- Description
- The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file that lacks "persist-credentials: false" for actions/checkout.
- Source
- cve@mitre.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.7
- Impact score
- 5.8
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
- Severity
- HIGH
- cve@mitre.org
- CWE-260
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
๐จ CVE-2025-32111 ๐ด HIGH (8.7) ๐ข https://t.co/mlwuBta7PR project - https://t.co/mlwuBta7PR ๐๏ธ 0 ๐ https://t.co/I1ET2u7Ni3 ๐ https://t.co/p6AZaEk8uH ๐ https://t.co/mTVYcIOJ34 #CyberCron #VulnAlert #InfoSec https://t.co/mSl45XXzBL
@cybercronai
4 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
๐จ CVE-2025-32111: A critical flaw in the https://t.co/yYMZMTcRek Docker image may expose credentials due to misconfigured GitHub Actions. Severity: High (CVSS 8.7). Patch required ASAP. ๐ Read more: https://t.co/vS6VAzgs0U #CVE2025 #Security #DevSecOps #Docker #GitHubActions
@threatsbank
4 Apr 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-32111: HIGH] The Docker image from https://t.co/Di4piA0IzK before 40b6db6 is based on a .github/workflows/dockerhub.yml file that lacks "persist-credentials: false" for actions/checkout.#cybersecurity,#vulnerability https://t.co/OLh7rZOZgi https://t.co/87JdoKjdzu
@CveFindCom
4 Apr 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes