The vulnerability identified as CVE-2026-33748 affects moby buildkit, a widely used toolkit for building container images efficiently and reproducibly. Prior to version 0.28.1, buildkit does not properly validate the subdirectory component in Git URL fragments used during builds. This improper validation allows a path traversal attack (CWE-22) where an attacker can specify a subpath that escapes the checked-out Git repository root directory. Although access is limited to files on the same mounted filesystem, this can still expose sensitive files outside the intended build context. The issue also relates to CWE-59, involving symbolic link (symlink) following, which can be exploited if the subdir component points to a symlink. Exploitation requires no authentication or user interaction and can be triggered remotely by specifying crafted Git URLs with subpaths in build instructions. The vulnerability has a CVSS 4.0 score of 8.2 (high severity), reflecting its network attack vector, low complexity, no privileges required, and high impact on confidentiality. The flaw has been patched in buildkit version 0.28.1. Until patched, the vulnerability primarily affects builds that use Git URLs with subdirectory fragments, especially when the source is untrusted. This can lead to unauthorized disclosure of sensitive files on the build host, potentially leaking credentials, configuration files, or other critical data. There are no known exploits in the wild as of now, but the risk remains significant given buildkit's widespread use in containerized development and CI/CD pipelines.

This vulnerability can lead to unauthorized disclosure of sensitive files on build hosts, compromising confidentiality and potentially integrity if attackers gain access to configuration or secret files. Organizations relying on buildkit for container image builds, especially in automated CI/CD environments, risk exposure of internal files if untrusted Git repositories or subdirectory components are used. This can facilitate further attacks such as credential theft, lateral movement, or supply chain compromise. The impact is heightened in environments where build hosts have access to sensitive data or production credentials. Since exploitation requires no authentication and can be triggered remotely via crafted Git URLs, the attack surface is broad. However, the scope is limited to files on the same mounted filesystem, reducing but not eliminating risk. The vulnerability undermines trust in build artifacts and can disrupt secure software supply chain practices globally.

1. Upgrade moby buildkit to version 0.28.1 or later immediately to apply the official patch. 2. Until patched, avoid building Dockerfiles from untrusted Git repositories or those using Git URLs with subdirectory fragments. 3. Implement strict validation and sanitization of Git URL inputs in build pipelines to reject URLs containing subpath components or symlinks. 4. Use container build environments with minimal filesystem access and isolate build hosts to limit exposure of sensitive files. 5. Employ runtime monitoring to detect unusual file access patterns during builds. 6. Review and restrict permissions on build host filesystems to minimize sensitive data accessible to build processes. 7. Incorporate security scanning tools that detect usage of vulnerable buildkit versions and risky Git URL patterns in CI/CD workflows. 8. Educate developers and DevOps teams about risks of using untrusted sources and subdirectory components in builds.