Lucene search

BuildKit vulnerable to possible panic when incorrect parameters sent from frontend

🗓️ 31 Jan 2024 22:54:43Reported by GoogleType

osv🔗 osv.dev👁 18 Views

BuildKit vulnerability in frontend parameter

Reporter	Title	Published	Views	Family All 58
OSV	Panic in github.com/moby/buildkit	12 Feb 202418:45	–	osv
OSV	CGA-RW49-59GP-GFV9	6 Jun 202412:29	–	osv
OSV	CGA-GPR3-VJ8Q-26RW	6 Jun 202412:27	–	osv
OSV	CGA-HC95-X7C3-393J	6 Jun 202412:26	–	osv
OSV	CGA-RM85-GQPF-HFPH	6 Jun 202412:29	–	osv
OSV	CGA-3FR8-7CC7-MGGF	6 Jun 202412:21	–	osv
OSV	CGA-6JJ8-F9Q9-3MC7	6 Jun 202412:23	–	osv
OSV	CGA-CX83-PHJ6-XQGC	6 Jun 202412:26	–	osv
OSV	CGA-PXV5-J3F8-XRPC	6 Jun 202412:26	–	osv
OSV	CGA-2FH7-3G44-V2V8	6 Jun 202412:20	–	osv

Source	Link
github	www.github.com/moby/buildkit/security/advisories/GHSA-9p26-698r-w4hx
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-23650
github	www.github.com/moby/buildkit/pull/4601
github	www.github.com/moby/buildkit/commit/481d9c45f473c58537f39694a38d7995cc656987
github	www.github.com/moby/buildkit/commit/7718bd5c3dc8fc5cd246a30cc41766e7a53c043c
github	www.github.com/moby/buildkit/commit/83edaef59d545b93e2750f1f85675a3764593fee
github	www.github.com/moby/buildkit/commit/96663dd35bf3787d7efb1ee7fd9ac7fe533582ae
github	www.github.com/moby/buildkit/commit/e1924dc32da35bfb0bfdbb9d0fc7bca25e552330
github	www.github.com/moby/buildkit
github	www.github.com/moby/buildkit/releases/tag/v0.12.5

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

31 Jan 2024 22:43Current

7High risk

Vulners AI Score7

CVSS35.3

EPSS0.00085

SSVC