Skip to content

Commit

Permalink
Update 2024-12-13
Browse files Browse the repository at this point in the history
  • Loading branch information
@rancher-security-bot
rancher-security-bot committed Dec 13, 2024
1 parent 769bc2b commit 27c25b6
Show file tree
Hide file tree
Showing 21 changed files with 24,040 additions and 23,795 deletions.
1,234 changes: 623 additions & 611 deletions docs/harvester-master.html
View file

Large diffs are not rendered by default.

2,288 changes: 1,150 additions & 1,138 deletions docs/harvester-v1.3-head.html
View file

Large diffs are not rendered by default.

2,326 changes: 1,169 additions & 1,157 deletions docs/harvester-v1.3.2.html
View file

Large diffs are not rendered by default.

1,270 changes: 641 additions & 629 deletions docs/harvester-v1.4-head.html
View file

Large diffs are not rendered by default.

1,272 changes: 642 additions & 630 deletions docs/harvester-v1.4.0.html
View file

Large diffs are not rendered by default.

7 changes: 6 additions & 1 deletion docs/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,15 @@
#cves_table th { cursor: pointer; }
td { padding: 7px; }
#center_row { text-align: center; }
/* Tooltip inspired from www.w3schools.com */
.cve_sev { position: relative; display: inline-block; border-bottom: 1px dotted black; }
.cve_sev:hover .cve_sev_note { visibility: visible; }
.cve_sev .cve_sev_note { visibility: hidden; width: 150px; background-color: #000000; color: #ffffff; text-align: center; border-radius: 6px; padding: 8px 0; position: absolute; z-index: 1; bottom: 150%; left: 50%; margin-left: -70px; }
.cve_sev .cve_sev_note::after { content: " "; position: absolute; top: 100%; left: 50%; margin-left: -8px; border-width: 8px; border-style: solid; border-color: black transparent transparent transparent; }
</style>
</head>
<body class="index">
<h1>SUSE Rancher - CVE Scans - 2024-12-12</h1>
<h1>SUSE Rancher - CVE Scans - 2024-12-13</h1>

<h2>How to use this page</h2>

Expand Down
30 changes: 21 additions & 9 deletions docs/longhorn-master.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,15 @@
#cves_table th { cursor: pointer; }
td { padding: 7px; }
#center_row { text-align: center; }
/* Tooltip inspired from www.w3schools.com */
.cve_sev { position: relative; display: inline-block; border-bottom: 1px dotted black; }
.cve_sev:hover .cve_sev_note { visibility: visible; }
.cve_sev .cve_sev_note { visibility: hidden; width: 150px; background-color: #000000; color: #ffffff; text-align: center; border-radius: 6px; padding: 8px 0; position: absolute; z-index: 1; bottom: 150%; left: 50%; margin-left: -70px; }
.cve_sev .cve_sev_note::after { content: " "; position: absolute; top: 100%; left: 50%; margin-left: -8px; border-width: 8px; border-style: solid; border-color: black transparent transparent transparent; }
</style>
</head>
<body>
<h1>SUSE Rancher - Longhorn master version - CVE Scans - 2024-12-12</h1>
<h1>SUSE Rancher - Longhorn master version - CVE Scans - 2024-12-13</h1>

<h3>How to use this page</h3>

Expand All @@ -32,8 +37,15 @@ <h3>How to use this page</h3>
<li>The search functionality might execute a bit slow depending on the number of
vulnerabilities displayed in the page.</li>
<li>For further instructions about scanned versions, scanning frequency, tooling
and false-positives, please consult the
<a href="index.html">main instructions</a>.</li>
and false-positives, please consult the <a href="index.html">main instructions</a>.</li>
<li>The severity (CVSS rating) of some CVEs in the portal might differ from the
original severity reported by some vendors and security scanners.<br>This happens,
because SUSE <a href="https://www.suse.com/security/cve/">recalculates</a> the
CVSS rating of CVEs based on criteria, like: applicability and difficulty of the
issue being<br>exploited in the wild; how it can actually affect the
confidentiality, integrity and availability of SUSE's products etc. CVEs that
had their CVSS<br>severity rating changed, either decreased or increased, will have
the distinctive tag '*' close to its severity.</li>
</ul>

