CVE-2024-23650

Improper Check for Unusual or Exceptional Conditions in go/github.com/moby/buildkit

Identifiers

GHSA-9p26-698r-w4hx, CVE-2024-23650

Package Slug

go/github.com/moby/buildkit

Vulnerability

Improper Check for Unusual or Exceptional Conditions

Description

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.

Affected Versions

All versions before 0.12.5

Solution

Upgrade to version 0.12.5 or above.

Last Modified

2024-02-01

source