5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
7 High
AI Score
Confidence
High
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.962 High
EPSS
Percentile
99.5%
Vulnerabilities for packages: dex, rekor, temporal-server, terraform, melange, slsa-verifier, certificate-transparency, crossplane-provider-azure, gitsign, prometheus-mongodb-exporter, amass, kyverno-policy-reporter, grype, grpc-health-probe, thanos, prometheus-stackdriver-exporter, helm, buf, coredns, bank-vaults, prometheus-adapter, kots, spark-operator, istio-operator, traefik, scorecard, flux-helm-controller, nats, conftest, fulcio, gitness, kubernetes-dashboard, trivy, helm-push, gobuster, haproxy-ingress, wireguard-go, zot, calico, tigera-operator, external-secrets-operator, prometheus-statsd-exporter, tekton-pipelines, kubeflow-katib, gatekeeper, weaviate, nri-kafka, argo-workflows, apko, ferretdb, dgraph, libssh, nri-mssql, opentofu, cadvisor, rqlite, vault-k8s, ollama, frp, gitlab-pages, src-fingerprint, falcoctl, istio-pilot-agent, kubeflow-pipelines, vault-csi-provider, skopeo, flux-kustomize-controller, cosign, caddy, kubescape, telegraf, mongo-tools, kube-rbac-proxy, gitlab-runner, external-dns, crossplane-provider-aws, git-lfs, grafana, kaf, pulumi, temporal-ui-server, influxd, libssh2, sigstore-scaffolding, kubernetes-event-exporter, nats-server, prometheus-node-exporter, containerd, gitlab-kas, atlantis, oauth2-proxy, k3s, prometheus-bind-exporter, falco, terragrunt, prometheus-postgres-exporter, cfssl, tkn, consul, trillian, eksctl, cluster-autoscaler, gitlab-shell, secrets-store-csi-driver-provider-azure, metrics-server, istio-cni, loki, terraform-provider-azurerm, kubewatch, cloudflared, terraform-docs, prometheus-alertmanager, crossplane, flux, nfs-subdir-external-provisioner, argo-cd, kube-state-metrics, buildkitd, prometheus-nats-exporter, prometheus, prometheus-mysqld-exporter, secrets-store-csi-driver, dockerize, hugo, kubernetes, terraform-provider-aws, aactl, dynamic-localpv-provisioner, kyverno, kube-fluentd-operator, flux-source-controller, bom, node-problem-detector, istio-pilot-discovery, go-licenses, sops, spire-server, gomplate, step-ca, k3d, cilium-cli, ko, docker-credential-acr-env, cloud-sql-proxy, local-path-provisioner, nerdctl, memcached-exporter, actions-runner-controller, src, fq, boring-registry, nsc, step, cortex, flux-image-reflector-controller, up, tekton-chains, cert-manager, flux-image-automation-controller, vault, prometheus-blackbox-exporter, temporal
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Wolfi | unknown | x86_64 | aactl | <=Â 0.4.12-r7 | aactl-0.4.12-r7.apk |
Wolfi | unknown | aarch64 | aactl | <=Â 0.4.12-r7 | aactl-0.4.12-r7.apk |
Wolfi | unknown | x86_64 | actions-runner-controller | <=Â 0.8.1-r1 | actions-runner-controller-0.8.1-r1.apk |
Wolfi | unknown | aarch64 | actions-runner-controller | <=Â 0.8.1-r1 | actions-runner-controller-0.8.1-r1.apk |
Wolfi | unknown | x86_64 | amass | <=Â 4.2.0-r8 | amass-4.2.0-r8.apk |
Wolfi | unknown | aarch64 | amass | <=Â 4.2.0-r8 | amass-4.2.0-r8.apk |
Wolfi | unknown | x86_64 | apko | <=Â 0.12.0-r2 | apko-0.12.0-r2.apk |
Wolfi | unknown | aarch64 | apko | <=Â 0.12.0-r2 | apko-0.12.0-r2.apk |
Wolfi | unknown | x86_64 | argo-cd | <=Â 2.7.15-r6 | argo-cd-2.7.15-r6.apk |
Wolfi | unknown | aarch64 | argo-cd | <=Â 2.7.15-r6 | argo-cd-2.7.15-r6.apk |
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
7 High
AI Score
Confidence
High
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.962 High
EPSS
Percentile
99.5%