Skip to content

Commit eb22234

Browse files
rancher-security-team[bot]rancher-security-team[bot]
committed
Update CVE scans reports - 2026-03-12
1 parent 645d6b4 commit eb22234

File tree

77 files changed

+71018
-37270
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

77 files changed

+71018
-37270
lines changed

docs/csv/report-harvester-master-cves.csv

Lines changed: 49 additions & 158 deletions
Large diffs are not rendered by default.

docs/csv/report-harvester-master-stats.csv

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,20 +1,20 @@
11
image,critical,high,total
22
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.9.2,2,19,21
33
kubeovn/kube-ovn:v1.14.10,0,31,31
4-
longhornio/backing-image-manager:v1.11.0,0,12,12
5-
longhornio/csi-attacher:v4.10.0-20251226,0,1,1
6-
longhornio/csi-node-driver-registrar:v2.15.0-20251226,0,1,1
7-
longhornio/csi-provisioner:v5.3.0-20251226,0,1,1
8-
longhornio/csi-resizer:v2.0.0-20251226,0,1,1
9-
longhornio/csi-snapshotter:v8.4.0-20251226,0,1,1
10-
longhornio/livenessprobe:v2.17.0-20251226,0,1,1
11-
longhornio/longhorn-cli:v1.11.0,0,5,5
12-
longhornio/longhorn-engine:v1.11.0,0,10,10
13-
longhornio/longhorn-instance-manager:v1.11.0,0,14,14
14-
longhornio/longhorn-manager:v1.11.0,0,7,7
15-
longhornio/longhorn-share-manager:v1.11.0,0,5,5
16-
longhornio/longhorn-ui:v1.11.0,0,4,4
17-
longhornio/support-bundle-kit:v0.0.79,3,5,8
4+
longhornio/backing-image-manager:v1.11.1-rc1,0,0,0
5+
longhornio/csi-attacher:v4.11.0,0,1,1
6+
longhornio/csi-node-driver-registrar:v2.16.0,0,0,0
7+
longhornio/csi-provisioner:v5.3.0-20260225,0,0,0
8+
longhornio/csi-resizer:v2.1.0,0,1,1
9+
longhornio/csi-snapshotter:v8.5.0,0,0,0
10+
longhornio/livenessprobe:v2.18.0,0,0,0
11+
longhornio/longhorn-cli:v1.11.1-rc1,0,0,0
12+
longhornio/longhorn-engine:v1.11.1-rc1,0,0,0
13+
longhornio/longhorn-instance-manager:v1.11.1-rc1,0,0,0
14+
longhornio/longhorn-manager:v1.11.1-rc1,0,0,0
15+
longhornio/longhorn-share-manager:v1.11.1-rc1,0,0,0
16+
longhornio/longhorn-ui:v1.11.1-rc1,0,0,0
17+
longhornio/support-bundle-kit:v0.0.80,0,0,0
1818
rancher/appco-alertmanager:0.28.1-12.7,0,4,4
1919
rancher/appco-grafana:12.1.1-2.2,3,17,20
2020
rancher/appco-k8s-sidecar:1.30.7-11.3,1,13,14

docs/csv/report-harvester-v1.5-head-cves.csv

Lines changed: 88 additions & 44 deletions
Large diffs are not rendered by default.

docs/csv/report-harvester-v1.5.2-cves.csv

Lines changed: 88 additions & 44 deletions
Large diffs are not rendered by default.

