CVE-2026-33747

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-33747
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-33747.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-33747
Aliases
Downstream
Related
Published
2026-03-27T00:49:06.165Z
Modified
2026-04-02T13:44:27.802423488Z
Severity
  • 8.4 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
BuildKit vulnerable to malicious frontend causing file escape outside of storage root
Details

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for the execution context. The issue has been fixed in v0.28.1. The vulnerability requires using an untrusted BuildKit frontend set with #syntax or --build-arg BUILDKIT_SYNTAX. Using these options with a well-known frontend image like docker/dockerfile is not affected.

Database specific 
{
    "cwe_ids": [
        "CWE-22"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/33xxx/CVE-2026-33747.json",
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/moby/buildkit

Affected ranges

Type
GIT
Repo
https://github.com/moby/buildkit
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
45b038cd0b2ec2d34013ce0f085522276f7ee0d8
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.28.1"
        }
    ]
}

Affected versions

dockerfile/0.*
dockerfile/0.9.0
dockerfile/0.9.0-experimental
dockerfile/1.*
dockerfile/1.0.0
dockerfile/1.0.0-experimental
dockerfile/1.0.1
dockerfile/1.0.1-experimental
dockerfile/1.0.2-experimental
dockerfile/1.1.0
dockerfile/1.1.0-experimental
dockerfile/1.1.1
dockerfile/1.1.1-experimental
dockerfile/1.1.2
dockerfile/1.1.2-experimental
dockerfile/1.1.3
dockerfile/1.1.3-experimental
dockerfile/1.1.4
dockerfile/1.1.4-experimental
dockerfile/1.1.5
dockerfile/1.1.5-experimental
dockerfile/1.1.6
dockerfile/1.1.6-experimental
dockerfile/1.1.6-rc1
dockerfile/1.1.6-rc1-experimental
dockerfile/1.1.7
dockerfile/1.1.7-experimental
dockerfile/1.10.0
dockerfile/1.10.0-labs
dockerfile/1.10.0-rc1
dockerfile/1.10.0-rc1-labs
dockerfile/1.11.0
dockerfile/1.11.0-labs
dockerfile/1.11.0-rc1
dockerfile/1.11.0-rc1-labs
dockerfile/1.11.0-rc2
dockerfile/1.11.0-rc2-labs
dockerfile/1.11.1
dockerfile/1.11.1-labs
dockerfile/1.12.0
dockerfile/1.12.0-labs
dockerfile/1.12.0-rc1
dockerfile/1.12.0-rc1-labs
dockerfile/1.12.1
dockerfile/1.12.1-labs
dockerfile/1.13.0
dockerfile/1.13.0-labs
dockerfile/1.13.0-rc1
dockerfile/1.13.0-rc1-labs
dockerfile/1.14.0
dockerfile/1.14.0-labs
dockerfile/1.14.0-rc1
dockerfile/1.14.0-rc1-labs
dockerfile/1.14.0-rc2
dockerfile/1.14.0-rc2-labs
dockerfile/1.14.0-rc3
dockerfile/1.14.0-rc3-labs
dockerfile/1.14.1
dockerfile/1.14.1-labs
dockerfile/1.15.0
dockerfile/1.15.0-labs
dockerfile/1.15.0-rc1
dockerfile/1.15.0-rc1-labs
dockerfile/1.15.0-rc2
dockerfile/1.15.0-rc2-labs
dockerfile/1.15.1
dockerfile/1.15.1-labs
dockerfile/1.16.0
dockerfile/1.16.0-labs
dockerfile/1.16.0-rc1
dockerfile/1.16.0-rc1-labs
dockerfile/1.16.0-rc2
dockerfile/1.16.0-rc2-labs
dockerfile/1.17.0
dockerfile/1.17.0-labs
dockerfile/1.17.0-rc1
dockerfile/1.17.0-rc1-labs
dockerfile/1.17.1
dockerfile/1.17.1-labs
dockerfile/1.18.0
dockerfile/1.18.0-labs
dockerfile/1.18.0-rc1
dockerfile/1.18.0-rc1-labs
dockerfile/1.18.0-rc2
dockerfile/1.18.0-rc2-labs
