Kaniko

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-28406 HIGH PATCH This Week

Path traversal in Kaniko 1.25.4 through 1.25.9 allows attackers to extract tar archives outside the intended destination directory, enabling arbitrary file writes on the build system. When combined with Docker credential helpers in registry authentication scenarios, this vulnerability can be leveraged for code execution within the Kaniko executor process. Docker and Kubernetes environments using the affected Kaniko versions are at risk.

Docker Kubernetes Kaniko Redhat Suse

NVD GitHub

CVSS 3.1

8.2

EPSS

0.1%

CVE-2026-28406

EPSS 0% CVSS 8.2

HIGH PATCH This Week

Path traversal in Kaniko 1.25.4 through 1.25.9 allows attackers to extract tar archives outside the intended destination directory, enabling arbitrary file writes on the build system. When combined with Docker credential helpers in registry authentication scenarios, this vulnerability can be leveraged for code execution within the Kaniko executor process. Docker and Kubernetes environments using the affected Kaniko versions are at risk.

Docker Kubernetes Kaniko +2

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy