Security Overview

Helm-Chart

Scan Results

Chart Object: overseerr/templates/common.yaml

Type	Misconfiguration ID	Check	Severity	Explaination	Links
Kubernetes Security Check	KSV003	Default capabilities not dropped	LOW	Expand... The container should drop all default capabilities and add only those that are needed for its execution. Container 'RELEASE-NAME-overseerr' of Deployment 'RELEASE-NAME-overseerr' should add 'ALL' to 'securityContext.capabilities.drop'	Expand... https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/ https://avd.aquasec.com/appshield/ksv003
Kubernetes Security Check	KSV012	Runs as root user	MEDIUM	Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. Container 'autopermissions' of Deployment 'RELEASE-NAME-overseerr' should set 'securityContext.runAsNonRoot' to true	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check	KSV014	Root file system is not read-only	LOW	Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. Container 'RELEASE-NAME-overseerr' of Deployment 'RELEASE-NAME-overseerr' should set 'securityContext.readOnlyRootFilesystem' to true	Expand... https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/ https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check	KSV014	Root file system is not read-only	LOW	Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. Container 'autopermissions' of Deployment 'RELEASE-NAME-overseerr' should set 'securityContext.readOnlyRootFilesystem' to true	Expand... https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/ https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check	KSV020	Runs with low user ID	MEDIUM	Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. Container 'RELEASE-NAME-overseerr' of Deployment 'RELEASE-NAME-overseerr' should set 'securityContext.runAsUser' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check	KSV020	Runs with low user ID	MEDIUM	Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. Container 'autopermissions' of Deployment 'RELEASE-NAME-overseerr' should set 'securityContext.runAsUser' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check	KSV021	Runs with low group ID	MEDIUM	Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. Container 'RELEASE-NAME-overseerr' of Deployment 'RELEASE-NAME-overseerr' should set 'securityContext.runAsGroup' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check	KSV021	Runs with low group ID	MEDIUM	Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. Container 'autopermissions' of Deployment 'RELEASE-NAME-overseerr' should set 'securityContext.runAsGroup' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check	KSV029	A root primary or supplementary GID set	LOW	Expand... Containers should be forbidden from running with a root primary or supplementary GID. Deployment 'RELEASE-NAME-overseerr' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted https://avd.aquasec.com/appshield/ksv029

Containers

Detected Containers

      tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
      tccr.io/truecharts/overseerr:v1.28.0@sha256:50cd1bf4ba1fcc5a0fd040ff6a529557470e5c2d1dc5e6d40f144b40ca1607a0

Scan Results

Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)

alpine

Package	Vulnerability	Severity	Installed Version	Fixed Version	Links
busybox	CVE-2021-42378	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42379	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42380	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42381	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42382	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42383	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/
busybox	CVE-2021-42384	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42385	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42386	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42374	MEDIUM	1.33.1-r3	1.33.1-r4	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42375	MEDIUM	1.33.1-r3	1.33.1-r5	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/
ssl_client	CVE-2021-42378	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42379	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42380	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42381	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42382	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42383	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/
ssl_client	CVE-2021-42384	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42385	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42386	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42374	MEDIUM	1.33.1-r3	1.33.1-r4	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42375	MEDIUM	1.33.1-r3	1.33.1-r5	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://security.netapp.com/advisory/ntap-20211223-0002/

Container: tccr.io/truecharts/overseerr:v1.28.0@sha256:50cd1bf4ba1fcc5a0fd040ff6a529557470e5c2d1dc5e6d40f144b40ca1607a0 (alpine 3.14.3)

