Migration toolkit for containers
This hub aggregates every CVE we track for Migration toolkit for containers, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.
24
CVEs tracked
4
Critical
12
High
1
In CISA KEV
Severity distribution
HIGH12MEDIUM7CRITICAL4LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
4
0
3
6
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Migration toolkit for containers.
- CVE-2026-32281Inefficient policy validation in crypto/x5097.5
- CVE-2026-32280Unexpected work during chain building in crypto/x5097.5
- CVE-2026-32283Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls7.5
- CVE-2026-32288Unbounded allocation for old GNU sparse in archive/tar5.5
- CVE-2026-33810Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x5098.2
- CVE-2026-32289JsBraceDepth Context Tracking Bugs (XSS) in html/template6.1
- CVE-2026-33748BuildKit Git URL subdir component can cause access to restricted files7.5
- CVE-2026-33747BuildKit vulnerable to malicious frontend causing file escape outside of storage root8.4
- CVE-2026-25645Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function4.4
- CVE-2026-23490pyasn1 has a DoS vulnerability in decoder7.5
- CVE-2025-69228AIOHTTP vulnerable to denial of service through large payloads7.5
- CVE-2025-69226AIOHTTP allows for a brute-force leak of internal static filepath components5.3
- CVE-2025-69223AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb7.5
- CVE-2025-66471urllib3 Streaming API improperly handles highly compressed data7.5
- CVE-2025-66418urllib3 allows an unbounded number of links in the decompression chain7.5
Product normalization is registry-driven with AI assist and human review. How it works