diff --git a/charts/core/k8s-gateway/security.md b/charts/core/k8s-gateway/security.md
index 4b795971f15..4af908e2da4 100644
--- a/charts/core/k8s-gateway/security.md
+++ b/charts/core/k8s-gateway/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:15:36.224Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:15:36.224Z [34mINFO[0m Detected config files: 1
#### k8s-gateway/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:15:41.635Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:15:41.635Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:15:41.643Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:15:41.635Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:15:41.635Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:15:41.643Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,13 @@
**Container: tccr.io/truecharts/k8s_gateway:v0.1.8@sha256:c71ea11938d6c93b0af6f25230810ec13c7d28b29dfb8512adc6d1def7f200b6**
-2021-12-04T19:15:44.065Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:15:44.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:15:44.065Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:15:44.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### coredns
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| go.etcd.io/etcd | CVE-2020-15106 | MEDIUM | v0.5.0-alpha.5.0.20200306183522-221f0cc107cb | v0.5.0-alpha.5.0.20200423152442-f4b650b51dc4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15106
https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/
|
-
diff --git a/charts/core/prometheus/security.md b/charts/core/prometheus/security.md
index 91bf26a6ae3..e3cdb1e3729 100644
--- a/charts/core/prometheus/security.md
+++ b/charts/core/prometheus/security.md
@@ -4,114 +4,114 @@
##### Scan Results
-2021-12-04T19:15:54.454Z [34mINFO[0m Detected config files: 15
+2021-12-04T19:15:54.454Z [34mINFO[0m Detected config files: 15
#### prometheus/charts/kube-state-metrics/templates/deployment.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -126,14 +126,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:16:01.381Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:16:01.381Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:16:01.387Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:01.381Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:16:01.381Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:16:01.387Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -161,15 +161,15 @@
**Container: tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:4b88f439ad22896e917ab39fb1ea7f0ec115e902e026c0ac27a8bc5a507e0493**
-2021-12-04T19:16:13.111Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:13.111Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:13.144Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:16:13.144Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:13.111Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:13.111Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:13.144Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:16:13.144Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:4b88f439ad22896e917ab39fb1ea7f0ec115e902e026c0ac27a8bc5a507e0493 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -318,29 +318,29 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/prometheus/prometheus | CVE-2019-3826 | MEDIUM | v1.8.2-0.20211005150130-f29caccc4255 | v2.7.1 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:0327
https://advisory.checkmarx.net/advisory/CX-2019-4297
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3826
https://github.com/prometheus/prometheus/commit/62e591f9
https://github.com/prometheus/prometheus/pull/5163
https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3Ccommits.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: bitnami/kube-state-metrics:2.2.4-debian-10-r0**
-2021-12-04T19:16:18.293Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:18.293Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:18.331Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:16:18.331Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:18.293Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:18.293Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:18.331Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:16:18.331Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### bitnami/kube-state-metrics:2.2.4-debian-10-r0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -489,23 +489,23 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: bitnami/node-exporter:1.3.0-debian-10-r0**
-2021-12-04T19:16:20.765Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:20.765Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:20.792Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:16:20.792Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:20.765Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:20.765Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:20.792Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:16:20.792Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### bitnami/node-exporter:1.3.0-debian-10-r0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -654,9 +654,6 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/core/traefik/security.md b/charts/core/traefik/security.md
index 4871a5fc1b7..c06fb4f3930 100644
--- a/charts/core/traefik/security.md
+++ b/charts/core/traefik/security.md
@@ -4,32 +4,32 @@
##### Scan Results
-2021-12-04T19:15:33.717Z [34mINFO[0m Need to update the built-in policies
-2021-12-04T19:15:33.717Z [34mINFO[0m Downloading the built-in policies...
-2021-12-04T19:15:35.556Z [34mINFO[0m Detected config files: 3
+2021-12-04T19:15:33.717Z [34mINFO[0m Need to update the built-in policies
+2021-12-04T19:15:33.717Z [34mINFO[0m Downloading the built-in policies...
+2021-12-04T19:15:35.556Z [34mINFO[0m Detected config files: 3
#### traefik/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -42,16 +42,16 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:15:36.314Z [34mINFO[0m Need to update DB
-2021-12-04T19:15:36.314Z [34mINFO[0m Downloading DB...
-2021-12-04T19:15:40.413Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:15:40.413Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:15:40.422Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:15:36.314Z [34mINFO[0m Need to update DB
+2021-12-04T19:15:36.314Z [34mINFO[0m Downloading DB...
+2021-12-04T19:15:40.413Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:15:40.413Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:15:40.422Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -79,22 +79,22 @@
**Container: tccr.io/truecharts/traefik:v2.5.4@sha256:e01f2de2f69fcf1a9ac2d8978455ce9731222c7fb78e3885e3f610eaeba6feee**
-2021-12-04T19:15:59.477Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:15:59.477Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:15:59.477Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:15:59.477Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:15:59.477Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:15:59.477Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:15:59.477Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:15:59.477Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/traefik:v2.5.4@sha256:e01f2de2f69fcf1a9ac2d8978455ce9731222c7fb78e3885e3f610eaeba6feee (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/containerd/containerd | CVE-2021-41103 | HIGH | v1.3.2 | v1.4.11, v1.5.7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103
https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8
https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41103
https://ubuntu.com/security/notices/USN-5100-1
https://www.debian.org/security/2021/dsa-5002
|
@@ -102,4 +102,3 @@
| github.com/containerd/containerd | CVE-2021-21334 | MEDIUM | v1.3.2 | v1.3.10, v1.4.4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21334
https://github.com/containerd/containerd/commit/05f951a3781f4f2c1911b05e61c160e9c30eaa8e
https://github.com/containerd/containerd/releases/tag/v1.3.10
https://github.com/containerd/containerd/releases/tag/v1.4.4
https://github.com/containerd/containerd/security/advisories/GHSA-6g2q-w5j3-fwh4
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUE2Z2ZUWBHRU36ZGBD2YSJCYB6ELPXE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIBPKSX5IOWPM3ZPFB3JVLXWDHSZTTWT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VTXHA5JOWQRCCUZH7ZQBEYN6KZKJEYSD/
https://nvd.nist.gov/vuln/detail/CVE-2021-21334
https://security.gentoo.org/glsa/202105-33
https://ubuntu.com/security/notices/USN-4881-1
|
| github.com/containerd/containerd | CVE-2021-32760 | MEDIUM | v1.3.2 | v1.4.8, v1.5.4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32760
https://github.com/containerd/containerd/releases/tag/v1.4.8
https://github.com/containerd/containerd/releases/tag/v1.5.4
https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w
https://linux.oracle.com/cve/CVE-2021-32760.html
https://linux.oracle.com/errata/ELSA-2021-9373.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3/
https://nvd.nist.gov/vuln/detail/CVE-2021-32760
https://ubuntu.com/security/notices/USN-5012-1
|
| github.com/docker/cli | CVE-2021-41092 | HIGH | v0.0.0-20200221155518-740919cc7fc0 | v20.10.9 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41092
https://github.com/docker/cli/commit/893e52cf4ba4b048d72e99748e0f86b2767c6c6b
https://github.com/docker/cli/security/advisories/GHSA-99pg-grm5-qq3v
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41092
https://ubuntu.com/security/notices/USN-5134-1
|
-
diff --git a/charts/incubator/anonaddy/security.md b/charts/incubator/anonaddy/security.md
index f9c0e918e2c..d3bc0cd17de 100644
--- a/charts/incubator/anonaddy/security.md
+++ b/charts/incubator/anonaddy/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:15:41.056Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:15:41.056Z [34mINFO[0m Detected config files: 2
#### anonaddy/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:15:42.300Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:15:42.300Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:15:42.308Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:15:42.300Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:15:42.300Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:15:42.308Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,17 +70,17 @@
**Container: tccr.io/truecharts/anonaddy:v0.8.7@sha256:ec36fa40052eed3629b2346fee28cee0c3c7f00903903f846bfc5261802197d6**
-2021-12-04T19:15:52.686Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:15:52.686Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:15:52.708Z [34mINFO[0m Number of language-specific files: 3
-2021-12-04T19:15:52.708Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:15:52.709Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:15:52.720Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:15:52.686Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:15:52.686Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:15:52.708Z [34mINFO[0m Number of language-specific files: 3
+2021-12-04T19:15:52.708Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:15:52.709Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:15:52.720Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/anonaddy:v0.8.7@sha256:ec36fa40052eed3629b2346fee28cee0c3c7f00903903f846bfc5261802197d6 (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -141,21 +141,21 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| doctrine/dbal | CVE-2021-43608 | CRITICAL | 3.1.3 | 3.0.99, 3.1.4 | Click to expand!
https://github.com/advisories/GHSA-r7cj-8hjg-x622
https://github.com/doctrine/dbal/security/advisories/GHSA-r7cj-8hjg-x622
|
@@ -163,14 +163,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:16:00.072Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:16:00.072Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:16:00.078Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:00.072Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:16:00.072Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:16:00.078Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -198,15 +198,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:16:09.836Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:09.837Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:09.852Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:16:09.852Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:09.836Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:09.837Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:09.852Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:16:09.852Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -355,16 +355,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/incubator/blog/security.md b/charts/incubator/blog/security.md
index 81c3dfd97cf..a14dfa6f1b9 100644
--- a/charts/incubator/blog/security.md
+++ b/charts/incubator/blog/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:16:28.296Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:16:28.296Z [34mINFO[0m Detected config files: 2
#### blog/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:16:29.195Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:16:29.195Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:16:29.203Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:29.195Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:16:29.195Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:16:29.203Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:16:36.250Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:36.253Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:36.324Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:16:36.324Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:16:36.324Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:16:36.250Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:36.253Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:36.324Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:16:36.324Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:36.324Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,29 +275,29 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/blog:latest@sha256:22871bf5fcf28e31ca4389e7fff6c44978f4eed9c106fba6e862fe165e649cb0**
-2021-12-04T19:16:49.078Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:49.078Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:49.239Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:49.078Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:49.078Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:49.239Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/blog:latest@sha256:22871bf5fcf28e31ca4389e7fff6c44978f4eed9c106fba6e862fe165e649cb0 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2001-1534 | LOW | 2.4.51-1~deb11u1 | | Click to expand!
http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html
http://www.iss.net/security_center/static/7494.php
http://www.securityfocus.com/bid/3521
|
@@ -647,14 +647,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:16:50.219Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:16:50.219Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:16:50.228Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:50.219Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:16:50.219Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:16:50.228Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -682,16 +682,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:16:51.035Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:51.035Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:51.096Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:16:51.098Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:16:51.098Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:16:51.035Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:51.035Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:51.096Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:16:51.098Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:51.098Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -886,16 +886,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/incubator/bookstack/security.md b/charts/incubator/bookstack/security.md
index 649be5fb551..0c7b6a59287 100644
--- a/charts/incubator/bookstack/security.md
+++ b/charts/incubator/bookstack/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:16:54.657Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:16:54.657Z [34mINFO[0m Detected config files: 2
#### bookstack/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:16:56.078Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:16:56.078Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:16:56.092Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:56.078Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:16:56.078Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:16:56.092Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,27 +70,27 @@
**Container: tccr.io/truecharts/bookstack:v21.11.20211118@sha256:f56ca2e8e3a74e5753700e5835c017264a1ca9b1a9a6740d25a50a003815149e**
-2021-12-04T19:17:09.970Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:17:09.971Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:17:09.970Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:17:09.971Z [34mINFO[0m Detecting composer vulnerabilities...
#### var/www-tmp/html/composer.lock
-
+
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| symfony/http-kernel | CVE-2021-41267 | MEDIUM | v5.3.10 | 5.3.0, 5.3.12 | Click to expand!
https://github.com/advisories/GHSA-q3j3-w37x-hq2q
https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487
https://github.com/symfony/symfony/pull/44243
https://github.com/symfony/symfony/releases/tag/v5.3.12
https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q
https://nvd.nist.gov/vuln/detail/CVE-2021-41267
https://symfony.com/cve-2021-41267
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:10.757Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:10.757Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:10.770Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:10.757Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:10.757Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:10.770Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -118,15 +118,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:17:11.844Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:17:11.845Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:17:11.871Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:17:11.871Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:17:11.844Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:17:11.845Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:17:11.871Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:17:11.871Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,16 +275,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/incubator/clarkson/security.md b/charts/incubator/clarkson/security.md
index 685cac4f3ca..b87127ed22b 100644
--- a/charts/incubator/clarkson/security.md
+++ b/charts/incubator/clarkson/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:17:12.879Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:17:12.879Z [34mINFO[0m Detected config files: 2
#### clarkson/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:13.756Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:13.756Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:13.764Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:13.756Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:13.756Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:13.764Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,25 +70,25 @@
**Container: tccr.io/truecharts/clarkson:v1.1.2@sha256:e54364ee0c78fbfec7e8e220ff1cf7cb49086b3b76c0577e36d6d894b7f20c0d**
-2021-12-04T19:17:25.068Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:17:25.068Z [34mINFO[0m Detecting node-pkg vulnerabilities...
-2021-12-04T19:17:25.069Z [34mINFO[0m Detecting jar vulnerabilities...
-2021-12-04T19:17:25.070Z [33mWARN[0m maven constraint error ([10.5-alpha0,10.5.3.0_1]): failed to new comparer: 2 errors occurred:
- * improper constraint: [10.5-alpha0,10.5.3.0_1]
- * improper requirements: []
+2021-12-04T19:17:25.068Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:17:25.068Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:17:25.069Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:17:25.070Z [33mWARN[0m maven constraint error ([10.5-alpha0,10.5.3.0_1]): failed to new comparer: 2 errors occurred:
+ * improper constraint: [10.5-alpha0,10.5.3.0_1]
+ * improper requirements: []
#### Java
-
+
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| org.apache.derby:derby | CVE-2018-1313 | MEDIUM | 10.12.1.1 | 10.14.2.0 | Click to expand!
http://www.securityfocus.com/bid/104140
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/r437d94437e6aef31af689b1e7025d024d676fd1ea9901d74e3e9ae48@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r6755f48d4f5e44e39bba7dbf8d746678239d7f1f2cc108125519ce53@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/re29ab90978e6c997377fb975f674f7514f6beb642bbf79deb45477e5@%3Cdev.hive.apache.org%3E
https://markmail.org/message/akkappppxcdqrgxk
https://nvd.nist.gov/vuln/detail/CVE-2018-1313
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| express-jwt | CVE-2020-15084 | CRITICAL | 5.3.3 | 6.0.0 | Click to expand!
https://github.com/advisories/GHSA-6g6m-m6h5-w9gf
https://github.com/auth0/express-jwt/commit/7ecab5f8f0cab5297c2b863596566eb0c019cdef
https://github.com/auth0/express-jwt/security/advisories/GHSA-6g6m-m6h5-w9gf
https://nvd.nist.gov/vuln/detail/CVE-2020-15084
|
@@ -96,14 +96,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:26.089Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:26.089Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:26.095Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:26.089Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:26.089Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:26.095Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -131,15 +131,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:17:27.031Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:17:27.031Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:17:27.065Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:17:27.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:17:27.031Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:17:27.031Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:17:27.065Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:17:27.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -288,16 +288,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/incubator/friendica/security.md b/charts/incubator/friendica/security.md
index e4f19aae12c..3a647a57ff1 100644
--- a/charts/incubator/friendica/security.md
+++ b/charts/incubator/friendica/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:17:38.802Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:17:38.802Z [34mINFO[0m Detected config files: 2
#### friendica/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:39.584Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:39.584Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:39.591Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:39.584Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:39.584Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:39.591Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,17 +70,17 @@
**Container: tccr.io/truecharts/friendica:v2021.09@sha256:593f97fbe798f2b73e5129717dd178318b2448942de540e49ba9649bac1ef4c3**
-2021-12-04T19:17:55.180Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:17:55.180Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:17:55.302Z [34mINFO[0m Number of language-specific files: 8
-2021-12-04T19:17:55.302Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:17:55.302Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:17:55.303Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:17:55.180Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:17:55.180Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:17:55.302Z [34mINFO[0m Number of language-specific files: 8
+2021-12-04T19:17:55.302Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:17:55.302Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:17:55.303Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/friendica:v2021.09@sha256:593f97fbe798f2b73e5129717dd178318b2448942de540e49ba9649bac1ef4c3 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2021-33193 | HIGH | 2.4.38-3+deb10u6 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193
https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch
https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70@%3Ccvs.httpd.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/
https://portswigger.net/research/http2
https://security.netapp.com/advisory/ntap-20210917-0004/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ
https://ubuntu.com/security/notices/USN-5090-1
https://www.tenable.com/security/tns-2021-17
|
@@ -933,7 +933,7 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| dompurify | GHSA-mjjq-c88q-qhr6 | CRITICAL | 1.0.11 | 2.0.7 | Click to expand!
https://github.com/advisories/GHSA-mjjq-c88q-qhr6
https://github.com/cure53/DOMPurify/releases/tag/2.0.7
https://www.npmjs.com/advisories/1223
|
@@ -947,63 +947,63 @@
| jquery | CVE-2020-11023 | MEDIUM | 2.2.4 | 3.5.0 | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
https://github.com/advisories/GHSA-jpcq-cgw6-v4j6
https://github.com/jquery/jquery/releases/tag/3.5.0
https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440
https://jquery.com/upgrade-guide/3.5/
https://linux.oracle.com/cve/CVE-2020-11023.html
https://linux.oracle.com/errata/ELSA-2021-9552.html
https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E
https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E
https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E
https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/
https://nvd.nist.gov/vuln/detail/CVE-2020-11023
https://security.gentoo.org/glsa/202007-03
https://security.netapp.com/advisory/ntap-20200511-0006/
https://www.debian.org/security/2020/dsa-4693
https://www.drupal.org/sa-core-2020-002
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-02
https://www.tenable.com/security/tns-2021-10
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| phpseclib/phpseclib | CVE-2021-30130 | HIGH | 2.0.4 | 2.0.31, 3.0.7 | Click to expand!
https://github.com/advisories/GHSA-vf4w-fg7r-5v94
https://github.com/phpseclib/phpseclib/pull/1635
https://github.com/phpseclib/phpseclib/releases/tag/2.0.31
https://github.com/phpseclib/phpseclib/releases/tag/3.0.7
https://nvd.nist.gov/vuln/detail/CVE-2021-30130
|
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:57.345Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:57.345Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:57.364Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:57.345Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:57.345Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:57.364Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1031,15 +1031,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:17:58.841Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:17:58.841Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:17:58.872Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:17:58.872Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:17:58.841Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:17:58.841Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:17:58.872Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:17:58.872Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1188,16 +1188,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/incubator/icinga2/security.md b/charts/incubator/icinga2/security.md
index 10d19a70c41..47711f05d5b 100644
--- a/charts/incubator/icinga2/security.md
+++ b/charts/incubator/icinga2/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:17:56.736Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:17:56.736Z [34mINFO[0m Detected config files: 2
#### icinga2/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:57.980Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:57.980Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:57.984Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:57.980Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:57.980Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:57.984Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,15 +70,15 @@
**Container: tccr.io/truecharts/icinga2:v2.13.1@sha256:64116a1e267397888bcd6dd62b428322c81bf925f955867ada5207657a9d79db**
-2021-12-04T19:18:19.214Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:18:19.214Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:18:19.392Z [34mINFO[0m Number of language-specific files: 4
-2021-12-04T19:18:19.392Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:18:19.214Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:18:19.214Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:18:19.392Z [34mINFO[0m Number of language-specific files: 4
+2021-12-04T19:18:19.392Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/icinga2:v2.13.1@sha256:64116a1e267397888bcd6dd62b428322c81bf925f955867ada5207657a9d79db (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2021-33193 | HIGH | 2.4.38-3+deb10u6 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193
https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch
https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70@%3Ccvs.httpd.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/
https://portswigger.net/research/http2
https://security.netapp.com/advisory/ntap-20210917-0004/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ
https://ubuntu.com/security/notices/USN-5090-1
https://www.tenable.com/security/tns-2021-17
|
@@ -1292,43 +1292,43 @@
| zip | CVE-2018-13410 | LOW | 3.0-11 | | Click to expand!
http://seclists.org/fulldisclosure/2018/Jul/24
|
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:21.541Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:21.541Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:21.549Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:21.541Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:21.541Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:21.549Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1356,15 +1356,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:18:23.159Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:18:23.159Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:18:23.189Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:18:23.189Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:18:23.159Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:18:23.159Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:18:23.189Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:18:23.189Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1513,16 +1513,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/incubator/leantime/security.md b/charts/incubator/leantime/security.md
index 39de497bdc7..f677d57a085 100644
--- a/charts/incubator/leantime/security.md
+++ b/charts/incubator/leantime/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:18:20.929Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:18:20.929Z [34mINFO[0m Detected config files: 2
#### leantime/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:22.159Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:22.159Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:22.166Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:22.159Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:22.159Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:22.166Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,14 +70,14 @@
**Container: tccr.io/truecharts/leantime:v2.1.7-ls6@sha256:09f51955b47e8bf7cf8c95b7fa4e023ce2fae4aa15ef42db1568b4c23830b5a6**
-2021-12-04T19:18:32.296Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:32.296Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:32.310Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:32.296Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:32.296Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:32.310Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/leantime:v2.1.7-ls6@sha256:09f51955b47e8bf7cf8c95b7fa4e023ce2fae4aa15ef42db1568b4c23830b5a6 (alpine 3.12.3)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2021-26691 | CRITICAL | 2.4.46-r1 | 2.4.48-r0 | Click to expand!
http://httpd.apache.org/security/vulnerabilities_24.html
http://www.openwall.com/lists/oss-security/2021/06/10/7
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-26691
https://linux.oracle.com/cve/CVE-2021-26691.html
https://linux.oracle.com/errata/ELSA-2021-3816.html
https://lists.apache.org/thread.html/r50cae1b71f1e7421069036b213c26da7d8f47dd59874e3bd956959fe@%3Cannounce.httpd.apache.org%3E
https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
https://security.gentoo.org/glsa/202107-38
https://security.netapp.com/advisory/ntap-20210702-0001/
https://ubuntu.com/security/notices/USN-4994-1
https://ubuntu.com/security/notices/USN-4994-2
https://www.debian.org/security/2021/dsa-4937
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -222,14 +222,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:36.295Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:36.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:36.299Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:36.295Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:36.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:36.299Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -257,15 +257,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:18:37.613Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:18:37.613Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:18:37.665Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:18:37.665Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:18:37.613Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:18:37.613Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:18:37.665Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:18:37.665Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -414,16 +414,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/incubator/monica/security.md b/charts/incubator/monica/security.md
index 81e34444191..2538687b11b 100644
--- a/charts/incubator/monica/security.md
+++ b/charts/incubator/monica/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:18:33.269Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:18:33.269Z [34mINFO[0m Detected config files: 2
#### monica/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:36.976Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:36.976Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:36.981Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:36.976Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:36.976Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:36.981Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,15 +70,15 @@
**Container: tccr.io/truecharts/monica:v3.5.0@sha256:5f4af565ef3b381c31abc8415d701b7b0019e9986b026cc2dfb263130f5e4214**
-2021-12-04T19:18:44.138Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:18:44.138Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:18:44.235Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:18:44.235Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:18:44.138Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:18:44.138Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:18:44.235Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:18:44.235Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/monica:v3.5.0@sha256:5f4af565ef3b381c31abc8415d701b7b0019e9986b026cc2dfb263130f5e4214 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2001-1534 | LOW | 2.4.51-1~deb11u1 | | Click to expand!
http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html
http://www.iss.net/security_center/static/7494.php
http://www.securityfocus.com/bid/3521
|
@@ -432,7 +432,7 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| doctrine/dbal | CVE-2021-43608 | CRITICAL | 3.1.3 | 3.0.99, 3.1.4 | Click to expand!
https://github.com/advisories/GHSA-r7cj-8hjg-x622
https://github.com/doctrine/dbal/security/advisories/GHSA-r7cj-8hjg-x622
|
@@ -440,14 +440,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:50.823Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:50.823Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:50.832Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:50.823Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:50.823Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:50.832Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -475,15 +475,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:18:52.889Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:18:52.889Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:18:52.938Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:18:52.938Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:18:52.889Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:18:52.889Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:18:52.938Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:18:52.938Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -632,16 +632,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/incubator/omada-controller/security.md b/charts/incubator/omada-controller/security.md
index 9216b5b4038..1c049ab00b5 100644
--- a/charts/incubator/omada-controller/security.md
+++ b/charts/incubator/omada-controller/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:18:45.293Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:18:45.293Z [34mINFO[0m Detected config files: 1
#### omada-controller/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:51.444Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:51.444Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:51.452Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:51.444Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:51.444Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:51.452Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/omada-controller:v4.4@sha256:7c06f9deb40f1fea1968eedf6da8b49192b89d0c4bcaa11f040d95c127141fb3**
-2021-12-04T19:19:08.047Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:19:08.047Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:19:08.054Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:19:08.054Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:19:08.047Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:19:08.047Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:19:08.054Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:19:08.054Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/omada-controller:v4.4@sha256:7c06f9deb40f1fea1968eedf6da8b49192b89d0c4bcaa11f040d95c127141fb3 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -177,7 +177,7 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14379 | CRITICAL | 2.9.8 | 2.7.9.6, 2.8.11.4, 2.9.9.2 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:2824
https://access.redhat.com/errata/RHSA-2019:2743
https://access.redhat.com/errata/RHSA-2019:2858
https://access.redhat.com/errata/RHSA-2019:2935
https://access.redhat.com/errata/RHSA-2019:2936
https://access.redhat.com/errata/RHSA-2019:2937
https://access.redhat.com/errata/RHSA-2019:2938
https://access.redhat.com/errata/RHSA-2019:2998
https://access.redhat.com/errata/RHSA-2019:3044
https://access.redhat.com/errata/RHSA-2019:3045
https://access.redhat.com/errata/RHSA-2019:3046
https://access.redhat.com/errata/RHSA-2019:3050
https://access.redhat.com/errata/RHSA-2019:3149
https://access.redhat.com/errata/RHSA-2019:3200
https://access.redhat.com/errata/RHSA-2019:3292
https://access.redhat.com/errata/RHSA-2019:3297
https://access.redhat.com/errata/RHSA-2019:3901
https://access.redhat.com/errata/RHSA-2020:0727
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379
https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b
https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2
https://github.com/FasterXML/jackson-databind/issues/2387
https://github.com/advisories/GHSA-6fpp-rgj9-8rwc
https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E
https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/525bcf949a4b0da87a375cbad2680b8beccde749522f24c49befe7fb@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/689c6bcc6c7612eee71e453a115a4c8581e7b718537025d4b265783d@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/75f482fdc84abe6d0c8f438a76437c335a7bbeb5cddd4d70b4bc0cbf@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/859815b2e9f1575acbb2b260b73861c16ca49bca627fa0c46419051f@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/8723b52c2544e6cb804bc8a36622c584acd1bd6c53f2b6034c9fea54@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E
https://lists.apache.org/thread.html/99944f86abefde389da9b4040ea2327c6aa0b53a2ff9352bd4cfec17@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/d161ff3d59c5a8213400dd6afb1cce1fac4f687c32d1e0c0bfbfaa2d@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/e25e734c315f70d8876a846926cfe3bfa1a4888044f146e844caf72f@%3Ccommits.ambari.apache.org%3E
https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/f17f63b0f8a57e4a5759e01d25cffc0548f0b61ff5c6bfd704ad2f2a@%3Ccommits.ambari.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/08/msg00011.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/
https://nvd.nist.gov/vuln/detail/CVE-2019-14379
https://security.netapp.com/advisory/ntap-20190814-0001/
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
|
@@ -271,4 +271,3 @@
| org.eclipse.jetty:jetty-webapp | CVE-2020-27218 | MEDIUM | 9.4.15.v20190215 | 9.4.35.v20201120, 11.0.1 | Click to expand!
