BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.
Metrics
Affected Vendors & Products
References
History
Tue, 12 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Moby
Moby buildkit |
|
CPEs | cpe:2.3:a:moby:buildkit:*:*:*:*:*:*:*:* | |
Vendors & Products |
Moby
Moby buildkit |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-01-31T21:42:13.382Z
Updated: 2024-11-12T20:15:05.078Z
Reserved: 2024-01-19T00:18:53.234Z
Link: CVE-2024-23650
Vulnrichment
Updated: 2024-08-01T23:06:25.309Z
NVD
Status : Modified
Published: 2024-01-31T22:15:53.990
Modified: 2024-11-21T08:58:05.417
Link: CVE-2024-23650
Redhat