Operator SDK <0.15.2 RCE via insecure user_setup /etc/passwd
CVE-2025-7195 Published on August 7, 2025
Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd
Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images.
In affected images, the /etc/passwd file is created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
NVD
Vulnerability Analysis
CVE-2025-7195 can be exploited with local system access, and requires user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Attack Vector:
LOCAL
Attack Complexity:
HIGH
Privileges Required:
HIGH
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH
Timeline
Reported to Red Hat.
Made public. 34 days later.
Weakness Type
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
Products Associated with CVE-2025-7195
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-7195 are published in these products:
Affected Versions
operator-framework operator-sdk:- Before 0.15.2 is affected.
- Version v4.17.39-2 and below * is unaffected.
- Version v4.18.25-3 and below * is unaffected.
- Version v4.20.3-3 and below * is unaffected.
- Version sha256:0903a7a5c857d96c84fd022e5785514eff201047e2fdd5d6699d79f17440ef02 and below * is unaffected.
- Version sha256:0deacfbd0d55638fb334e2435007586fcfd3a08328c3a7c9b2908bb0cab759c2 and below * is unaffected.
- Version sha256:1d10b1fd2f76dd5e8c97c38747e621c39aca11b7b64cb820c1264680b7686138 and below * is unaffected.
- Version sha256:27834804d5c56e017785cf9a8100ebb1989288241d8c1a08e296778d2bcf52f1 and below * is unaffected.
- Version sha256:99a16c7798169c4de9e3c3df560b102003f03c94cd1327796ac4a6ca3c7d4f24 and below * is unaffected.
- Version sha256:6ff440b0fb6b959b2279db0513abfc88e464dd093fbc79c027da98eabe74d9c0 and below * is unaffected.
- Version sha256:9592965d6225d4d2fe4da7efb83db1241aefc4933767c68f585ef6db9c1e413a and below * is unaffected.
- Version sha256:4d872d919c09d08132e0e056a60ad1e4c457fc600cd0521b0160d7f5106f4ea3 and below * is unaffected.
- Version sha256:58ce162b9dcc276ea6d83e18fa08170b0ef047df7fc7a8957ee338d1359492eb and below * is unaffected.
- Version sha256:107beee845fb13ddcb1c327a2a5fe705cc2f599c775786f937e17c0720977777 and below * is unaffected.
- Version sha256:1c49bf643ea000a0f92a1d93114a4a866ff51f47947c6a7102fb8e200ae57e8a and below * is unaffected.
- Version sha256:072da24a7a4f1b61822ae7c86f8cc0b07462591168ad8a8dd89a02cf3bb33fa5 and below * is unaffected.
- Version sha256:0488dca3cb2db097732fe153483af7c4b2acdb7b0bc241f30e78cdb0474d11bb and below * is unaffected.
- Version sha256:55e5df211a2eeb146596e833572cfe74bad9b16ebc95ec0f38908daac118d8b9 and below * is unaffected.
- Version sha256:4e0d8a47e840f27038d6290dab730d7115dc1b1a5fe2c2fe7c2307211253a96a and below * is unaffected.
- Version sha256:1a2ef170407505193e8d1ab4832ae0b945ec2fd9245c5a93134ce73f959ea34c and below * is unaffected.
- Version sha256:295cce4181249098c7903b70ef34afe257731e062c9cb944845663929ca8075c and below * is unaffected.
- Version sha256:0755c4e05987fce669d4fb7d021b9202efe9b5da35fc4776441a6a963a4e7f05 and below * is unaffected.
- Version sha256:1c49bf643ea000a0f92a1d93114a4a866ff51f47947c6a7102fb8e200ae57e8a and below * is unaffected.
- Version sha256:072da24a7a4f1b61822ae7c86f8cc0b07462591168ad8a8dd89a02cf3bb33fa5 and below * is unaffected.
- Version sha256:0488dca3cb2db097732fe153483af7c4b2acdb7b0bc241f30e78cdb0474d11bb and below * is unaffected.
- Version sha256:82750019c353c3185dc35fb68a675c9d758a3022144855ac09bad49fa4ac3daa and below * is unaffected.
- Version sha256:4e0d8a47e840f27038d6290dab730d7115dc1b1a5fe2c2fe7c2307211253a96a and below * is unaffected.
