Skip to content

Commit 0206887

Browse files
rancher-security-team[bot]rancher-security-team[bot]
committed
Update CVE scans reports - 2026-02-02
1 parent be01a48 commit 0206887

File tree

91 files changed

+8298
-8194
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

91 files changed

+8298
-8194
lines changed

docs/csv/report-harvester-master-cves.csv

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -244,8 +244,8 @@ rancher/hardened-addon-resizer:1.8.23-build20251016,harvester/master,stdlib,v1.2
244244
rancher/hardened-addon-resizer:1.8.23-build20251016,harvester/master,golang.org/x/net,v0.33.0,gobinary,CVE-2025-22870,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-22870,pod_nanny,0.36.0,false,not_affected,vulnerable_code_not_present
245245
rancher/hardened-addon-resizer:1.8.23-build20251016,harvester/master,golang.org/x/net,v0.33.0,gobinary,CVE-2025-22872,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-22872,pod_nanny,0.38.0,false,not_affected,vulnerable_code_not_present
246246
rancher/hardened-addon-resizer:1.8.23-build20251016,harvester/master,golang.org/x/oauth2,v0.24.0,gobinary,CVE-2025-22868,HIGH,https://avd.aquasec.com/nvd/cve-2025-22868,pod_nanny,0.27.0,false,not_affected,vulnerable_code_not_present
247-
rancher/hardened-calico:v3.30.3-build20251015,harvester/master,libopenssl-3-fips-provider,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/hardened-calico:v3.30.3-build20251015 (sles 15.7),3.2.3-150700.5.24.1,false,affected,
248-
rancher/hardened-calico:v3.30.3-build20251015,harvester/master,libopenssl3,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/hardened-calico:v3.30.3-build20251015 (sles 15.7),3.2.3-150700.5.24.1,false,affected,
247+
rancher/hardened-calico:v3.30.3-build20251015,harvester/master,libopenssl-3-fips-provider,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/hardened-calico:v3.30.3-build20251015 (sles 15.7),3.2.3-150700.5.24.1,false,not_affected,vulnerable_code_not_in_execute_path
248+
rancher/hardened-calico:v3.30.3-build20251015,harvester/master,libopenssl3,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/hardened-calico:v3.30.3-build20251015 (sles 15.7),3.2.3-150700.5.24.1,false,not_affected,vulnerable_code_not_in_execute_path
249249
rancher/hardened-calico:v3.30.3-build20251015,harvester/master,stdlib,v1.24.9,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,calicoctl,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
250250
rancher/hardened-calico:v3.30.3-build20251015,harvester/master,stdlib,v1.24.9,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,calicoctl,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
251251
rancher/hardened-calico:v3.30.3-build20251015,harvester/master,stdlib,v1.24.9,gobinary,CVE-2025-61730,LOW,https://avd.aquasec.com/nvd/cve-2025-61730,calicoctl,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
@@ -556,9 +556,9 @@ rancher/hardened-k8s-metrics-server:v0.8.0-build20251015,harvester/master,golang
556556
rancher/hardened-k8s-metrics-server:v0.8.0-build20251015,harvester/master,golang.org/x/crypto,v0.38.0,gobinary,CVE-2025-58181,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-58181,metrics-server,0.45.0,false,not_affected,vulnerable_code_not_present
557557
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,harvester/master,gpg2,2.4.4-150600.3.9.1,sles,SUSE-SU-2026:0215-1,HIGH,,rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112 (sles 15.7),2.4.4-150600.3.12.1,false,affected,
558558
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,harvester/master,libglib-2_0-0,2.78.6-150600.4.16.1,sles,SUSE-SU-2026:0018-1,HIGH,,rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112 (sles 15.7),2.78.6-150600.4.25.1,false,affected,
559-
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,harvester/master,libopenssl-3-fips-provider,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112 (sles 15.7),3.2.3-150700.5.24.1,false,affected,
560-
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,harvester/master,libopenssl3,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112 (sles 15.7),3.2.3-150700.5.24.1,false,affected,
561-
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,harvester/master,openssl-3,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112 (sles 15.7),3.2.3-150700.5.24.1,false,affected,
559+
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,harvester/master,libopenssl-3-fips-provider,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112 (sles 15.7),3.2.3-150700.5.24.1,false,not_affected,vulnerable_code_not_in_execute_path
560+