https://bugs.eclipse.org/bugs/show_bug.cgi?id=568892
https://github.com/advisories/GHSA-86wm-rrjm-8wh8
https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8
https://lists.apache.org/thread.html/r00858fe27ee35ac8fa0e1549d67e0efb789d63b791b5300390bd8480@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r01806ad8c9cb0590584baf5b1a60237ad92e4ad5bba082ca04d98179@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r05b7ffde2b8c180709e14bc9ca036407bea3ed9f09b32c4705d23a4a@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r078c1203e48089b2c934b9f86b61bebe8c049e0ea6273b124f349988@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r0d2de2ab5558da68b504bd30db74da1d97dc152a857f5b7e462288ab@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r153fbefc27a1b2033692f32ef728ca909a7c7bcc1d21b6c35b38bdd5@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r15500b77c52390e2ec048cea4a6b45edf907ea61cd13259193ff8601@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r186748e676e5aeb4eb603361e6367555ae4daecbde55cfd69fa68ec6@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r1dd302323c6fe1a542d0371de66a484918fa6c2831ae70d924974bea@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r22776d06582985cca5bd2a92519a2b13b4cae2d8e087318da03c036d@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r23ce6b8965e30808daa77a80fcd69833b1fc632d80465d0419eff619@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r25a47cd06750ebb4b0f23a9b7a57c209702c8566a4c970a41ac088df@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r2a541f08bf5f847394297c13a5305c2f76c11e46504ce2a49653890a@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r2a57c7bbf36afc87f8ad9e1dd2f53a08e85a1b531283fc2efce4fe17@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2f168fd22c071bdd95ec696e45d2a01e928b9fcadbe94fbabeb1549d@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r2fda4dab73097051977f2ab818f75e04fbcb15bb1003c8530eac1059@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2ffe719224cbe5897f2d06dd22fc77fa12377c39efe9de0c3bf3f837@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r306c8e5aad1b9afc0c9278430fb571950fbb3ab7dd5d369eb618ffa4@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r32a25679d97bf5969d130f8e9b3a3fc54110095397d89952e93dbeb0@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E
https://lists.apache.org/thread.html/r3554a4f192db6008c03f2c6c3e0f1691a9b0d615ce955ef67a876ff7@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r3807b1c54066797c4870e03bd2376bdcce9c7c4e6143499f53cd9ca2@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r380e9257bacb8551ee6fcf2c59890ae9477b2c78e553fa9ea08e9d9a@%3Ccommits.nifi.apache.org%3E
https://lists.apache.org/thread.html/r391d20ab6ec03d6becc7a9f0c5e0f45a7ad8af6b996ae0a49839f6bd@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r39f1b1be8e5c0935f7c515eedf907909474bad15185125daacb36d50@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r3b7c8bc7a1cb8acdcf7753f436564d289d22f2906e934d1b11de3a40@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r3d43529452c5a16338e8267eb911e8aedc64c3241624302e673961c1@%3Cdev.hbase.apache.org%3E
https://lists.apache.org/thread.html/r46589f4228aabd5fb16135ff5bef0f77f06cdef64f9785ac3349fa02@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r489dfc3e259ad3837141985dd9291b93e6b40496cdf58808915d67e9@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r4981622ba15e8be1657d30b7c85044c7aabe89751fa7324f8604b834@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4aff5ca6bc94a6f13ff77914fd960185ab70cd6cebe96fffd74543ac@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r4b2e7417a76e3dd4dc9855c6c138c49484080754a09927454f6d89f0@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r500e22d0aedba1866d0b5e76429b76652a473a0209fa8bf66c9f7aab@%3Ccommits.spark.apache.org%3E
https://lists.apache.org/thread.html/r51ec0120b6c849d12fb7fef34db87ef0bf79fcfcd3d703a9800afbba@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r543ea0a861a78d84c22656fb76880d7ab327048cf7ee3ccc7281375d@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r5464405909eb0e1059d5dd57d10c435b9f19325fdebbadb4f1126997@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r5c64173663c71f222ea40617ab362d7a590935fb75c18817fdec377e@%3Ccommits.spark.apache.org%3E
https://lists.apache.org/thread.html/r5e5cb33b545548ec4684d33bd88b05a0ae89c4d7cac93eb63255f58f@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r602683484f607cd1b9598caf3e549fbb01c43fd46a582a32cc3bb545@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r6493e43007f41e34cdbbb66622307fa235374dd2ec5bf52c61075a68@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r66456df852de06a0eed2c0a50252a2c8d360b8a5c005f63c0b1e3d25@%3Ccommits.kafka.apache.org%3E
https://lists.apache.org/thread.html/r6d5bb60a13e8b539600f86cb72097967b951de5c7ef1e4005cda74a7@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r706562cbbdda569cc556d8a7983d1f9229606e7b51337b820785af26@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r70940cb30356642f0c49af49259680d6bd866f51c4e8de0f8a498fb0@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r74ab0f5a5f16ca01eb145403ab753df5b348b8c1656d7c8501d0bfc6@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r7669dab41f2b34d56bb67700d869dc9c025ff72e9468204799f5ac29@%3Ccommits.spark.apache.org%3E
https://lists.apache.org/thread.html/r769e1ba36c607772f7403e7ef2a8ae14d9ddcab4a844f9b28bcf7959@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r7d37d33f2d68912985daf40203182e3d86f3e81266b7a7f350689eeb@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r81f82ab8ecb83568bafbecf9ce0e73be73980ac1e2af6baf0f344a59@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r821bbffb64da0f062b4e72d1aa600b91e26bc82a28298ab159121215@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r850d1d0413716e8ba6d910cae7b01a0e560636e17d664769b5080ca5@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r870bc5e6e354c3e28ea029cb5726c9e8dd2b88cb0f5f7de1d4e3133d@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r8b2271909dabb45f0f1482ef35ffe106ae4b0cf8e877eb514e9cd421@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r8be8c6f0e404a3179d988eb8afed03ede5f2d5ce986d3f709fb82610@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8c22aad0711321537183ccddcade7274ebf9dcbdcdacc6c4f90f43de@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r8c839a0d88cd6504abbe72c260371094f47014b2ba08d8d2c0232e3c@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8ed14a84656fa0bb8df3bf9373c5be80f47ceac1e2ff068ee734fdb3@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r8eea4c7797e701f6494c72942dd89f471cda4c2c6e9abbaf05d113d8@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r8f5b144e7a7c2b338f01139d891abbaba12a8173ee01110d21bd0b4d@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8fee46fd9f1254150cc55eecf1ea6a448fca1f7cf1d1e7f9c4803fdb@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r94230f46b91c364d39922a8ba0cfe12b8dba1556b14792719a7d921f@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r942e21ee90e2617a00a08b17b0ac2db961959bec969b91df61584d38@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r964d226dd08527fddd7a44410c50daa9d34d398e5c4793f1d7e19da8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r96ef6d20c5bd3d42dab500bac56a427e1dce00cf85b083987617643d@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r990e0296b188d4530d1053882f687fa4f938f108425db2999a180944@%3Ccommits.kafka.apache.org%3E
https://lists.apache.org/thread.html/r9b46505868794fba04d401956304e63e4d8e39bdc118d30e5e87dcd9@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r9d7a86fb0b45e5b1855d4df83a5820eef813d55eae3edf224f3d5055@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r9f571b086965b35d4e91e47fb67c27b42b62762248b4900ba723599f@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra09a653997cbf10aab8c0deabc0fa49f5a8a8ce4305ce9089b98485f@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/ra1c234f045871827f73e4d68326b067e72d3139e109207345fa57d9e@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/racd55c9b704aa68cfb4436f17739b612b5d4f887155e04ed521a4b67@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/racf9e6ad2482cb9b1e3e1b2c1b443d9d5cf14055fb54dec3d2dcce91@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rb4ca79d1af5237108ce8770b7c46ca78095f62ef21331d9d06142388@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rb6a3866c02ac4446451c7d9dceab2373b6d32fb058f9085c6143de30@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rb8f413dc923070919b09db3ac87d079a2dcc6f0adfbb029e206a7930@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rba4bca48d2cdfa8c08afc368a9cc4572ec85a5915ba29b8a194bf505@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rbbd003149f929b0e2fe58fb315de1658e98377225632e7e4239323fb@%3Ccommits.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbc5a8d7a0a13bc8152d427a7e9097cdeb139c6cfe111b2f00f26d16b@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rbe3f2e0a3c38ed9cbef81507b7cc6e523341865e30dc15c7503adc76@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rbea4d456d88b043be86739ab0200ad06ba5a7921064411c098f79831@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rc0e35f4e8a8a36127e3ae7a67f325a3a6a4dbe05034130fb04b6f3b6@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc1de630c6ed9a958d9f811e816d6d8efb6ca94aed0869bc5cda9d7f8@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc2b603b7fa7f8dbfe0b3b59a6140b4d66868db3bf4b29d69a772d72a@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rc91c405c08b529b7292c75d9bd497849db700a1297fe3432990f6774@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rcbc408088ae99dc3167ea293a562a3a9a7295a20e9a1bfc93e43ae1b@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/rccc7ba8c51d662e13496df20466d27dbab54d7001e9e7b2f31468a9e@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/rce9e232a663d8405c003fe83d5c86c27d1ed65561f3690e824717bc4@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/rcf7b5818f71bb97fd695eb0f54f8f4f69e15cc5f9ec761ea8be0d0d3@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rd20651e102cb6742a9d9322ea7b5fc3ab60a7ffecb50fa9157cbf176@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rd9a960429741406f6557fa344a13d50a0c9976dac2e4c46bb54b32d7@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rdbdbb4e51f8857e082b464cd128decd7263cf0fb8557f12993562c56@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rdde0ad0a03eec962c56b46e70e225918ea2368dcc3fd3488741fad53@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rde11c433675143d8d27551c3d9e821fe1955f1551a518033d3716553@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re014afaa14f4df9d33912ab64dc57249e1c170c7448d7175c6d014ff@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/re03a566114435a8cc8eb72158242b0f560c5eeccbb4ee98d22de8373@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re3918edd403b0d3857a13ef2ccf3d2bc0231f3b8758e2a5777ea1cd3@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/re4ae7ada52c5ecfe805eb86ddc0af399ec8a57bfb0d8c632b8723b88@%3Cdev.hbase.apache.org%3E
https://lists.apache.org/thread.html/re4e67541a0a25a8589e89f52f8cd163c863fe04b59e048f9f1a04958@%3Ccommits.hbase.apache.org%3E
https://lists.apache.org/thread.html/re86a6ba09dc74e709db843e3561ead923c8fd1cba32343656dd8c44b@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re9214a4232b7ae204288c283bcee4e39f07da6cc34798e9217ba4eb6@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/reb75282901d0969ba6582725ce8672070715d0773f6ff54dedd60156@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/ree677ff289ba9a90850f2e3ba7279555df1a170263ba39c5272db236@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf0181750e321518c8afa8001e0529d50a9447714ef4f58d98af57904@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rf273267fa2e49314643af3141cec239f97d41de8a59be4ef7e10c65a@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rf31e24700f725ef81bc5a2e0444a60e1f295ed0a54c0098362a7bdfa@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rfa34d2a3e423421a4a1354cf457edba2ce78cee2d3ebd8aab151a559@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rfa8879a713480b206c152334419499e6af0878c36217abcc9ab4f0d1@%3Cnotifications.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-27218
https://security.netapp.com/advisory/ntap-20201218-0003/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.hibernate:hibernate-validator | CVE-2020-10693 | MEDIUM | 5.4.3.Final | 6.0.20.Final, 6.1.5.Final, 7.0.0.CR1 | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693
https://github.com/advisories/GHSA-rmrm-75hp-phr2
https://nvd.nist.gov/vuln/detail/CVE-2020-10693
https://www.ibm.com/support/pages/node/6348216
|
| org.springframework:spring-webmvc | CVE-2020-5398 | HIGH | 5.1.6.RELEASE | 5.0.16, 5.1.13, 5.2.3 | Click to expand!
