Skip to content

Commit

Permalink
Update 2025-01-10
Browse files Browse the repository at this point in the history
  • Loading branch information
@rancher-security-bot
rancher-security-bot committed Jan 10, 2025
1 parent 8441b99 commit 9039aa0
Show file tree
Hide file tree
Showing 54 changed files with 275 additions and 473 deletions.
1 change: 0 additions & 1 deletion docs/csv/report-harvester-master-cves.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -657,7 +657,6 @@ rancher/rancher:v2.9.3,harvester/master,golang.org/x/crypto,v0.25.0,gobinary,CVE
rancher/rancher:v2.9.3,harvester/master,golang.org/x/net,v0.27.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,usr/share/rancher/ui/assets/wins.exe,0.33.0,false,affected,
rancher/rke2-cloud-provider:v1.30.6-0.20241016053533-5ec454f50e7a-build20241016,harvester/master,golang.org/x/net,v0.28.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,usr/local/bin/rke2-cloud-provider,0.33.0,false,affected,
rancher/rke2-runtime:v1.30.7-rke2r1,harvester/master,k8s.io/kubernetes,v1.30.0,gobinary,CVE-2024-5321,HIGH,https://avd.aquasec.com/nvd/cve-2024-5321,bin/crictl,"1.27.16, 1.28.12, 1.29.7, 1.30.3",false,affected,
rancher/rke2-runtime:v1.30.7-rke2r1,harvester/master,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/shell:v0.1.24,harvester/master,glibc,2.31-150300.74.1,sles,SUSE-SU-2024:1895-1,HIGH,,rancher/shell:v0.1.24 (sles 15.5),2.31-150300.83.1,false,affected,
rancher/shell:v0.1.24,harvester/master,krb5,1.20.1-150500.3.6.1,sles,SUSE-SU-2024:2302-1,HIGH,,rancher/shell:v0.1.24 (sles 15.5),1.20.1-150500.3.9.1,false,affected,
rancher/shell:v0.1.24,harvester/master,libglib-2_0-0,2.70.5-150400.3.8.1,sles,SUSE-SU-2024:4078-1,HIGH,,rancher/shell:v0.1.24 (sles 15.5),2.70.5-150400.3.17.1,false,affected,
Expand Down
2 changes: 1 addition & 1 deletion docs/csv/report-harvester-master-stats.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ rancher/rancher-agent:v2.9.3,0,3,3
rancher/rancher-webhook:v0.5.3,0,1,1
rancher/rancher:v2.9.3,1,12,13
rancher/rke2-cloud-provider:v1.30.6-0.20241016053533-5ec454f50e7a-build20241016,0,1,1
rancher/rke2-runtime:v1.30.7-rke2r1,0,2,2
rancher/rke2-runtime:v1.30.7-rke2r1,0,1,1
rancher/shell:v0.1.24,1,17,18
rancher/shell:v0.1.26,0,10,10
rancher/shell:v0.2.2,0,4,4
Expand Down
1 change: 0 additions & 1 deletion docs/csv/report-harvester-v1.3-head-cves.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -986,7 +986,6 @@ rancher/rancher:v2.8.5,harvester/v1.3-head,stdlib,v1.18.10,gobinary,CVE-2023-452
rancher/rancher:v2.8.5,harvester/v1.3-head,stdlib,v1.18.10,gobinary,CVE-2023-45288,HIGH,https://avd.aquasec.com/nvd/cve-2023-45288,usr/share/rancher/ui/assets/wins.exe,"1.21.9, 1.22.2",false,affected,
rancher/rancher:v2.8.5,harvester/v1.3-head,stdlib,v1.18.10,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,usr/share/rancher/ui/assets/wins.exe,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
rancher/rke2-cloud-provider:v1.28.15-0.20241016053552-63bfb1936862-build20241016,harvester/v1.3-head,golang.org/x/net,v0.28.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,usr/local/bin/rke2-cloud-provider,0.33.0,false,affected,
rancher/rke2-runtime:v1.28.15-rke2r1,harvester/v1.3-head,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/shell:v0.1.26,harvester/v1.3-head,curl,8.6.0-150600.2.2,sles,SUSE-SU-2024:2784-1,HIGH,,rancher/shell:v0.1.26 (sles 15.6),8.6.0-150600.4.3.1,false,affected,
