CVE-2025-32111 - CERT CVE

  1. CVE-2025-32111

ID CVE-2025-32111
Sažetak The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file that lacks "persist-credentials: false" for actions/checkout.
Reference
CVSS
Base: 8.7
Impact: 5.8
Exploitability:2.2
Pristup
VektorSloženostAutentikacija
NETWORK HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH NONE
CVSS vektor CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Zadnje važnije ažuriranje 07-04-2025 - 14:18
Objavljeno 04-04-2025 - 07:15