- Version sha256:1a2ef170407505193e8d1ab4832ae0b945ec2fd9245c5a93134ce73f959ea34c and below * is unaffected.
- Version sha256:295cce4181249098c7903b70ef34afe257731e062c9cb944845663929ca8075c and below * is unaffected.
- Version sha256:0755c4e05987fce669d4fb7d021b9202efe9b5da35fc4776441a6a963a4e7f05 and below * is unaffected.
- Version sha256:4730066d796726424abb881b2564bb7e313237ac877284c206c8aee3e3843b2e and below * is unaffected.
- Version sha256:17ce360bc53af9054c8b1f09d5f62061e449298e471bd0a7cc022dc2b8c402db and below * is unaffected.
- Version sha256:89a9e49213426355fb85f5c67f6d27f4cf2e51d55010a33039fafbceb196f838 and below * is unaffected.
- Version sha256:25764e7533896af9e5495a37533cf40ece09ec9af2ec76e5334ae8da23913064 and below * is unaffected.
- Version sha256:448f802fa1a8d8d762ce1c1a20844bad5bdec44adc9fcf65f6fc426f2f48ec43 and below * is unaffected.
- Version sha256:56a7d375e7bca09b0d7f12c312414bd04c6a60b59119e9787cf55a9dc5f82626 and below * is unaffected.
- Version sha256:1d1deb4104d8aeec314f451c168913fd389ac2d8b1380a68e8722c860ea4cb16 and below * is unaffected.
- Version sha256:191621a5e2afecd2c48008e3922403d0dee3651085e68e404e23b87db54e6903 and below * is unaffected.
- Version sha256:08038f377c65aefa81d3c7ecae4994d28d052bd4bad585e18e8a1a68ab17cae7 and below * is unaffected.
- Version sha256:487d5f2fae53dde288db6981d2e6373d0be4ac440abc7683147d64fce28976de and below * is unaffected.
- Version sha256:16f8baa1271b313bb4bbfb4321a1d1ffe2c4b377a237f317640a8129d324b418 and below * is unaffected.
- Version sha256:495c95d1a2df101e0bf9c0eaa3caeb575f596d6098782c3a0a1dcb0342589886 and below * is unaffected.
- Version sha256:2e11b27b9d6884dcb846865d632c141a038f85163b0c4db63a1f29cb8d277125 and below * is unaffected.
- Version sha256:2d8992c950833e7aacad7cf7ec1cded29c2092f7509bf50dfbfcce06a4bd149a and below * is unaffected.
- Version sha256:840fbf02ac4883ef94a41476eb3ab46ffd105726ccd4b02b9b48b6606dcfd8f8 and below * is unaffected.
- Version sha256:ae7818eab65947f74badec716268053224a27b53d704d89c455380d54009c10c and below * is unaffected.
- Version sha256:0921c2d58881136bab071600e8c18f79eabb33817d2a947799a2429634952ea0 and below * is unaffected.
- Version sha256:2286313075d365d4795d340b615850995a2fbbc19b7e6f3b1a586b495263b139 and below * is unaffected.
- Version sha256:06d861b23cf7f8622e14d577d87ab1da07b1ebe7caaa51f4ebb7216f9435ada4 and below * is unaffected.
- Version sha256:386ef03f3664c6305c90b0daf24182df24624f7b691a205fbf4af7a5bb3c35ec and below * is unaffected.
- Version sha256:109bd95d99f98906c8a9cf3057f7d0a83ce18fa4f6733606dd3e98d2735312c4 and below * is unaffected.
- Version sha256:125a0d04b6b5c6c2338ef18b53860d4118f005c1d0f3691f32baccce4ce9b21b and below * is unaffected.
- Version sha256:320fd7d6d03377dc89442aab61041aa233f2778ff1f9cc686d943205c798a838 and below * is unaffected.
- Version sha256:3fec028d7dfe4e58bf38a8017b3b760937b18523591c1036b80f1cae94cd1a9e and below * is unaffected.
- Version sha256:38019d9ba07f59515345dddcd1800da3408be06b3620f4b1c1dd2034e939d26b and below * is unaffected.
- Version sha256:0fa09c7b7e469826f9788e24cffedea3a90a456af78d4a3237fecb99a3ad52a1 and below * is unaffected.