rancher/shell:v0.1.26,harvester/v1.3-head,libcurl4,8.6.0-150600.2.2,sles,SUSE-SU-2024:2784-1,HIGH,,rancher/shell:v0.1.26 (sles 15.6),8.6.0-150600.4.3.1,false,affected,
rancher/shell:v0.1.26,harvester/v1.3-head,libopenssl3,3.1.4-150600.5.7.1,sles,SUSE-SU-2024:2635-1,HIGH,,rancher/shell:v0.1.26 (sles 15.6),3.1.4-150600.5.10.1,false,affected,
Expand Down
2 changes: 1 addition & 1 deletion docs/csv/report-harvester-v1.3-head-stats.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ rancher/nginx-ingress-controller:v1.10.5-hardened3,0,8,8
rancher/rancher-webhook:v0.4.7,0,1,1
rancher/rancher:v2.8.5,3,96,99
rancher/rke2-cloud-provider:v1.28.15-0.20241016053552-63bfb1936862-build20241016,0,1,1
rancher/rke2-runtime:v1.28.15-rke2r1,0,1,1
rancher/rke2-runtime:v1.28.15-rke2r1,0,0,0
rancher/shell:v0.1.26,0,10,10
rancher/support-bundle-kit:v0.0.38,0,7,7
rancher/system-agent-installer-rancher:v2.8.5,0,1,1
Expand Down
1 change: 0 additions & 1 deletion docs/csv/report-harvester-v1.4-head-cves.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -665,7 +665,6 @@ rancher/rancher:v2.9.3,harvester/v1.4-head,golang.org/x/crypto,v0.25.0,gobinary,
rancher/rancher:v2.9.3,harvester/v1.4-head,golang.org/x/net,v0.27.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,usr/share/rancher/ui/assets/wins.exe,0.33.0,false,affected,
rancher/rke2-cloud-provider:v1.30.6-0.20241016053533-5ec454f50e7a-build20241016,harvester/v1.4-head,golang.org/x/net,v0.28.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,usr/local/bin/rke2-cloud-provider,0.33.0,false,affected,
rancher/rke2-runtime:v1.30.7-rke2r1,harvester/v1.4-head,k8s.io/kubernetes,v1.30.0,gobinary,CVE-2024-5321,HIGH,https://avd.aquasec.com/nvd/cve-2024-5321,bin/crictl,"1.27.16, 1.28.12, 1.29.7, 1.30.3",false,affected,
rancher/rke2-runtime:v1.30.7-rke2r1,harvester/v1.4-head,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/shell:v0.1.24,harvester/v1.4-head,glibc,2.31-150300.74.1,sles,SUSE-SU-2024:1895-1,HIGH,,rancher/shell:v0.1.24 (sles 15.5),2.31-150300.83.1,false,affected,
rancher/shell:v0.1.24,harvester/v1.4-head,krb5,1.20.1-150500.3.6.1,sles,SUSE-SU-2024:2302-1,HIGH,,rancher/shell:v0.1.24 (sles 15.5),1.20.1-150500.3.9.1,false,affected,
rancher/shell:v0.1.24,harvester/v1.4-head,libglib-2_0-0,2.70.5-150400.3.8.1,sles,SUSE-SU-2024:4078-1,HIGH,,rancher/shell:v0.1.24 (sles 15.5),2.70.5-150400.3.17.1,false,affected,
Expand Down
2 changes: 1 addition & 1 deletion docs/csv/report-harvester-v1.4-head-stats.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ rancher/rancher-agent:v2.9.3,0,3,3
rancher/rancher-webhook:v0.5.3,0,1,1
rancher/rancher:v2.9.3,1,12,13
rancher/rke2-cloud-provider:v1.30.6-0.20241016053533-5ec454f50e7a-build20241016,0,1,1
rancher/rke2-runtime:v1.30.7-rke2r1,0,2,2
rancher/rke2-runtime:v1.30.7-rke2r1,0,1,1
rancher/shell:v0.1.24,1,17,18
rancher/shell:v0.1.26,0,10,10
rancher/shell:v0.2.2,0,4,4
Expand Down
1 change: 0 additions & 1 deletion docs/csv/report-harvester-v1.4.0-cves.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -797,7 +797,6 @@ rancher/rke2-cloud-provider:v1.29.8-build20240910,harvester/v1.4.0,golang.org/x/
rancher/rke2-cloud-provider:v1.29.8-build20240910,harvester/v1.4.0,golang.org/x/net,v0.25.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,usr/local/bin/rke2-cloud-provider,0.33.0,false,affected,
rancher/rke2-runtime:v1.29.9-rke2r1,harvester/v1.4.0,stdlib,v1.22.6,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,bin/kubectl,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
