CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
AI Score
Confidence
High
Vulnerabilities for packages: cosign, slsa-verifier, gh
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Wolfi | unknown | x86_64 | cosign | <= 2.4.0-r2 | cosign-2.4.0-r2.apk |
Wolfi | unknown | aarch64 | cosign | <= 2.4.0-r2 | cosign-2.4.0-r2.apk |
Wolfi | unknown | x86_64 | gh | <= 2.56.0-r0 | gh-2.56.0-r0.apk |
Wolfi | unknown | aarch64 | gh | <= 2.56.0-r0 | gh-2.56.0-r0.apk |
Wolfi | unknown | x86_64 | slsa-verifier | <= 2.6.0-r3 | slsa-verifier-2.6.0-r3.apk |
Wolfi | unknown | aarch64 | slsa-verifier | <= 2.6.0-r3 | slsa-verifier-2.6.0-r3.apk |