docs/csv/report-harvester-v1.6-head-cves.csv

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -473,7 +473,6 @@ longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,samba-client-lib
473473
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,virtiofsd,1.12.0-150700.1.8,sles,SUSE-SU-2026:0819-1,HIGH,,longhornio/longhorn-instance-manager:v1.9.2 (sles 15.7),1.12.0-150700.3.3.1,false,affected,
474474
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,cryptography,46.0.1,python-pkg,CVE-2026-26007,HIGH,https://avd.aquasec.com/nvd/cve-2026-26007,Python,46.0.5,false,affected,
475475
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,protobuf,6.32.1,python-pkg,CVE-2026-0994,HIGH,https://avd.aquasec.com/nvd/cve-2026-0994,Python,"6.33.5, 5.29.6",false,affected,
476-
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.6,gobinary,CVE-2026-25679,LOW,https://avd.aquasec.com/nvd/cve-2026-25679,usr/local/bin/go-spdk-helper,"1.25.8, 1.26.1",false,affected,severity_changed_due_to_suse_cvss_score
477476
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.6,gobinary,CVE-2025-68121,CRITICAL,https://avd.aquasec.com/nvd/cve-2025-68121,usr/local/bin/go-spdk-helper,"1.24.13, 1.25.7, 1.26.0-rc.3",false,not_affected,vulnerable_code_not_present
478477
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.6,gobinary,CVE-2025-58183,HIGH,https://avd.aquasec.com/nvd/cve-2025-58183,usr/local/bin/go-spdk-helper,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_present
479478
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.6,gobinary,CVE-2025-61726,HIGH,https://avd.aquasec.com/nvd/cve-2025-61726,usr/local/bin/go-spdk-helper,"1.24.12, 1.25.6",false,not_affected,vulnerable_code_not_in_execute_path
@@ -490,6 +489,8 @@ longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.6,g
490489
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.6,gobinary,CVE-2025-61725,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61725,usr/local/bin/go-spdk-helper,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_present
491490
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.6,gobinary,CVE-2025-61727,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61727,usr/local/bin/go-spdk-helper,"1.24.11, 1.25.5",false,not_affected,vulnerable_code_not_present
492491
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.6,gobinary,CVE-2025-61730,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61730,usr/local/bin/go-spdk-helper,"1.24.12, 1.25.6",false,not_affected,vulnerable_code_not_present
492+
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.6,gobinary,CVE-2026-25679,MEDIUM,https://avd.aquasec.com/nvd/cve-2026-25679,usr/local/bin/go-spdk-helper,"1.25.8, 1.26.1",false,not_affected,vulnerable_code_not_in_execute_path
493+
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.6,gobinary,CVE-2026-27142,MEDIUM,https://avd.aquasec.com/nvd/cve-2026-27142,usr/local/bin/go-spdk-helper,"1.25.8, 1.26.1",false,not_affected,vulnerable_code_not_present
493494
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.5,gobinary,CVE-2025-68121,HIGH,https://avd.aquasec.com/nvd/cve-2025-68121,usr/local/bin/grpc_health_probe,"1.24.13, 1.25.7, 1.26.0-rc.3",false,affected,severity_changed_due_to_suse_cvss_score
494495
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.5,gobinary,CVE-2025-61729,HIGH,https://avd.aquasec.com/nvd/cve-2025-61729,usr/local/bin/grpc_health_probe,"1.24.11, 1.25.5",false,affected,
495496
longhornio/longhorn-instance-manager:v1.9.2,harvester/v1.6-head,stdlib,v1.24.5,gobinary,CVE-2025-47912,HIGH,https://avd.aquasec.com/nvd/cve-2025-47912,usr/local/bin/grpc_health_probe,"1.24.8, 1.25.2",false,affected,severity_changed_due_to_suse_cvss_score
@@ -840,7 +841,6 @@ rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7
840841
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-58186,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-58186,opt/cni/bin/firewall,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_in_execute_path
841842
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61724,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61724,opt/cni/bin/firewall,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_in_execute_path
842843
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61725,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61725,opt/cni/bin/firewall,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_present
843-
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2026-25679,LOW,https://avd.aquasec.com/nvd/cve-2026-25679,opt/cni/bin/flannel,"1.25.8, 1.26.1",false,affected,severity_changed_due_to_suse_cvss_score
844844
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-68121,CRITICAL,https://avd.aquasec.com/nvd/cve-2025-68121,opt/cni/bin/flannel,"1.24.13, 1.25.7, 1.26.0-rc.3",false,not_affected,vulnerable_code_not_present
845845
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-58183,HIGH,https://avd.aquasec.com/nvd/cve-2025-58183,opt/cni/bin/flannel,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_present
846846
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61726,HIGH,https://avd.aquasec.com/nvd/cve-2025-61726,opt/cni/bin/flannel,"1.24.12, 1.25.6",false,not_affected,vulnerable_code_not_present
@@ -857,6 +857,8 @@ rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7
857857
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61725,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61725,opt/cni/bin/flannel,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_present
858858
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61727,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61727,opt/cni/bin/flannel,"1.24.11, 1.25.5",false,not_affected,vulnerable_code_not_present
859859
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61730,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61730,opt/cni/bin/flannel,"1.24.12, 1.25.6",false,not_affected,vulnerable_code_not_present
860+
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2026-25679,MEDIUM,https://avd.aquasec.com/nvd/cve-2026-25679,opt/cni/bin/flannel,"1.25.8, 1.26.1",false,not_affected,vulnerable_code_not_present
