CGA-h2vq-f2rf-jwrq

Published

Last updated

Package

buildkitd

RepositoryWolfi

Latest Update

Pending upstream fix

Aliases

Severity

7.5

High

CVSS V3

Status

Pending upstream fix

Impact

otelhttptrace and otelhttp have been both bumped to v0.45.0 in the upstream via https://github.com/moby/buildkit/commit/5ecfec1039959e8b742494eec8f7b5fd8202df5a, but this change is yet to be released. Bumping this dependency downstream causes build-time issues with missing required packages.

Status

Fixed

Fixed version

0.12.4-r4

Status

Under investigation

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™