/
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-23650

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-23650

CGA ID

CGA-pxv5-j3f8-xrpc

Severity

5.3

Medium

CVSS V3

Description

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.

References

  • https://images.chainguard.dev/security/CGA-pxv5-j3f8-xrpc

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images