Описание
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.
Ссылки
- PatchVendor Advisory
- PatchRelease Notes
- Vendor Advisory
- PatchVendor Advisory
- PatchRelease Notes
- Vendor Advisory
Уязвимые конфигурации
EPSS
5.3 Medium
CVSS3
Дефекты
Связанные уязвимости
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
EPSS
5.3 Medium
CVSS3