alpine

No Vulnerabilities found

node-pkg

Package	Vulnerability	Severity	Installed Version	Fixed Version	Links
ansi-regex	CVE-2021-3807	HIGH	3.0.0	5.0.1, 6.0.1	Expand... https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908 https://github.com/advisories/GHSA-93q8-gq69-wqmw https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9 https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311 https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774 https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994 https://linux.oracle.com/cve/CVE-2021-3807.html https://linux.oracle.com/errata/ELSA-2021-5171.html https://nvd.nist.gov/vuln/detail/CVE-2021-3807
ansi-regex	CVE-2021-3807	HIGH	4.1.0	5.0.1, 6.0.1	Expand... https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908 https://github.com/advisories/GHSA-93q8-gq69-wqmw https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9 https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311 https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774 https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994 https://linux.oracle.com/cve/CVE-2021-3807.html https://linux.oracle.com/errata/ELSA-2021-5171.html https://nvd.nist.gov/vuln/detail/CVE-2021-3807
ansi-regex	CVE-2021-3807	HIGH	5.0.0	5.0.1, 6.0.1	Expand... https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908 https://github.com/advisories/GHSA-93q8-gq69-wqmw https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9 https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311 https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774 https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994 https://linux.oracle.com/cve/CVE-2021-3807.html https://linux.oracle.com/errata/ELSA-2021-5171.html https://nvd.nist.gov/vuln/detail/CVE-2021-3807
color-string	CVE-2021-29060	MEDIUM	1.5.3	1.5.5	Expand... https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3 https://github.com/Qix-/color-string/releases/tag/1.5.5 https://github.com/advisories/GHSA-257v-vj4p-3w2h https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md https://github.com/yetingli/SaveResults/blob/main/js/color-string.js https://nvd.nist.gov/vuln/detail/CVE-2021-29060 https://snyk.io/vuln/SNYK-JS-COLORSTRING-1082939 https://www.npmjs.com/package/color-string
elliptic	CVE-2020-28498	MEDIUM	6.5.3	6.5.4	Expand... https://github.com/advisories/GHSA-r9p9-mrjm-926w https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f https://github.com/indutny/elliptic/pull/244/commits https://nvd.nist.gov/vuln/detail/CVE-2020-28498 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1069836 https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899 https://www.npmjs.com/package/elliptic
glob-parent	CVE-2020-28469	HIGH	5.1.1	5.1.2	Expand... https://github.com/advisories/GHSA-ww39-953v-wcq6 https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9 https://github.com/gulpjs/glob-parent/pull/36 https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2 https://linux.oracle.com/cve/CVE-2020-28469.html https://linux.oracle.com/errata/ELSA-2021-5171.html https://nvd.nist.gov/vuln/detail/CVE-2020-28469 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092 https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
json-schema	CVE-2021-3918	CRITICAL	0.2.3	0.4.0	Expand... https://github.com/advisories/GHSA-896r-f27r-55mw https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741 https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9 https://linux.oracle.com/cve/CVE-2021-3918.html https://linux.oracle.com/errata/ELSA-2021-5171.html https://nvd.nist.gov/vuln/detail/CVE-2021-3918
next	CVE-2021-43803	HIGH	11.1.2	11.1.3, 12.0.5	Expand... https://github.com/advisories/GHSA-25mp-g6fv-mqxx https://github.com/vercel/next.js/commit/6d98b4fb4315dec1badecf0e9bdc212a4272b264 https://github.com/vercel/next.js/pull/32080 https://github.com/vercel/next.js/releases/tag/v11.1.3 https://github.com/vercel/next.js/releases/v12.0.5 https://github.com/vercel/next.js/security/advisories/GHSA-25mp-g6fv-mqxx https://nvd.nist.gov/vuln/detail/CVE-2021-43803
nth-check	CVE-2021-3803	HIGH	1.0.2	2.0.1	Expand... https://github.com/advisories/GHSA-rp65-9cf3-cjxr https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726 https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0 https://nvd.nist.gov/vuln/detail/CVE-2021-3803
path-parse	CVE-2021-23343	HIGH	1.0.6	1.0.7	Expand... https://github.com/advisories/GHSA-hj48-42vr-x3v9 https://github.com/jbgutierrez/path-parse/commit/eca63a7b9a473bf6978a2f5b7b3343662d1506f7 https://github.com/jbgutierrez/path-parse/issues/8 https://github.com/jbgutierrez/path-parse/pull/10 https://linux.oracle.com/cve/CVE-2021-23343.html https://linux.oracle.com/errata/ELSA-2021-3666.html https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85@%3Cdev.myfaces.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2021-23343 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028 https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067
