@ -12,9 +12,9 @@ hide:
##### Scan Results
#### Chart Object: prometheus/charts/kube-state-metrics/templates/deployment.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' kube-state-metrics' of Deployment ' RELEASE-NAME-kube-state-metrics' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
@ -29,25 +29,25 @@ hide:
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' kube-state-metrics' of Deployment ' RELEASE-NAME-kube-state-metrics' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-kube-state-metrics' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
| No Misconfigurations found |
|:---------------------------------|
| No Misconfigurations found |
|:---------------------------------|
| No Misconfigurations found |
|:---------------------------------|
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' node-exporter' of DaemonSet ' RELEASE-NAME-node-exporter' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
@ -64,31 +64,31 @@ hide:
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | < details > < summary > Expand...< / summary > HostPath volumes must be forbidden. < br > < hr > < br > DaemonSet ' RELEASE-NAME-node-exporter' should not set ' spec.template.volumes.hostPath' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv023" > https://avd.aquasec.com/appshield/ksv023< / a > < br > < / details > |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > DaemonSet ' RELEASE-NAME-node-exporter' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
| No Misconfigurations found |
|:---------------------------------|
| No Misconfigurations found |
|:---------------------------------|
| No Misconfigurations found |
|:---------------------------------|
| No Misconfigurations found |
|:---------------------------------|
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-prometheus' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
@ -145,35 +145,35 @@ hide:
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | < details > < summary > Expand...< / summary > HostPath volumes must be forbidden. < br > < hr > < br > Deployment ' RELEASE-NAME-prometheus' should not set ' spec.template.volumes.hostPath' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv023" > https://avd.aquasec.com/appshield/ksv023< / a > < br > < / details > |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-prometheus' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
| No Misconfigurations found |
|:---------------------------------|
| No Misconfigurations found |
|:---------------------------------|
| No Misconfigurations found |
|:---------------------------------|
| No Misconfigurations found |
|:---------------------------------|
| No Misconfigurations found |
|:---------------------------------|
## Containers
@ -181,7 +181,7 @@ hide:
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/prometheus-operator:v0.55.1@sha256:974f3fd993bf0e16d2a1247e0463d38af0546c1882e24c3ddacf9fd3a234bdd5
tccr.io/truecharts/prometheus-operator:v0.55.1@sha256:0ada927f7cab9d33797414daacc1d0d3f4a8e5ff365fb4167d5145c540941f3c
bitnami/kube-state-metrics:2.4.2-debian-10-r18
bitnami/node-exporter:1.3.1-debian-10-r106
@ -189,33 +189,33 @@ hide:
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https:// lists.debian.org/debian-lts-announce/2022/04/msg00000.html"> https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-511 1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https:// lists.debian.org/debian-lts-announce/2022/04/msg00000.html"> https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-511 1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
#### Container: tccr.io/truecharts/prometheus-operator:v0.55.1@sha256:974f3fd993bf0e16d2a1247e0463d38af0546c1882e24c3ddacf9fd3a234bdd5 (debian 10.12)
#### Container: tccr.io/truecharts/prometheus-operator:v0.55.1@sha256:0ada927f7cab9d33797414daacc1d0d3f4a8e5ff365fb4167d5145c540941f3c (debian 10.12)
**debian**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/cve-2011-3374" > https://access.redhat.com/security/cve/cve-2011-3374< / a > < br > < a href = "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480" > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480< / a > < br > < a href = "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html" > https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html< / a > < br > < a href = "https://seclists.org/fulldisclosure/2011/Sep/221" > https://seclists.org/fulldisclosure/2011/Sep/221< / a > < br > < a href = "https://security-tracker.debian.org/tracker/CVE-2011-3374" > https://security-tracker.debian.org/tracker/CVE-2011-3374< / a > < br > < a href = "https://snyk.io/vuln/SNYK-LINUX-APT-116518" > https://snyk.io/vuln/SNYK-LINUX-APT-116518< / a > < br > < a href = "https://ubuntu.com/security/CVE-2011-3374" > https://ubuntu.com/security/CVE-2011-3374< / a > < br > < / details > |
@ -381,15 +381,14 @@ hide:
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37600" > https://access.redhat.com/security/cve/CVE-2021-37600< / a > < br > < a href = "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c" > https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c< / a > < br > < a href = "https://github.com/karelzak/util-linux/issues/1395" > https://github.com/karelzak/util-linux/issues/1395< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37600" > https://nvd.nist.gov/vuln/detail/CVE-2021-37600< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210902-0002/" > https://security.netapp.com/advisory/ntap-20210902-0002/< / a > < br > < / details > |
| util-linux | CVE-2022-0563 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-31879" > https://access.redhat.com/security/cve/CVE-2021-31879< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879< / a > < br > < a href = "https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html" > https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-31879" > https://nvd.nist.gov/vuln/detail/CVE-2021-31879< / a > < br > < a href = "https://savannah.gnu.org/bugs/?56909" > https://savannah.gnu.org/bugs/?56909< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210618-0002/" > https://security.netapp.com/advisory/ntap-20210618-0002/< / a > < br > < / details > |
| zlib1g | CVE-2018-25032 | HIGH | 1:1.2.11.dfsg-1 | | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
