333 matches found
Denial Of Service (DoS)
github.com/moby/buildkit is vulnerable to Denial Of Service DoS. The vulnerability is due to improper validation for requests from BuildKit clients or frontends, allowing an attacker to craft a request that causes the BuildKit daemon to crash...
Arbitrary File Deletion
github.com/moby/buildkit is vulnerable to Arbitrary File Deletion. The vulnerability due to improper path sanitization when a dockerfile utilizes the RUN --mount feature. This feature is used to delete empty files which are created for mountpoints, but can be tricked into deleting arbitrary files...
Missing Entitlement Check
github.com/moby/buildkit is vulnerable to Missing Entitlement Check. The vulnerability due to improper validation of the security.insecure entitlement flag within the BuildKit APIs. An attacker can run a malicious container with elevated permissions as a result of this flaw...
PT-2024-1509
Name of the Vulnerable Software and Affected Versions Moby versions prior to 23.0 Moby versions 23.0 and later with DOCKER BUILDKIT=0 environment variable Moby versions 23.0 and later using the /build API endpoint Description The classic builder cache system in Moby is prone to cache poisoning if...
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
Impact A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. Patches The issue has been fixed in v0.12.5 Workarounds Avoid using BuildKit frontends from untrusted sources. A frontend image is usually specified as the syntax line on...
GHSA-9P26-698R-W4HX BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
Impact A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. Patches The issue has been fixed in v0.12.5 Workarounds Avoid using BuildKit frontends from untrusted sources. A frontend image is usually specified as the syntax line on...
BuildKit vulnerable to possible race condition with accessing subpaths from cache mounts
Impact Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessible to the build container. Patches The issue has been fixed in v0.12.5 Workarounds Avoid using BuildKit frontend...
GHSA-M3R6-H7WV-7XXV BuildKit vulnerable to possible race condition with accessing subpaths from cache mounts
Impact Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessible to the build container. Patches The issue has been fixed in v0.12.5 Workarounds Avoid using BuildKit frontend...
BuildKit vulnerable to possible host system access from mount stub cleaner
Impact A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the container, from the host system. Patches The issue has been fixed in v0.12.5 Workarounds Avoid using BuildKit frontend...
GHSA-4V98-7QMW-RQR8 BuildKit vulnerable to possible host system access from mount stub cleaner
Impact A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the container, from the host system. Patches The issue has been fixed in v0.12.5 Workarounds Avoid using BuildKit frontend...
Buildkit's interactive containers API does not validate entitlements check
Impact In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, running such containers is only allowed if specia...
GHSA-WR6V-9F75-VH2G Buildkit's interactive containers API does not validate entitlements check
Impact In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, running such containers is only allowed if specia...
AZL-35433 CVE-2024-23653 affecting package docker-buildx for versions less than 0.14.0-1
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask...
AZL-34084 CVE-2024-23653 affecting package moby-engine for versions less than 20.10.27-3
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask...
AZL-34081 CVE-2024-23653 affecting package moby-compose for versions less than 2.17.2-7
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask...
CVE-2024-23653
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask...
AZL-34998 CVE-2024-23653 affecting package moby-engine for versions less than 25.0.3-1
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask...
AZL-34086 CVE-2024-23652 affecting package moby-engine for versions less than 20.10.27-4
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the...
AZL-35005 CVE-2024-23651 affecting package moby-engine for versions less than 25.0.3-1
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessibl...
CVE-2024-23651
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessibl...