CVE-2026-40611

A flaw was found in lego, the Let's Encrypt client and ACME library written in Go. A malicious ACME Automated Certificate Management Environment server can exploit a path traversal vulnerability in the webroot HTTP-01 challenge provider. By supplying a specially crafted challenge token containing...

autopoc

AutoPoC Automated proof-of-concept deployments on OpenShift...

Moby 安全漏洞

Moby is an open-source project developed by Moby. It aims to promote the containerization of software and help the ecosystem make container technology mainstream. Versions of Moby prior to 29.3.1 contained security vulnerabilities, which were due to allowing attackers to bypass authorized plugins...

CLEANSTART-2026-ZM20570 Moby is an open-source project created by Docker for software containerization

Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...

CLEANSTART-2026-SP51034 Moby is an open-source project created by Docker for software containerization

Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...

CLEANSTART-2026-YB44027 Moby is an open-source project created by Docker for software containerization

Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...

CLEANSTART-2026-SB85645 Moby is an open-source project created by Docker for software containerization

Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...

CLEANSTART-2026-OS18490 Moby is an open-source project created by Docker for software containerization

Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...

CLEANSTART-2026-XL45869 Moby is an open-source project created by Docker for software containerization

Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...

CLEANSTART-2026-JD48541 Moby is an open-source project created by Docker for software containerization

Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...

CLEANSTART-2026-BK59402 Moby is an open-source project created by Docker for software containerization

Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...

CLEANSTART-2026-GY69323 Moby is an open-source project created by Docker for software containerization

Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...

CVE-2026-20613

The ArchiveReader.extractContents function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system using...

Containerization security vulnerabilities

Containerization is an open-source Swift container package developed by Apple. There is a security vulnerability in Containerization, which stems from the lack of path name validation before extracting archived members. This vulnerability may allow files to be extracted to any writable location b...

CVE-2026-20613

The ArchiveReader.extractContents function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system using...

CVE-2026-20613

The ArchiveReader.extractContents function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system using...

CVE-2026-20613

The ArchiveReader.extractContents function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system using...

CVE-2026-20613

The CVE-2026-20613 issue is in ArchiveReader.extractContents() used by cctl image load and container image load. It does not validate pathnames when extracting archive members, enabling a crafted archive with relative paths to write files to arbitrary user-writable locations on the host. Document...

GHSA-CQ3J-QJ2H-6RV3 Container and Containerization archive extraction does not guard against escapes from extraction base directory.

Summary The ArchiveReader.extractContents function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system...

Directory Traversal

Overview containerization is a Containerization is a Swift package for running Linux containers on macOS. Affected versions of this package are vulnerable to Directory Traversal via the extractContents function. An attacker can write files to arbitrary user-writable locations on the system by...