dockerfile/1.19.0
dockerfile/1.19.0-labs
dockerfile/1.19.0-rc1
dockerfile/1.19.0-rc1-labs
dockerfile/1.2.0
dockerfile/1.2.0-labs
dockerfile/1.2.0-rc1
dockerfile/1.2.0-rc1-labs
dockerfile/1.2.1
dockerfile/1.2.1-labs
dockerfile/1.20.0
dockerfile/1.20.0-labs
dockerfile/1.20.0-rc1
dockerfile/1.20.0-rc1-labs
dockerfile/1.21.0
dockerfile/1.21.0-labs
dockerfile/1.21.0-rc1
dockerfile/1.21.0-rc1-labs
dockerfile/1.22.0
dockerfile/1.22.0-labs
dockerfile/1.22.0-rc1
dockerfile/1.22.0-rc1-labs
dockerfile/1.22.0-rc2
dockerfile/1.22.0-rc2-labs
dockerfile/1.23.0
dockerfile/1.23.0-labs
dockerfile/1.23.0-rc1
dockerfile/1.23.0-rc1-labs
dockerfile/1.3.0
dockerfile/1.3.0-labs
dockerfile/1.3.0-rc1
dockerfile/1.3.0-rc1-labs
dockerfile/1.3.1
dockerfile/1.3.1-labs
dockerfile/1.4.0
dockerfile/1.4.0-labs
dockerfile/1.4.0-labs-rc1
dockerfile/1.4.0-labs-rc2
dockerfile/1.4.0-rc1
dockerfile/1.4.0-rc2
dockerfile/1.4.1
dockerfile/1.4.1-labs
dockerfile/1.4.2
dockerfile/1.4.2-labs
dockerfile/1.4.3
dockerfile/1.4.3-labs
dockerfile/1.5.0
dockerfile/1.5.0-labs
dockerfile/1.5.0-rc1
dockerfile/1.5.0-rc1-labs
dockerfile/1.5.0-rc2
dockerfile/1.5.0-rc2-labs
dockerfile/1.5.0-rc3
dockerfile/1.5.0-rc3-labs
dockerfile/1.5.1
dockerfile/1.5.1-labs
dockerfile/1.5.2
dockerfile/1.5.2-labs
dockerfile/1.6.0
dockerfile/1.6.0-labs
dockerfile/1.6.0-rc1
dockerfile/1.6.0-rc1-labs
dockerfile/1.6.0-rc2
dockerfile/1.6.0-rc2-labs
dockerfile/1.7.0
dockerfile/1.7.0-labs
dockerfile/1.7.0-rc1
dockerfile/1.7.0-rc1-labs
dockerfile/1.7.1
dockerfile/1.7.1-labs
dockerfile/1.8.0
dockerfile/1.8.0-labs
dockerfile/1.8.0-rc1
dockerfile/1.8.0-rc1-labs
dockerfile/1.8.0-rc2
dockerfile/1.8.0-rc2-labs
dockerfile/1.8.1
dockerfile/1.8.1-labs
dockerfile/1.9.0
dockerfile/1.9.0-labs
dockerfile/1.9.0-rc1
dockerfile/1.9.0-rc1-labs
dockerfile/1.9.0-rc2
dockerfile/1.9.0-rc2-labs
v0.*
v0.10.0
v0.10.0-rc1
v0.10.0-rc2
v0.10.1
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.10.6
v0.11.0
v0.11.0-rc1
v0.11.0-rc2
v0.11.0-rc3
v0.11.0-rc4
v0.11.1
v0.11.2
v0.11.3
v0.11.4
v0.11.5
v0.11.6
v0.12.0
v0.12.0-rc1
v0.12.0-rc2
v0.12.1
v0.12.2
v0.12.3
v0.12.4
v0.12.5
v0.13.0
v0.13.0-beta1
v0.13.0-beta2
v0.13.0-beta3
v0.13.0-rc1
v0.13.0-rc2
v0.13.0-rc3
v0.13.1
v0.13.2
v0.14.0
v0.14.0-rc1
v0.14.0-rc2
v0.14.1
v0.15.0
v0.15.0-rc1
v0.15.0-rc2
v0.15.1
v0.15.2
v0.16.0
v0.16.0-rc1
v0.16.0-rc2
v0.17.0
v0.17.0-rc1
v0.17.0-rc2
v0.17.1
v0.17.2
v0.17.3
v0.18.0
v0.18.0-rc1
v0.18.0-rc2
v0.18.1
v0.18.2
v0.19.0
v0.19.0-rc1
v0.19.0-rc2
v0.19.0-rc3
v0.20.0
v0.20.0-rc1
v0.20.0-rc2
v0.20.0-rc3
v0.20.1
v0.20.2
v0.21.0
v0.21.0-rc1
v0.21.0-rc2
v0.21.1
v0.22.0
v0.22.0-rc1
v0.22.0-rc2
v0.23.0
v0.23.0-rc1
v0.23.0-rc2
v0.23.1
v0.23.2
v0.24.0
v0.24.0-rc1
v0.24.0-rc2
v0.25.0
v0.25.0-rc1
v0.25.1
v0.25.2
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.26.2
v0.26.3
v0.27.0
v0.27.0-rc1
v0.27.0-rc2
v0.27.1
v0.28.0
v0.28.0-rc1
v0.28.0-rc2
v0.29.0
v0.29.0-rc1
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.4.0
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.7.0
v0.7.0-rc1
v0.7.1
v0.7.2
v0.8.0
v0.8.0-rc1
v0.8.0-rc2
v0.8.0-rc3
v0.8.1
v0.8.2
v0.8.3
v0.9.0
v0.9.0-rc1
v0.9.0-rc2
v0.9.1
v0.9.2
v0.9.3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-33747.json"