2 matches found
CVE-2026-25140 apko affected by potential unbounded resource consumption in expandapk.ExpandApk on attacker-controlled .apk streams
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, an attacker who controls or compromises an APK repository used by apko could cause resource exhaustion on the build host. The ExpandApk function in...
CVE-2026-25140 apko affected by potential unbounded resource consumption in expandapk.ExpandApk on attacker-controlled .apk streams
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, an attacker who controls or compromises an APK repository used by apko could cause resource exhaustion on the build host. The ExpandApk function in...