Tag
A symlink-following path traversal vulnerability exists in apko versions prior to 1.2.5 allowing a malicious .apk file to create a symbolic link pointing outside the build root and subsequently modify files on the host system.