Tag
docker-buildx
Safeguard articles tagged "docker-buildx" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Vulnerability Analysis
BuildKit Privileged Entitlement Check Bypass Enabling Hos...
CVE-2024-23653 lets malicious Dockerfiles bypass BuildKit's privileged entitlement check via the interactive containers API, escaping to the host.
Nov 20, 20258 min read
Vulnerability Analysis
BuildKit Build-Time Container Teardown Arbitrary File Del...
A malicious Dockerfile can exploit CVE-2024-23652 to make BuildKit delete arbitrary host files during build teardown. Here's what's affected and how to fix it.
Nov 20, 20257 min read
Vulnerability Analysis
BuildKit Mount Cache Race Condition Vulnerability (CVE-20...
CVE-2024-23651 is a high-severity BuildKit race condition that can expose host files to build containers via shared cache mounts. Here's the full breakdown.
Nov 20, 20258 min read