- Version sha256:125a0d04b6b5c6c2338ef18b53860d4118f005c1d0f3691f32baccce4ce9b21b and below * is unaffected.
- Version sha256:59a7ad296b2023d6a633e2f7b99767e2c0c35ead31c8d92bdf233ff52522125d and below * is unaffected.
- Version sha256:12c970f2005e943d674b35c711d2232f146bbbcf8e3807b3fb3c816b42e0cd8a and below * is unaffected.
- Version sha256:53a9844ffdd2d3f8cee8737722de91511cefdb4c65a7db614de6c4e070f70431 and below * is unaffected.
- Version sha256:1bda811b132cbc2220815d36983af98e0aafdcb4d30fa78f56bbd85ffc30a37c and below * is unaffected.
- Version sha256:805d44ff7dcd6df5bd73cd58c0f410d8bdeac932d7c440b0c381517c3e1401ae and below * is unaffected.
- Version sha256:2e4e2180d5912535ac4914569e5e592a501260199cf5371b7d0ac9aec290d0e8 and below * is unaffected.
- Version sha256:0587333ddfc1f1b5df66948c16cfcea1043c538ddb6ebd6524c00310a41dde7c and below * is unaffected.
- Version sha256:2e4e2180d5912535ac4914569e5e592a501260199cf5371b7d0ac9aec290d0e8 and below * is unaffected.
- Version sha256:4e61bb2cc124f37ec9c009e9ee92bfa638ff608f2b28962abbe1ff5614b99155 and below * is unaffected.
- Version sha256:0587333ddfc1f1b5df66948c16cfcea1043c538ddb6ebd6524c00310a41dde7c and below * is unaffected.
- Version sha256:05847c2e995e681bdcc3f809e76f512767f40ac4498c14fad4afb4cae83f33d1 and below * is unaffected.
- Version sha256:1b56fc6c4b897bb8a62b1fa176af6bace8282b2de38e3e69b5673c5ae3e6848c and below * is unaffected.
- Version sha256:7bff1645296326504b40e17540b4b4c2e5aa86147799b61d1bda5757305d3683 and below * is unaffected.
- Version sha256:1eaf7740de439ed0f26e7abe5186d6422ad0304e7f7a62ff8f7d8b20d7b5f0ef and below * is unaffected.
- Version sha256:7e394d47079a8bbe2a4a1f158725ddb6b6c7c184c48ee22dd8873b1b8e4e642f and below * is unaffected.
- Version sha256:2f4d26918cf42cad318cc95935e4637e3912ef4454e91fa0e8f1d42dc185e8b6 and below * is unaffected.
- Version sha256:46b615cf682815259b0c4b9e785d2f0b429726f75920f7ce9c31625ac86118b2 and below * is unaffected.
- Version sha256:55094fc781f35867d298ae9ee006113c78b086ce1263ccee2f0a94ec581c837b and below * is unaffected.
- Version sha256:066f59015024fd839705ad52d1ce8a10e500040c3905b98bd5533e5dd0e268d7 and below * is unaffected.
- Version sha256:91249fb15a33c0bf8b5bf3c0f236fd4fe272b9221f4fcfa6608e97ba5062c5f3 and below * is unaffected.
- Version sha256:931fcca9e7cb6f6c7454a72b533cbe4d767438e374848b846f079a3c2d323901 and below * is unaffected.
- Version sha256:0a88403bb113a735853cc289bad5c2b5e650e5f9d28e28cf635c2fef808025b1 and below * is unaffected.
- Version sha256:109ce61c700758e5057d2b465c9820c05f2d51b8f541b70c1b1bcf39fc872d35 and below * is unaffected.
- Version sha256:13454f2f70870d6765f740f36582cdf8139c9ed4c0c38e5f8981eea1374771ad and below * is unaffected.
- Version sha256:0a0e70953d2217d929b55a7a7a4c1e49c7e5f6b196b693312c252bfec2dc3843 and below * is unaffected.
- Version sha256:4c3a738aa7e83a7aea9161c4ef48624a275756531a3d67b13e59b600a4e644ea and below * is unaffected.
- Version sha256:2f3828b6ad0cdf73db157daaea35e750000f0aa2741b7e5aa679253ba76f098b and below * is unaffected.
