CVE-2024-6104 vulnerabilities

2024-06-2909:08:33

packages.wolfi.dev

cve-2024-6104

vulnerabilities

glab

gomplate

gitlab-shell

unix

6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Vulnerabilities for packages: aactl, gitlab-kas, buildkitd, gitsign, spire-server, actions-runner-controller, gh, zot, k3d, skopeo, terraform, bank-vaults, loki, tekton-chains, rekor, flux-kustomize-controller, keda, influxd, policy-controller, ksops, external-dns, k3s, terragrunt, falcoctl, kargo, flux-helm-controller, rook, gomplate, consul, grafana-mimir, timestamp-authority, crossplane-provider-azure, tekton-pipelines, snyk-cli, flux-source-controller, fulcio, pulumi, step-ca, sigstore-scaffolding, kubescape, scorecard, vault-csi-provider, pulumi-kubernetes-operator, gitlab-runner, kubevela, nuclei, rabbitmq-messaging-topology-operator, flux-image-reflector-controller, cert-manager, flux-image-automation-controller, vexctl, glab, zarf, neuvector-sigstore-interface, argo-cd, gitlab-shell, flux, sops, opentofu, terraform-provider-azurerm, opentelemetry-collector-contrib, guac, kyverno, prometheus, slsa-verifier, tkn, kubernetes-event-exporter, cosign, flux-notification-controller, goreleaser

OSVersionArchitecturePackageVersionFilename
Wolfiunknownx86_64aactl<= 0.4.12-r14aactl-0.4.12-r14.apk
Wolfiunknownaarch64aactl<= 0.4.12-r14aactl-0.4.12-r14.apk
Wolfiunknownx86_64actions-runner-controller<= 0.9.2-r2actions-runner-controller-0.9.2-r2.apk
Wolfiunknownaarch64actions-runner-controller<= 0.9.2-r2actions-runner-controller-0.9.2-r2.apk
Wolfiunknownx86_64argo-cd<= 2.11.3-r1argo-cd-2.11.3-r1.apk
Wolfiunknownaarch64argo-cd<= 2.11.3-r1argo-cd-2.11.3-r1.apk
Wolfiunknownx86_64bank-vaults<= 1.20.4-r16bank-vaults-1.20.4-r16.apk
Wolfiunknownaarch64bank-vaults<= 1.20.4-r16bank-vaults-1.20.4-r16.apk
Wolfiunknownx86_64buildkitd<= 0.14.1-r1buildkitd-0.14.1-r1.apk
Wolfiunknownaarch64buildkitd<= 0.14.1-r1buildkitd-0.14.1-r1.apk

OS	Version	Architecture	Package	Version	Filename
Wolfi	unknown	x86_64	aactl	<= 0.4.12-r14	aactl-0.4.12-r14.apk
Wolfi	unknown	aarch64	aactl	<= 0.4.12-r14	aactl-0.4.12-r14.apk
Wolfi	unknown	x86_64	actions-runner-controller	<= 0.9.2-r2	actions-runner-controller-0.9.2-r2.apk
Wolfi	unknown	aarch64	actions-runner-controller	<= 0.9.2-r2	actions-runner-controller-0.9.2-r2.apk
Wolfi	unknown	x86_64	argo-cd	<= 2.11.3-r1	argo-cd-2.11.3-r1.apk
Wolfi	unknown	aarch64	argo-cd	<= 2.11.3-r1	argo-cd-2.11.3-r1.apk
Wolfi	unknown	x86_64	bank-vaults	<= 1.20.4-r16	bank-vaults-1.20.4-r16.apk
Wolfi	unknown	aarch64	bank-vaults	<= 1.20.4-r16	bank-vaults-1.20.4-r16.apk
Wolfi	unknown	x86_64	buildkitd	<= 0.14.1-r1	buildkitd-0.14.1-r1.apk
Wolfi	unknown	aarch64	buildkitd	<= 0.14.1-r1	buildkitd-0.14.1-r1.apk