CNNVD-202601-4204 Information

CNNVD ID

CNNVD-202601-4204

Related CVE

CVE-2026-20613

• CNNVD Published: 2026-01-23

Description (Chinese)

Containerization是Apple开源的一个Swift容器包。 Containerization存在安全漏洞，该漏洞源于提取存档成员前未进行路径名验证，可能导致文件被提取到任意用户可写位置。

Description (English)

Containerization is a Swift container package from Apple ’ s open source. There is a security loophole in Containerization, which arises from the fact that no pathname verification has been performed before extracting the archived members, which could lead to the document being extracted to any written position of the user.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

苹果

Published

2026-01-23

Last Modified

2026-02-24

References

https://github.com/apple/containerization/security/advisories/GHSA-cq3j-qj2h-6rv3 https://access.redhat.com/security/cve/cve-2026-20613

Patch

https://github.com/apple/containerization/tags