swagger-ui-dist	GHSA-qrmm-w75w-3wpx	MEDIUM	3.32.5	4.1.3	Expand... https://github.com/advisories/GHSA-qrmm-w75w-3wpx https://github.com/swagger-api/swagger-ui/commit/01a3e55960f864a0acf6a8d06e5ddaf6776a7f76 https://github.com/swagger-api/swagger-ui/issues/4872 https://github.com/swagger-api/swagger-ui/security/advisories/GHSA-qrmm-w75w-3wpx
tar	CVE-2021-32803	HIGH	4.4.13	6.1.2, 5.0.7, 4.4.15, 3.2.3	Expand... https://github.com/advisories/GHSA-r628-mhmh-qjhw https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20 https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw https://linux.oracle.com/cve/CVE-2021-32803.html https://linux.oracle.com/errata/ELSA-2021-3666.html https://nvd.nist.gov/vuln/detail/CVE-2021-32803 https://www.npmjs.com/advisories/1771 https://www.npmjs.com/package/tar https://www.oracle.com/security-alerts/cpuoct2021.html
tar	CVE-2021-32804	HIGH	4.4.13	6.1.1, 5.0.6, 4.4.14, 3.2.2	Expand... https://github.com/advisories/GHSA-3jfq-g458-7qm9 https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4 https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9 https://linux.oracle.com/cve/CVE-2021-32804.html https://linux.oracle.com/errata/ELSA-2021-3666.html https://nvd.nist.gov/vuln/detail/CVE-2021-32804 https://www.npmjs.com/advisories/1770 https://www.npmjs.com/package/tar https://www.oracle.com/security-alerts/cpuoct2021.html
tar	CVE-2021-37701	HIGH	4.4.13	6.1.7, 5.0.8, 4.4.16	Expand... https://github.com/advisories/GHSA-9r2w-394v-53qc https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc https://nvd.nist.gov/vuln/detail/CVE-2021-37701 https://www.debian.org/security/2021/dsa-5008 https://www.npmjs.com/advisories/1779 https://www.npmjs.com/package/tar https://www.oracle.com/security-alerts/cpuoct2021.html
tar	CVE-2021-37712	HIGH	4.4.13	6.1.9, 5.0.10, 4.4.18	Expand... https://github.com/advisories/GHSA-qq89-hq3f-393p https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p https://nvd.nist.gov/vuln/detail/CVE-2021-37712 https://www.debian.org/security/2021/dsa-5008 https://www.npmjs.com/advisories/1780 https://www.npmjs.com/package/tar https://www.oracle.com/security-alerts/cpuoct2021.html
tar	CVE-2021-37713	HIGH	4.4.13	6.1.9, 5.0.10, 4.4.18	Expand... https://github.com/advisories/GHSA-5955-9wpr-37jh https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh https://nvd.nist.gov/vuln/detail/CVE-2021-37713 https://www.npmjs.com/package/tar https://www.oracle.com/security-alerts/cpuoct2021.html
tar	CVE-2021-32803	HIGH	6.1.0	6.1.2, 5.0.7, 4.4.15, 3.2.3	Expand... https://github.com/advisories/GHSA-r628-mhmh-qjhw https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20 https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw https://linux.oracle.com/cve/CVE-2021-32803.html https://linux.oracle.com/errata/ELSA-2021-3666.html https://nvd.nist.gov/vuln/detail/CVE-2021-32803 https://www.npmjs.com/advisories/1771 https://www.npmjs.com/package/tar https://www.oracle.com/security-alerts/cpuoct2021.html
tar	CVE-2021-32804	HIGH	6.1.0	6.1.1, 5.0.6, 4.4.14, 3.2.2	Expand... https://github.com/advisories/GHSA-3jfq-g458-7qm9 https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4 https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9 https://linux.oracle.com/cve/CVE-2021-32804.html https://linux.oracle.com/errata/ELSA-2021-3666.html https://nvd.nist.gov/vuln/detail/CVE-2021-32804 https://www.npmjs.com/advisories/1770 https://www.npmjs.com/package/tar https://www.oracle.com/security-alerts/cpuoct2021.html
tar	CVE-2021-37701	HIGH	6.1.0	6.1.7, 5.0.8, 4.4.16	Expand... https://github.com/advisories/GHSA-9r2w-394v-53qc https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc https://nvd.nist.gov/vuln/detail/CVE-2021-37701 https://www.debian.org/security/2021/dsa-5008 https://www.npmjs.com/advisories/1779 https://www.npmjs.com/package/tar https://www.oracle.com/security-alerts/cpuoct2021.html
tar	CVE-2021-37712	HIGH	6.1.0	6.1.9, 5.0.10, 4.4.18	Expand... https://github.com/advisories/GHSA-qq89-hq3f-393p https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p https://nvd.nist.gov/vuln/detail/CVE-2021-37712 https://www.debian.org/security/2021/dsa-5008 https://www.npmjs.com/advisories/1780 https://www.npmjs.com/package/tar https://www.oracle.com/security-alerts/cpuoct2021.html
tar	CVE-2021-37713	HIGH	6.1.0	6.1.9, 5.0.10, 4.4.18	Expand... https://github.com/advisories/GHSA-5955-9wpr-37jh https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh https://nvd.nist.gov/vuln/detail/CVE-2021-37713 https://www.npmjs.com/package/tar https://www.oracle.com/security-alerts/cpuoct2021.html

58 KiB Raw Blame History Unescape Escape

Security Overview

Helm-Chart

Scan Results

Chart Object: overseerr/templates/common.yaml

Containers

Detected Containers

Scan Results

Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)

Container: tccr.io/truecharts/overseerr:v1.28.0@sha256:50cd1bf4ba1fcc5a0fd040ff6a529557470e5c2d1dc5e6d40f144b40ca1607a0 (alpine 3.14.3)

58 KiB

Raw Blame History