chore: Auto-update chart README [skip ci]
This commit is contained in:
parent
137a64ec75
commit
b7a4456167
|
@ -11,4 +11,3 @@
|
|||
#### Feat
|
||||
|
||||
* add wger ([#2975](https://github.com/truecharts/apps/issues/2975))
|
||||
|
||||
|
|
|
@ -12,9 +12,9 @@ hide:
|
|||
##### Scan Results
|
||||
|
||||
#### Chart Object: wger/charts/postgresql/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'RELEASE-NAME-postgresql' of StatefulSet 'RELEASE-NAME-postgresql' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv001">https://avd.aquasec.com/misconfig/ksv001</a><br></details> |
|
||||
|
@ -35,7 +35,7 @@ hide:
|
|||
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | <details><summary>Expand...</summary> Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. <br> <hr> <br> container should drop all </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv106">https://avd.aquasec.com/misconfig/ksv106</a><br></details> |
|
||||
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | <details><summary>Expand...</summary> Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. <br> <hr> <br> container should drop all </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv106">https://avd.aquasec.com/misconfig/ksv106</a><br></details> |
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'RELEASE-NAME-redis' of StatefulSet 'RELEASE-NAME-redis' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv001">https://avd.aquasec.com/misconfig/ksv001</a><br></details> |
|
||||
|
@ -56,7 +56,7 @@ hide:
|
|||
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | <details><summary>Expand...</summary> Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. <br> <hr> <br> container should drop all </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv106">https://avd.aquasec.com/misconfig/ksv106</a><br></details> |
|
||||
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | <details><summary>Expand...</summary> Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. <br> <hr> <br> container should drop all </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv106">https://avd.aquasec.com/misconfig/ksv106</a><br></details> |
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'RELEASE-NAME-wger' of Deployment 'RELEASE-NAME-wger' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv001">https://avd.aquasec.com/misconfig/ksv001</a><br></details> |
|
||||
|
@ -121,23 +121,23 @@ hide:
|
|||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/postgresql:v14.4.0@sha256:569f358a5e8fa89564c68625fedc5d9b60580bac3a2e49169faeba23429e55ea (debian 11.3)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 2.2.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
|
@ -271,15 +271,15 @@ hide:
|
|||
|
||||
**jar**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| github.com/opencontainers/runc | CVE-2022-29162 | HIGH | v1.0.1 | v1.1.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29162">https://access.redhat.com/security/cve/CVE-2022-29162</a><br><a href="https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5">https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5</a><br><a href="https://github.com/opencontainers/runc/releases/tag/v1.1.2">https://github.com/opencontainers/runc/releases/tag/v1.1.2</a><br><a href="https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66">https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29162">https://nvd.nist.gov/vuln/detail/CVE-2022-29162</a><br></details> |
|
||||
|
@ -288,11 +288,11 @@ hide:
|
|||
|
||||
|
||||
#### Container: tccr.io/truecharts/redis:v7.0.2@sha256:f8d1ed698dc62989cb821727b0d56ff268825714002f4b9715026d1916dfbc69 (debian 11.3)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 2.2.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
|
@ -407,7 +407,7 @@ hide:
|
|||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| github.com/opencontainers/runc | CVE-2022-29162 | HIGH | v1.0.1 | v1.1.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29162">https://access.redhat.com/security/cve/CVE-2022-29162</a><br><a href="https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5">https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5</a><br><a href="https://github.com/opencontainers/runc/releases/tag/v1.1.2">https://github.com/opencontainers/runc/releases/tag/v1.1.2</a><br><a href="https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66">https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29162">https://nvd.nist.gov/vuln/detail/CVE-2022-29162</a><br></details> |
|
||||
|
@ -416,19 +416,19 @@ hide:
|
|||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Container: wger/server:latest@sha256:504626e67e709b00a23fb2daf8edd420f30b9e2d1c2c72efb2c3e3907fc636a1 (ubuntu 22.04)
|
||||
|
||||
|
||||
|
||||