<div>
Expand All @@ -58,7 +70,7 @@ <h3>How to use this page</h3>
<td>Longhorn master</td>
<td>csi-attacher</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -68,7 +80,7 @@ <h3>How to use this page</h3>
<td>Longhorn master</td>
<td>csi-node-driver-registrar</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -78,7 +90,7 @@ <h3>How to use this page</h3>
<td>Longhorn master</td>
<td>csi-provisioner</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -88,7 +100,7 @@ <h3>How to use this page</h3>
<td>Longhorn master</td>
<td>csi-resizer</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -98,7 +110,7 @@ <h3>How to use this page</h3>
<td>Longhorn master</td>
<td>csi-snapshotter</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -108,7 +120,7 @@ <h3>How to use this page</h3>
<td>Longhorn master</td>
<td>livenessprobe</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand Down
58 changes: 35 additions & 23 deletions docs/longhorn-v1.6-head.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,15 @@
#cves_table th { cursor: pointer; }
td { padding: 7px; }
#center_row { text-align: center; }
/* Tooltip inspired from www.w3schools.com */
.cve_sev { position: relative; display: inline-block; border-bottom: 1px dotted black; }
.cve_sev:hover .cve_sev_note { visibility: visible; }
.cve_sev .cve_sev_note { visibility: hidden; width: 150px; background-color: #000000; color: #ffffff; text-align: center; border-radius: 6px; padding: 8px 0; position: absolute; z-index: 1; bottom: 150%; left: 50%; margin-left: -70px; }
.cve_sev .cve_sev_note::after { content: " "; position: absolute; top: 100%; left: 50%; margin-left: -8px; border-width: 8px; border-style: solid; border-color: black transparent transparent transparent; }
</style>
</head>
<body>
<h1>SUSE Rancher - Longhorn v1.6 head version - CVE Scans - 2024-12-12</h1>
<h1>SUSE Rancher - Longhorn v1.6 head version - CVE Scans - 2024-12-13</h1>

<h3>How to use this page</h3>

Expand All @@ -32,8 +37,15 @@ <h3>How to use this page</h3>
<li>The search functionality might execute a bit slow depending on the number of
vulnerabilities displayed in the page.</li>
<li>For further instructions about scanned versions, scanning frequency, tooling
and false-positives, please consult the
<a href="index.html">main instructions</a>.</li>
and false-positives, please consult the <a href="index.html">main instructions</a>.</li>
<li>The severity (CVSS rating) of some CVEs in the portal might differ from the
original severity reported by some vendors and security scanners.<br>This happens,
because SUSE <a href="https://www.suse.com/security/cve/">recalculates</a> the
CVSS rating of CVEs based on criteria, like: applicability and difficulty of the
issue being<br>exploited in the wild; how it can actually affect the
confidentiality, integrity and availability of SUSE's products etc. CVEs that
had their CVSS<br>severity rating changed, either decreased or increased, will have
the distinctive tag '*' close to its severity.</li>
</ul>

<div>
Expand Down Expand Up @@ -218,7 +230,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>csi-attacher</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -228,7 +240,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>csi-node-driver-registrar</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -238,7 +250,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>csi-provisioner</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-24790">CVE-2024-24790</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-24790.html">CVE-2024-24790</a></td>
<td>CRITICAL</td>
<td>gobinary</td>
</tr>
Expand All @@ -248,7 +260,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>csi-provisioner</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-45288">CVE-2023-45288</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2023-45288.html">CVE-2023-45288</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -258,7 +270,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>csi-provisioner</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -268,7 +280,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>csi-resizer</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -278,7 +290,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>csi-snapshotter</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-24790">CVE-2024-24790</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-24790.html">CVE-2024-24790</a></td>
<td>CRITICAL</td>
<td>gobinary</td>
</tr>
Expand All @@ -288,7 +300,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>csi-snapshotter</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-39325">CVE-2023-39325</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2023-39325.html">CVE-2023-39325</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -298,7 +310,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>csi-snapshotter</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-45283">CVE-2023-45283</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2023-45283.html">CVE-2023-45283</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -308,7 +320,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>csi-snapshotter</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-45288">CVE-2023-45288</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2023-45288.html">CVE-2023-45288</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -318,7 +330,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>csi-snapshotter</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -328,7 +340,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>livenessprobe</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand Down Expand Up @@ -398,7 +410,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>usr/local/bin/grpc_health_probe</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -408,7 +420,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>usr/local/bin/longhorn</td>
<td>github.com/moby/[email protected]+incompatible</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-36621">CVE-2024-36621</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-36621.html">CVE-2024-36621</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -418,7 +430,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>usr/local/bin/longhorn</td>
<td>github.com/moby/[email protected]+incompatible</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-36623">CVE-2024-36623</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-36623.html">CVE-2024-36623</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand Down Expand Up @@ -528,7 +540,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>usr/local/bin/grpc_health_probe</td>
<td>[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-34156">CVE-2024-34156</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-34156.html">CVE-2024-34156</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand Down Expand Up @@ -598,7 +610,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>usr/local/sbin/longhorn-manager</td>
<td>go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-47108">CVE-2023-47108</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2023-47108.html">CVE-2023-47108</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -608,7 +620,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>usr/local/sbin/longhorn-manager</td>
<td>go.opentelemetry.io/contrib/instrumentation/net/http/[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-45142">CVE-2023-45142</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2023-45142.html">CVE-2023-45142</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand All @@ -628,7 +640,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>usr/local/sbin/longhorn-manager</td>
<td>k8s.io/[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-10220">CVE-2024-10220</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-10220.html">CVE-2024-10220</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand Down Expand Up @@ -658,7 +670,7 @@ <h3>How to use this page</h3>
<td>Longhorn v1.6 head</td>
<td>longhorn-share-manager</td>
<td>k8s.io/[email protected]</td>
<td><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-10220">CVE-2024-10220</a></td>
<td><a href="https://www.suse.com/security/cve/CVE-2024-10220.html">CVE-2024-10220</a></td>
<td>HIGH</td>
<td>gobinary</td>
</tr>
Expand Down
Loading

0 comments on commit 27c25b6

Please sign in to comment.