7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.4 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
59.0%
Vulnerabilities for packages: prometheus-mysqld-exporter, grpcurl, nri-prometheus, kubernetes-ingress-defaultbackend, gitlab-runner, kubeflow-katib, gitlab-pages, external-secrets-operator, cosign, k8sgpt, kube-fluentd-operator, gitlab-shell, prometheus-pushgateway, kubernetes-csi-external-attacher, prometheus-statsd-exporter, telegraf, kubescape, crossplane-provider-azure, stakater-reloader, aws-efs-csi-driver, kubernetes-csi-external-snapshotter, runc, gke-gcloud-auth-plugin, gatekeeper, caddy, prometheus-stackdriver-exporter, opentofu, cluster-autoscaler, aws-ebs-csi-driver, kubevela, dynamic-localpv-provisioner, trust-manager, kubernetes-csi-livenessprobe, nfs-subdir-external-provisioner, influxd, hey, skaffold, kyverno, slsa-verifier, haproxy-ingress, prometheus-postgres-exporter, istio-cni, pulumi-language-dotnet, pulumi-language-java, pulumi, secrets-store-csi-driver-provider-gcp, mc, tkn, kind, thanos-operator, apko, trillian, falco, metrics-server, istio-pilot-agent, flux-kustomize-controller, k3s, prometheus-elasticsearch-exporter, dex, kubernetes-dashboard, vault-csi-provider, flux-helm-controller, node-problem-detector, timoni, flux-image-automation-controller, falcoctl, k8sgpt-operator, tekton-chains, prometheus-mongodb-exporter, vertical-pod-autoscaler, external-dns, kaf, buildkitd, ollama, vault, istio-pilot-discovery, nats, prometheus-blackbox-exporter, argo-cd, hugo, helm, flux, kubernetes-dashboard-metrics-scraper, aactl, metacontroller, dive, flux-notification-controller, kubewatch, weaviate, karpenter, pulumi-language-yaml, up, frp, gobuster, istio-operator, vault-k8s, flux-image-reflector-controller, nvidia-device-plugin, k3d, prometheus-node-exporter, sigstore-scaffolding, prometheus, src, crossplane-provider-aws, kubernetes-csi-external-resizer, kubernetes-dns-node-cache, oauth2-proxy, tctl, containerd, spark-operator, git-lfs, bank-vaults, pulumi-kubernetes-operator, kots, gitness, coredns, terraform, prometheus-bind-exporter, newrelic-infrastructure-agent, atlantis, gomplate, kubernetes-csi-node-driver-registrar, cloud-sql-proxy, consul, prometheus-operator, rqlite, fuse-overlayfs-snapshotter, prometheus-adapter, keda, dgraph, kube-state-metrics, flux-source-controller, kpt, kubernetes-csi-external-provisioner, chartmuseum, minio, kube-logging-operator, cue, nodetaint, wireguard-go, prometheus-alertmanager, bom, aws-load-balancer-controller, zot, go, yq, secrets-store-csi-driver, memcached-exporter, thanos
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Wolfi | unknown | x86_64 | aactl | <= 0.4.12-r7 | aactl-0.4.12-r7.apk |
Wolfi | unknown | aarch64 | aactl | <= 0.4.12-r7 | aactl-0.4.12-r7.apk |
Wolfi | unknown | x86_64 | apko | <= 0.10.0-r6 | apko-0.10.0-r6.apk |
Wolfi | unknown | aarch64 | apko | <= 0.10.0-r6 | apko-0.10.0-r6.apk |
Wolfi | unknown | x86_64 | argo-cd | <= 2.7.14-r5 | argo-cd-2.7.14-r5.apk |
Wolfi | unknown | aarch64 | argo-cd | <= 2.7.14-r5 | argo-cd-2.7.14-r5.apk |
Wolfi | unknown | x86_64 | argo-cd | <= 2.8.4-r4 | argo-cd-2.8.4-r4.apk |
Wolfi | unknown | aarch64 | argo-cd | <= 2.8.4-r4 | argo-cd-2.8.4-r4.apk |
Wolfi | unknown | x86_64 | atlantis | <= 0.26.0-r3 | atlantis-0.26.0-r3.apk |
Wolfi | unknown | aarch64 | atlantis | <= 0.26.0-r3 | atlantis-0.26.0-r3.apk |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.4 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
59.0%