5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Vulnerabilities for packages: external-secrets-operator, rook, flux-kustomize-controller, zarf, bank-vaults, buildkitd, fluent-bit-plugin-loki, cert-manager, tekton-pipelines, flux-image-reflector-controller, hugo, teleport, tekton-chains, grafana-agent-operator, terragrunt, goreleaser, timestamp-authority, harbor-registry, gitlab-runner, rekor, policy-controller, opentelemetry-collector-contrib, step, grafana-mimir, argo-workflows, up, cosign, prometheus-operator, zot, prometheus, fulcio, traefik, restic, rclone, falcoctl, flyte, flux-source-controller, flux, k8sgpt, secrets-store-csi-driver-provider-azure, grafana, pulumi, nuclei, velero, sops, sqlpad, thanos, sigstore-scaffolding, spire-server, kyverno, loki, airflow, cortex, boring-registry, filebeat, tkn, trivy, external-dns, ksops, telegraf, guac, keda, chezmoi, step-ca
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Wolfi | unknown | x86_64 | airflow | <= 2.9.2-r0 | airflow-2.9.2-r0.apk |
Wolfi | unknown | aarch64 | airflow | <= 2.9.2-r0 | airflow-2.9.2-r0.apk |
Wolfi | unknown | x86_64 | argo-workflows | <= 3.5.7-r2 | argo-workflows-3.5.7-r2.apk |
Wolfi | unknown | aarch64 | argo-workflows | <= 3.5.7-r2 | argo-workflows-3.5.7-r2.apk |
Wolfi | unknown | x86_64 | bank-vaults | <= 1.20.4-r15 | bank-vaults-1.20.4-r15.apk |
Wolfi | unknown | aarch64 | bank-vaults | <= 1.20.4-r15 | bank-vaults-1.20.4-r15.apk |
Wolfi | unknown | x86_64 | boring-registry | <= 0.14.0-r3 | boring-registry-0.14.0-r3.apk |
Wolfi | unknown | aarch64 | boring-registry | <= 0.14.0-r3 | boring-registry-0.14.0-r3.apk |
Wolfi | unknown | x86_64 | buildkitd | <= 0.14.0-r1 | buildkitd-0.14.0-r1.apk |
Wolfi | unknown | aarch64 | buildkitd | <= 0.14.0-r1 | buildkitd-0.14.0-r1.apk |
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%