VDB

CVE-2023-27484

CVE-2023-27484 PUBLISHED CVSS 6.199999809265137 MEDIUM

Crossplane-runtime contains Improper Input Validation via Compositions

EPSS 0.31% · 54.5th percentile

Risk Scores

CVSS v3.1
6.199999809265137
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
EPSS Score
0.31%
54.5th percentile

Affected Products

VendorProductVersions
crossplanecrossplane*, >= 1.11.0, < 1.11.2, 1.9.0
github.comcrossplane/crossplane1.10.0, 1.11.0, 0

Timeline

  • Mar 9, 2023 CVE Published
  • Mar 10, 2023 EPSS Score
  • Mar 10, 2023 PoC Published
  • Mar 17, 2023 CVE Updated
  • Apr 18, 2023 EPSS Score
  • May 27, 2023 EPSS Score
  • Jul 4, 2023 EPSS Score
  • Aug 12, 2023 EPSS Score
  • Sep 20, 2023 EPSS Score
  • Oct 29, 2023 EPSS Score
  • Dec 7, 2023 EPSS Score
  • Jan 14, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›