CVE-2024-33522 – github.com/projectcalico/calico/v3

Package

Manager: go
Name: github.com/projectcalico/calico/v3
Vulnerable Version: >=0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

EPSS: 0.0004 pctl0.10762

Details

Calico privilege escalation vulnerability in github.com/projectcalico/calico Calico privilege escalation vulnerability in github.com/projectcalico/calico. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. (If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.) The additional affected modules and versions are: github.com/projectcalico/calico/v3 before v3.26.5, from v3.27.0 before v3.27.3.

Metadata

Created: 2024-06-10T16:39:03Z
Modified: 2024-08-19T17:26:27Z
Source: https://osv-vulnerabilities
CWE IDs: N/A
Alternative ID: N/A
Finding: F159
Auto approve: 1