Is github.com/containers/buildah safe to use?

github.com/containers/buildah has 2 known vulnerabilities on the latest version (v1.43.1). DepScope rates its health at 74/100 (moderate risk).

What is the latest version of github.com/containers/buildah?

The latest version of github.com/containers/buildah is v1.43.1, released 2026-04-08.

Does github.com/containers/buildah have known vulnerabilities?

Yes. github.com/containers/buildah has 2 known vulnerabilities. See depscope.dev/pkg/go/github.com/containers/buildah for details.

Is github.com/containers/buildah deprecated?

No, github.com/containers/buildah is actively maintained. Latest release: v1.43.1 (2026-04-08).

What are alternatives to github.com/containers/buildah?

DepScope has no curated alternatives for github.com/containers/buildah at this time.

What license does github.com/containers/buildah use?

github.com/containers/buildah is licensed under Apache-2.0.

github.com/containers/buildah

govv1.43.1

A tool that facilitates building OCI images.

License Apache-2.0permissive201 versions251 maintainers0 deps8,751 weekly dl

containers/buildah

/ 100

Health

safe to use

github.com/containers/[email protected] is safe to use (health: 74/100)

Update to >= 5.2.4 to fix known vulnerabilities

Health breakdown0 – 100

25/25

maintenance

6/20

popularity

23/25

security

15/15

maturity

5/15

community

Vulnerabilities

1 medium1 low

Advisories (2)

Severity	ID	Summary	Fixed in
medium	CVE-2024-9407	Improper Input Validation in Buildah and Podman	5.2.4
unknown	CVE-2024-9407	Improper Input Validation in Buildah and Podman in github.com/containers/buildah	5.2.4

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/go/github.com/containers/buildah

Last updated · 2026-04-08T00:54:54Z