Go modules package
github.com/chainguard-dev/kaniko
pkg:golang/github.com/chainguard-dev/kaniko
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-28406 | — | >= 1.25.4, < 1.25.10 | 1.25.10 | Feb 27, 2026 | kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without enforcing that the final path st |
- CVE-2026-28406Feb 27, 2026affected >= 1.25.4, < 1.25.10fixed 1.25.10
kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without enforcing that the final path st