Cloned2Preserve
/
TrueChartsClone
mirror of https://github.com/truecharts/charts.git
1
0
Fork 0
Code
TrueChartsClone/charts/stable/darktable/security.md

58 KiB
Raw Blame History

hide
toc

Security Overview

Helm-Chart

Scan Results

Chart Object: darktable/templates/common.yaml

Type Misconfiguration ID Check Severity Explaination Links
Kubernetes Security Check KSV001 Process can elevate its own privileges MEDIUM
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'hostpatch' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.allowPrivilegeEscalation' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
Kubernetes Security Check KSV003 Default capabilities not dropped LOW
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'RELEASE-NAME-darktable' of Deployment 'RELEASE-NAME-darktable' should add 'ALL' to 'securityContext.capabilities.drop'
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
Kubernetes Security Check KSV003 Default capabilities not dropped LOW
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'hostpatch' of Deployment 'RELEASE-NAME-darktable' should add 'ALL' to 'securityContext.capabilities.drop'
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
Kubernetes Security Check KSV011 CPU not limited LOW
Expand... Enforcing CPU limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-darktable' should set 'resources.limits.cpu'
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'RELEASE-NAME-darktable' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'RELEASE-NAME-darktable' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'autopermissions' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'hostpatch' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check KSV015 CPU requests not specified LOW
Expand... When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-darktable' should set 'resources.requests.cpu'
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
Kubernetes Security Check KSV016 Memory requests not specified LOW
Expand... When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-darktable' should set 'resources.requests.memory'
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
Kubernetes Security Check KSV017 Privileged container HIGH
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.privileged' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017
Kubernetes Security Check KSV018 Memory not limited LOW
Expand... Enforcing memory limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-darktable' should set 'resources.limits.memory'
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
Kubernetes Security Check KSV020 Runs with low user ID MEDIUM
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.

Container 'RELEASE-NAME-darktable' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check KSV020 Runs with low user ID MEDIUM
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check KSV020 Runs with low user ID MEDIUM
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check KSV021 Runs with low group ID MEDIUM
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.

Container 'RELEASE-NAME-darktable' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check KSV021 Runs with low group ID MEDIUM
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check KSV021 Runs with low group ID MEDIUM
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-darktable' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check KSV023 hostPath volumes mounted MEDIUM
Expand... HostPath volumes must be forbidden.

Deployment 'RELEASE-NAME-darktable' should not set 'spec.template.volumes.hostPath'
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv023
Kubernetes Security Check KSV029 A root primary or supplementary GID set LOW
Expand... Containers should be forbidden from running with a root primary or supplementary GID.

Deployment 'RELEASE-NAME-darktable' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029

Containers

Detected Containers
      tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
      tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
      tccr.io/truecharts/darktable:v3.6.1
Scan Results

Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)

alpine

Package Vulnerability Severity Installed Version Fixed Version Links
busybox CVE-2022-28391 CRITICAL 1.34.1-r4 1.34.1-r5
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
curl CVE-2022-22576 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
curl CVE-2022-27774 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
curl CVE-2022-27776 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
curl CVE-2022-27775 LOW 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
libcurl CVE-2022-22576 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
libcurl CVE-2022-27774 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
libcurl CVE-2022-27776 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
libcurl CVE-2022-27775 LOW 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
ssl_client CVE-2022-28391 CRITICAL 1.34.1-r4 1.34.1-r5
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0
Expand...http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://errata.almalinux.org/8/ALSA-2022-2201.html
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://linux.oracle.com/cve/CVE-2018-25032.html
https://linux.oracle.com/errata/ELSA-2022-2213.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3

Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)

alpine

Package Vulnerability Severity Installed Version Fixed Version Links
busybox CVE-2022-28391 CRITICAL 1.34.1-r4 1.34.1-r5
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
curl CVE-2022-22576 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
curl CVE-2022-27774 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
curl CVE-2022-27776 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
curl CVE-2022-27775 LOW 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
libcurl CVE-2022-22576 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
libcurl CVE-2022-27774 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
libcurl CVE-2022-27776 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
libcurl CVE-2022-27775 LOW 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
ssl_client CVE-2022-28391 CRITICAL 1.34.1-r4 1.34.1-r5
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0
Expand...http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://errata.almalinux.org/8/ALSA-2022-2201.html
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://linux.oracle.com/cve/CVE-2018-25032.html
https://linux.oracle.com/errata/ELSA-2022-2213.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3