https://github.com/advisories/GHSA-8wx2-9q48-vm9r
https://lists.apache.org/thread.html/r028977b9b9d44a89823639aa3296fb0f0cfdd76b4450df89d3c4fbbf@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r0f2d0ae1bad2edb3d4a863d77f3097b5e88cfbdae7b809f4f42d6aad@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r0f3530f7cb510036e497532ffc4e0bd0b882940448cf4e233994b08b@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r1accbd4f31ad2f40e1661d70a4510a584eb3efd1e32e8660ccf46676@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r1bc5d673c01cfbb8e4a91914e9748ead3e5f56b61bca54d314c0419b@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r1c679c43fa4f7846d748a937955c7921436d1b315445978254442163@%3Ccommits.ambari.apache.org%3E
https://lists.apache.org/thread.html/r1eccdbd7986618a7319ee7a533bd9d9bf6e8678e59dd4cca9b5b2d7a@%3Cissues.ambari.apache.org%3E
https://lists.apache.org/thread.html/r27552d2fa10d96f2810c50d16ad1fd1899e37796c81a0c5e7585a02d@%3Cdev.rocketmq.apache.org%3E
https://lists.apache.org/thread.html/r2dfd5b331b46d3f90c4dd63a060e9f04300468293874bd7e41af7163@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r3765353ff434fd00d8fa5a44734b3625a06eeb2a3fb468da7dfae134@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r4639e821ef9ca6ca10887988f410a60261400a7766560e7a97a22efc@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r4b1886e82cc98ef38f582fef7d4ea722e3fcf46637cd4674926ba682@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r5c95eff679dfc642e9e4ab5ac6d202248a59cb1e9457cfbe8b729ac5@%3Cissues.ambari.apache.org%3E
https://lists.apache.org/thread.html/r645408661a8df9158f49e337072df39838fa76da629a7e25a20928a6@%3Cdev.rocketmq.apache.org%3E
https://lists.apache.org/thread.html/r6dac0e365d1b2df9a7ffca12b4195181ec14ff0abdf59e1fdb088ce5@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r712a6fce928e24e7b6ec30994a7e115a70f1f6e4cf2c2fbf0347ce46@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r7361bfe84bde9d233f9800c3a96673e7bd81207549ced0236f07a29d@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r74f81f93a9b69140fe41e236afa7cbe8dfa75692e7ab31a468fddaa0@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r7d5e518088e2e778928b02bcd3be3b948b59acefe2f0ebb57ec2ebb0@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r8736185eb921022225a83e56d7285a217fd83f5524bd64a6ca3bf5cc@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r881fb5a95ab251106fed38f836257276feb026bfe01290e72ff91c2a@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r8b496b1743d128e6861ee0ed3c3c48cc56c505b38f84fa5baf7ae33a@%3Cdev.ambari.apache.org%3E
https://lists.apache.org/thread.html/r8cc37a60a5056351377ee5f1258f2a4fdd39822a257838ba6bcc1e88@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r9f13cccb214495e14648d2c9b8f2c6072fd5219e74502dd35ede81e1@%3Cdev.ambari.apache.org%3E
https://lists.apache.org/thread.html/r9fb1ee08cf337d16c3364feb0f35a072438c1a956afd7b77859aa090@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/ra996b56e1f5ab2fed235a8b91fa0cc3cf34c2e9fee290b7fa4380a0d@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/rab0de39839b4c208dcd73f01e12899dc453361935a816a784548e048@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/rb4d1fc078f086ec2e98b2693e8b358e58a6a4ef903ceed93a1ee2b18@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/rc05acaacad089613e9642f939b3a44f7199b5537493945c3e045287f@%3Cdev.geode.apache.org%3E
https://lists.apache.org/thread.html/rc9c7f96f08c8554225dba9050ea5e64bebc129d0d836303143fe3160@%3Cdev.rocketmq.apache.org%3E
https://lists.apache.org/thread.html/rdcaadaa9a68b31b7d093d76eacfaacf6c7a819f976b595c75ad2d4dc@%3Cdev.geode.apache.org%3E
https://lists.apache.org/thread.html/rded5291e25a4c4085a6d43cf262e479140198bf4eabb84986e0a1ef3@%3Cdev.rocketmq.apache.org%3E
https://lists.apache.org/thread.html/reaa8a6674baf2724b1b88a621b0d72d9f7a6f5577c88759842c16eb6@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/rf8dc72b974ee74f17bce661ea7d124e733a1f4c4f236354ac0cf48e8@%3Ccommits.camel.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-5398
https://pivotal.io/security/cve-2020-5398
https://security.netapp.com/advisory/ntap-20210917-0006/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/charts/incubator/piwigo/security.md b/charts/incubator/piwigo/security.md
index 19eab0c4624..892d20d8471 100644
--- a/charts/incubator/piwigo/security.md
+++ b/charts/incubator/piwigo/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:19:08.996Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:19:08.996Z [34mINFO[0m Detected config files: 1
#### piwigo/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:19:13.749Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:19:13.749Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:19:13.756Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:19:13.749Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:19:13.749Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:19:13.756Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/piwigo:version-11.5.0@sha256:8f8bb5d28b930edfded154d71dd2eab4ffe5631d2e4f21773bf33b220ab76f05**
-2021-12-04T19:19:24.622Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:19:24.622Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/incubator/snipe-it/security.md b/charts/incubator/snipe-it/security.md
index 13cd50b4b3d..ddff880b3b2 100644
--- a/charts/incubator/snipe-it/security.md
+++ b/charts/incubator/snipe-it/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:19:30.498Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:19:30.498Z [34mINFO[0m Detected config files: 2
#### snipe-it/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:19:31.343Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:19:31.343Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:19:31.351Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:19:31.343Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:19:31.343Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:19:31.351Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,27 +70,27 @@
**Container: tccr.io/truecharts/snipe-it:v5.3.3@sha256:e4e26d777996c34fba581dcb26f05843ece36797f032a01df7fed1f1e32898cb**
-2021-12-04T19:19:37.435Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:19:37.435Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:19:37.435Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:19:37.435Z [34mINFO[0m Detecting composer vulnerabilities...
#### var/www/html/composer.lock
-
+
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| lcobucci/jwt | CVE-2021-41106 | LOW | 3.4.5 | 3.4.6, 4.0.4, 4.1.5 | Click to expand!
https://github.com/advisories/GHSA-7322-jrq4-x5hf
https://github.com/lcobucci/jwt/commit/8175de5b841fbe3fd97d2d49b3fc15c4ecb39a73
https://github.com/lcobucci/jwt/commit/c45bb8b961a8e742d8f6b88ef5ff1bd5cca5d01c
https://github.com/lcobucci/jwt/security/advisories/GHSA-7322-jrq4-x5hf
https://nvd.nist.gov/vuln/detail/CVE-2021-41106
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:19:38.343Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:19:38.344Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:19:38.349Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:19:38.343Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:19:38.344Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:19:38.349Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -118,15 +118,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:19:39.171Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:19:39.171Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:19:39.212Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:19:39.212Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:19:39.171Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:19:39.171Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:19:39.212Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:19:39.212Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,16 +275,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/incubator/tdarr-node/security.md b/charts/incubator/tdarr-node/security.md
index 5df0e39e854..8fa2b148477 100644
--- a/charts/incubator/tdarr-node/security.md
+++ b/charts/incubator/tdarr-node/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:19:43.512Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:19:43.512Z [34mINFO[0m Detected config files: 1
#### tdarr-node/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:19:44.568Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:19:44.568Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:19:44.580Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:19:44.568Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:19:44.568Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:19:44.580Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/tdarr_node:v2.00.11@sha256:f4ff41e5a09ea97bb468bb584e44c0f7d869a989404aa6a7618db1e040ccb31e**
-2021-12-04T19:20:12.452Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:20:12.452Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:20:12.463Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:12.452Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:20:12.452Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:20:12.463Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/tdarr_node:v2.00.11@sha256:f4ff41e5a09ea97bb468bb584e44c0f7d869a989404aa6a7618db1e040ccb31e (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -314,4 +314,3 @@
| systemd-timesyncd | CVE-2020-13529 | LOW | 245.4-4ubuntu3.3 | 245.4-4ubuntu3.10 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/08/04/2
http://www.openwall.com/lists/oss-security/2021/08/17/3
http://www.openwall.com/lists/oss-security/2021/09/07/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529
https://linux.oracle.com/cve/CVE-2020-13529.html
https://linux.oracle.com/errata/ELSA-2021-4361.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/
https://security.gentoo.org/glsa/202107-48
https://security.netapp.com/advisory/ntap-20210625-0005/
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
https://ubuntu.com/security/notices/USN-5013-1
https://ubuntu.com/security/notices/USN-5013-2
|
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-7 | 1.30+dfsg-7ubuntu0.20.04.1 | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| wget | CVE-2021-31879 | MEDIUM | 1.20.3-1ubuntu1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
-
diff --git a/charts/incubator/tdarr/security.md b/charts/incubator/tdarr/security.md
index 7ca62d46ae9..17951e7746a 100644
--- a/charts/incubator/tdarr/security.md
+++ b/charts/incubator/tdarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:20:13.433Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:20:13.433Z [34mINFO[0m Detected config files: 1
#### tdarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:20:14.420Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:14.420Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:14.428Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:14.420Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:14.420Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:14.428Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/tdarr:v2.00.11@sha256:6fdd803b7a48519691ae1b18bf0700cf287fd8773557a0d6d0d16c782528ae18**
-2021-12-04T19:20:31.295Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:20:31.295Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:20:31.299Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:31.295Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:20:31.295Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:20:31.299Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/tdarr:v2.00.11@sha256:6fdd803b7a48519691ae1b18bf0700cf287fd8773557a0d6d0d16c782528ae18 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -314,4 +314,3 @@
| systemd-timesyncd | CVE-2020-13529 | LOW | 245.4-4ubuntu3.3 | 245.4-4ubuntu3.10 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/08/04/2
http://www.openwall.com/lists/oss-security/2021/08/17/3
http://www.openwall.com/lists/oss-security/2021/09/07/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529
https://linux.oracle.com/cve/CVE-2020-13529.html
https://linux.oracle.com/errata/ELSA-2021-4361.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/
https://security.gentoo.org/glsa/202107-48
https://security.netapp.com/advisory/ntap-20210625-0005/
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
https://ubuntu.com/security/notices/USN-5013-1
https://ubuntu.com/security/notices/USN-5013-2
|
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-7 | 1.30+dfsg-7ubuntu0.20.04.1 | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| wget | CVE-2021-31879 | MEDIUM | 1.20.3-1ubuntu1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
-
diff --git a/charts/incubator/xbackbone/security.md b/charts/incubator/xbackbone/security.md
index e14aba3f726..8536ea2e0f9 100644
--- a/charts/incubator/xbackbone/security.md
+++ b/charts/incubator/xbackbone/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:20:32.170Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:20:32.170Z [34mINFO[0m Detected config files: 2
#### xbackbone/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:20:33.875Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:33.875Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:33.882Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:33.875Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:33.875Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:33.882Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,17 +70,17 @@
**Container: tccr.io/truecharts/xbackbone:v3.3.3@sha256:c22e8806732b5a63a9761d413f4dd3a39af9427a12818e8ff769094ebc141c99**
-2021-12-04T19:20:43.175Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:43.175Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:43.239Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:20:43.239Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:20:43.240Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.9.5
-2021-12-04T19:20:43.240Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:20:43.175Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:43.175Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:43.239Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:20:43.239Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:20:43.240Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.9.5
+2021-12-04T19:20:43.240Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/xbackbone:v3.3.3@sha256:c22e8806732b5a63a9761d413f4dd3a39af9427a12818e8ff769094ebc141c99 (alpine 3.9.5)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| cups-libs | CVE-2020-3898 | HIGH | 2.2.12-r0 | 2.2.12-r1 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
https://linux.oracle.com/cve/CVE-2020-3898.html
https://linux.oracle.com/errata/ELSA-2020-4469.html
https://support.apple.com/en-us/HT211100
https://support.apple.com/kb/HT211100
https://ubuntu.com/security/notices/USN-4340-1
|
@@ -442,21 +442,21 @@
| sqlite-libs | CVE-2020-11655 | HIGH | 3.28.0-r2 | 3.28.0-r3 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11655
https://lists.debian.org/debian-lts-announce/2020/05/msg00006.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc
https://security.gentoo.org/glsa/202007-26
https://security.netapp.com/advisory/ntap-20200416-0001/
https://ubuntu.com/security/notices/USN-4394-1
https://usn.ubuntu.com/4394-1/
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11
https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c
|
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| league/flysystem | CVE-2021-32708 | HIGH | 1.0.70 | 1.1.4, 2.1.1 | Click to expand!
https://github.com/advisories/GHSA-9f46-5r25-5wfm
https://github.com/thephpleague/flysystem/commit/a3c694de9f7e844b76f9d1b61296ebf6e8d89d74
https://github.com/thephpleague/flysystem/commit/f3ad69181b8afed2c9edf7be5a2918144ff4ea32
https://github.com/thephpleague/flysystem/security/advisories/GHSA-9f46-5r25-5wfm
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWPTENBYKI2IG47GI4DHAACLNRLTWUR5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNZSWK4GOMJOOHKLZEOE5AQSLC4DNCRZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-32708
https://packagist.org/packages/league/flysystem
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:20:59.051Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:59.051Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:59.069Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:59.051Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:59.051Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:59.069Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -484,15 +484,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:21:00.409Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:21:00.409Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:21:00.448Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:21:00.448Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:21:00.409Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:21:00.409Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:21:00.448Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:21:00.448Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -641,16 +641,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/airsonic/security.md b/charts/stable/airsonic/security.md
index b6b020ba61f..1c5d5e45c19 100644
--- a/charts/stable/airsonic/security.md
+++ b/charts/stable/airsonic/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:20:32.747Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:20:32.747Z [34mINFO[0m Detected config files: 1
#### airsonic/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:20:35.271Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:35.271Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:35.275Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:35.271Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:35.271Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:35.275Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/airsonic:version-v10.6.2@sha256:f0065aa44fb1c38b7fc30d34e220138dc0a0c6477b78eb7f59015622c2052030**
-2021-12-04T19:20:57.872Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:20:57.872Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:20:57.882Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:20:57.882Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:20:57.872Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:20:57.872Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:20:57.882Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:20:57.882Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/airsonic:version-v10.6.2@sha256:f0065aa44fb1c38b7fc30d34e220138dc0a0c6477b78eb7f59015622c2052030 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -675,7 +675,7 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ch.qos.logback:logback-classic | CVE-2017-5929 | CRITICAL | 1.1.11 | 1.2.0 | Click to expand!
http://www.cvedetails.com/cve/CVE-2017-5929/
https://access.redhat.com/errata/RHSA-2017:1675
https://access.redhat.com/errata/RHSA-2017:1676
https://access.redhat.com/errata/RHSA-2017:1832
https://access.redhat.com/errata/RHSA-2018:2927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929
https://github.com/advisories/GHSA-vmfg-rjjm-rjrj
https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8
https://lists.apache.org/thread.html/18d509024d9aeb07f0e9579066f80bf5d4dcf20467b0c240043890d1@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/a6db61616180d73711d6db25703085940026e2dbc40f153f9d22b203@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/fa4eaaa6ff41ac6f79811e053c152ee89b7c5da8a6ac848ae97df67f@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r0bb19330e48d5ad784fa20dacba9e5538d8d60f5cd9142e0f1432b4b@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2a08573ddee4a86dc96d469485a5843a01710ee0dc2078dfca410c79@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2c2d57ca180e8173c90fe313ddf8eabbdcf8e3ae196f8b9f42599790@%3Ccommits.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/r397bf63783240fbb5713389d3f889d287ae0c11509006700ac720037@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r4673642893562c58cbee60c151ded6c077e8a2d02296e862224a9161@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r632ec30791b441e2eb5a3129532bf1b689bf181d0ef7daf50bcf0fd6@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r718f27bed898008a8e037d9cc848cfc1df4d18abcbaee0cb0c142cfb@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r967953a14e05016bc4bcae9ef3dd92e770181158b4246976ed8295c9@%3Cdev.brooklyn.apache.org%3E
https://lists.apache.org/thread.html/ra007cec726a3927c918ec94c4316d05d1829c49eae8dc3648adc35e2@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rbb4dfca2f7e3e8f3570eec21c79832d33a51dfde6762725660b60169@%3Cdev.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/rc5f0cc2f3b153bdf15ee7389d78585829abc9c7af4d322ba1085dd3e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rd2227af3c9ada2a72dc72ed05517f5857a34d487580e1f2803922ff9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/re9b787727291786dfe088e3cd078c7d195c0b5781e15d3cd24a3b2fc@%3Cdev.mnemonic.apache.org%3E
https://logback.qos.ch/news.html
https://nvd.nist.gov/vuln/detail/CVE-2017-5929
|
@@ -703,4 +703,3 @@
| org.springframework.security:spring-security-core | CVE-2020-5408 | MEDIUM | 4.2.13.RELEASE | 4.2.16.RELEASE, 5.0.16.RELEASE, 5.1.10.RELEASE, 5.2.4.RELEASE, 5.3.2.RELEASE | Click to expand!
