CVE-2026-33748

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-33748
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-33748.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-33748
Aliases
Downstream
Related
Published
2026-03-27T14:00:21.200Z
Modified
2026-04-10T05:42:54.750195Z
Severity
  • 8.2 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
BuildKit Git URL subdir component can cause access to restricted files
Details

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is limited to files on the same mounted filesystem. The issue has been fixed in version v0.28.1 The issue affects only builds that use Git URLs with a subpath component. As a workaround, avoid building Dockerfiles from untrusted sources or using the subdir component from an untrusted Git repository where the subdir component could point to a symlink.

Database specific 
{
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/33xxx/CVE-2026-33748.json",
    "cwe_ids": [
        "CWE-22",
        "CWE-59"
    ]
}
References

Affected packages

Git / github.com/moby/buildkit

Affected ranges

Type
GIT
Repo
https://github.com/moby/buildkit
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
45b038cd0b2ec2d34013ce0f085522276f7ee0d8
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.28.1"
        }
    ]
}

Affected versions

dockerfile/0.*
dockerfile/0.9.0
dockerfile/0.9.0-experimental
dockerfile/1.*
dockerfile/1.0.0
dockerfile/1.0.0-experimental
dockerfile/1.0.1
dockerfile/1.0.1-experimental
dockerfile/1.0.2-experimental
dockerfile/1.1.0
dockerfile/1.1.0-experimental
dockerfile/1.1.1
dockerfile/1.1.1-experimental
dockerfile/1.1.2
dockerfile/1.1.2-experimental
dockerfile/1.1.3
dockerfile/1.1.3-experimental
dockerfile/1.1.6
dockerfile/1.1.6-experimental
dockerfile/1.1.6-rc1
dockerfile/1.1.6-rc1-experimental
dockerfile/1.10.0-rc1
dockerfile/1.10.0-rc1-labs
dockerfile/1.11.0
dockerfile/1.11.0-labs
dockerfile/1.11.0-rc1
dockerfile/1.11.0-rc1-labs
dockerfile/1.11.0-rc2
dockerfile/1.11.0-rc2-labs
dockerfile/1.12.0
dockerfile/1.12.0-labs
dockerfile/1.12.0-rc1
dockerfile/1.12.0-rc1-labs
dockerfile/1.13.0-rc1
dockerfile/1.13.0-rc1-labs
dockerfile/1.14.0-rc1
dockerfile/1.14.0-rc1-labs
dockerfile/1.14.0-rc2
dockerfile/1.14.0-rc2-labs
dockerfile/1.15.0-rc1
dockerfile/1.15.0-rc1-labs
dockerfile/1.16.0-rc1
dockerfile/1.16.0-rc1-labs
dockerfile/1.17.0-rc1
dockerfile/1.17.0-rc1-labs
dockerfile/1.18.0-rc1
dockerfile/1.18.0-rc1-labs
dockerfile/1.18.0-rc2
dockerfile/1.18.0-rc2-labs
dockerfile/1.19.0-rc1
dockerfile/1.19.0-rc1-labs
dockerfile/1.2.0
dockerfile/1.2.0-labs
dockerfile/1.2.0-rc1
dockerfile/1.2.0-rc1-labs
dockerfile/1.2.1
dockerfile/1.2.1-labs
dockerfile/1.20.0
dockerfile/1.20.0-labs
dockerfile/1.20.0-rc1
dockerfile/1.20.0-rc1-labs
dockerfile/1.21.0-rc1
dockerfile/1.21.0-rc1-labs
dockerfile/1.22.0
dockerfile/1.22.0-labs
dockerfile/1.22.0-rc1
dockerfile/1.22.0-rc1-labs
dockerfile/1.22.0-rc2
dockerfile/1.22.0-rc2-labs
dockerfile/1.3.0
dockerfile/1.3.0-labs
dockerfile/1.3.0-rc1
dockerfile/1.3.0-rc1-labs
dockerfile/1.4.0
dockerfile/1.4.0-labs
dockerfile/1.4.0-labs-rc1
dockerfile/1.4.0-labs-rc2
dockerfile/1.4.0-rc1
dockerfile/1.4.0-rc2
dockerfile/1.5.0-rc1
dockerfile/1.5.0-rc1-labs
dockerfile/1.5.0-rc2
dockerfile/1.5.0-rc2-labs
dockerfile/1.6.0
dockerfile/1.6.0-labs
dockerfile/1.6.0-rc1
dockerfile/1.6.0-rc1-labs
dockerfile/1.6.0-rc2
dockerfile/1.6.0-rc2-labs
dockerfile/1.7.0-rc1
dockerfile/1.7.0-rc1-labs
dockerfile/1.8.0
dockerfile/1.8.0-labs
dockerfile/1.8.0-rc1
dockerfile/1.8.0-rc1-labs
dockerfile/1.8.0-rc2
dockerfile/1.8.0-rc2-labs
dockerfile/1.9.0
dockerfile/1.9.0-labs
dockerfile/1.9.0-rc1
dockerfile/1.9.0-rc1-labs
dockerfile/1.9.0-rc2
dockerfile/1.9.0-rc2-labs
v0.*
v0.10.0
v0.10.0-rc1
v0.10.0-rc2
v0.11.0-rc1
v0.11.0-rc2
v0.11.0-rc3
v0.12.0
v0.12.0-rc1
v0.12.0-rc2
v0.13.0-beta1
v0.13.0-beta2
v0.13.0-beta3
v0.13.0-rc1
v0.13.0-rc2
v0.13.0-rc3
v0.14.0
v0.14.0-rc1
v0.14.0-rc2
v0.15.0
v0.15.0-rc1
v0.15.0-rc2
v0.16.0-rc1
v0.16.0-rc2
v0.17.0
v0.17.0-rc1
v0.17.0-rc2
v0.18.0
v0.18.0-rc1
v0.18.0-rc2
v0.19.0-rc1
v0.19.0-rc2
v0.19.0-rc3
v0.20.0-rc1
v0.20.0-rc2
v0.21.0-rc1
v0.22.0-rc1
v0.23.0-rc1
v0.24.0-rc1
v0.24.0-rc2
v0.25.0-rc1
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.27.0-rc1
v0.27.0-rc2
v0.28.0
v0.28.0-rc1
v0.28.0-rc2
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.4.0
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.7.0
v0.7.0-rc1
v0.8.0
v0.8.0-rc1
v0.8.0-rc2
v0.8.0-rc3
v0.8.1
v0.9.0
v0.9.0-rc1
v0.9.0-rc2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-33748.json"