- Version sha256:00cb6923e961942f4beabe19a6ad142dbff62929996728c664a1995fc76fcf8a and below * is unaffected.
- Version sha256:0d8ff43ca27a8ca5017fc136f9708c743043b72479bced7ce7a91c1057d92339 and below * is unaffected.
- Version sha256:8d131c609dea271df0cf754e7d28cdb79ad45012c5359f61b13713f9467c8e32 and below * is unaffected.
- Version sha256:0282d53fe18c9f427fc9af81fe64ceecd84cc4aee60878b0a0dfec76f3c6b2a9 and below * is unaffected.
- Version sha256:07fade8638107be11d2eb1fe76cd0e051627d85a28aa00e677e82764d94b9bee and below * is unaffected.
- Version sha256:37a3e93d30c7d2bcf8cd60dc52a9230bcb14baf10a13e3e01cdcb800eced0eec and below * is unaffected.
- Version sha256:0fda299fc4af5af2365f1bc7b2155e6a109196218443a03e65eb1b117cbdeeae and below * is unaffected.
- Version sha256:70cc9a59178ea9d801fb8a06ac6bee6cf3b04ab6cefd9c66b52cb3cc88300f0e and below * is unaffected.
- Version sha256:9592e63b97947aa2f4a695c7c727bef327595d84350640a3dac51de86ef08e07 and below * is unaffected.
- Version sha256:2dd678e13edff8659bc429b59d9a4a8129c4dca61da8a2e623eabfadc99c35bd and below * is unaffected.
- Version sha256:1587bf92b7369eaefbf2828c324ceb585b3591c397fd1ecd59804875ab7cf64f and below * is unaffected.
- Version sha256:1d75f5d047a30a5d80df63d6201cd5550c8aad5d000c079f9d8c9a5c62ae45ce and below * is unaffected.
- Version sha256:308cd8acade8e07b3183bbe8735b724b866a7337491afc78967eecd2c812d5e3 and below * is unaffected.
- Version sha256:342ec40b4be75a43a6dc9bd86bdd684ffad05c04e177a173273f1d892e2501dd and below * is unaffected.
- Version sha256:2012c48688b519ce45f08e1392fd886400a1782ea4bf942e434b4281cebca64e and below * is unaffected.
- Version sha256:08df676115e46d1dea0c175df6e56f4501aa79d9590ed9790e1d218994999839 and below * is unaffected.
- Version sha256:37cb9c23e27da0c54c36bd90bace10bc21406529568deb6436dfbb9bb686dfbb and below * is unaffected.
- Version sha256:2afaf7feceda2596f257888a5cc5dd19293252da973d4988e00a21c50aa601c4 and below * is unaffected.
- Version sha256:43232acc4c36c387bfcf4eff514d2bbac42c6baf4aa1a9921abd04f8a05ab6bd and below * is unaffected.
- Version sha256:02e2e6d8f4037d66a951af24d72a02cb1e41bce6a5c1f184fc6797c49f60fc75 and below * is unaffected.
- Version sha256:22c95138c3ca3d086227da3181548a73e86eb244670e0f6acf8ed9011883fdb2 and below * is unaffected.
- Version sha256:2a3861eeb69808eea9cd1848e770a9f3b6e65ef44c8add47675a51e4d35edbfe and below * is unaffected.
- Version sha256:0c5becf0a62d24cb986b0338432e30fa1952487392d3712d190c85f35300cd97 and below * is unaffected.
- Version sha256:27b15f29e01661f7b6857e5da669d4b81f9f1cbcd97e186603552455d82d3152 and below * is unaffected.
- Version sha256:2823b76f7f6ab7583fbf6ef79520eaa6d3875cb569bd5d30e662cc3c06bfc68c and below * is unaffected.
- Version sha256:0cef2dc6c500024d272d85c04ce671648c41d25ed00b4b1c40f9a5cc7c9aa24d and below * is unaffected.
- Version sha256:42bf30dbe0a237936719b62aa1087075e7b387998d2143c2a16a7b7c9960e9fc and below * is unaffected.
- Version sha256:0db4c6508d18e6a8ad4197c666fe01ac772ad4e04f2a7f739aadf7168816e817 and below * is unaffected.