https://github.com/advisories/GHSA-2ppp-9496-p23q
https://nvd.nist.gov/vuln/detail/CVE-2020-5408
https://tanzu.vmware.com/security/cve-2020-5408
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
|
| org.springframework.security:spring-security-web | CVE-2021-22112 | HIGH | 4.2.13.RELEASE | 5.3.8, 5.4.4, 5.2.9 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/7
https://github.com/advisories/GHSA-gq28-h5vg-8prx
https://github.com/spring-projects/spring-security/releases/tag/5.4.4
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r2cb05e499807900ba23e539643eead9c5f0652fd271f223f89da1804@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r37423ec7eea340e92a409452c35b649dce02fdc467f0b3f52086c177@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r413e380088c427f56102968df89ef2f336473e1b56b7d4b3a571a378@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/ra6389b1b82108a3b6bbcd22979f7665fd437c2a3408c9509a15a9ca1@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/redbd004a503b3520ae5746c2ab5e93fd7da807a8c128e60d2002cd9b@%3Cissues.nifi.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22112
https://tanzu.vmware.com/security/cve-2021-22112
https://www.jenkins.io/security/advisory/2021-02-19/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.yaml:snakeyaml | CVE-2017-18640 | HIGH | 1.17 | 1.26 | Click to expand!
https://bitbucket.org/asomov/snakeyaml/commits/da11ddbd91c1f8392ea932b37fa48110fa54ed8c
https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion
https://bitbucket.org/asomov/snakeyaml/wiki/Billion%20laughs%20attack
https://bitbucket.org/asomov/snakeyaml/wiki/Changes
https://github.com/advisories/GHSA-rvwf-54qp-4r6v
https://linux.oracle.com/cve/CVE-2017-18640.html
https://linux.oracle.com/errata/ELSA-2020-4807.html
https://lists.apache.org/thread.html/r1058e7646988394de6a3fd0857ea9b1ee0de14d7bb28fee5ff782457@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/r154090b871cf96d985b90864442d84eb027c72c94bc3f0a5727ba2d1@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r16ae4e529401b75a1f5aa462b272b31bf2a108236f882f06fddc14bc@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1703a402f30c8a2ee409f8c6f393e95a63f8c952cc9ee5bf9dd586dc@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r182e9cf6f3fb22b9be0cac4ff0685199741d2ab6e9a4e27a3693c224@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r191ceadb1b883357384981848dfa5235cb02a90070c553afbaf9b3d9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r1aab47b48a757c70e40fc0bcb1fcf1a3951afa6a17aee7cd66cf79f8@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1dfac8b6a7097bcb4979402bbb6e2f8c36d0d9001e3018717eb22b7e@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r1ffce2ed3017e9964f03ad2c539d69e49144fc8e9bf772d641612f98@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r20350031c60a77b45e0eded33e9b3e9cb0cbfc5e24e1c63bf264df12@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r22ac2aa053b7d9c6b75a49db78125c9316499668d0f4a044f3402e2f@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r28c9009a48d52cf448f8b02cd823da0f8601d2dff4d66f387a35f1e0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2a5b84fdf59042dc398497e914b5bb1aed77328320b1438144ae1953@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2b05744c0c2867daa5d1a96832965b7d6220328b0ead06c22a6e7854@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r2db207a2431a5e9e95e899858ab1f5eabd9bcc790a6ca7193ae07e94@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r436988d2cfe8a770ae361c82b181c5b2bf48a249bad84d8a55a3b46e@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r465d2553a31265b042cf5457ef649b71e0722ab89b6ea94a5d59529b@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r4c682fb8cf69dd14162439656a6ebdf42ea6ad0e4edba95907ea3f14@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r4d7f37da1bc2df90a5a0f56eb7629b5ea131bfe11eeeb4b4c193f64a@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5510f0125ba409fc1cabd098ab8b457741e5fa314cbd0e61e4339422@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r55d807f31e64a080c54455897c20b1667ec792e5915132c7b7750533@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r56805265475919252ba7fc10123f15b91097f3009bae86476624ca25@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r643ba53f002ae59068f9352fe1d82e1b6f375387ffb776f13efe8fda@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r666f29a7d0e1f98fa1425ca01efcfa86e6e3856e01d300828aa7c6ea@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6c91e52b3cc9f4e64afe0f34f20507143fd1f756d12681a56a9b38da@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6d54c2da792c74cc14b9b7665ea89e144c9e238ed478d37fd56292e6@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r72a3588d62b2de1361dc9648f5d355385735e47f7ba49d089b0e680d@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r7ce3de03facf7e7f3e24fc25d26d555818519dafdb20f29398a3414b@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r8464b6ec951aace8c807bac9ea526d4f9e3116aa16d38be06f7c6524@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r8b57c57cffa01e418868a3c7535b987635ff1fb5ab534203bfa2d64a@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r900e020760c89f082df1c6e0d46320eba721e4e47bb9eb521e68cd95@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/raebd2019b3da8c2f90f31e8b203b45353f78770ca93bfe5376f5532e@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb0e033d5ec8233360203431ad96580cf2ec56f47d9a425d894e279c2@%3Cpr.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb34d8d3269ad47a1400f5a1a2d8310e13a80b6576ebd7f512144198d@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb5c33d0069c927fae16084f0605895b98d231d7c48527bcb822ac48c@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb7b28ac741e32dd5edb2c22485d635275bead7290b056ee56baf8ce0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/rbaa1f513d903c89a08267c91d86811fa5bcc82e0596b6142c5cea7ea@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rc3211c71f7e0973a1825d1988a3921288c06cd9d793eae97ecd34948@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rcb2a7037366c58bac6aec6ce3df843a11ef97ae4eb049f05f410eaa5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rcb4b61dbe2ed1c7a88781a9aff5a9e7342cc7ed026aec0418ee67596@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rce5c93bba6e815fb62ad38e28ca1943b3019af1eddeb06507ad4e11a@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/rd582c64f66c354240290072f340505f5d026ca944ec417226bb0272e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rdd34c0479587e32a656d976649409487d51ca0d296b3e26b6b89c3f5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/re791a854001ec1f79cd4f47328b270e7a1d9d7056debb8f16d962722@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/re851bbfbedd47c690b6e01942acb98ee08bd00df1a94910b905bc8cd@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/reb1751562ee5146d3aca654a2df76a2c13d8036645ce69946f9c219e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/recfe569f4f260328b0036f1c82b2956e864d519ab941a5e75d0d832d@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rf95bebee6dfcc55067cebe8482bd31e6f481d9f74ba8e03f860c3ec7@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rfe0aab6c3bebbd9cbfdedb65ff3fdf420714bcb8acdfd346077e1263@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKN7VGIKTYBCAKYBRG55QHXAY5UDZ7HA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTVJC54XGX26UJVVYCXZ7D25X3R5T2G6/
https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.25/usages
https://nvd.nist.gov/vuln/detail/CVE-2017-18640
https://www.oracle.com/security-alerts/cpuApr2021.html
|
-
diff --git a/charts/stable/amcrest2mqtt/security.md b/charts/stable/amcrest2mqtt/security.md
index 3b8a4bc61b0..080e87e449a 100644
--- a/charts/stable/amcrest2mqtt/security.md
+++ b/charts/stable/amcrest2mqtt/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:20:58.430Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:20:58.430Z [34mINFO[0m Detected config files: 1
#### amcrest2mqtt/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:20:59.709Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:59.709Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:59.715Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:59.709Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:59.709Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:59.715Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/amcrest2mqtt:v1.0.11@sha256:8721ad99bcd3392b206c71720718f8e56e58188ecae5076b75c71a46cf1239fc**
-2021-12-04T19:21:02.759Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:21:02.759Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:21:02.763Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:21:02.763Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:21:02.759Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:21:02.759Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:21:02.763Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:21:02.763Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/amcrest2mqtt:v1.0.11@sha256:8721ad99bcd3392b206c71720718f8e56e58188ecae5076b75c71a46cf1239fc (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -97,9 +97,6 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/apache-musicindex/security.md b/charts/stable/apache-musicindex/security.md
index f291f1be0ba..77349e3984a 100644
--- a/charts/stable/apache-musicindex/security.md
+++ b/charts/stable/apache-musicindex/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:21:03.543Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:21:03.543Z [34mINFO[0m Detected config files: 1
#### apache-musicindex/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:21:04.419Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:21:04.419Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:21:04.423Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:21:04.419Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:21:04.419Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:21:04.423Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/apache-musicindex:v1.4.1-2@sha256:442d1edfbf89b8a2a42c0d649f53f091c39256c65f922078ad38ff60bdbdadf9**
-2021-12-04T19:21:13.410Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:21:13.410Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:21:13.420Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:21:13.421Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:21:13.410Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:21:13.410Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:21:13.420Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:21:13.421Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/apache-musicindex:v1.4.1-2@sha256:442d1edfbf89b8a2a42c0d649f53f091c39256c65f922078ad38ff60bdbdadf9 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2019-17567 | MEDIUM | 2.4.41-4ubuntu3.3 | | Click to expand!
http://httpd.apache.org/security/vulnerabilities_24.html
http://www.openwall.com/lists/oss-security/2021/06/10/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-17567
https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c@%3Cannounce.httpd.apache.org%3E
https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
https://security.gentoo.org/glsa/202107-38
https://security.netapp.com/advisory/ntap-20210702-0001/
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -267,8 +267,7 @@
| perl-modules-5.30 | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/appdaemon/security.md b/charts/stable/appdaemon/security.md
index f619dd73ab9..8c44517d58b 100644
--- a/charts/stable/appdaemon/security.md
+++ b/charts/stable/appdaemon/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:21:44.334Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:21:44.334Z [34mINFO[0m Detected config files: 1
#### appdaemon/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:21:45.369Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:21:45.369Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:21:45.378Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:21:45.369Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:21:45.369Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:21:45.378Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,17 +61,17 @@
**Container: tccr.io/truecharts/appdaemon:v4.1.0@sha256:f490c318750595459824cb9355b95c8cdab768271288477454b212a8a93499a6**
-2021-12-04T19:22:07.262Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:07.262Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:07.266Z [34mINFO[0m Number of language-specific files: 4
-2021-12-04T19:22:07.266Z [34mINFO[0m Detecting cargo vulnerabilities...
-2021-12-04T19:22:07.266Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:22:07.269Z [33mWARN[0m version error (3.7.4.post0): malformed version: 3.7.4.post0
+2021-12-04T19:22:07.262Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:07.262Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:07.266Z [34mINFO[0m Number of language-specific files: 4
+2021-12-04T19:22:07.266Z [34mINFO[0m Detecting cargo vulnerabilities...
+2021-12-04T19:22:07.266Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:22:07.269Z [33mWARN[0m version error (3.7.4.post0): malformed version: 3.7.4.post0
#### tccr.io/truecharts/appdaemon:v4.1.0@sha256:f490c318750595459824cb9355b95c8cdab768271288477454b212a8a93499a6 (alpine 3.14.1)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -111,29 +111,26 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| aiohttp | pyup.io-42692 | UNKNOWN | 3.7.4.post0 | 3.8.0 | Click to expand!
|
**cargo**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**cargo**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**cargo**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/aria2/security.md b/charts/stable/aria2/security.md
index ba05f2ed8ec..e97c70448e5 100644
--- a/charts/stable/aria2/security.md
+++ b/charts/stable/aria2/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:22:11.653Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:22:11.653Z [34mINFO[0m Detected config files: 1
#### aria2/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:16.626Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:16.626Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:16.636Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:16.626Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:16.626Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:16.636Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/aria2-pro:latest@sha256:6c0ddcc7be4da69ac146ff3153df727a5818f733636a1c4d9b78ccffd6106a23**
-2021-12-04T19:22:47.545Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:47.545Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:47.554Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:47.545Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:47.545Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:47.554Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/aria2-pro:latest@sha256:6c0ddcc7be4da69ac146ff3153df727a5818f733636a1c4d9b78ccffd6106a23 (alpine 3.12.7)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-28831 | HIGH | 1.31.1-r20 | 1.32.1-r4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd
https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/
https://security.gentoo.org/glsa/202105-09
|
@@ -103,4 +103,3 @@
| ssl_client | CVE-2021-42385 | HIGH | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42386 | HIGH | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
-
diff --git a/charts/stable/audacity/security.md b/charts/stable/audacity/security.md
index 821183e7f7b..d71cffce9cc 100644
--- a/charts/stable/audacity/security.md
+++ b/charts/stable/audacity/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:22:08.572Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:22:08.572Z [34mINFO[0m Detected config files: 1
#### audacity/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:16.032Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:16.032Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:16.042Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:16.032Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:16.032Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:16.042Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/audacity:v3.0.2@sha256:a0a829c08c74236b405888f26c4a52251b403db6ca8946895d00505ba1a1ffc7**
-2021-12-04T19:22:36.414Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:22:36.414Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:22:36.419Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:22:36.419Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:22:36.414Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:22:36.414Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:22:36.419Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:22:36.419Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/audacity:v3.0.2@sha256:a0a829c08c74236b405888f26c4a52251b403db6ca8946895d00505ba1a1ffc7 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -440,7 +440,7 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu14 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -451,4 +451,3 @@
| tar | CVE-2021-37701 | HIGH | 6.1.1 | 6.1.7, 5.0.8, 4.4.16 | Click to expand!