#### Container: bitnami/kube-state-metrics:2.4.2-debian-10-r18 (debian 10.12)
**debian**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/cve-2011-3374" > https://access.redhat.com/security/cve/cve-2011-3374< / a > < br > < a href = "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480" > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480< / a > < br > < a href = "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html" > https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html< / a > < br > < a href = "https://seclists.org/fulldisclosure/2011/Sep/221" > https://seclists.org/fulldisclosure/2011/Sep/221< / a > < br > < a href = "https://security-tracker.debian.org/tracker/CVE-2011-3374" > https://security-tracker.debian.org/tracker/CVE-2011-3374< / a > < br > < a href = "https://snyk.io/vuln/SNYK-LINUX-APT-116518" > https://snyk.io/vuln/SNYK-LINUX-APT-116518< / a > < br > < a href = "https://ubuntu.com/security/CVE-2011-3374" > https://ubuntu.com/security/CVE-2011-3374< / a > < br > < / details > |
@ -555,23 +554,23 @@ hide:
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37600" > https://access.redhat.com/security/cve/CVE-2021-37600< / a > < br > < a href = "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c" > https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c< / a > < br > < a href = "https://github.com/karelzak/util-linux/issues/1395" > https://github.com/karelzak/util-linux/issues/1395< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37600" > https://nvd.nist.gov/vuln/detail/CVE-2021-37600< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210902-0002/" > https://security.netapp.com/advisory/ntap-20210902-0002/< / a > < br > < / details > |
| util-linux | CVE-2022-0563 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-31879" > https://access.redhat.com/security/cve/CVE-2021-31879< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879< / a > < br > < a href = "https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html" > https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-31879" > https://nvd.nist.gov/vuln/detail/CVE-2021-31879< / a > < br > < a href = "https://savannah.gnu.org/bugs/?56909" > https://savannah.gnu.org/bugs/?56909< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210618-0002/" > https://security.netapp.com/advisory/ntap-20210618-0002/< / a > < br > < / details > |
| zlib1g | CVE-2018-25032 | HIGH | 1:1.2.11.dfsg-1 | | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
| zlib1g | CVE-2018-25032 | HIGH | 1:1.2.11.dfsg-1 | 1:1.2.11.dfsg-1+deb10u1 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https:// lists.debian.org/debian-lts-announce/2022/04/msg00000.html"> https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-511 1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
**gobinary**
| No Vulnerabilities found |
|:---------------------------------|
#### Container: bitnami/node-exporter:1.3.1-debian-10-r106 (debian 10.12)
**debian**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/cve-2011-3374" > https://access.redhat.com/security/cve/cve-2011-3374< / a > < br > < a href = "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480" > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480< / a > < br > < a href = "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html" > https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html< / a > < br > < a href = "https://seclists.org/fulldisclosure/2011/Sep/221" > https://seclists.org/fulldisclosure/2011/Sep/221< / a > < br > < a href = "https://security-tracker.debian.org/tracker/CVE-2011-3374" > https://security-tracker.debian.org/tracker/CVE-2011-3374< / a > < br > < a href = "https://snyk.io/vuln/SNYK-LINUX-APT-116518" > https://snyk.io/vuln/SNYK-LINUX-APT-116518< / a > < br > < a href = "https://ubuntu.com/security/CVE-2011-3374" > https://ubuntu.com/security/CVE-2011-3374< / a > < br > < / details > |
@ -737,19 +736,18 @@ hide:
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37600" > https://access.redhat.com/security/cve/CVE-2021-37600< / a > < br > < a href = "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c" > https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c< / a > < br > < a href = "https://github.com/karelzak/util-linux/issues/1395" > https://github.com/karelzak/util-linux/issues/1395< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37600" > https://nvd.nist.gov/vuln/detail/CVE-2021-37600< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210902-0002/" > https://security.netapp.com/advisory/ntap-20210902-0002/< / a > < br > < / details > |
| util-linux | CVE-2022-0563 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-31879" > https://access.redhat.com/security/cve/CVE-2021-31879< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879< / a > < br > < a href = "https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html" > https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-31879" > https://nvd.nist.gov/vuln/detail/CVE-2021-31879< / a > < br > < a href = "https://savannah.gnu.org/bugs/?56909" > https://savannah.gnu.org/bugs/?56909< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210618-0002/" > https://security.netapp.com/advisory/ntap-20210618-0002/< / a > < br > < / details > |
| zlib1g | CVE-2018-25032 | HIGH | 1:1.2.11.dfsg-1 | | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
| zlib1g | CVE-2018-25032 | HIGH | 1:1.2.11.dfsg-1 | 1:1.2.11.dfsg-1+deb10u1 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https:// lists.debian.org/debian-lts-announce/2022/04/msg00000.html"> https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-511 1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
**gobinary**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.6 | 0.3.7 | < details > < summary > Expand...< / summary > < a href = "https://go-review.googlesource.com/c/text/+/340830" > https://go-review.googlesource.com/c/text/+/340830< / a > < br > < a href = "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f" > https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f< / a > < br > < a href = "https://pkg.go.dev/vuln/GO-2021-0113" > https://pkg.go.dev/vuln/GO-2021-0113< / a > < br > < / details > |
**gobinary**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.6 | 0.3.7 | < details > < summary > Expand...< / summary > < a href = "https://go-review.googlesource.com/c/text/+/340830" > https://go-review.googlesource.com/c/text/+/340830< / a > < br > < a href = "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f" > https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f< / a > < br > < a href = "https://pkg.go.dev/vuln/GO-2021-0113" > https://pkg.go.dev/vuln/GO-2021-0113< / a > < br > < / details > |