- Version sha256:f4a5e16ed21a930a510b5f695a645be2cb6bff1487f5865650fe3c0759e25689 and below * is unaffected.
- Version sha256:28f2860ac1920009eda82fadd3bd134aa53e410974f257b2d700dd57a5ce55c8 and below * is unaffected.
- Version sha256:0a9ebf5ec13dc86adaf99a291d6d97f306e3d2c4efebe330efed45cb243a7eee and below * is unaffected.
- Version sha256:39b8896056e50856d726943e1fe5474737d00729e24c55ea19927516e7f663a0 and below * is unaffected.
- Version sha256:2157276d6715734095eccf19ee2a3b8ee2610831e6db28db4d1549a45ef1226f and below * is unaffected.
- Version sha256:12de253d776c8a2b72966403179650aeee0ea3a4100be45a93b240fcf23ccc17 and below * is unaffected.
- Version sha256:57f81dbdd41c7ffba5d245a3cfff9192051443da9e77da67a54df4459f472a5a and below * is unaffected.
- Version sha256:28fecbad41a6b90ed64ff1ed6d36acf4cf88a8f86131556d6d8ba35766c9a70e and below * is unaffected.
- Version sha256:69ae289c4b1a9a51a25813d996d7f14794bcddc39df0512cc6e8effc6e32ad16 and below * is unaffected.
- Version sha256:51e41acedaa776080b4f8a297d13d4f609839b834d929f4312a2c70afdb68329 and below * is unaffected.
- Version sha256:0569ea1b4783e21b056242d9f2a40a548ff560a5ab957245444cc3770ed664db and below * is unaffected.
- Version sha256:271c19cfd3fa7295781909453024996f81d21cab5d875a8ce04c04e14ec78fb4 and below * is unaffected.
- Version sha256:0e4f342bb1f967db85cd40ab3318966bbf011629276cc946c11cab721e091f4b and below * is unaffected.
- Version sha256:2e5849819b5220b3b7c2185a1fe85b6d02151bc44aa5e582f7f0090d77cbb591 and below * is unaffected.
- Version sha256:4af5cbf6944b170e3578f0e904a57acbdef4ce27b7dbd9629b2a4d7c0231330d and below * is unaffected.
- Version sha256:0d7aed32d3447e3a3571b82f45a190221f48e224e70dcbb8ebc97b0172ca8544 and below * is unaffected.
- Version sha256:a8c51e193d55d14f9ea4a897047478dfe63fec2b07de4306459fe92805063f8b and below * is unaffected.
- Version sha256:04037c00520f7f909565b6461455f0878a54d9f879b328708872c7f03bd24175 and below * is unaffected.
- Version sha256:875e86d19b02583156eb12fc726b5089a377403088389997383c0c986e3b2fc1 and below * is unaffected.
- Version sha256:4732e19283a907e1a987590a0815e4c7b95c80218864eb6ae7f0393867a28e2e and below * is unaffected.
- Version sha256:0b3b8d6d1c0cd176ab61c529ab42e7a12720f6a42bf89ca1568656bdbc463310 and below * is unaffected.
- Version sha256:2a9ecf79a8209fb80fc189c2a05b68ebb3874dd2e1c404361f3b26533188e6a1 and below * is unaffected.
- Version sha256:57597555a31a799fec3dfbdc43949a8b3b1fb9bc02ef8a7990982335ee94f71d and below * is unaffected.
- Version sha256:00d18b2cf2c778dc1f4a6ec4502038bec5138ef7624ef13a7360d48745a315f2 and below * is unaffected.
- Version sha256:4b3115829f2443bc90d15421da6e0679d7f9364639a46bd43aa858ec5e2109f7 and below * is unaffected.
- Version sha256:e661ba3760dbd154ca7fcac8ceb39a50403664e712f43a93c4732b7e078de7aa and below * is unaffected.
- Version sha256:55e3e523175182a9f5536e3d331ad57596b5d28d51e7177efb875d16fa81ecc2 and below * is unaffected.
- Version sha256:05e0499ac1613f5e1c7bcdca0a481a5fddc0497c48d36d6770f40e69eaa10ba1 and below * is unaffected.
- Version sha256:0c3219a8065376f68178b94273c691afa37d5b2ab49f26e1f8167624a1487965 and below * is unaffected.