Container: Node.js

node-pkg

Package Vulnerability Severity Installed Version Fixed Version Links
deep-extend CVE-2018-3750 CRITICAL 0.4.2 0.5.1
Expand...https://access.redhat.com/security/cve/CVE-2018-3750
https://errata.almalinux.org/8/ALSA-2021-0549.html
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
deep-extend NSWG-ECO-408 LOW 0.4.2 >=0.5.1
Expand...https://hackerone.com/reports/311333

gobinary

Package Vulnerability Severity Installed Version Fixed Version Links
github.com/containerd/imgcrypt CVE-2022-24778 HIGH v1.1.1 v1.1.4
Expand...https://access.redhat.com/security/cve/CVE-2022-24778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24778
https://github.com/advisories/GHSA-8v99-48m9-c8pm
https://github.com/containerd/imgcrypt/commit/6fdd9818a4d8142107b7ecd767d839c9707700d9
https://github.com/containerd/imgcrypt/issues/69
https://github.com/containerd/imgcrypt/releases/tag/v1.1.4
https://github.com/containerd/imgcrypt/security/advisories/GHSA-8v99-48m9-c8pm
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SJUNSC7YZLA745EMKWK2GKEV57GE52K/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TAHAAOOA3KZJC2I5WHCR3XVBJBNWTWUE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFTJR5CR5EOYDVOSBZEMLBHLJRTPJPUA/
https://nvd.nist.gov/vuln/detail/CVE-2022-24778
github.com/opencontainers/runc CVE-2021-43784 MEDIUM v1.0.2 v1.0.3
Expand...https://access.redhat.com/security/cve/CVE-2021-43784
https://bugs.chromium.org/p/project-zero/issues/detail?id=2241
https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554
https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae
https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed
https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43784
github.com/opencontainers/runc CVE-2022-24769 MEDIUM v1.0.2 v1.1.2
Expand...http://www.openwall.com/lists/oss-security/2022/05/12/1
https://access.redhat.com/security/cve/CVE-2022-24769
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769
https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c
https://github.com/moby/moby/commit/2bbc786e4c59761d722d2d1518cd0a32829bc07f
https://github.com/moby/moby/releases/tag/v20.10.14
https://github.com/moby/moby/security/advisories/GHSA-2mm7-x5h6-5pvq
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PMQKCAPK2AR3DCYITJYMMNBEGQBGLCC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5AFKOQ5CE3CEIULWW4FLQKHFFU6FSYG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5FQJ3MLFSEKQYCFPFZIKYGBXPZUJFVY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPOJUJZXGMIVKRS4QR75F6OIXNQ6LDBL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIMAHZ6AUIKN7AX26KHZYBXVECIOVWBH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HQCVS7WBFSTKJFNX5PGDRARMTOFWV2O7/
https://nvd.nist.gov/vuln/detail/CVE-2022-24769
golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20210322153248-0c34fe9e7dc2 0.0.0-20220315160706-3147a52a75dd
Expand...https://access.redhat.com/security/cve/CVE-2022-27191
https://github.com/advisories/GHSA-8c26-wmh5-6g9v
https://groups.google.com/g/golang-announce
https://groups.google.com/g/golang-announce/c/-cp44ypCT5s
https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/
https://nvd.nist.gov/vuln/detail/CVE-2022-27191
https://security.netapp.com/advisory/ntap-20220429-0002/
golang.org/x/text CVE-2021-38561 UNKNOWN v0.3.4 0.3.7
Expand...https://go-review.googlesource.com/c/text/+/340830
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://pkg.go.dev/vuln/GO-2021-0113

gobinary

No Vulnerabilities found

gobinary

No Vulnerabilities found

gobinary

No Vulnerabilities found

gobinary

Package Vulnerability Severity Installed Version Fixed Version Links
github.com/opencontainers/runc CVE-2021-43784 MEDIUM v1.0.2 v1.0.3
Expand...https://access.redhat.com/security/cve/CVE-2021-43784
https://bugs.chromium.org/p/project-zero/issues/detail?id=2241
https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554
https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae
https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed
https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43784
github.com/opencontainers/runc CVE-2022-24769 MEDIUM v1.0.2 v1.1.2
Expand...http://www.openwall.com/lists/oss-security/2022/05/12/1
https://access.redhat.com/security/cve/CVE-2022-24769
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769
https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c
https://github.com/moby/moby/commit/2bbc786e4c59761d722d2d1518cd0a32829bc07f
https://github.com/moby/moby/releases/tag/v20.10.14
https://github.com/moby/moby/security/advisories/GHSA-2mm7-x5h6-5pvq
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PMQKCAPK2AR3DCYITJYMMNBEGQBGLCC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5AFKOQ5CE3CEIULWW4FLQKHFFU6FSYG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5FQJ3MLFSEKQYCFPFZIKYGBXPZUJFVY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPOJUJZXGMIVKRS4QR75F6OIXNQ6LDBL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIMAHZ6AUIKN7AX26KHZYBXVECIOVWBH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HQCVS7WBFSTKJFNX5PGDRARMTOFWV2O7/
https://nvd.nist.gov/vuln/detail/CVE-2022-24769
golang.org/x/text CVE-2021-38561 UNKNOWN v0.3.4 0.3.7
Expand...https://go-review.googlesource.com/c/text/+/340830
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://pkg.go.dev/vuln/GO-2021-0113

gobinary

No Vulnerabilities found