CVE-2025-0495 — Vulnetix

CVE-2025-0495 PUBLISHED CVSS 4.099999904632568 MEDIUM

buildx allows a possible credential leakage to telemetry endpoint

EPSS 0.06% · 18.7th percentile

Risk Scores

CVSS 4.0

4.099999904632568

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N

EPSS Score

0.06%

18.7th percentile

Affected Products

Vendor	Product	Versions
docker	buildx	0, 0
github.com	docker/buildx	0, 0

Exploit Intelligence

CIRCL seen: CVE-2025-0495 (circl-sighting)
CIRCL seen: CVE-2025-0495 (circl-sighting)
CIRCL seen: CVE-2025-0495 (circl-sighting)
CIRCL seen: CVE-2025-0495 (circl-sighting)
CIRCL seen: CVE-2025-0495 (circl-sighting)
https://github.com/docker/buildx (circl)

Timeline

Mar 17, 2025 CVE Published
Mar 17, 2025 PoC Published
Mar 17, 2025 PoC Published
Mar 18, 2025 EPSS Score
Mar 18, 2025 PoC Published
Mar 31, 2025 EPSS Score
Apr 14, 2025 EPSS Score
Apr 27, 2025 EPSS Score
May 11, 2025 EPSS Score
May 24, 2025 EPSS Score
Jun 6, 2025 EPSS Score
Jun 20, 2025 EPSS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›