https://github.com/advisories/GHSA-9r2w-394v-53qc
https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
https://nvd.nist.gov/vuln/detail/CVE-2021-37701
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1779
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37712 | HIGH | 6.1.1 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-qq89-hq3f-393p
https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
https://nvd.nist.gov/vuln/detail/CVE-2021-37712
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1780
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37713 | HIGH | 6.1.1 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/charts/stable/authelia/security.md b/charts/stable/authelia/security.md
index 213a9eb6b93..3fc764712ac 100644
--- a/charts/stable/authelia/security.md
+++ b/charts/stable/authelia/security.md
@@ -4,30 +4,30 @@
##### Scan Results
-2021-12-04T19:22:08.025Z [34mINFO[0m Detected config files: 3
+2021-12-04T19:22:08.025Z [34mINFO[0m Detected config files: 3
#### authelia/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -45,14 +45,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:11.130Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:11.130Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:11.139Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:11.130Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:11.130Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:11.139Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -80,16 +80,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:22:12.985Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:22:12.985Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:22:13.014Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:22:13.014Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:22:13.014Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:22:12.985Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:22:12.985Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:22:13.014Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:22:13.014Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:22:13.014Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -284,55 +284,55 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/authelia:v4.33.0@sha256:8e5d19769c2c01fa8f3b5e96ccee2262b7a8aab1560ce3c40f80ee207be18f9d**
-2021-12-04T19:22:39.064Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:39.064Z [33mWARN[0m This OS version is not on the EOL list: alpine 3.15
-2021-12-04T19:22:39.064Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:39.065Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:22:39.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:22:39.066Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.15.0
-2021-12-04T19:22:39.066Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:22:39.064Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:39.064Z [33mWARN[0m This OS version is not on the EOL list: alpine 3.15
+2021-12-04T19:22:39.064Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:39.065Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:22:39.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:22:39.066Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.15.0
+2021-12-04T19:22:39.066Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/authelia:v4.33.0@sha256:8e5d19769c2c01fa8f3b5e96ccee2262b7a8aab1560ce3c40f80ee207be18f9d (alpine 3.15.0)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:40.646Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:40.646Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:40.668Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:40.646Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:40.646Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:40.668Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -360,15 +360,15 @@
**Container: tccr.io/truecharts/redis:v6.2.6@sha256:741dc63de7fed6f7f4fff41ac4b23a40f6850e9fb361e35e2959c71d8f10aeae**
-2021-12-04T19:22:52.900Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:22:52.900Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:22:52.932Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:22:52.932Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:22:52.900Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:22:52.900Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:22:52.932Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:22:52.932Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/redis:v6.2.6@sha256:741dc63de7fed6f7f4fff41ac4b23a40f6850e9fb361e35e2959c71d8f10aeae (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -515,29 +515,29 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:54.651Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:54.651Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:54.664Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:54.651Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:54.651Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:54.664Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -565,16 +565,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:22:56.329Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:22:56.329Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:22:56.362Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:22:56.362Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:22:56.362Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:22:56.329Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:22:56.329Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:22:56.362Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:22:56.362Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:22:56.362Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -769,16 +769,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/babybuddy/security.md b/charts/stable/babybuddy/security.md
index 5f5558f9b2f..facfc72d029 100644
--- a/charts/stable/babybuddy/security.md
+++ b/charts/stable/babybuddy/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:22:39.948Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:22:39.948Z [34mINFO[0m Detected config files: 2
#### babybuddy/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:54.039Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:54.039Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:54.045Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:54.039Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:54.039Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:54.045Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:22:55.616Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:22:55.616Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:22:55.658Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:22:55.658Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:22:55.658Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:22:55.616Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:22:55.616Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:22:55.658Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:22:55.658Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:22:55.658Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,50 +275,50 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/babybuddy:v1.9.1@sha256:da34791df622b4eea3c1bd6c3c585f0e7e229140f6b60802fabed2ffcad238b2**
-2021-12-04T19:23:17.867Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:23:17.867Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:23:17.892Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:23:17.867Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:23:17.867Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:23:17.892Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| reportlab | CVE-2020-28463 | MEDIUM | 3.6.2 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1930417
https://github.com/advisories/GHSA-mpvw-25mg-59vx
https://hg.reportlab.com/hg-public/reportlab/file/f094d273903a/CHANGES.md#l71
https://hg.reportlab.com/hg-public/reportlab/rev/7f2231703dc7
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMUJA5GZTPQ5WRYUCCK2GEZM4W43N7HH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YZQSFCID67K6BTC655EQY6MNOF35QI44/
https://nvd.nist.gov/vuln/detail/CVE-2020-28463
https://snyk.io/vuln/SNYK-PYTHON-REPORTLAB-1022145
https://www.reportlab.com/docs/reportlab-userguide.pdf
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:23:19.420Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:23:19.420Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:23:19.425Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:23:19.420Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:23:19.420Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:23:19.425Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -346,16 +346,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:23:20.640Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:23:20.640Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:23:20.686Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:23:20.686Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:23:20.686Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:23:20.640Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:23:20.640Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:23:20.686Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:23:20.686Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:23:20.686Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -550,16 +550,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/bazarr/security.md b/charts/stable/bazarr/security.md
index 93135a8e825..f86618d7281 100644
--- a/charts/stable/bazarr/security.md
+++ b/charts/stable/bazarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:23:18.527Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:23:18.527Z [34mINFO[0m Detected config files: 1
#### bazarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:23:19.995Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:23:19.995Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:23:20.001Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:23:19.995Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:23:19.995Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:23:20.001Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/bazarr:v1.0.1@sha256:b6d3d33d3f964e4de7563096f07476f9f2c990f2268e1f9814d3281c3181111e**
-2021-12-04T19:23:37.001Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:23:37.001Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:23:37.005Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:23:37.005Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:23:37.006Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:23:37.001Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:23:37.001Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:23:37.005Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:23:37.005Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:23:37.006Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/bazarr:v1.0.1@sha256:b6d3d33d3f964e4de7563096f07476f9f2c990f2268e1f9814d3281c3181111e (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -728,15 +728,14 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu14 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/beets/security.md b/charts/stable/beets/security.md
index 98f279e4e92..3a8a9c8af9c 100644
--- a/charts/stable/beets/security.md
+++ b/charts/stable/beets/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:23:37.846Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:23:37.846Z [34mINFO[0m Detected config files: 1
#### beets/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:23:39.006Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:23:39.006Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:23:39.013Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:23:39.006Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:23:39.006Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:23:39.013Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,13 @@
**Container: tccr.io/truecharts/beets:v1.5.0@sha256:031e2eec738848149e808eb102279817aa3fea8e57d012191daf1c471de07703**
-2021-12-04T19:23:47.194Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:23:47.194Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:23:47.194Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:23:47.194Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| beets | pyup.io-42892 | UNKNOWN | 1.5.0 | 1.6.0 | Click to expand!
|
-
diff --git a/charts/stable/booksonic-air/security.md b/charts/stable/booksonic-air/security.md
index 5a7a73add3f..d5eaed58838 100644
--- a/charts/stable/booksonic-air/security.md
+++ b/charts/stable/booksonic-air/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:23:47.705Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:23:47.705Z [34mINFO[0m Detected config files: 1
#### booksonic-air/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:23:48.807Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:23:48.807Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:23:48.815Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:23:48.807Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:23:48.807Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:23:48.815Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/booksonic-air:v2009.1.0@sha256:300d9d7d0c343daf7e5964737cfb25fb1dad5cff29ebe45076070e04c924014a**
-2021-12-04T19:24:10.473Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:24:10.473Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:24:10.501Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:24:10.501Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:24:10.473Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:24:10.473Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:24:10.501Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:24:10.501Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/booksonic-air:v2009.1.0@sha256:300d9d7d0c343daf7e5964737cfb25fb1dad5cff29ebe45076070e04c924014a (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -676,7 +676,7 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.google.guava:guava | CVE-2020-8908 | LOW | 28.2-jre | 30.0 | Click to expand!
https://github.com/advisories/GHSA-5mg8-w23w-74h3
https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40
https://github.com/google/guava/issues/4011
https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r037fed1d0ebde50c9caf8d99815db3093c344c3f651c5a49a09824ce@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E
https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E
https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-8908
https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -698,4 +698,3 @@
| org.springframework.security:spring-security-core | CVE-2021-22119 | HIGH | 5.2.4.RELEASE | 5.2.11.RELEASE, 5.3.10.RELEASE, 5.4.7, 5.5.1 | Click to expand!
https://github.com/advisories/GHSA-w9jg-gvgr-354m
https://github.com/spring-projects/spring-security/pull/9513
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22119
https://tanzu.vmware.com/security/cve-2021-22119
|
| org.springframework.security:spring-security-web | CVE-2021-22112 | HIGH | 5.2.4.RELEASE | 5.3.8, 5.4.4, 5.2.9 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/7
https://github.com/advisories/GHSA-gq28-h5vg-8prx
https://github.com/spring-projects/spring-security/releases/tag/5.4.4
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r2cb05e499807900ba23e539643eead9c5f0652fd271f223f89da1804@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r37423ec7eea340e92a409452c35b649dce02fdc467f0b3f52086c177@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r413e380088c427f56102968df89ef2f336473e1b56b7d4b3a571a378@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/ra6389b1b82108a3b6bbcd22979f7665fd437c2a3408c9509a15a9ca1@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/redbd004a503b3520ae5746c2ab5e93fd7da807a8c128e60d2002cd9b@%3Cissues.nifi.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22112
https://tanzu.vmware.com/security/cve-2021-22112
https://www.jenkins.io/security/advisory/2021-02-19/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.yaml:snakeyaml | CVE-2017-18640 | HIGH | 1.25 | 1.26 | Click to expand!
https://bitbucket.org/asomov/snakeyaml/commits/da11ddbd91c1f8392ea932b37fa48110fa54ed8c
https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion
https://bitbucket.org/asomov/snakeyaml/wiki/Billion%20laughs%20attack
https://bitbucket.org/asomov/snakeyaml/wiki/Changes
https://github.com/advisories/GHSA-rvwf-54qp-4r6v
https://linux.oracle.com/cve/CVE-2017-18640.html
https://linux.oracle.com/errata/ELSA-2020-4807.html
https://lists.apache.org/thread.html/r1058e7646988394de6a3fd0857ea9b1ee0de14d7bb28fee5ff782457@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/r154090b871cf96d985b90864442d84eb027c72c94bc3f0a5727ba2d1@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r16ae4e529401b75a1f5aa462b272b31bf2a108236f882f06fddc14bc@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1703a402f30c8a2ee409f8c6f393e95a63f8c952cc9ee5bf9dd586dc@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r182e9cf6f3fb22b9be0cac4ff0685199741d2ab6e9a4e27a3693c224@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r191ceadb1b883357384981848dfa5235cb02a90070c553afbaf9b3d9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r1aab47b48a757c70e40fc0bcb1fcf1a3951afa6a17aee7cd66cf79f8@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1dfac8b6a7097bcb4979402bbb6e2f8c36d0d9001e3018717eb22b7e@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r1ffce2ed3017e9964f03ad2c539d69e49144fc8e9bf772d641612f98@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r20350031c60a77b45e0eded33e9b3e9cb0cbfc5e24e1c63bf264df12@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r22ac2aa053b7d9c6b75a49db78125c9316499668d0f4a044f3402e2f@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r28c9009a48d52cf448f8b02cd823da0f8601d2dff4d66f387a35f1e0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2a5b84fdf59042dc398497e914b5bb1aed77328320b1438144ae1953@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2b05744c0c2867daa5d1a96832965b7d6220328b0ead06c22a6e7854@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r2db207a2431a5e9e95e899858ab1f5eabd9bcc790a6ca7193ae07e94@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r436988d2cfe8a770ae361c82b181c5b2bf48a249bad84d8a55a3b46e@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r465d2553a31265b042cf5457ef649b71e0722ab89b6ea94a5d59529b@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r4c682fb8cf69dd14162439656a6ebdf42ea6ad0e4edba95907ea3f14@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r4d7f37da1bc2df90a5a0f56eb7629b5ea131bfe11eeeb4b4c193f64a@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5510f0125ba409fc1cabd098ab8b457741e5fa314cbd0e61e4339422@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r55d807f31e64a080c54455897c20b1667ec792e5915132c7b7750533@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r56805265475919252ba7fc10123f15b91097f3009bae86476624ca25@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r643ba53f002ae59068f9352fe1d82e1b6f375387ffb776f13efe8fda@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r666f29a7d0e1f98fa1425ca01efcfa86e6e3856e01d300828aa7c6ea@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6c91e52b3cc9f4e64afe0f34f20507143fd1f756d12681a56a9b38da@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6d54c2da792c74cc14b9b7665ea89e144c9e238ed478d37fd56292e6@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r72a3588d62b2de1361dc9648f5d355385735e47f7ba49d089b0e680d@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r7ce3de03facf7e7f3e24fc25d26d555818519dafdb20f29398a3414b@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r8464b6ec951aace8c807bac9ea526d4f9e3116aa16d38be06f7c6524@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r8b57c57cffa01e418868a3c7535b987635ff1fb5ab534203bfa2d64a@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r900e020760c89f082df1c6e0d46320eba721e4e47bb9eb521e68cd95@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/raebd2019b3da8c2f90f31e8b203b45353f78770ca93bfe5376f5532e@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb0e033d5ec8233360203431ad96580cf2ec56f47d9a425d894e279c2@%3Cpr.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb34d8d3269ad47a1400f5a1a2d8310e13a80b6576ebd7f512144198d@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb5c33d0069c927fae16084f0605895b98d231d7c48527bcb822ac48c@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb7b28ac741e32dd5edb2c22485d635275bead7290b056ee56baf8ce0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/rbaa1f513d903c89a08267c91d86811fa5bcc82e0596b6142c5cea7ea@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rc3211c71f7e0973a1825d1988a3921288c06cd9d793eae97ecd34948@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rcb2a7037366c58bac6aec6ce3df843a11ef97ae4eb049f05f410eaa5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rcb4b61dbe2ed1c7a88781a9aff5a9e7342cc7ed026aec0418ee67596@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rce5c93bba6e815fb62ad38e28ca1943b3019af1eddeb06507ad4e11a@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/rd582c64f66c354240290072f340505f5d026ca944ec417226bb0272e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rdd34c0479587e32a656d976649409487d51ca0d296b3e26b6b89c3f5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/re791a854001ec1f79cd4f47328b270e7a1d9d7056debb8f16d962722@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/re851bbfbedd47c690b6e01942acb98ee08bd00df1a94910b905bc8cd@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/reb1751562ee5146d3aca654a2df76a2c13d8036645ce69946f9c219e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/recfe569f4f260328b0036f1c82b2956e864d519ab941a5e75d0d832d@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rf95bebee6dfcc55067cebe8482bd31e6f481d9f74ba8e03f860c3ec7@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rfe0aab6c3bebbd9cbfdedb65ff3fdf420714bcb8acdfd346077e1263@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKN7VGIKTYBCAKYBRG55QHXAY5UDZ7HA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTVJC54XGX26UJVVYCXZ7D25X3R5T2G6/
https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.25/usages
https://nvd.nist.gov/vuln/detail/CVE-2017-18640
https://www.oracle.com/security-alerts/cpuApr2021.html
|
-
diff --git a/charts/stable/calibre-web/security.md b/charts/stable/calibre-web/security.md
index 9da028a49ea..4bcb5e3eb02 100644
--- a/charts/stable/calibre-web/security.md
+++ b/charts/stable/calibre-web/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:24:11.523Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:24:11.523Z [34mINFO[0m Detected config files: 1
#### calibre-web/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:24:12.326Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:24:12.326Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:24:12.333Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:24:12.326Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:24:12.326Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:24:12.333Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/calibre-web:version-0.6.12@sha256:3f54c0f7bec8c635f019d88039b986c5fa8951445daf5016b4cdb1118694c612**
-2021-12-04T19:24:32.635Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:24:32.635Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:24:32.641Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:24:32.641Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:24:32.635Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:24:32.635Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:24:32.641Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:24:32.641Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/calibre-web:version-0.6.12@sha256:3f54c0f7bec8c635f019d88039b986c5fa8951445daf5016b4cdb1118694c612 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -245,11 +245,10 @@
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2ubuntu1 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| SQLAlchemy-Utils | pyup.io-42194 | UNKNOWN | 0.37.8 | | Click to expand!
