GHSA-6RXQ-Q92G-4RMF

Vulnerability from github – Published: 2026-03-01 01:28 – Updated: 2026-03-01 01:28
VLAI?
Summary
kaniko has tar archive path traversal in its build context extraction, allowing file writes outside destination directories
Details

kaniko unpacks build context archives using filepath.Join(dest, cleanedName) without enforcing that the final path stays within dest. A tar entry like ../outside.txt escapes the extraction root and writes files outside the destination directory. In environments with registry authentication, this can be chained with docker credential helpers to achieve code execution within the executor process. Affected versions >= 1.25.4, <= 1.25.9.

Fix: Merged with PR #326 — uses securejoin for path resolution in tar extraction.

Acknowledgements

kaniko thanks Oleh Konko from 1seal for discovering and reporting this issue.

Severity ?
8.2 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/chainguard-dev/kaniko"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.25.4"
            },
            {
              "fixed": "1.25.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-28406"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-01T01:28:02Z",
    "nvd_published_at": "2026-02-27T22:16:23Z",
    "severity": "HIGH"
  },
  "details": "kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without enforcing that the final path stays within `dest`. A tar entry like `../outside.txt` escapes the extraction root and writes files outside the destination directory. In environments with registry authentication, this can be chained with docker credential helpers to achieve code execution within the executor process. Affected versions \u003e= 1.25.4, \u003c= 1.25.9.\n\n**Fix:** Merged with [PR #326](https://github.com/chainguard-forks/kaniko/pull/326) \u2014 uses securejoin for path resolution in tar extraction.\n\n**Acknowledgements**\n\nkaniko thanks Oleh Konko from [1seal](https://1seal.org/) for discovering and reporting this issue.",
  "id": "GHSA-6rxq-q92g-4rmf",
  "modified": "2026-03-01T01:28:02Z",
  "published": "2026-03-01T01:28:02Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/chainguard-forks/kaniko/security/advisories/GHSA-6rxq-q92g-4rmf"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28406"
    },
    {
      "type": "WEB",
      "url": "https://github.com/chainguard-forks/kaniko/pull/326"
    },
    {
      "type": "WEB",
      "url": "https://github.com/chainguard-forks/kaniko/commit/a370e4b1f66e6e842b685c8f70ed507964c4b221"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/chainguard-forks/kaniko"
    },
    {
      "type": "WEB",
      "url": "https://github.com/chainguard-forks/kaniko/releases/tag/v1.25.10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "kaniko has tar archive path traversal in its build context extraction, allowing file writes outside destination directories"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.