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,harvester/master,libopenssl3,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112 (sles 15.7),3.2.3-150700.5.24.1,false,not_affected,vulnerable_code_not_in_execute_path
561+
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,harvester/master,openssl-3,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112 (sles 15.7),3.2.3-150700.5.24.1,false,not_affected,vulnerable_code_not_in_execute_path
562562
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,harvester/master,stdlib,v1.24.9,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,usr/local/bin/kube-apiserver,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
563563
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,harvester/master,stdlib,v1.24.9,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,usr/local/bin/kube-apiserver,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
564564
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,harvester/master,stdlib,v1.24.9,gobinary,CVE-2025-61729,HIGH,https://avd.aquasec.com/nvd/cve-2025-61729,usr/local/bin/kube-apiserver,"1.24.11, 1.25.5",false,affected,
@@ -815,8 +815,8 @@ rancher/harvester:master-head,harvester/master,golang.org/x/crypto,v0.40.0,gobin
815815
rancher/harvester:master-head,harvester/master,golang.org/x/crypto,v0.40.0,gobinary,CVE-2025-58181,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-58181,usr/bin/harvester,0.45.0,false,not_affected,vulnerable_code_not_in_execute_path
816816
rancher/klipper-helm:v0.9.10-build20251111,harvester/master,libcrypto3,3.5.4-r0,alpine,CVE-2025-15467,CRITICAL,https://avd.aquasec.com/nvd/cve-2025-15467,rancher/klipper-helm:v0.9.10-build20251111 (alpine 3.22.2),3.5.5-r0,false,affected,
817817
rancher/klipper-helm:v0.9.10-build20251111,harvester/master,libcrypto3,3.5.4-r0,alpine,CVE-2025-69419,HIGH,https://avd.aquasec.com/nvd/cve-2025-69419,rancher/klipper-helm:v0.9.10-build20251111 (alpine 3.22.2),3.5.5-r0,false,affected,
818-
rancher/klipper-helm:v0.9.10-build20251111,harvester/master,libssl3,3.5.4-r0,alpine,CVE-2025-15467,CRITICAL,https://avd.aquasec.com/nvd/cve-2025-15467,rancher/klipper-helm:v0.9.10-build20251111 (alpine 3.22.2),3.5.5-r0,false,affected,
819-
rancher/klipper-helm:v0.9.10-build20251111,harvester/master,libssl3,3.5.4-r0,alpine,CVE-2025-69419,HIGH,https://avd.aquasec.com/nvd/cve-2025-69419,rancher/klipper-helm:v0.9.10-build20251111 (alpine 3.22.2),3.5.5-r0,false,affected,
818+
rancher/klipper-helm:v0.9.10-build20251111,harvester/master,libssl3,3.5.4-r0,alpine,CVE-2025-15467,CRITICAL,https://avd.aquasec.com/nvd/cve-2025-15467,rancher/klipper-helm:v0.9.10-build20251111 (alpine 3.22.2),3.5.5-r0,false,not_affected,vulnerable_code_not_in_execute_path
819+
rancher/klipper-helm:v0.9.10-build20251111,harvester/master,libssl3,3.5.4-r0,alpine,CVE-2025-69419,HIGH,https://avd.aquasec.com/nvd/cve-2025-69419,rancher/klipper-helm:v0.9.10-build20251111 (alpine 3.22.2),3.5.5-r0,false,not_affected,vulnerable_code_not_in_execute_path
820820
rancher/klipper-helm:v0.9.10-build20251111,harvester/master,stdlib,v1.24.10,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
821821
rancher/klipper-helm:v0.9.10-build20251111,harvester/master,stdlib,v1.24.10,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
822822
rancher/klipper-helm:v0.9.10-build20251111,harvester/master,stdlib,v1.24.10,gobinary,CVE-2025-61729,HIGH,https://avd.aquasec.com/nvd/cve-2025-61729,home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis,"1.24.11, 1.25.5",false,affected,
@@ -838,8 +838,8 @@ rancher/klipper-helm:v0.9.10-build20251111,harvester/master,golang.org/x/crypto,
838838
rancher/klipper-helm:v0.9.10-build20251111,harvester/master,golang.org/x/crypto,v0.43.0,gobinary,CVE-2025-58181,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-58181,usr/bin/helm,0.45.0,false,not_affected,vulnerable_code_not_present
839839
rancher/klipper-lb:v0.4.13,harvester/master,libcrypto3,3.3.3-r0,alpine,CVE-2025-15467,CRITICAL,https://avd.aquasec.com/nvd/cve-2025-15467,rancher/klipper-lb:v0.4.13 (alpine 3.21.3),3.3.6-r0,false,affected,
840840
rancher/klipper-lb:v0.4.13,harvester/master,libcrypto3,3.3.3-r0,alpine,CVE-2025-69419,HIGH,https://avd.aquasec.com/nvd/cve-2025-69419,rancher/klipper-lb:v0.4.13 (alpine 3.21.3),3.3.6-r0,false,affected,
841-
rancher/klipper-lb:v0.4.13,harvester/master,libssl3,3.3.3-r0,alpine,CVE-2025-15467,CRITICAL,https://avd.aquasec.com/nvd/cve-2025-15467,rancher/klipper-lb:v0.4.13 (alpine 3.21.3),3.3.6-r0,false,affected,
842-