861+
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2026-27142,MEDIUM,https://avd.aquasec.com/nvd/cve-2026-27142,opt/cni/bin/flannel,"1.25.8, 1.26.1",false,not_affected,vulnerable_code_not_present
860862
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-68121,HIGH,https://avd.aquasec.com/nvd/cve-2025-68121,opt/cni/bin/host-device,"1.24.13, 1.25.7, 1.26.0-rc.3",false,affected,severity_changed_due_to_suse_cvss_score
861863
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61729,HIGH,https://avd.aquasec.com/nvd/cve-2025-61729,opt/cni/bin/host-device,"1.24.11, 1.25.5",false,affected,
862864
rancher/hardened-calico:v3.30.3-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-47912,HIGH,https://avd.aquasec.com/nvd/cve-2025-47912,opt/cni/bin/host-device,"1.24.8, 1.25.2",false,affected,severity_changed_due_to_suse_cvss_score
@@ -1184,7 +1186,6 @@ rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.
11841186
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-58186,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-58186,opt/cni/bin/firewall,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_in_execute_path
11851187
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61724,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61724,opt/cni/bin/firewall,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_in_execute_path
11861188
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61725,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61725,opt/cni/bin/firewall,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_present
1187-
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2026-25679,LOW,https://avd.aquasec.com/nvd/cve-2026-25679,opt/cni/bin/flannel,"1.25.8, 1.26.1",false,affected,severity_changed_due_to_suse_cvss_score
11881189
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-68121,CRITICAL,https://avd.aquasec.com/nvd/cve-2025-68121,opt/cni/bin/flannel,"1.24.13, 1.25.7, 1.26.0-rc.3",false,not_affected,vulnerable_code_not_present
11891190
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-58183,HIGH,https://avd.aquasec.com/nvd/cve-2025-58183,opt/cni/bin/flannel,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_present
11901191
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61726,HIGH,https://avd.aquasec.com/nvd/cve-2025-61726,opt/cni/bin/flannel,"1.24.12, 1.25.6",false,not_affected,vulnerable_code_not_present
@@ -1201,6 +1202,8 @@ rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.
12011202
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61725,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61725,opt/cni/bin/flannel,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_present
12021203
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61727,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61727,opt/cni/bin/flannel,"1.24.11, 1.25.5",false,not_affected,vulnerable_code_not_present
12031204
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61730,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61730,opt/cni/bin/flannel,"1.24.12, 1.25.6",false,not_affected,vulnerable_code_not_present
1205+
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2026-25679,MEDIUM,https://avd.aquasec.com/nvd/cve-2026-25679,opt/cni/bin/flannel,"1.25.8, 1.26.1",false,not_affected,vulnerable_code_not_present
1206+
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2026-27142,MEDIUM,https://avd.aquasec.com/nvd/cve-2026-27142,opt/cni/bin/flannel,"1.25.8, 1.26.1",false,not_affected,vulnerable_code_not_present
12041207
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-68121,HIGH,https://avd.aquasec.com/nvd/cve-2025-68121,opt/cni/bin/host-device,"1.24.13, 1.25.7, 1.26.0-rc.3",false,affected,severity_changed_due_to_suse_cvss_score
12051208
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-61729,HIGH,https://avd.aquasec.com/nvd/cve-2025-61729,opt/cni/bin/host-device,"1.24.11, 1.25.5",false,affected,
12061209
rancher/hardened-cni-plugins:v1.8.0-build20250909,harvester/v1.6-head,stdlib,v1.24.7,gobinary,CVE-2025-47912,HIGH,https://avd.aquasec.com/nvd/cve-2025-47912,opt/cni/bin/host-device,"1.24.8, 1.25.2",false,affected,severity_changed_due_to_suse_cvss_score
@@ -2041,6 +2044,7 @@ rancher/harvester-upgrade:v1.6-head,harvester/v1.6-head,stdlib,v1.25.4,gobinary,
20412044
rancher/harvester-upgrade:v1.6-head,harvester/v1.6-head,stdlib,v1.25.4,gobinary,CVE-2025-61729,HIGH,https://avd.aquasec.com/nvd/cve-2025-61729,usr/bin/yq,"1.24.11, 1.25.5",false,not_affected,vulnerable_code_not_in_execute_path
20422045
rancher/harvester-upgrade:v1.6-head,harvester/v1.6-head,stdlib,v1.25.4,gobinary,CVE-2025-61727,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61727,usr/bin/yq,"1.24.11, 1.25.5",false,not_affected,vulnerable_code_not_in_execute_path
20432046
rancher/harvester-upgrade:v1.6-head,harvester/v1.6-head,stdlib,v1.25.4,gobinary,CVE-2025-61730,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61730,usr/bin/yq,"1.24.12, 1.25.6",false,not_affected,vulnerable_code_not_in_execute_path
2047+
rancher/harvester-upgrade:v1.6-head,harvester/v1.6-head,stdlib,v1.25.4,gobinary,CVE-2026-27142,MEDIUM,https://avd.aquasec.com/nvd/cve-2026-27142,usr/bin/yq,"1.25.8, 1.26.1",false,not_affected,vulnerable_code_not_present
20442048
rancher/harvester-upgrade:v1.6-head,harvester/v1.6-head,github.com/containerd/containerd,v1.7.12,gobinary,CVE-2024-25621,HIGH,https://avd.aquasec.com/nvd/cve-2024-25621,usr/local/bin/elemental,1.7.29,false,affected,
20452049
rancher/harvester-upgrade:v1.6-head,harvester/v1.6-head,github.com/docker/docker,v23.0.8+incompatible,gobinary,CVE-2024-41110,CRITICAL,https://avd.aquasec.com/nvd/cve-2024-41110,usr/local/bin/elemental,"23.0.15, 26.1.5, 27.1.1, 25.0.6",false,affected,
20462050
rancher/harvester-upgrade:v1.6-head,harvester/v1.6-head,github.com/go-git/go-git/v5,v5.11.0,gobinary,CVE-2025-21613,HIGH,https://avd.aquasec.com/nvd/cve-2025-21613,usr/local/bin/elemental,5.13.0,false,affected,severity_changed_due_to_suse_cvss_score

0 commit comments

Comments
 (0)