7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.1%
Vulnerabilities for packages: bom, gitlab-pages, prometheus-operator, yq, runc, hey, vertical-pod-autoscaler, bank-vaults, tekton-chains, kubernetes-dns-node-cache, hugo, kubewatch, gke-gcloud-auth-plugin, chartmuseum, nats, wireguard-go, nri-prometheus, stakater-reloader, cluster-autoscaler, dynamic-localpv-provisioner, apko, prometheus-mysqld-exporter, kubernetes-csi-external-attacher, pulumi, secrets-store-csi-driver, sigstore-scaffolding, prometheus-statsd-exporter, gitlab-runner, nfs-subdir-external-provisioner, flux-image-reflector-controller, kubernetes-dashboard-metrics-scraper, prometheus-pushgateway, istio-operator, opentofu, kubernetes-csi-livenessprobe, kyverno, haproxy-ingress, tkn, kubernetes-csi-external-provisioner, aactl, aws-load-balancer-controller, gobuster, thanos-operator, containerd, rqlite, kaf, secrets-store-csi-driver-provider-gcp, kubernetes-csi-external-snapshotter, karpenter, metacontroller, flux-helm-controller, trust-manager, consul, dgraph, go, istio-pilot-agent, amass, weaviate, vault, k8sgpt-operator, prometheus-adapter, git-lfs, kubernetes-csi-external-resizer, vault-csi-provider, external-secrets-operator, coredns, kots, tctl, prometheus-elasticsearch-exporter, argo-cd, gitlab-shell, newrelic-infrastructure-agent, vault-k8s, aws-efs-csi-driver, kube-logging-operator, slsa-verifier, flux-notification-controller, oauth2-proxy, mc, terraform, fuse-overlayfs-snapshotter, prometheus-blackbox-exporter, trillian, flux-kustomize-controller, nvidia-device-plugin, minio, external-dns, up, dive, pulumi-language-dotnet, memcached-exporter, crossplane-provider-aws, falco, istio-cni, gomplate, atlantis, prometheus-bind-exporter, prometheus-stackdriver-exporter, kube-fluentd-operator, kube-state-metrics, kubescape, prometheus-alertmanager, metrics-server, flux-image-automation-controller, gitness, istio-pilot-discovery, frp, prometheus, node-problem-detector, pulumi-language-java, spark-operator, cosign, goreleaser, buildkitd, src, caddy, zot, k3d, kpt, aws-ebs-csi-driver, kubernetes-dashboard, keda, influxd, k3s, kind, falcoctl, telegraf, prometheus-node-exporter, k8sgpt, gatekeeper, crossplane-provider-azure, pulumi-language-yaml, kubeflow-katib, helm, flux-source-controller, dex, kubernetes-csi-node-driver-registrar, pulumi-kubernetes-operator, kubevela, thanos, skaffold, kubernetes-ingress-defaultbackend, flux, timoni, nodetaint, cue, prometheus-postgres-exporter, grpcurl, ollama, cloud-sql-proxy, prometheus-mongodb-exporter
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Wolfi | unknown | x86_64 | aactl | <= 0.4.12-r7 | aactl-0.4.12-r7.apk |
Wolfi | unknown | aarch64 | aactl | <= 0.4.12-r7 | aactl-0.4.12-r7.apk |
Wolfi | unknown | x86_64 | amass | <= 4.2.0-r8 | amass-4.2.0-r8.apk |
Wolfi | unknown | aarch64 | amass | <= 4.2.0-r8 | amass-4.2.0-r8.apk |
Wolfi | unknown | x86_64 | apko | <= 0.10.0-r6 | apko-0.10.0-r6.apk |
Wolfi | unknown | aarch64 | apko | <= 0.10.0-r6 | apko-0.10.0-r6.apk |
Wolfi | unknown | x86_64 | argo-cd | <= 2.7.14-r5 | argo-cd-2.7.14-r5.apk |
Wolfi | unknown | aarch64 | argo-cd | <= 2.7.14-r5 | argo-cd-2.7.14-r5.apk |
Wolfi | unknown | x86_64 | argo-cd | <= 2.8.4-r4 | argo-cd-2.8.4-r4.apk |
Wolfi | unknown | aarch64 | argo-cd | <= 2.8.4-r4 | argo-cd-2.8.4-r4.apk |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.1%