**ubuntu**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| coreutils | CVE-2016-2781 | LOW | 8.32-4.1ubuntu1 | | <details><summary>Expand...</summary><a href="http://seclists.org/oss-sec/2016/q1/452">http://seclists.org/oss-sec/2016/q1/452</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/28/2">http://www.openwall.com/lists/oss-security/2016/02/28/2</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/28/3">http://www.openwall.com/lists/oss-security/2016/02/28/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-2781">https://access.redhat.com/security/cve/CVE-2016-2781</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://lore.kernel.org/patchwork/patch/793178/">https://lore.kernel.org/patchwork/patch/793178/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-2781">https://nvd.nist.gov/vuln/detail/CVE-2016-2781</a><br></details> |
|
||||
|
@ -480,19 +480,19 @@ hide:
|
|||
|
||||
**node-pkg**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**python-pkg**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
@ -500,23 +500,23 @@ hide:
|
|||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/postgresql:v14.4.0@sha256:9f88fe352b51208f9a8fa01a95c07a74751e72629d009230cfe18a427e30550c (debian 11.3)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 2.2.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
|
@ -650,15 +650,15 @@ hide:
|
|||
|
||||
**jar**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| github.com/opencontainers/runc | CVE-2022-29162 | HIGH | v1.0.1 | v1.1.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29162">https://access.redhat.com/security/cve/CVE-2022-29162</a><br><a href="https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5">https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5</a><br><a href="https://github.com/opencontainers/runc/releases/tag/v1.1.2">https://github.com/opencontainers/runc/releases/tag/v1.1.2</a><br><a href="https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66">https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29162">https://nvd.nist.gov/vuln/detail/CVE-2022-29162</a><br></details> |
|
||||
|
@ -667,23 +667,23 @@ hide:
|
|||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/redis:v7.0.2@sha256:dcd5d5a227bfefc9306a7de6b520e0c7d4123ab1a22bd3b6b102f6dad7fbe7d5 (debian 11.3)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 2.2.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
|
@ -798,7 +798,7 @@ hide:
|
|||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| github.com/opencontainers/runc | CVE-2022-29162 | HIGH | v1.0.1 | v1.1.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29162">https://access.redhat.com/security/cve/CVE-2022-29162</a><br><a href="https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5">https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5</a><br><a href="https://github.com/opencontainers/runc/releases/tag/v1.1.2">https://github.com/opencontainers/runc/releases/tag/v1.1.2</a><br><a href="https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66">https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29162">https://nvd.nist.gov/vuln/detail/CVE-2022-29162</a><br></details> |
|
||||
|
@ -807,9 +807,6 @@ hide:
|
|||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -1,6 +1,11 @@
|
|||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="nextcloud-14.0.10"></a>
|
||||
### [nextcloud-14.0.10](https://github.com/truecharts/apps/compare/nextcloud-14.0.9...nextcloud-14.0.10) (2022-06-25)
|
||||
|
||||
|
||||
|
||||
<a name="nextcloud-14.0.9"></a>
|
||||
### [nextcloud-14.0.9](https://github.com/truecharts/apps/compare/nextcloud-14.0.8...nextcloud-14.0.9) (2022-06-25)
|
||||
|
||||
|
|
|
@ -106,8 +106,8 @@ hide:
|
|||
tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730
|
||||
tccr.io/truecharts/postgresql:v14.4.0@sha256:569f358a5e8fa89564c68625fedc5d9b60580bac3a2e49169faeba23429e55ea
|
||||
tccr.io/truecharts/redis:v7.0.2@sha256:f8d1ed698dc62989cb821727b0d56ff268825714002f4b9715026d1916dfbc69
|
||||
tccr.io/truecharts/nextcloud:v24.0.2@sha256:2e2edcb5ee14ecd3322138dad60ddf8d596fa3037843bfb428a27628fcdba534
|
||||
tccr.io/truecharts/nextcloud:v24.0.2@sha256:2e2edcb5ee14ecd3322138dad60ddf8d596fa3037843bfb428a27628fcdba534
|
||||
tccr.io/truecharts/nextcloud:v24.0.2@sha256:910679f20019efe8b2e80daf225e2c9ebd0577315d75e67eebf3b056654b4ab7
|
||||
tccr.io/truecharts/nextcloud:v24.0.2@sha256:910679f20019efe8b2e80daf225e2c9ebd0577315d75e67eebf3b056654b4ab7
|
||||
tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730
|
||||
tccr.io/truecharts/postgresql:v14.4.0@sha256:9f88fe352b51208f9a8fa01a95c07a74751e72629d009230cfe18a427e30550c
|
||||
tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730
|
||||
|
@ -419,7 +419,7 @@ hide:
|
|||
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/nextcloud:v24.0.2@sha256:2e2edcb5ee14ecd3322138dad60ddf8d596fa3037843bfb428a27628fcdba534 (debian 11.3)
