Описание
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 26.1.5+dfsg1-9ubuntu1 |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | not-affected | code not present |
| esm-apps/resolute | not-affected | 26.1.5+dfsg1-9ubuntu1 |
| esm-infra-legacy/xenial | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| focal | not-affected | code not present |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 27.5.1-0ubuntu3 |
| esm-apps/focal | released | 26.1.3-0ubuntu1~20.04.1+esm1 |
| esm-apps/jammy | released | 27.5.1-0ubuntu3~22.04.2 |
| esm-apps/noble | released | 27.5.1-0ubuntu3~24.04.2 |
| esm-apps/resolute | not-affected | 27.5.1-0ubuntu3 |
| focal | ignored | end of standard support, was needed |
| jammy | released | 27.5.1-0ubuntu3~22.04.2 |
| mantic | ignored | end of life, was needed |
| noble | released | 27.5.1-0ubuntu3~24.04.2 |
Показывать по
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.
BuildKit possible panic when incorrect parameters sent from frontend
BuildKit is a toolkit for converting source code to build artifacts in ...
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
EPSS
5.3 Medium
CVSS3