CVE-2025-32111

Published April 4th, 2025

View on NVD ↗

CVSS v3

8.7

HIGH

CVSS v2

N/A

Affected

PROJECTS

Description

The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file that lacks "persist-credentials: false" for actions/checkout.

acmesh-official/acme.sh

A pure Unix shell script ACME client for SSL / TLS certificate automation

GitHub

46.9K

actions/checkout

Action for checking out a repo

GitHub

7.99K