|
||||
#### Container: tccr.io/truecharts/nextcloud:v24.0.2@sha256:910679f20019efe8b2e80daf225e2c9ebd0577315d75e67eebf3b056654b4ab7 (debian 11.3)
|
||||
|
||||
|
||||
**debian**
|
||||
|
@ -1392,7 +1392,7 @@ hide:
|
|||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| guzzlehttp/guzzle | CVE-2022-29248 | HIGH | 7.4.0 | 6.5.6, 7.4.3 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-cwmx-hcrq-mhc3">https://github.com/advisories/GHSA-cwmx-hcrq-mhc3</a><br><a href="https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab">https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab</a><br><a href="https://github.com/guzzle/guzzle/pull/3018">https://github.com/guzzle/guzzle/pull/3018</a><br><a href="https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3">https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29248">https://nvd.nist.gov/vuln/detail/CVE-2022-29248</a><br><a href="https://www.drupal.org/sa-core-2022-010">https://www.drupal.org/sa-core-2022-010</a><br></details> |
|
||||
| guzzlehttp/guzzle | CVE-2022-29248 | HIGH | 7.4.0 | 7.4.3, 6.5.6 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-cwmx-hcrq-mhc3">https://github.com/advisories/GHSA-cwmx-hcrq-mhc3</a><br><a href="https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab">https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab</a><br><a href="https://github.com/guzzle/guzzle/pull/3018">https://github.com/guzzle/guzzle/pull/3018</a><br><a href="https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3">https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29248">https://nvd.nist.gov/vuln/detail/CVE-2022-29248</a><br><a href="https://www.drupal.org/sa-core-2022-010">https://www.drupal.org/sa-core-2022-010</a><br></details> |
|
||||
| guzzlehttp/guzzle | CVE-2022-31042 | HIGH | 7.4.0 | 7.4.4, 6.5.7 | <details><summary>Expand...</summary><a href="https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31042.yaml">https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31042.yaml</a><br><a href="https://github.com/advisories/GHSA-f2wf-25xc-69c9">https://github.com/advisories/GHSA-f2wf-25xc-69c9</a><br><a href="https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8">https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8</a><br><a href="https://github.com/guzzle/guzzle/security/advisories/GHSA-f2wf-25xc-69c9">https://github.com/guzzle/guzzle/security/advisories/GHSA-f2wf-25xc-69c9</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-31042">https://nvd.nist.gov/vuln/detail/CVE-2022-31042</a><br><a href="https://www.drupal.org/sa-core-2022-011">https://www.drupal.org/sa-core-2022-011</a><br><a href="https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx">https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx</a><br></details> |
|
||||
| guzzlehttp/guzzle | CVE-2022-31043 | HIGH | 7.4.0 | 7.4.4, 6.5.7 | <details><summary>Expand...</summary><a href="https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31043.yaml">https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31043.yaml</a><br><a href="https://github.com/advisories/GHSA-w248-ffj2-4v5q">https://github.com/advisories/GHSA-w248-ffj2-4v5q</a><br><a href="https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8">https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8</a><br><a href="https://github.com/guzzle/guzzle/security/advisories/GHSA-w248-ffj2-4v5q">https://github.com/guzzle/guzzle/security/advisories/GHSA-w248-ffj2-4v5q</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-31043">https://nvd.nist.gov/vuln/detail/CVE-2022-31043</a><br><a href="https://www.drupal.org/sa-core-2022-011">https://www.drupal.org/sa-core-2022-011</a><br><a href="https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx">https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx</a><br></details> |
|
||||
| guzzlehttp/guzzle | CVE-2022-31090 | HIGH | 7.4.0 | 7.4.5, 6.5.8 | <details><summary>Expand...</summary><a href="https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31090.yaml">https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31090.yaml</a><br><a href="https://github.com/advisories/GHSA-25mq-v84q-4j7r">https://github.com/advisories/GHSA-25mq-v84q-4j7r</a><br><a href="https://github.com/guzzle/guzzle/blob/6.5.8/CHANGELOG.md">https://github.com/guzzle/guzzle/blob/6.5.8/CHANGELOG.md</a><br><a href="https://github.com/guzzle/guzzle/blob/7.4.5/CHANGELOG.md">https://github.com/guzzle/guzzle/blob/7.4.5/CHANGELOG.md</a><br><a href="https://github.com/guzzle/guzzle/security/advisories/GHSA-25mq-v84q-4j7r">https://github.com/guzzle/guzzle/security/advisories/GHSA-25mq-v84q-4j7r</a><br></details> |
|
||||
|
@ -1423,7 +1423,7 @@ hide:
|
|||
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/nextcloud:v24.0.2@sha256:2e2edcb5ee14ecd3322138dad60ddf8d596fa3037843bfb428a27628fcdba534 (debian 11.3)
|
||||
#### Container: tccr.io/truecharts/nextcloud:v24.0.2@sha256:910679f20019efe8b2e80daf225e2c9ebd0577315d75e67eebf3b056654b4ab7 (debian 11.3)
|
||||
|
||||
|
||||
**debian**
|
||||
|
@ -2396,7 +2396,7 @@ hide:
|
|||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| guzzlehttp/guzzle | CVE-2022-29248 | HIGH | 7.4.0 | 6.5.6, 7.4.3 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-cwmx-hcrq-mhc3">https://github.com/advisories/GHSA-cwmx-hcrq-mhc3</a><br><a href="https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab">https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab</a><br><a href="https://github.com/guzzle/guzzle/pull/3018">https://github.com/guzzle/guzzle/pull/3018</a><br><a href="https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3">https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29248">https://nvd.nist.gov/vuln/detail/CVE-2022-29248</a><br><a href="https://www.drupal.org/sa-core-2022-010">https://www.drupal.org/sa-core-2022-010</a><br></details> |
|
||||
| guzzlehttp/guzzle | CVE-2022-29248 | HIGH | 7.4.0 | 7.4.3, 6.5.6 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-cwmx-hcrq-mhc3">https://github.com/advisories/GHSA-cwmx-hcrq-mhc3</a><br><a href="https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab">https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab</a><br><a href="https://github.com/guzzle/guzzle/pull/3018">https://github.com/guzzle/guzzle/pull/3018</a><br><a href="https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3">https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29248">https://nvd.nist.gov/vuln/detail/CVE-2022-29248</a><br><a href="https://www.drupal.org/sa-core-2022-010">https://www.drupal.org/sa-core-2022-010</a><br></details> |
|
||||
| guzzlehttp/guzzle | CVE-2022-31042 | HIGH | 7.4.0 | 7.4.4, 6.5.7 | <details><summary>Expand...</summary><a href="https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31042.yaml">https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31042.yaml</a><br><a href="https://github.com/advisories/GHSA-f2wf-25xc-69c9">https://github.com/advisories/GHSA-f2wf-25xc-69c9</a><br><a href="https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8">https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8</a><br><a href="https://github.com/guzzle/guzzle/security/advisories/GHSA-f2wf-25xc-69c9">https://github.com/guzzle/guzzle/security/advisories/GHSA-f2wf-25xc-69c9</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-31042">https://nvd.nist.gov/vuln/detail/CVE-2022-31042</a><br><a href="https://www.drupal.org/sa-core-2022-011">https://www.drupal.org/sa-core-2022-011</a><br><a href="https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx">https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx</a><br></details> |
|
||||
| guzzlehttp/guzzle | CVE-2022-31043 | HIGH | 7.4.0 | 7.4.4, 6.5.7 | <details><summary>Expand...</summary><a href="https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31043.yaml">https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31043.yaml</a><br><a href="https://github.com/advisories/GHSA-w248-ffj2-4v5q">https://github.com/advisories/GHSA-w248-ffj2-4v5q</a><br><a href="https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8">https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8</a><br><a href="https://github.com/guzzle/guzzle/security/advisories/GHSA-w248-ffj2-4v5q">https://github.com/guzzle/guzzle/security/advisories/GHSA-w248-ffj2-4v5q</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-31043">https://nvd.nist.gov/vuln/detail/CVE-2022-31043</a><br><a href="https://www.drupal.org/sa-core-2022-011">https://www.drupal.org/sa-core-2022-011</a><br><a href="https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx">https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx</a><br></details> |
|
||||
| guzzlehttp/guzzle | CVE-2022-31090 | HIGH | 7.4.0 | 7.4.5, 6.5.8 | <details><summary>Expand...</summary><a href="https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31090.yaml">https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31090.yaml</a><br><a href="https://github.com/advisories/GHSA-25mq-v84q-4j7r">https://github.com/advisories/GHSA-25mq-v84q-4j7r</a><br><a href="https://github.com/guzzle/guzzle/blob/6.5.8/CHANGELOG.md">https://github.com/guzzle/guzzle/blob/6.5.8/CHANGELOG.md</a><br><a href="https://github.com/guzzle/guzzle/blob/7.4.5/CHANGELOG.md">https://github.com/guzzle/guzzle/blob/7.4.5/CHANGELOG.md</a><br><a href="https://github.com/guzzle/guzzle/security/advisories/GHSA-25mq-v84q-4j7r">https://github.com/guzzle/guzzle/security/advisories/GHSA-25mq-v84q-4j7r</a><br></details> |
|
||||
|
|
Loading…
Reference in New Issue