rancher/rke2-runtime:v1.29.9-rke2r1,harvester/v1.4.0,stdlib,v1.22.6,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,bin/kubelet,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
rancher/rke2-runtime:v1.29.9-rke2r1,harvester/v1.4.0,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/shell:v0.1.24,harvester/v1.4.0,glibc,2.31-150300.74.1,sles,SUSE-SU-2024:1895-1,HIGH,,rancher/shell:v0.1.24 (sles 15.5),2.31-150300.83.1,false,affected,
rancher/shell:v0.1.24,harvester/v1.4.0,krb5,1.20.1-150500.3.6.1,sles,SUSE-SU-2024:2302-1,HIGH,,rancher/shell:v0.1.24 (sles 15.5),1.20.1-150500.3.9.1,false,affected,
rancher/shell:v0.1.24,harvester/v1.4.0,libglib-2_0-0,2.70.5-150400.3.8.1,sles,SUSE-SU-2024:4078-1,HIGH,,rancher/shell:v0.1.24 (sles 15.5),2.70.5-150400.3.17.1,false,affected,
Expand Down
2 changes: 1 addition & 1 deletion docs/csv/report-harvester-v1.4.0-stats.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ rancher/nginx-ingress-controller:v1.10.4-hardened3,0,12,12
rancher/rancher-webhook:v0.5.2,0,1,1
rancher/rancher:v2.9.2,4,18,22
rancher/rke2-cloud-provider:v1.29.8-build20240910,0,2,2
rancher/rke2-runtime:v1.29.9-rke2r1,0,1,1
rancher/rke2-runtime:v1.29.9-rke2r1,0,0,0
rancher/shell:v0.1.24,1,17,18
rancher/shell:v0.1.26,0,10,10
rancher/shell:v0.2.1,0,9,9
Expand Down
1 change: 0 additions & 1 deletion docs/csv/report-k3s-v1.28-cves.csv
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
image,release,package_name,package_version,type,vulnerability_id,severity,url,target,patched_version,mirrored,status,justification
rancher/k3s:v1.28.15-k3s1,k3s/v1.28,go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc,v0.35.0,gobinary,CVE-2023-47108,HIGH,https://avd.aquasec.com/nvd/cve-2023-47108,bin/k3s,0.46.0,false,affected,
rancher/k3s:v1.28.15-k3s1,k3s/v1.28,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/mirrored-coredns-coredns:1.11.3,k3s/v1.28,stdlib,v1.21.11,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,coredns,"1.22.7, 1.23.1",true,affected,severity_changed_due_to_suse_cvss_score
rancher/mirrored-metrics-server:v0.7.2,k3s/v1.28,golang.org/x/crypto,v0.26.0,gobinary,CVE-2024-45337,HIGH,https://avd.aquasec.com/nvd/cve-2024-45337,metrics-server,0.31.0,true,affected,severity_changed_due_to_suse_cvss_score
rancher/mirrored-metrics-server:v0.7.2,k3s/v1.28,golang.org/x/net,v0.28.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,metrics-server,0.33.0,true,affected,
Expand Down
2 changes: 1 addition & 1 deletion docs/csv/report-k3s-v1.28-stats.csv
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
image,critical,high,total
rancher/k3s:v1.28.15-k3s1,0,2,2
rancher/k3s:v1.28.15-k3s1,0,1,1
rancher/klipper-helm:v0.9.3-build20241008,0,0,0
rancher/klipper-lb:v0.4.9,0,0,0
rancher/local-path-provisioner:v0.0.30,0,0,0
Expand Down
1 change: 0 additions & 1 deletion docs/csv/report-k3s-v1.29-cves.csv
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
image,release,package_name,package_version,type,vulnerability_id,severity,url,target,patched_version,mirrored,status,justification
rancher/k3s:v1.29.12-k3s1,k3s/v1.29,go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc,v0.45.0,gobinary,CVE-2023-47108,HIGH,https://avd.aquasec.com/nvd/cve-2023-47108,bin/k3s,0.46.0,false,affected,
rancher/k3s:v1.29.12-k3s1,k3s/v1.29,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/mirrored-metrics-server:v0.7.2,k3s/v1.29,golang.org/x/crypto,v0.26.0,gobinary,CVE-2024-45337,HIGH,https://avd.aquasec.com/nvd/cve-2024-45337,metrics-server,0.31.0,true,affected,severity_changed_due_to_suse_cvss_score
rancher/mirrored-metrics-server:v0.7.2,k3s/v1.29,golang.org/x/net,v0.28.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,metrics-server,0.33.0,true,affected,
rancher/mirrored-metrics-server:v0.7.2,k3s/v1.29,stdlib,v1.22.5,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,metrics-server,"1.22.7, 1.23.1",true,affected,severity_changed_due_to_suse_cvss_score
2 changes: 1 addition & 1 deletion docs/csv/report-k3s-v1.29-stats.csv
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
image,critical,high,total
rancher/k3s:v1.29.12-k3s1,0,2,2
rancher/k3s:v1.29.12-k3s1,0,1,1
rancher/klipper-helm:v0.9.3-build20241008,0,0,0
rancher/klipper-lb:v0.4.9,0,0,0
rancher/local-path-provisioner:v0.0.30,0,0,0
Expand Down
1 change: 0 additions & 1 deletion docs/csv/report-k3s-v1.30-cves.csv
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
image,release,package_name,package_version,type,vulnerability_id,severity,url,target,patched_version,mirrored,status,justification
rancher/k3s:v1.30.8-k3s1,k3s/v1.30,go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc,v0.45.0,gobinary,CVE-2023-47108,HIGH,https://avd.aquasec.com/nvd/cve-2023-47108,bin/k3s,0.46.0,false,affected,
rancher/k3s:v1.30.8-k3s1,k3s/v1.30,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/mirrored-metrics-server:v0.7.2,k3s/v1.30,golang.org/x/crypto,v0.26.0,gobinary,CVE-2024-45337,HIGH,https://avd.aquasec.com/nvd/cve-2024-45337,metrics-server,0.31.0,true,affected,severity_changed_due_to_suse_cvss_score
rancher/mirrored-metrics-server:v0.7.2,k3s/v1.30,golang.org/x/net,v0.28.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,metrics-server,0.33.0,true,affected,
rancher/mirrored-metrics-server:v0.7.2,k3s/v1.30,stdlib,v1.22.5,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,metrics-server,"1.22.7, 1.23.1",true,affected,severity_changed_due_to_suse_cvss_score
2 changes: 1 addition & 1 deletion docs/csv/report-k3s-v1.30-stats.csv
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
image,critical,high,total
rancher/k3s:v1.30.8-k3s1,0,2,2
rancher/k3s:v1.30.8-k3s1,0,1,1
rancher/klipper-helm:v0.9.3-build20241008,0,0,0
rancher/klipper-lb:v0.4.9,0,0,0
rancher/local-path-provisioner:v0.0.30,0,0,0
Expand Down
1 change: 0 additions & 1 deletion docs/csv/report-k3s-v1.31-cves.csv
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
image,release,package_name,package_version,type,vulnerability_id,severity,url,target,patched_version,mirrored,status,justification
rancher/k3s:v1.31.4-k3s1,k3s/v1.31,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/mirrored-metrics-server:v0.7.2,k3s/v1.31,golang.org/x/crypto,v0.26.0,gobinary,CVE-2024-45337,HIGH,https://avd.aquasec.com/nvd/cve-2024-45337,metrics-server,0.31.0,true,affected,severity_changed_due_to_suse_cvss_score
rancher/mirrored-metrics-server:v0.7.2,k3s/v1.31,golang.org/x/net,v0.28.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,metrics-server,0.33.0,true,affected,
rancher/mirrored-metrics-server:v0.7.2,k3s/v1.31,stdlib,v1.22.5,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,metrics-server,"1.22.7, 1.23.1",true,affected,severity_changed_due_to_suse_cvss_score
2 changes: 1 addition & 1 deletion docs/csv/report-k3s-v1.31-stats.csv
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
image,critical,high,total
