6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Vulnerabilities for packages: aactl, gitlab-kas, buildkitd, gitsign, spire-server, actions-runner-controller, gh, zot, k3d, skopeo, terraform, bank-vaults, loki, tekton-chains, rekor, flux-kustomize-controller, keda, influxd, policy-controller, ksops, external-dns, k3s, terragrunt, falcoctl, kargo, flux-helm-controller, rook, gomplate, consul, grafana-mimir, timestamp-authority, crossplane-provider-azure, tekton-pipelines, snyk-cli, flux-source-controller, fulcio, pulumi, step-ca, sigstore-scaffolding, kubescape, scorecard, vault-csi-provider, pulumi-kubernetes-operator, gitlab-runner, kubevela, nuclei, rabbitmq-messaging-topology-operator, flux-image-reflector-controller, cert-manager, flux-image-automation-controller, vexctl, glab, zarf, neuvector-sigstore-interface, argo-cd, gitlab-shell, flux, sops, opentofu, terraform-provider-azurerm, opentelemetry-collector-contrib, guac, kyverno, prometheus, slsa-verifier, tkn, kubernetes-event-exporter, cosign, flux-notification-controller, goreleaser
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Wolfi | unknown | x86_64 | aactl | <= 0.4.12-r14 | aactl-0.4.12-r14.apk |
Wolfi | unknown | aarch64 | aactl | <= 0.4.12-r14 | aactl-0.4.12-r14.apk |
Wolfi | unknown | x86_64 | actions-runner-controller | <= 0.9.2-r2 | actions-runner-controller-0.9.2-r2.apk |
Wolfi | unknown | aarch64 | actions-runner-controller | <= 0.9.2-r2 | actions-runner-controller-0.9.2-r2.apk |
Wolfi | unknown | x86_64 | argo-cd | <= 2.11.3-r1 | argo-cd-2.11.3-r1.apk |
Wolfi | unknown | aarch64 | argo-cd | <= 2.11.3-r1 | argo-cd-2.11.3-r1.apk |
Wolfi | unknown | x86_64 | bank-vaults | <= 1.20.4-r16 | bank-vaults-1.20.4-r16.apk |
Wolfi | unknown | aarch64 | bank-vaults | <= 1.20.4-r16 | bank-vaults-1.20.4-r16.apk |
Wolfi | unknown | x86_64 | buildkitd | <= 0.14.1-r1 | buildkitd-0.14.1-r1.apk |
Wolfi | unknown | aarch64 | buildkitd | <= 0.14.1-r1 | buildkitd-0.14.1-r1.apk |
6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%