rancher/klipper-lb:v0.4.13,harvester/master,libssl3,3.3.3-r0,alpine,CVE-2025-69419,HIGH,https://avd.aquasec.com/nvd/cve-2025-69419,rancher/klipper-lb:v0.4.13 (alpine 3.21.3),3.3.6-r0,false,affected,
841+
rancher/klipper-lb:v0.4.13,harvester/master,libssl3,3.3.3-r0,alpine,CVE-2025-15467,CRITICAL,https://avd.aquasec.com/nvd/cve-2025-15467,rancher/klipper-lb:v0.4.13 (alpine 3.21.3),3.3.6-r0,false,not_affected,vulnerable_code_not_in_execute_path
842+
rancher/klipper-lb:v0.4.13,harvester/master,libssl3,3.3.3-r0,alpine,CVE-2025-69419,HIGH,https://avd.aquasec.com/nvd/cve-2025-69419,rancher/klipper-lb:v0.4.13 (alpine 3.21.3),3.3.6-r0,false,not_affected,vulnerable_code_not_in_execute_path
843843
rancher/kubectl:v1.29.2,harvester/master,google.golang.org/protobuf,v1.31.0,gobinary,CVE-2024-24786,HIGH,https://avd.aquasec.com/nvd/cve-2024-24786,bin/kubectl,1.33.0,false,affected,severity_changed_due_to_suse_cvss_score
844844
rancher/kubectl:v1.29.2,harvester/master,stdlib,v1.21.7,gobinary,CVE-2024-24790,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-24790,bin/kubectl,"1.21.11, 1.22.4",false,affected,severity_changed_due_to_suse_cvss_score
845845
rancher/kubectl:v1.29.2,harvester/master,stdlib,v1.21.7,gobinary,CVE-2023-45288,MEDIUM,https://avd.aquasec.com/nvd/cve-2023-45288,bin/kubectl,"1.21.9, 1.22.2",false,affected,severity_changed_due_to_suse_cvss_score
@@ -1254,10 +1254,10 @@ rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,libgio-2_0-0
12541254
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,libglib-2_0-0,2.78.6-150600.4.16.1,sles,SUSE-SU-2026:0018-1,HIGH,,rancher/nginx-ingress-controller:v1.13.4-hardened1 (sles 15.7),2.78.6-150600.4.25.1,false,affected,
12551255
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,libgmodule-2_0-0,2.78.6-150600.4.16.1,sles,SUSE-SU-2026:0018-1,HIGH,,rancher/nginx-ingress-controller:v1.13.4-hardened1 (sles 15.7),2.78.6-150600.4.25.1,false,affected,
12561256
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,libgobject-2_0-0,2.78.6-150600.4.16.1,sles,SUSE-SU-2026:0018-1,HIGH,,rancher/nginx-ingress-controller:v1.13.4-hardened1 (sles 15.7),2.78.6-150600.4.25.1,false,affected,
1257-
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,libopenssl-3-devel,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/nginx-ingress-controller:v1.13.4-hardened1 (sles 15.7),3.2.3-150700.5.24.1,false,affected,
1258-
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,libopenssl-3-fips-provider,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/nginx-ingress-controller:v1.13.4-hardened1 (sles 15.7),3.2.3-150700.5.24.1,false,affected,
1259-
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,libopenssl3,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/nginx-ingress-controller:v1.13.4-hardened1 (sles 15.7),3.2.3-150700.5.24.1,false,affected,
1260-
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,openssl-3,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/nginx-ingress-controller:v1.13.4-hardened1 (sles 15.7),3.2.3-150700.5.24.1,false,affected,
1257+
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,libopenssl-3-devel,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/nginx-ingress-controller:v1.13.4-hardened1 (sles 15.7),3.2.3-150700.5.24.1,false,not_affected,vulnerable_code_not_in_execute_path
1258+
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,libopenssl-3-fips-provider,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/nginx-ingress-controller:v1.13.4-hardened1 (sles 15.7),3.2.3-150700.5.24.1,false,not_affected,vulnerable_code_not_in_execute_path
1259+
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,libopenssl3,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/nginx-ingress-controller:v1.13.4-hardened1 (sles 15.7),3.2.3-150700.5.24.1,false,not_affected,vulnerable_code_not_in_execute_path
1260+
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,openssl-3,3.2.3-150700.5.21.1,sles,SUSE-SU-2026:0309-1,CRITICAL,,rancher/nginx-ingress-controller:v1.13.4-hardened1 (sles 15.7),3.2.3-150700.5.24.1,false,not_affected,vulnerable_code_not_in_execute_path
12611261
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,stdlib,v1.25.3,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,dbg,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
12621262
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,stdlib,v1.25.3,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,dbg,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
12631263
rancher/nginx-ingress-controller:v1.13.4-hardened1,harvester/master,stdlib,v1.25.3,gobinary,CVE-2025-61729,HIGH,https://avd.aquasec.com/nvd/cve-2025-61729,dbg,"1.24.11, 1.25.5",false,affected,