|
| Werkzeug | pyup.io-42050 | UNKNOWN | 1.0.1 | 2.0.2 | Click to expand!
|
| python-ldap | GHSA-r8wq-qrxc-hmcm | MEDIUM | 3.3.1 | 3.4.0 | Click to expand!
https://github.com/advisories/GHSA-r8wq-qrxc-hmcm
https://github.com/python-ldap/python-ldap/issues/424
https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm
|
| urllib3 | CVE-2021-33503 | HIGH | 1.25.11 | 1.26.5 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
https://nvd.nist.gov/vuln/detail/CVE-2021-33503
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/charts/stable/calibre/security.md b/charts/stable/calibre/security.md
index 6cf5c394f11..f8f2f9c0a9a 100644
--- a/charts/stable/calibre/security.md
+++ b/charts/stable/calibre/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:24:33.520Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:24:33.520Z [34mINFO[0m Detected config files: 1
#### calibre/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:24:34.364Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:24:34.364Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:24:34.372Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:24:34.364Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:24:34.364Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:24:34.372Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/calibre:v5.32.0-ls138@sha256:a7c6272300628eb747dc129001aef8bc53d9b462ebe6b4953de904a2a5e15c8e**
-2021-12-04T19:25:00.213Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:25:00.213Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:25:00.222Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:25:00.222Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:25:00.213Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:25:00.213Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:25:00.222Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:25:00.222Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/calibre:v5.32.0-ls138@sha256:a7c6272300628eb747dc129001aef8bc53d9b462ebe6b4953de904a2a5e15c8e (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -301,9 +301,8 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/charts/stable/cloud9/security.md b/charts/stable/cloud9/security.md
index 9ddbc221aa4..179c78b21c2 100644
--- a/charts/stable/cloud9/security.md
+++ b/charts/stable/cloud9/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:24:35.015Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:24:35.015Z [34mINFO[0m Detected config files: 1
#### cloud9/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:25:01.448Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:25:01.448Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:25:01.454Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:25:01.448Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:25:01.448Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:25:01.454Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/cloud9:version-1.29.2@sha256:4891fa151fe52c43719f0346124f29c81ed47be16cdc34554b8896b0cb80cb73**
-2021-12-04T19:25:16.818Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:25:16.818Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:25:16.823Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:25:16.823Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:25:16.818Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:25:16.818Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:25:16.823Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:25:16.823Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/cloud9:version-1.29.2@sha256:4891fa151fe52c43719f0346124f29c81ed47be16cdc34554b8896b0cb80cb73 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -202,7 +202,7 @@
| perl-modules-5.26 | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bl | CVE-2020-8244 | MEDIUM | 1.1.2 | 2.2.1, 1.2.3, 4.0.3, 3.0.1 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8244
https://github.com/advisories/GHSA-pp7h-53gx-mx7r
https://github.com/rvagg/bl/commit/8a8c13c880e2bef519133ea43e0e9b78b5d0c91e
https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190
https://github.com/rvagg/bl/commit/dacc4ac7d5fcd6201bcf26fbd886951be9537466
https://hackerone.com/reports/966347
https://nvd.nist.gov/vuln/detail/CVE-2020-8244
https://ubuntu.com/security/notices/USN-5098-1
|
@@ -313,4 +313,3 @@
| ws | NSWG-ECO-120 | HIGH | 1.0.1 | >=1.1.1 | Click to expand!
https://github.com/nodejs/node/issues/7388
|
| xmlhttprequest-ssl | CVE-2021-31597 | CRITICAL | 1.5.1 | 1.6.1 | Click to expand!
https://github.com/advisories/GHSA-72mh-269x-7mh5
https://github.com/mjwwit/node-XMLHttpRequest/commit/bf53329b61ca6afc5d28f6b8d2dc2e3ca740a9b2
https://github.com/mjwwit/node-XMLHttpRequest/compare/v1.6.0...1.6.1
https://nvd.nist.gov/vuln/detail/CVE-2021-31597
https://people.kingsds.network/wesgarland/xmlhttprequest-ssl-vuln.txt
https://security.netapp.com/advisory/ntap-20210618-0004/
|
| xmlhttprequest-ssl | CVE-2020-28502 | HIGH | 1.5.1 | 1.6.2 | Click to expand!
https://github.com/advisories/GHSA-h4j5-c7cj-74xg
https://github.com/driverdan/node-XMLHttpRequest/blob/1.6.0/lib/XMLHttpRequest.js#L480
https://github.com/driverdan/node-XMLHttpRequest/blob/1.6.0/lib/XMLHttpRequest.js%23L480
https://github.com/driverdan/node-XMLHttpRequest/commit/983cfc244c7567ad6a59e366e55a8037e0497fe6
https://github.com/mjwwit/node-XMLHttpRequest/blob/ae38832a0f1347c5e96dda665402509a3458e302/lib/XMLHttpRequest.js#L531
https://github.com/mjwwit/node-XMLHttpRequest/commit/ee1e81fc67729c7c0eba5537ed7fe1e30a6b3291
https://nvd.nist.gov/vuln/detail/CVE-2020-28502
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1082937
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1082938
https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUEST-1082935
https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1082936
|
-
diff --git a/charts/stable/code-server/security.md b/charts/stable/code-server/security.md
index 88579823468..78d55277c61 100644
--- a/charts/stable/code-server/security.md
+++ b/charts/stable/code-server/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:25:00.723Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:25:00.723Z [34mINFO[0m Detected config files: 1
#### code-server/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:25:02.061Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:25:02.062Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:25:02.085Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:25:02.061Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:25:02.062Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:25:02.085Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/code-server:v3.12.0@sha256:2853a8bdd8eed9c09bcd4b100b9d4be20c42a307b9d1cbae1a204276e948f9ce**
-2021-12-04T19:25:36.140Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:25:36.140Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:25:36.206Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:25:36.206Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:25:36.140Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:25:36.140Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:25:36.206Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:25:36.206Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/code-server:v3.12.0@sha256:2853a8bdd8eed9c09bcd4b100b9d4be20c42a307b9d1cbae1a204276e948f9ce (debian 11.0)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,10 +275,9 @@
| xxd | CVE-2017-1000382 | LOW | 2:8.2.2434-3 | | Click to expand!
http://security.cucumberlinux.com/security/details.php?id=120
http://www.openwall.com/lists/oss-security/2017/10/31/1
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.1 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
| gopkg.in/yaml.v2 | GMS-2019-2 | UNKNOWN | v2.2.1 | v2.2.3 | Click to expand!
https://github.com/docker/cli/pull/2117
|
| gopkg.in/yaml.v2 | GO-2021-0061 | UNKNOWN | v2.2.1 | v2.2.3 | Click to expand!
|
-
diff --git a/charts/stable/collabora-online/security.md b/charts/stable/collabora-online/security.md
index 0cd051bb2e3..7fed3e1558b 100644
--- a/charts/stable/collabora-online/security.md
+++ b/charts/stable/collabora-online/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:25:17.415Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:25:17.415Z [34mINFO[0m Detected config files: 1
#### collabora-online/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:25:37.694Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:25:37.694Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:25:37.711Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:25:37.694Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:25:37.694Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:25:37.711Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/collabora:v6.4.14.3@sha256:d4a55425927736cb167a8df37ba6f2a60c0e3e0bacc0ee2496ecb5e535176f60**
-2021-12-04T19:26:07.419Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:26:07.419Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:26:07.425Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:07.419Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:26:07.419Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:26:07.425Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/collabora:v6.4.14.3@sha256:d4a55425927736cb167a8df37ba6f2a60c0e3e0bacc0ee2496ecb5e535176f60 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -209,4 +209,3 @@
| python3.6-minimal | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| python3.6-minimal | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-1ubuntu1 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
-
diff --git a/charts/stable/cryptofolio/security.md b/charts/stable/cryptofolio/security.md
index 34bb4f84b5e..bb168cb828a 100644
--- a/charts/stable/cryptofolio/security.md
+++ b/charts/stable/cryptofolio/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:26:17.147Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:26:17.147Z [34mINFO[0m Detected config files: 1
#### cryptofolio/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:26:27.914Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:26:27.914Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:26:27.923Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:27.914Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:26:27.914Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:26:27.923Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/cryptofolio:v2.2.0@sha256:e77706dd4748dbdf2665cb53434802a3c2ef85f3d9b1ca809f2615b15758f3d0**
-2021-12-04T19:26:40.959Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:26:40.959Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:26:41.060Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:40.959Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:26:40.959Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:26:41.060Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/cryptofolio:v2.2.0@sha256:e77706dd4748dbdf2665cb53434802a3c2ef85f3d9b1ca809f2615b15758f3d0 (debian 11.0)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2021-39275 | CRITICAL | 2.4.48-3.1+deb11u1 | 2.4.51-1~deb11u1 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-39275
https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E
https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3Cusers.httpd.apache.org%3E
https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3Cusers.httpd.apache.org%3E
https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
https://security.netapp.com/advisory/ntap-20211008-0004/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ
https://ubuntu.com/security/notices/USN-5090-1
https://ubuntu.com/security/notices/USN-5090-2
https://www.debian.org/security/2021/dsa-4982
|
@@ -450,4 +450,3 @@
| perl-modules-5.32 | CVE-2011-4116 | LOW | 5.32.1-4+deb11u1 | | Click to expand!
http://www.openwall.com/lists/oss-security/2011/11/04/2
http://www.openwall.com/lists/oss-security/2011/11/04/4
https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14
https://rt.cpan.org/Public/Bug/Display.html?id=69106
https://seclists.org/oss-sec/2011/q4/238
|
| re2c | CVE-2018-21232 | LOW | 2.0.3-1 | | Click to expand!
http://www.openwall.com/lists/oss-security/2020/05/14/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21232
https://github.com/skvadrik/re2c/issues/219
https://www.openwall.com/lists/oss-security/2020/04/27/2
|
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
-
diff --git a/charts/stable/custom-app/security.md b/charts/stable/custom-app/security.md
index 67084e6e68f..4e36efff945 100644
--- a/charts/stable/custom-app/security.md
+++ b/charts/stable/custom-app/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:26:08.209Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:26:08.209Z [34mINFO[0m Detected config files: 1
#### custom-app/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:26:09.405Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:26:09.405Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:26:09.411Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:09.405Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:26:09.405Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:26:09.411Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/jackett:v0.20.83@sha256:b24ade69bfc1b9725c42043c0b4aab341aed7c2cb462fdc21bb5287aaa574d79**
-2021-12-04T19:26:26.812Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:26:26.812Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:26:26.815Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:26:26.815Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:26:26.812Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:26:26.812Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:26:26.815Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:26:26.815Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/jackett:v0.20.83@sha256:b24ade69bfc1b9725c42043c0b4aab341aed7c2cb462fdc21bb5287aaa574d79 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -150,8 +150,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/davos/security.md b/charts/stable/davos/security.md
index 5f944549ab4..8ab6fd80ad8 100644
--- a/charts/stable/davos/security.md
+++ b/charts/stable/davos/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:26:07.812Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:26:07.812Z [34mINFO[0m Detected config files: 1
#### davos/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:26:08.804Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:26:08.804Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:26:08.808Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:08.804Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:26:08.804Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:26:08.808Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,13 +61,13 @@
**Container: tccr.io/truecharts/davos:v2.2.1-ls76@sha256:f9359583fb20278b436e7b018ee244f2cce1480d6834775f19e9da3503dd0e9b**
-2021-12-04T19:26:16.486Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:26:16.486Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:26:16.486Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:26:16.486Z [34mINFO[0m Detecting jar vulnerabilities...
#### Java
-
+
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.fasterxml.jackson.core:jackson-databind | CVE-2017-15095 | CRITICAL | 2.8.4 | 2.7.9.2, 2.8.10, 2.9.1 | Click to expand!
