CVE-2026-28909

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Apr 30, 2026

Vendor unknown

Description

Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3.

References

https://github.com/apple/container/security/advisories/GHSA-m5rp-xcpf-r8m7