Skip to content

Commit e90680f

Browse files
rancher-security-team[bot]rancher-security-team[bot]
committed
Update CVE scans reports - 2025-06-18
1 parent 36c54ac commit e90680f

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

43 files changed

+3911
-4301
lines changed

docs/csv/report-harvester-master-cves.csv

Lines changed: 15 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -13,12 +13,21 @@ ghcr.io/kube-vip/kube-vip-iptables:v0.8.1,harvester/master,github.com/osrg/gobgp
1313
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1,harvester/master,stdlib,v1.22.4,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,kube-vip,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
1414
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1,harvester/master,golang.org/x/crypto,v0.23.0,gobinary,CVE-2024-45337,CRITICAL,https://avd.aquasec.com/nvd/cve-2024-45337,kube-vip,0.31.0,false,not_affected,vulnerable_code_not_present
1515
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1,harvester/master,golang.org/x/crypto,v0.23.0,gobinary,CVE-2025-22869,HIGH,https://avd.aquasec.com/nvd/cve-2025-22869,kube-vip,0.35.0,false,not_affected,vulnerable_code_not_present
16-
longhornio/longhorn-engine:v1.8.2-rc2,harvester/master,stdlib,v1.24.2,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/grpc_health_probe,1.24.4,false,affected,
17-
longhornio/longhorn-engine:v1.8.2-rc2,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/longhorn,1.24.4,false,affected,
18-
longhornio/longhorn-engine:v1.8.2-rc2,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/longhorn-instance-manager,1.24.4,false,affected,
19-
longhornio/longhorn-instance-manager:v1.8.2-rc2,harvester/master,libexpat1,2.7.1-lp156.231.1,sles,SUSE-SU-2025:1201-1,HIGH,,longhornio/longhorn-instance-manager:v1.8.2-rc2 (sles 15.6),2.7.1-150400.3.28.1,false,affected,
20-
longhornio/longhorn-instance-manager:v1.8.2-rc2,harvester/master,protobuf,5.29.4,python-pkg,CVE-2025-4565,HIGH,https://avd.aquasec.com/nvd/cve-2025-4565,Python,"4.25.8, 5.29.5, 6.31.1",false,affected,
21-
longhornio/longhorn-instance-manager:v1.8.2-rc2,harvester/master,stdlib,v1.24.2,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/grpc_health_probe,1.24.4,false,affected,
16+
longhornio/backing-image-manager:v1.9.0,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/backing-image-manager,1.24.4,false,affected,
17+
longhornio/longhorn-cli:v1.9.0,harvester/master,glibc,2.38-150600.14.29.1,sles,SUSE-SU-2025:01702-2,HIGH,,longhornio/longhorn-cli:v1.9.0 (sles 15.7),2.38-150600.14.32.1,false,affected,
18+
longhornio/longhorn-cli:v1.9.0,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/longhornctl,1.24.4,false,affected,
19+
longhornio/longhorn-cli:v1.9.0,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/longhornctl-local,1.24.4,false,affected,
20+
longhornio/longhorn-engine:v1.9.0,harvester/master,stdlib,v1.24.2,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/grpc_health_probe,1.24.4,false,affected,
21+
longhornio/longhorn-engine:v1.9.0,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/longhorn,1.24.4,false,affected,
22+
longhornio/longhorn-engine:v1.9.0,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/longhorn-instance-manager,1.24.4,false,affected,
23+
longhornio/longhorn-instance-manager:v1.9.0,harvester/master,libexpat1,2.7.1-lp156.231.1,sles,SUSE-SU-2025:1201-1,HIGH,,longhornio/longhorn-instance-manager:v1.9.0 (sles 15.6),2.7.1-150400.3.28.1,false,affected,
24+
longhornio/longhorn-instance-manager:v1.9.0,harvester/master,protobuf,5.29.4,python-pkg,CVE-2025-4565,HIGH,https://avd.aquasec.com/nvd/cve-2025-4565,Python,"4.25.8, 5.29.5, 6.31.1",false,affected,
25+
longhornio/longhorn-instance-manager:v1.9.0,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/go-spdk-helper,1.24.4,false,affected,
26+
longhornio/longhorn-instance-manager:v1.9.0,harvester/master,stdlib,v1.24.2,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/grpc_health_probe,1.24.4,false,affected,
27+
longhornio/longhorn-instance-manager:v1.9.0,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/bin/longhorn-instance-manager,1.24.4,false,affected,
28+
longhornio/longhorn-manager:v1.9.0,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/local/sbin/longhorn-manager,1.24.4,false,affected,
29+
longhornio/longhorn-share-manager:v1.9.0,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,longhorn-share-manager,1.24.4,false,affected,
30+
longhornio/longhorn-ui:v1.9.0,harvester/master,glibc,2.38-150600.14.29.1,sles,SUSE-SU-2025:01702-2,HIGH,,longhornio/longhorn-ui:v1.9.0 (sles 15.7),2.38-150600.14.32.1,false,affected,
2231
longhornio/support-bundle-kit:v0.0.55,harvester/master,glibc,2.38-150600.14.29.1,sles,SUSE-SU-2025:01702-1,HIGH,,longhornio/support-bundle-kit:v0.0.55 (sles 15.6),2.38-150600.14.32.1,false,affected,
2332
longhornio/support-bundle-kit:v0.0.55,harvester/master,stdlib,v1.24.3,gobinary,CVE-2025-22874,HIGH,https://avd.aquasec.com/nvd/cve-2025-22874,usr/bin/yq,1.24.4,false,affected,
2433
rancher/fleet-agent:v0.12.3,harvester/master,glibc,2.38-150600.14.29.1,sles,SUSE-SU-2025:01702-1,HIGH,,rancher/fleet-agent:v0.12.3 (sles 15.6),2.38-150600.14.32.1,false,affected,

