CVE-2025-32111

Name of the Vulnerable Software and Affected Versions acme.sh versions prior to 40b6db6

Description The issue concerns a Docker image of acme.sh that is based on a .github/workflows/dockerhub.yml file. This file lacks the "persist-credentials: false" setting for actions/checkout, which may lead to credential persistence.

Recommendations For versions prior to 40b6db6, consider updating to a version that includes the "persist-credentials: false" setting in the .github/workflows/dockerhub.yml file to prevent credential persistence. As a temporary workaround, consider manually adding "persist-credentials: false" to the dockerhub.yml file for actions/checkout until a patched version is available.