CVE-2026-33748

medium Red Hat
CVSS v3 Base Score
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.0%
Exploitation probability in 30 days
Top 91% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Confidentiality
High
Integrity
None
Availability
None
Published: March 27, 2026 (105 days ago)
Last Modified: March 27, 2026
Vendor: Red Hat
Fix Available: ✓ Yes
Source: REDHAT

Description

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is limited to files on the same mounted filesystem. The issue has been fixed in version v0.28.1 The issue affects only builds that use Git URLs with a subpath component. As a workaround, avoid building Dockerfiles from untrusted sources or using the subdir component from an untrusted Git repository where the subdir component could point to a symlink.

CWE

CWE-22

Affected Products

Assisted Installer for Red Hat OpenShift Container Platform 2Confidential Compute AttestationKernel Module Management Operator for Red Hat OpenshiftLogging Subsystem for Red Hat OpenShiftLogical Volume Manager StorageMigration Toolkit for Applications 8Migration Toolkit for ContainersMigration Toolkit for VirtualizationMulticluster Engine for KubernetesNetwork Observability Operator

Fix Status

✅ Fix Available

References