Approved changes feed: RSS · Atom
cpe:2.3:a:docker:buildx:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Docker (fb312c2d-be4d-5919-b619-61409dcafa2c) |
|---|---|
| Product | Buildx (35891cf7-9033-5ebd-a9eb-a5e0f324dd7f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-0495 |
vulnerable | 2026-06-03 14:58:32.319042 |
Secrets leakage to telemetry endpoint via cache backend configuration via buildx
Buildx is a Docker CLI plugin that extends build capabilities using BuildKit.
Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry traces as part of the arguments and flags for the traced CLI command. OpenTelemetry traces are also saved in BuildKit daemon's history records.
This vulnerability does not impact secrets passed to the Github cache backend via environment variables or registry authentication.
Published: 2025-03-17T19:21:11.295Z
Updated: 2025-03-18T16:25:42.668Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.