"Due to the combination of the command injection in the 'openwrt/imagebuilder' image and the truncated SHA-256 hash included in the build request hash, an attacker can pollute the legitimate image by providing a package list that causes the hash collision."
"By exploiting this, a previously built malicious image can be served in place of a legitimate one, allowing the attacker to 'poison' the artifact cache and deliver compromised images to unsuspecting users."
Collection
[
|
...
]