8 matches found
CVE-2026-33747
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...
CVE-2026-33747
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...
CVE-2026-33747 BuildKit vulnerable to malicious frontend causing file escape outside of storage root
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...
BuildKit's Malicious frontend can cause file escape outside of storage root
Impact When using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for the execution context. Patches The issue has been fixed in v0.28.1+ Workarounds Issue requires using an untrusted BuildKit frontend set...
Linux Distros Unpatched Vulnerability : CVE-2024-23651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in...
AZL-35010 CVE-2024-23652 affecting package moby-engine for versions less than 25.0.3-1
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the...
Improper Handling of Insufficient Privileges (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Privileges Leaky Vessels via APIs for running interactive containers based on built images. It is possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, runnin...
Improper Handling of Insufficient Privileges (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Privileges Leaky Vessels via APIs for running interactive containers based on built images. It is possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, runnin...