|
|
|
@ -12,9 +12,9 @@ hide:
|
|
|
|
|
##### Scan Results
|
|
|
|
|
|
|
|
|
|
#### Chart Object: radicale/templates/common.yaml
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
|
|
|
|
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
|
|
|
|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'RELEASE-NAME-radicale' of Deployment 'RELEASE-NAME-radicale' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv001">https://avd.aquasec.com/misconfig/ksv001</a><br></details> |
|
|
|
|
@ -45,11 +45,11 @@ hide:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#### Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
**alpine**
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
|
|
|
|
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
|
|
|
|
| curl | CVE-2022-32205 | MEDIUM | 7.83.1-r1 | 7.83.1-r2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-32205">https://access.redhat.com/security/cve/CVE-2022-32205</a><br><a href="https://curl.se/docs/CVE-2022-32205.html">https://curl.se/docs/CVE-2022-32205.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205</a><br><a href="https://ubuntu.com/security/notices/USN-5495-1">https://ubuntu.com/security/notices/USN-5495-1</a><br></details> |
|
|
|
|
@ -63,11 +63,11 @@ hide:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#### Container: tomsquest/docker-radicale:3.1.7.0@sha256:ffc26d09d9ef85a477b9f22aa2f08bf35af8ddbee7bfbba192df7c567e21ebb5 (alpine 3.14.6)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
**alpine**
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
|
|
|
|
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
|
|
|
|
| curl | CVE-2022-22576 | HIGH | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://hackerone.com/reports/1526328">https://hackerone.com/reports/1526328</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22576.html">https://linux.oracle.com/cve/CVE-2022-22576.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-5313.html">https://linux.oracle.com/errata/ELSA-2022-5313.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22576">https://nvd.nist.gov/vuln/detail/CVE-2022-22576</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
|
|
|
@ -95,9 +95,6 @@ hide:
|
|
|
|
|
|
|
|
|
|
**python-pkg**
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| No Vulnerabilities found |
|
|
|
|
|
|:---------------------------------|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|