CVE-2024-28863 vulnerabilities

2024-06-1709:08:17

packages.wolfi.dev

cve-2024-28863

vulnerabilities

npm package

unix

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

Vulnerabilities for packages: npm, lerna, sqlpad

OSVersionArchitecturePackageVersionFilename
Wolfiunknownx86_64lerna<= 8.1.3-r0lerna-8.1.3-r0.apk
Wolfiunknownaarch64lerna<= 8.1.3-r0lerna-8.1.3-r0.apk
Wolfiunknownx86_64npm<= 10.5.1-r0npm-10.5.1-r0.apk
Wolfiunknownaarch64npm<= 10.5.1-r0npm-10.5.1-r0.apk
Wolfiunknownx86_64sqlpad<= 7.4.1-r3sqlpad-7.4.1-r3.apk
Wolfiunknownaarch64sqlpad<= 7.4.1-r3sqlpad-7.4.1-r3.apk

OS	Version	Architecture	Package	Version	Filename
Wolfi	unknown	x86_64	lerna	<= 8.1.3-r0	lerna-8.1.3-r0.apk
Wolfi	unknown	aarch64	lerna	<= 8.1.3-r0	lerna-8.1.3-r0.apk
Wolfi	unknown	x86_64	npm	<= 10.5.1-r0	npm-10.5.1-r0.apk
Wolfi	unknown	aarch64	npm	<= 10.5.1-r0	npm-10.5.1-r0.apk
Wolfi	unknown	x86_64	sqlpad	<= 7.4.1-r3	sqlpad-7.4.1-r3.apk
Wolfi	unknown	aarch64	sqlpad	<= 7.4.1-r3	sqlpad-7.4.1-r3.apk