1. Home
  2. Vulnerabilities
  3. CVE-2024-23650

CVE-2024-23650

CVSS v3.1 5.3 (Medium)
53% Progress
EPSS 0.05 % (21th)
0.05% Progress
Affected Products 1
Advisories 4
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.

Weaknesses
CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE Status
PUBLISHED
CNA
GitHub, Inc.
Published Date
2024-01-31 22:15:53
(7 months ago)
Updated Date
2024-02-09 01:38:44
(7 months ago)

Affected Products

Mobyproject

Configuration #1

    CPE23 From Up To
  Mobyproject Buildkit prior 0.12.5 version cpe:2.3:a:mobyproject:buildkit < 0.12.5