docs/csv/report-harvester-master-stats.csv

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -19,15 +19,15 @@ longhornio/support-bundle-kit:v0.0.79,3,1,4
1919
rancher/fleet-agent:v0.14.0,0,3,3
2020
rancher/fleet:v0.14.0,3,6,9
2121
rancher/hardened-addon-resizer:1.8.23-build20251016,0,2,2
22-
rancher/hardened-calico:v3.30.3-build20251015,2,0,2
22+
rancher/hardened-calico:v3.30.3-build20251015,0,0,0
2323
rancher/hardened-cluster-autoscaler:v1.10.2-build20251015,0,2,2
2424
rancher/hardened-cni-plugins:v1.8.0-build20251014,0,1,1
2525
rancher/hardened-coredns:v1.13.1-build20251015,0,5,5
2626
rancher/hardened-dns-node-cache:1.26.7-build20251016,0,4,4
2727
rancher/hardened-etcd:v3.6.5-k3s1-build20251017,0,4,4
2828
rancher/hardened-flannel:v0.27.4-build20251015,0,3,3
2929
rancher/hardened-k8s-metrics-server:v0.8.0-build20251015,0,2,2
30-
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,3,14,17
30+
rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112,0,14,14
3131
rancher/hardened-multus-cni:v4.2.3-build20251031,0,10,10
3232
rancher/harvester-cluster-repo:master-head,0,0,0
3333
rancher/harvester-eventrouter:master-head,0,1,1
@@ -48,8 +48,8 @@ rancher/harvester-upgrade:master-head,1,19,20
4848
rancher/harvester-vm-import-controller:main-head,0,1,1
4949
rancher/harvester-webhook:master-head,0,5,5
5050
rancher/harvester:master-head,0,5,5
51-
rancher/klipper-helm:v0.9.10-build20251111,2,8,10
52-
rancher/klipper-lb:v0.4.13,2,2,4
51+
rancher/klipper-helm:v0.9.10-build20251111,1,7,8
52+
rancher/klipper-lb:v0.4.13,1,1,2
5353
rancher/kubectl:v1.29.2,0,10,10
5454
rancher/kubectl:v1.32.3,0,4,4
5555
rancher/kubectl:v1.33.1,0,5,5
@@ -74,7 +74,7 @@ rancher/mirrored-prometheus-operator-admission-webhook:v0.80.1,0,4,4
7474
rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.80.1,0,4,4
7575
rancher/mirrored-prometheus-operator-prometheus-operator:v0.80.1,0,4,4
7676
rancher/mirrored-sig-storage-snapshot-controller:v8.2.0,0,4,4
77-
rancher/nginx-ingress-controller:v1.13.4-hardened1,4,12,16
77+
rancher/nginx-ingress-controller:v1.13.4-hardened1,0,12,12
7878
rancher/prom-prometheus:v3.2.1,0,8,8
7979
rancher/rancher-agent:v2.13.0,1,9,10
8080
rancher/rancher-webhook:v0.9.1,0,5,5

0 commit comments

Comments
 (0)