4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
4.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Vulnerabilities for packages: dagger, melange, grype, k3d, policy-controller, kaniko, harbor-scanner-trivy, cri-tools, buf, neuvector-scanner, prometheus, syft, wolfictl, tekton-pipelines, helm-push, docker, docker-compose
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Wolfi | unknown | x86_64 | buf | <= 1.31.0-r0 | buf-1.31.0-r0.apk |
Wolfi | unknown | aarch64 | buf | <= 1.31.0-r0 | buf-1.31.0-r0.apk |
Wolfi | unknown | x86_64 | cri-tools | <= 1.30.0-r1 | cri-tools-1.30.0-r1.apk |
Wolfi | unknown | aarch64 | cri-tools | <= 1.30.0-r1 | cri-tools-1.30.0-r1.apk |
Wolfi | unknown | x86_64 | dagger | <= 0.11.1-r1 | dagger-0.11.1-r1.apk |
Wolfi | unknown | aarch64 | dagger | <= 0.11.1-r1 | dagger-0.11.1-r1.apk |
Wolfi | unknown | x86_64 | docker-compose | <= 2.26.1-r2 | docker-compose-2.26.1-r2.apk |
Wolfi | unknown | aarch64 | docker-compose | <= 2.26.1-r2 | docker-compose-2.26.1-r2.apk |
Wolfi | unknown | x86_64 | docker | <= 26.0.2-r0 | docker-26.0.2-r0.apk |
Wolfi | unknown | aarch64 | docker | <= 26.0.2-r0 | docker-26.0.2-r0.apk |
4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
4.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%