rancher/k3s:v1.31.4-k3s1,0,1,1
rancher/k3s:v1.31.4-k3s1,0,0,0
rancher/klipper-helm:v0.9.3-build20241008,0,0,0
rancher/klipper-lb:v0.4.9,0,0,0
rancher/local-path-provisioner:v0.0.30,0,0,0
Expand Down
13 changes: 4 additions & 9 deletions docs/csv/report-rancher-v2.10-head-cves.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -220,10 +220,10 @@ rancher/flannel-cni:v1.4.1-rancher1,rancher/v2.10-head,stdlib,v1.21.7,gobinary,C
rancher/flannel-cni:v1.4.1-rancher1,rancher/v2.10-head,stdlib,v1.21.7,gobinary,CVE-2024-24790,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-24790,opt/cni/bin/vlan,"1.21.11, 1.22.4",false,affected,severity_changed_due_to_suse_cvss_score
rancher/flannel-cni:v1.4.1-rancher1,rancher/v2.10-head,stdlib,v1.21.7,gobinary,CVE-2023-45288,HIGH,https://avd.aquasec.com/nvd/cve-2023-45288,opt/cni/bin/vlan,"1.21.9, 1.22.2",false,affected,
rancher/flannel-cni:v1.4.1-rancher1,rancher/v2.10-head,stdlib,v1.21.7,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,opt/cni/bin/vlan,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
rancher/fleet:v0.11.3-beta.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21613,HIGH,https://avd.aquasec.com/nvd/cve-2025-21613,usr/bin/fleet,5.13.0,false,affected,severity_changed_due_to_suse_cvss_score
rancher/fleet:v0.11.3-beta.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21614,HIGH,https://avd.aquasec.com/nvd/cve-2025-21614,usr/bin/fleet,5.13.0,false,affected,
rancher/fleet:v0.11.3-beta.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21613,HIGH,https://avd.aquasec.com/nvd/cve-2025-21613,usr/bin/fleetcontroller,5.13.0,false,affected,severity_changed_due_to_suse_cvss_score
rancher/fleet:v0.11.3-beta.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21614,HIGH,https://avd.aquasec.com/nvd/cve-2025-21614,usr/bin/fleetcontroller,5.13.0,false,affected,
rancher/fleet:v0.11.3-rc.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21613,HIGH,https://avd.aquasec.com/nvd/cve-2025-21613,usr/bin/fleet,5.13.0,false,affected,severity_changed_due_to_suse_cvss_score
rancher/fleet:v0.11.3-rc.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21614,HIGH,https://avd.aquasec.com/nvd/cve-2025-21614,usr/bin/fleet,5.13.0,false,affected,
rancher/fleet:v0.11.3-rc.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21613,HIGH,https://avd.aquasec.com/nvd/cve-2025-21613,usr/bin/fleetcontroller,5.13.0,false,affected,severity_changed_due_to_suse_cvss_score
rancher/fleet:v0.11.3-rc.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21614,HIGH,https://avd.aquasec.com/nvd/cve-2025-21614,usr/bin/fleetcontroller,5.13.0,false,affected,
rancher/hardened-addon-resizer:1.8.20-build20240910,rancher/v2.10-head,golang.org/x/net,v0.17.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,pod_nanny,0.33.0,false,affected,
rancher/hardened-addon-resizer:1.8.20-build20241001,rancher/v2.10-head,golang.org/x/net,v0.17.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,pod_nanny,0.33.0,false,affected,
rancher/hardened-calico:v3.28.1-build20240911,rancher/v2.10-head,libglib-2_0-0,2.78.6-150600.4.3.1,sles,SUSE-SU-2024:4254-1,HIGH,,rancher/hardened-calico:v3.28.1-build20240911 (sles 15.6),2.78.6-150600.4.8.1,false,affected,
Expand Down Expand Up @@ -1952,7 +1952,6 @@ rancher/rancher:v2.10-head,rancher/v2.10-head,go.opentelemetry.io/contrib/instru
rancher/rancher:v2.10-head,rancher/v2.10-head,stdlib,v1.22.6,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,usr/bin/k3s,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
rancher/rancher:v2.10-head,rancher/v2.10-head,stdlib,v1.21.10,gobinary,CVE-2024-24790,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-24790,usr/bin/kustomize,"1.21.11, 1.22.4",false,affected,severity_changed_due_to_suse_cvss_score
rancher/rancher:v2.10-head,rancher/v2.10-head,stdlib,v1.21.10,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,usr/bin/kustomize,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
rancher/rancher:v2.10-head,rancher/v2.10-head,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,usr/bin/runc,0.33.0,false,affected,
rancher/rancher:v2.10-head,rancher/v2.10-head,stdlib,v1.22.6,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,usr/bin/runc,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
rancher/rancher:v2.10-head,rancher/v2.10-head,stdlib,v1.21.3,gobinary,CVE-2024-24790,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-24790,usr/bin/telemetry,"1.21.11, 1.22.4",false,affected,severity_changed_due_to_suse_cvss_score
rancher/rancher:v2.10-head,rancher/v2.10-head,stdlib,v1.21.3,gobinary,CVE-2023-45283,MEDIUM,https://avd.aquasec.com/nvd/cve-2023-45283,usr/bin/telemetry,"1.20.11, 1.21.4, 1.20.12, 1.21.5",false,affected,severity_changed_due_to_suse_cvss_score
Expand Down Expand Up @@ -1983,11 +1982,7 @@ rancher/rke2-cloud-provider:v1.30.6-0.20241016053533-5ec454f50e7a-build20241016,
rancher/rke2-cloud-provider:v1.31.0-build20240910,rancher/v2.10-head,golang.org/x/crypto,v0.26.0,gobinary,CVE-2024-45337,HIGH,https://avd.aquasec.com/nvd/cve-2024-45337,usr/local/bin/rke2-cloud-provider,0.31.0,false,affected,severity_changed_due_to_suse_cvss_score
rancher/rke2-cloud-provider:v1.31.0-build20240910,rancher/v2.10-head,golang.org/x/net,v0.28.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,usr/local/bin/rke2-cloud-provider,0.33.0,false,affected,
rancher/rke2-cloud-provider:v1.31.2-0.20241016053446-0955fa330f90-build20241016,rancher/v2.10-head,golang.org/x/net,v0.28.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,usr/local/bin/rke2-cloud-provider,0.33.0,false,affected,
rancher/rke2-runtime:v1.28.15-rke2r1,rancher/v2.10-head,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/rke2-runtime:v1.29.12-rke2r1,rancher/v2.10-head,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/rke2-runtime:v1.30.8-rke2r1,rancher/v2.10-head,k8s.io/kubernetes,v1.30.0,gobinary,CVE-2024-5321,HIGH,https://avd.aquasec.com/nvd/cve-2024-5321,bin/crictl,"1.27.16, 1.28.12, 1.29.7, 1.30.3",false,affected,
rancher/rke2-runtime:v1.30.8-rke2r1,rancher/v2.10-head,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/rke2-runtime:v1.31.4-rke2r1,rancher/v2.10-head,golang.org/x/net,v0.24.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,bin/runc,0.33.0,false,affected,
rancher/security-scan:v0.5.2,rancher/v2.10-head,golang.org/x/crypto,v0.24.0,gobinary,CVE-2024-45337,HIGH,https://avd.aquasec.com/nvd/cve-2024-45337,usr/bin/kube-bench,0.31.0,false,affected,severity_changed_due_to_suse_cvss_score
rancher/security-scan:v0.5.2,rancher/v2.10-head,golang.org/x/net,v0.26.0,gobinary,CVE-2024-45338,HIGH,https://avd.aquasec.com/nvd/cve-2024-45338,usr/bin/kube-bench,0.33.0,false,affected,
rancher/shell:v0.2.1,rancher/v2.10-head,curl,8.6.0-150600.2.2,sles,SUSE-SU-2024:2784-1,HIGH,,rancher/shell:v0.2.1 (sles 15.6),8.6.0-150600.4.3.1,false,affected,
Expand Down
Loading

0 comments on commit 9039aa0

Please sign in to comment.