uses securejoin for path resolution in tar extraction.

Vendor

Chainguard

Product

Kaniko

CWE

CWE-22

Yayın Tarihi

2026-02-27 22:16:23

Güncelleme

2026-03-06 19:29:21

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-22 Kaniko HIGH Chainguard 2026

Referanslar

https://github.com/chainguard-forks/kaniko/commit/a370e4b1f66e6e842b685c8f70ed507964c4b221 https://github.com/chainguard-forks/kaniko/pull/326 https://github.com/chainguard-forks/kaniko/security/advisories/GHSA-6rxq-q92g-4rmf

Benzer Kayıtlar

Medium

CVE-2026-29049

melange allows users to build apk packages using declarative pipelines. In version 0.40.5 and prior, melange update-cach…

Medium

CVE-2026-28407

malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior…

High

CVE-2026-25143

melange allows users to build apk packages using declarative pipelines. From version 0.10.0 to before 0.40.3, an attacke…

Medium

CVE-2026-25145

melange allows users to build apk packages using declarative pipelines. From version 0.14.0 to before 0.40.3, an attacke…

High

CVE-2026-24843

melange allows users to build apk packages using declarative pipelines. In version 0.11.3 to before 0.40.3, an attacker…

High

CVE-2026-24844

melange allows users to build apk packages using declarative pipelines. From version 0.3.0 to before 0.40.3, an attacker…