rpm package
opensuse/conftest&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/conftest&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-33747 | Hig | 8.4 | < 0.67.1-2.1 | 0.67.1-2.1 | Mar 27, 2026 | BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit sta | |
| CVE-2024-6257 | — | < 0.54.0-1.1 | 0.54.0-1.1 | Jun 25, 2024 | HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution. |
- affected < 0.67.1-2.1fixed 0.67.1-2.1
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit sta
- CVE-2024-6257Jun 25, 2024affected < 0.54.0-1.1fixed 0.54.0-1.1
HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution.