|
|
|
@ -12,9 +12,9 @@ hide:
|
|
|
|
|
##### Scan Results
|
|
|
|
|
|
|
|
|
|
#### Chart Object: wg-easy/templates/common.yaml
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
|
|
|
|
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
|
|
|
|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'RELEASE-NAME-wg-easy' of Deployment 'RELEASE-NAME-wg-easy' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv001">https://avd.aquasec.com/misconfig/ksv001</a><br></details> |
|
|
|
|
@ -49,23 +49,23 @@ hide:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#### Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
**alpine**
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| No Vulnerabilities found |
|
|
|
|
|
|:---------------------------------|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#### Container: weejewel/wg-easy:latest@sha256:fb997c869e6117e05102c38e8ea52788f7fc29f11c7e7b81cf9ed7d4504c9ac0 (alpine 3.11.12)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
**alpine**
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
|
|
|
|
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
|
|
|
|
| busybox | CVE-2021-42378 | HIGH | 1.31.1-r10 | 1.31.1-r11 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42378">https://access.redhat.com/security/cve/CVE-2021-42378</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42378">https://nvd.nist.gov/vuln/detail/CVE-2021-42378</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
|
|
|
@ -91,7 +91,7 @@ hide:
|
|
|
|
|
|
|
|
|
|
**node-pkg**
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
|
|
|
|
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
|
|
|
|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3807">https://access.redhat.com/security/cve/CVE-2021-3807</a><br><a href="https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908">https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908</a><br><a href="https://github.com/advisories/GHSA-93q8-gq69-wqmw">https://github.com/advisories/GHSA-93q8-gq69-wqmw</a><br><a href="https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9">https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9</a><br><a href="https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311">https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311</a><br><a href="https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774">https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774</a><br><a href="https://github.com/chalk/ansi-regex/releases/tag/v6.0.1">https://github.com/chalk/ansi-regex/releases/tag/v6.0.1</a><br><a href="https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994">https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994</a><br><a href="https://linux.oracle.com/cve/CVE-2021-3807.html">https://linux.oracle.com/cve/CVE-2021-3807.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0350.html">https://linux.oracle.com/errata/ELSA-2022-0350.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3807">https://nvd.nist.gov/vuln/detail/CVE-2021-3807</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
|
|
|
@ -100,4 +100,3 @@ hide:
|
|
|
|
|
| got | CVE-2022-33987 | MEDIUM | 9.6.0 | 11.8.5, 12.1.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-pfrx-2q88-qq97">https://github.com/advisories/GHSA-pfrx-2q88-qq97</a><br><a href="https://github.com/sindresorhus/got/commit/861ccd9ac2237df762a9e2beed7edd88c60782dc">https://github.com/sindresorhus/got/commit/861ccd9ac2237df762a9e2beed7edd88c60782dc</a><br><a href="https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0">https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0</a><br><a href="https://github.com/sindresorhus/got/pull/2047">https://github.com/sindresorhus/got/pull/2047</a><br><a href="https://github.com/sindresorhus/got/releases/tag/v11.8.5">https://github.com/sindresorhus/got/releases/tag/v11.8.5</a><br><a href="https://github.com/sindresorhus/got/releases/tag/v12.1.0">https://github.com/sindresorhus/got/releases/tag/v12.1.0</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-33987">https://nvd.nist.gov/vuln/detail/CVE-2022-33987</a><br></details> |
|
|
|
|
|
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3918">https://access.redhat.com/security/cve/CVE-2021-3918</a><br><a href="https://github.com/advisories/GHSA-896r-f27r-55mw">https://github.com/advisories/GHSA-896r-f27r-55mw</a><br><a href="https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741">https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741</a><br><a href="https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a">https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a</a><br><a href="https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa">https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa</a><br><a href="https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9">https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9</a><br><a href="https://linux.oracle.com/cve/CVE-2021-3918.html">https://linux.oracle.com/cve/CVE-2021-3918.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0350.html">https://linux.oracle.com/errata/ELSA-2022-0350.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3918">https://nvd.nist.gov/vuln/detail/CVE-2021-3918</a><br></details> |
|
|
|
|
|
| minimist | CVE-2021-44906 | CRITICAL | 1.2.5 | 1.2.6 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44906">https://access.redhat.com/security/cve/CVE-2021-44906</a><br><a href="https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip">https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip</a><br><a href="https://github.com/advisories/GHSA-xvch-5gv4-984h">https://github.com/advisories/GHSA-xvch-5gv4-984h</a><br><a href="https://github.com/substack/minimist/blob/master/index.js#L69">https://github.com/substack/minimist/blob/master/index.js#L69</a><br><a href="https://github.com/substack/minimist/issues/164">https://github.com/substack/minimist/issues/164</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-44906">https://nvd.nist.gov/vuln/detail/CVE-2021-44906</a><br><a href="https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764">https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764</a><br><a href="https://snyk.io/vuln/SNYK-JS-MINIMIST-559764">https://snyk.io/vuln/SNYK-JS-MINIMIST-559764</a><br><a href="https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068">https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068</a><br></details> |
|
|
|
|
|
|
|
|
|
|