docs/csv/report-harvester-master-stats.csv

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,19 +1,19 @@
11
image,critical,high,total
22
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0,0,4,4
33
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1,0,5,5
4-
longhornio/backing-image-manager:v1.8.2-rc2,0,0,0
4+
longhornio/backing-image-manager:v1.9.0,0,1,1
55
longhornio/csi-attacher:v4.8.1,0,0,0
66
longhornio/csi-node-driver-registrar:v2.13.0,0,0,0
77
longhornio/csi-provisioner:v5.2.0,0,0,0
88
longhornio/csi-resizer:v1.13.2,0,0,0
99
longhornio/csi-snapshotter:v8.2.0,0,0,0
1010
longhornio/livenessprobe:v2.15.0,0,0,0
11-
longhornio/longhorn-cli:v1.8.2-rc2,0,0,0
12-
longhornio/longhorn-engine:v1.8.2-rc2,0,3,3
13-
longhornio/longhorn-instance-manager:v1.8.2-rc2,0,3,3
14-
longhornio/longhorn-manager:v1.8.2-rc2,0,0,0
15-
longhornio/longhorn-share-manager:v1.8.2-rc2,0,0,0
16-
longhornio/longhorn-ui:v1.8.2-rc2,0,0,0
11+
longhornio/longhorn-cli:v1.9.0,0,3,3
12+
longhornio/longhorn-engine:v1.9.0,0,3,3
13+
longhornio/longhorn-instance-manager:v1.9.0,0,5,5
14+
longhornio/longhorn-manager:v1.9.0,0,1,1
15+
longhornio/longhorn-share-manager:v1.9.0,0,1,1
16+
longhornio/longhorn-ui:v1.9.0,0,1,1
1717
longhornio/support-bundle-kit:v0.0.55,0,2,2
1818
rancher/fleet-agent:v0.12.3,0,1,1
1919
rancher/fleet:v0.12.3,0,1,1

0 commit comments

Comments
 (0)