- Version sha256:1feecf8d8b8d2cbc52990a41805d80b8681763b1e3f8302b2d1e210582b8f6cf and below * is unaffected.
- Version sha256:44cc96e8349dffd1258b7e1a2e3b80616a3452c6c15f3b34e1d8de66ddcaa4cc and below * is unaffected.
- Version sha256:05662182c4c1d373d36066294c7f927d63ef85c6f0922ced8612a2eb8bd7d925 and below * is unaffected.
- Version sha256:63b810beca8b6ccc35d1a80c6f0c42d3b50adea67c25ab352f6514fb5d1461cb and below * is unaffected.
- Version sha256:6336c817d1bcbce9677ca5d525ceedd28789cbde1384cf7a606608168f4e0f10 and below * is unaffected.
- Version sha256:00b3718224bcd0b08300680b8cf5b5525cb959db13d607ee93c2f836b759501e and below * is unaffected.
- Version sha256:01d2635790a1a5aca7f20de055db2718c262e51ddba75aff9fab1488fd65ab20 and below * is unaffected.
- Version sha256:2a4c4141c97c71c8e1ee31da6acf1c80556eebf0b3f28eabae9eafffa1e251e3 and below * is unaffected.
- Version sha256:8689f95dfb32aafea228ef08e290949cc3c31e6a2acbb0f66da02ef0cf84089c and below * is unaffected.
- Version sha256:1690d6c99f4626289bcdd78c8521edffb61c91da1a45aa2eb2b6ab2af137b7c1 and below * is unaffected.
- Version sha256:5ee6284d6354e4e55f1ee7eb5a79b833aae6e31bf42bf185c4192e5d373f06e7 and below * is unaffected.
- Version sha256:87f5569806a8960520bab78d69514f2e2061b2ad69040cf7c164a5037c27e6bf and below * is unaffected.
- Version sha256:00bdcca61bc8765fbbc838deeb86392ce25c72f0170241c270484ec9b77bd263 and below * is unaffected.
- Version sha256:37d0208891259e9d725fb4146d023c1f0cd0dafbff8e322b7c12621ea25f8c85 and below * is unaffected.
- Version sha256:2bd4927011a029a1dd7ba2baa2fdc759d431550879eddc8813d89cb44cdb2767 and below * is unaffected.
- Version sha256:5aad1d226292a42c700e97575eec56040108869acdcb720a9c5b32d02a0035b3 and below * is unaffected.
- Version sha256:2abd2d479416e66c6f85e4e883d5e4987bc38f476f907766374784107b89de9a and below * is unaffected.
- Version sha256:0a5ac166f5ebddae21dcf2ce8a5932494209533ac4a92ff5551a402291f27ff9 and below * is unaffected.
- Version sha256:65176cfc11dcc49e7b175404475dd0fcd9ad14e3b3e8ab85816cf52d64c51512 and below * is unaffected.
- Version sha256:173a4998c70c4c8ff9d0d4f90fb48e8e3d3f8fbc4deeb4f742cbaa38dda61215 and below * is unaffected.
- Version sha256:599bfb2b83e095f88d90a408d4e8bf66bf10070255c5d174ca9ed8668111d25f and below * is unaffected.
- Version sha256:40f8584e7ed0be1742fc3d40ee639dfd5323e38c55c7fcae4146d4246abf6cf0 and below * is unaffected.
- Version sha256:116f99072859f76161266a538d92d7e19e3b463fc18e6084cf7faf7a6b311116 and below * is unaffected.
- Version sha256:053ad72159390ad37825015b051252dc162f46ebeeab4866e1568af1f0084cab and below * is unaffected.
- Version sha256:1645b8ebfe127ec4a9b8c7c7a2d2ae6723bf1c02d49920a7f579197e8d21366f and below * is unaffected.
- Version sha256:1d10099e7b5e3a3c4444569f6af365f90494c71b758aad1dad53f5aecf788ca5 and below * is unaffected.
- Version sha256:2987990bc63fa58ced038084921bdf168a017bd0b94b296a7c79dc264388339a and below * is unaffected.
- Version sha256:25b4647a37692cde90c499460a62a78342827265992adc0740bef650028fc2df and below * is unaffected.
Exploit Probability
EPSS
0.01%
Percentile
0.56%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.