Mobyproject Buildkit vulnerabilities

CVE-2026-33747 [CRITICAL] CWE-22 CVE-2026-33747: BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for the execution context. The issue has been fixed in v0.

CVE-2024-23653 [CRITICAL] CWE-863 CVE-2024-23653: BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to run a container with elevated privileges.

CVE-2024-23652 [CRITICAL] CWE-22 CVE-2024-23652: BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the container, from the host system. The issue has been fixed in

CVE-2024-23651 [HIGH] CWE-362 CVE-2024-23651: BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessible to the build container. The issue has been fixed in v0.

CVE-2024-23650 [MEDIUM] CWE-754 CVE-2024-23650: BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.

CVE-2023-26054 [MEDIUM] CWE-200 CVE-2023-26054: BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build, these credentials could be visible from the provenance a