CVE-2026-45405
CriticalCVSS 9.0Exploitation Probability (EPSS)
Low risk21th percentile — higher than 21% of all known CVEs
Summary
A vulnerability in Dokku prior to version 0.38.2 allows an attacker to write arbitrary files on the system by exploiting the git:from-archive and certs:add commands. The attacker can supply a crafted tar/zip archive containing symbolic links, which enables overwriting the ~/.ssh/authorized_keys file and gaining unrestricted shell access.
Risk Assessment
The risk to the organization is critical because an attacker can gain full control over the Dokku server by obtaining shell access as the dokku user, potentially leading to data theft, application modification, or further attacks on the infrastructure.
Recommendation
Immediately upgrade Dokku to version 0.38.2 or later. If an upgrade is not possible, temporarily disable the git:from-archive and certs:add commands or restrict access to trusted users only.
Original NVD description (English source)
Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary directories without sanitizing member paths or preventing symlink traversal. GNU tar creates symlinks during extraction and follows them for subsequent entries, allowing an attacker to write arbitrary files anywhere writable by the dokku user — including overwriting ~/.ssh/authorized_keys to gain unrestricted shell access. This vulnerability is fixed in 0.38.2.