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/103880
http://www.securitytracker.com/id/1039769
https://access.redhat.com/errata/RHSA-2017:3189
https://access.redhat.com/errata/RHSA-2017:3190
https://access.redhat.com/errata/RHSA-2018:0342
https://access.redhat.com/errata/RHSA-2018:0478
https://access.redhat.com/errata/RHSA-2018:0479
https://access.redhat.com/errata/RHSA-2018:0480
https://access.redhat.com/errata/RHSA-2018:0481
https://access.redhat.com/errata/RHSA-2018:0576
https://access.redhat.com/errata/RHSA-2018:0577
https://access.redhat.com/errata/RHSA-2018:1447
https://access.redhat.com/errata/RHSA-2018:1448
https://access.redhat.com/errata/RHSA-2018:1449
https://access.redhat.com/errata/RHSA-2018:1450
https://access.redhat.com/errata/RHSA-2018:1451
https://access.redhat.com/errata/RHSA-2018:2927
https://access.redhat.com/errata/RHSA-2019:2858
https://access.redhat.com/errata/RHSA-2019:3149
https://access.redhat.com/errata/RHSA-2019:3892
https://access.redhat.com/solutions/3442891
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095
https://github.com/FasterXML/jackson-databind/blob/7093008aa2afe8068e120df850189ae072dfa1b2/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java#L43
https://github.com/FasterXML/jackson-databind/commit/3bfbb835
https://github.com/FasterXML/jackson-databind/commit/ddfddfba
https://github.com/FasterXML/jackson-databind/commit/e8f043d1
https://github.com/FasterXML/jackson-databind/issues/1680
https://github.com/FasterXML/jackson-databind/issues/1723
https://github.com/FasterXML/jackson-databind/issues/1737
https://github.com/advisories/GHSA-h592-38cm-4ggp
https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html
https://nvd.nist.gov/vuln/detail/CVE-2017-15095
https://security.netapp.com/advisory/ntap-20171214-0003/
https://ubuntu.com/security/notices/USN-4741-1
https://www.debian.org/security/2017/dsa-4037
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
|
@@ -166,4 +166,3 @@
| org.springframework:spring-core | CVE-2018-1257 | MEDIUM | 4.3.4.RELEASE | 4.3.17, 5.0.6 | Click to expand!
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/104260
https://access.redhat.com/errata/RHSA-2018:1809
https://access.redhat.com/errata/RHSA-2018:3768
https://github.com/advisories/GHSA-rcpf-vj53-7h2m
https://nvd.nist.gov/vuln/detail/CVE-2018-1257
https://pivotal.io/security/cve-2018-1257
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
|
| org.springframework:spring-core | CVE-2018-1271 | MEDIUM | 4.3.4.RELEASE | 4.3.15, 5.0.5 | Click to expand!
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/103699
https://access.redhat.com/errata/RHSA-2018:1320
https://access.redhat.com/errata/RHSA-2018:2669
https://access.redhat.com/errata/RHSA-2018:2939
https://github.com/advisories/GHSA-g8hw-794c-4j9g
https://nvd.nist.gov/vuln/detail/CVE-2018-1271
https://pivotal.io/security/cve-2018-1271
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
|
| org.yaml:snakeyaml | CVE-2017-18640 | HIGH | 1.17 | 1.26 | Click to expand!
https://bitbucket.org/asomov/snakeyaml/commits/da11ddbd91c1f8392ea932b37fa48110fa54ed8c
https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion
https://bitbucket.org/asomov/snakeyaml/wiki/Billion%20laughs%20attack
https://bitbucket.org/asomov/snakeyaml/wiki/Changes
https://github.com/advisories/GHSA-rvwf-54qp-4r6v
https://linux.oracle.com/cve/CVE-2017-18640.html
https://linux.oracle.com/errata/ELSA-2020-4807.html
https://lists.apache.org/thread.html/r1058e7646988394de6a3fd0857ea9b1ee0de14d7bb28fee5ff782457@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/r154090b871cf96d985b90864442d84eb027c72c94bc3f0a5727ba2d1@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r16ae4e529401b75a1f5aa462b272b31bf2a108236f882f06fddc14bc@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1703a402f30c8a2ee409f8c6f393e95a63f8c952cc9ee5bf9dd586dc@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r182e9cf6f3fb22b9be0cac4ff0685199741d2ab6e9a4e27a3693c224@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r191ceadb1b883357384981848dfa5235cb02a90070c553afbaf9b3d9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r1aab47b48a757c70e40fc0bcb1fcf1a3951afa6a17aee7cd66cf79f8@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1dfac8b6a7097bcb4979402bbb6e2f8c36d0d9001e3018717eb22b7e@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r1ffce2ed3017e9964f03ad2c539d69e49144fc8e9bf772d641612f98@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r20350031c60a77b45e0eded33e9b3e9cb0cbfc5e24e1c63bf264df12@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r22ac2aa053b7d9c6b75a49db78125c9316499668d0f4a044f3402e2f@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r28c9009a48d52cf448f8b02cd823da0f8601d2dff4d66f387a35f1e0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2a5b84fdf59042dc398497e914b5bb1aed77328320b1438144ae1953@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2b05744c0c2867daa5d1a96832965b7d6220328b0ead06c22a6e7854@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r2db207a2431a5e9e95e899858ab1f5eabd9bcc790a6ca7193ae07e94@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r436988d2cfe8a770ae361c82b181c5b2bf48a249bad84d8a55a3b46e@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r465d2553a31265b042cf5457ef649b71e0722ab89b6ea94a5d59529b@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r4c682fb8cf69dd14162439656a6ebdf42ea6ad0e4edba95907ea3f14@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r4d7f37da1bc2df90a5a0f56eb7629b5ea131bfe11eeeb4b4c193f64a@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5510f0125ba409fc1cabd098ab8b457741e5fa314cbd0e61e4339422@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r55d807f31e64a080c54455897c20b1667ec792e5915132c7b7750533@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r56805265475919252ba7fc10123f15b91097f3009bae86476624ca25@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r643ba53f002ae59068f9352fe1d82e1b6f375387ffb776f13efe8fda@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r666f29a7d0e1f98fa1425ca01efcfa86e6e3856e01d300828aa7c6ea@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6c91e52b3cc9f4e64afe0f34f20507143fd1f756d12681a56a9b38da@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6d54c2da792c74cc14b9b7665ea89e144c9e238ed478d37fd56292e6@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r72a3588d62b2de1361dc9648f5d355385735e47f7ba49d089b0e680d@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r7ce3de03facf7e7f3e24fc25d26d555818519dafdb20f29398a3414b@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r8464b6ec951aace8c807bac9ea526d4f9e3116aa16d38be06f7c6524@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r8b57c57cffa01e418868a3c7535b987635ff1fb5ab534203bfa2d64a@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r900e020760c89f082df1c6e0d46320eba721e4e47bb9eb521e68cd95@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/raebd2019b3da8c2f90f31e8b203b45353f78770ca93bfe5376f5532e@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb0e033d5ec8233360203431ad96580cf2ec56f47d9a425d894e279c2@%3Cpr.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb34d8d3269ad47a1400f5a1a2d8310e13a80b6576ebd7f512144198d@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb5c33d0069c927fae16084f0605895b98d231d7c48527bcb822ac48c@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb7b28ac741e32dd5edb2c22485d635275bead7290b056ee56baf8ce0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/rbaa1f513d903c89a08267c91d86811fa5bcc82e0596b6142c5cea7ea@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rc3211c71f7e0973a1825d1988a3921288c06cd9d793eae97ecd34948@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rcb2a7037366c58bac6aec6ce3df843a11ef97ae4eb049f05f410eaa5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rcb4b61dbe2ed1c7a88781a9aff5a9e7342cc7ed026aec0418ee67596@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rce5c93bba6e815fb62ad38e28ca1943b3019af1eddeb06507ad4e11a@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/rd582c64f66c354240290072f340505f5d026ca944ec417226bb0272e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rdd34c0479587e32a656d976649409487d51ca0d296b3e26b6b89c3f5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/re791a854001ec1f79cd4f47328b270e7a1d9d7056debb8f16d962722@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/re851bbfbedd47c690b6e01942acb98ee08bd00df1a94910b905bc8cd@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/reb1751562ee5146d3aca654a2df76a2c13d8036645ce69946f9c219e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/recfe569f4f260328b0036f1c82b2956e864d519ab941a5e75d0d832d@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rf95bebee6dfcc55067cebe8482bd31e6f481d9f74ba8e03f860c3ec7@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rfe0aab6c3bebbd9cbfdedb65ff3fdf420714bcb8acdfd346077e1263@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKN7VGIKTYBCAKYBRG55QHXAY5UDZ7HA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTVJC54XGX26UJVVYCXZ7D25X3R5T2G6/
https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.25/usages
https://nvd.nist.gov/vuln/detail/CVE-2017-18640
https://www.oracle.com/security-alerts/cpuApr2021.html
|
-
diff --git a/charts/stable/deconz/security.md b/charts/stable/deconz/security.md
index da9cf09ede3..f14e4087cd5 100644
--- a/charts/stable/deconz/security.md
+++ b/charts/stable/deconz/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:26:42.147Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:26:42.147Z [34mINFO[0m Detected config files: 1
#### deconz/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:26:43.389Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:26:43.389Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:26:43.397Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:43.389Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:26:43.389Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:26:43.397Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/deconz:v2.13.01@sha256:92a7a439e6010e21265fa5beaa47b0172bc6b6682f4e2d26bcd43c772ff7ddbd**
-2021-12-04T19:27:03.015Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:27:03.015Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:27:03.109Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:03.015Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:27:03.015Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:27:03.109Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/deconz:v2.13.01@sha256:92a7a439e6010e21265fa5beaa47b0172bc6b6682f4e2d26bcd43c772ff7ddbd (debian 10.9)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -655,4 +655,3 @@
| tar | CVE-2021-20193 | LOW | 1.30+dfsg-6 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
|
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
-
diff --git a/charts/stable/deepstack-cpu/security.md b/charts/stable/deepstack-cpu/security.md
index 49caf832f86..75cc73480c5 100644
--- a/charts/stable/deepstack-cpu/security.md
+++ b/charts/stable/deepstack-cpu/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:27:04.022Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:27:04.022Z [34mINFO[0m Detected config files: 1
#### deepstack-cpu/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:27:04.878Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:27:04.878Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:27:04.884Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:04.878Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:27:04.878Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:27:04.884Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/deepstack-cpu:v2021.09.1@sha256:f924cebf518a54bca2ca2ac33911cf3af4dd7403cad371781422436ce4254a28**
-2021-12-04T19:27:50.566Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:27:50.566Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:27:50.723Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:27:50.723Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:27:50.724Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:27:50.566Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:27:50.566Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:27:50.723Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:27:50.723Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:27:50.724Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/deepstack-cpu:v2021.09.1@sha256:f924cebf518a54bca2ca2ac33911cf3af4dd7403cad371781422436ce4254a28 (debian 10.6)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2020-27350 | MEDIUM | 1.8.2.1 | 1.8.2.2 | Click to expand!
https://bugs.launchpad.net/bugs/1899193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350
https://security.netapp.com/advisory/ntap-20210108-0005/
https://ubuntu.com/security/notices/USN-4667-1
https://ubuntu.com/security/notices/USN-4667-2
https://usn.ubuntu.com/usn/usn-4667-1
https://www.debian.org/security/2020/dsa-4808
|
@@ -3000,7 +3000,7 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-25287 | CRITICAL | 8.0.1 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25287
https://github.com/advisories/GHSA-77gc-v2xv-rvvh
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://github.com/python-pillow/Pillow/pull/5377/commits/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25287
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
@@ -3034,9 +3034,8 @@
| urllib3 | CVE-2021-28363 | MEDIUM | 1.26.2 | 1.26.4 | Click to expand!
https://github.com/advisories/GHSA-5phf-pp7p-vc2r
https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#1264-2021-03-15
https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0
https://github.com/urllib3/urllib3/commits/main
https://github.com/urllib3/urllib3/releases/tag/1.26.4
https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28363
https://pypi.org/project/urllib3/1.26.4/
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/satori/go.uuid | GO-2020-0018 | UNKNOWN | v1.2.0 | v1.2.1-0.20181016170032-d91630c85102 | Click to expand!
|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
-
diff --git a/charts/stable/deepstack-gpu/security.md b/charts/stable/deepstack-gpu/security.md
index d2762e89b6b..863939d8c36 100644
--- a/charts/stable/deepstack-gpu/security.md
+++ b/charts/stable/deepstack-gpu/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:27:52.343Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:27:52.343Z [34mINFO[0m Detected config files: 1
#### deepstack-gpu/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:27:58.702Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:27:58.702Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:27:58.711Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:58.702Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:27:58.702Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:27:58.711Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/deepstack-gpu:v2021.09.1@sha256:f924cebf518a54bca2ca2ac33911cf3af4dd7403cad371781422436ce4254a28**
-2021-12-04T19:28:22.371Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:28:22.374Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:28:22.845Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:28:22.845Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:28:22.846Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:28:22.371Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:28:22.374Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:28:22.845Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:28:22.845Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:28:22.846Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/deepstack-gpu:v2021.09.1@sha256:f924cebf518a54bca2ca2ac33911cf3af4dd7403cad371781422436ce4254a28 (debian 10.6)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2020-27350 | MEDIUM | 1.8.2.1 | 1.8.2.2 | Click to expand!
https://bugs.launchpad.net/bugs/1899193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350
https://security.netapp.com/advisory/ntap-20210108-0005/
https://ubuntu.com/security/notices/USN-4667-1
https://ubuntu.com/security/notices/USN-4667-2
https://usn.ubuntu.com/usn/usn-4667-1
https://www.debian.org/security/2020/dsa-4808
|
@@ -3000,7 +3000,7 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-25287 | CRITICAL | 8.0.1 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25287
https://github.com/advisories/GHSA-77gc-v2xv-rvvh
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://github.com/python-pillow/Pillow/pull/5377/commits/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25287
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
@@ -3034,9 +3034,8 @@
| urllib3 | CVE-2021-28363 | MEDIUM | 1.26.2 | 1.26.4 | Click to expand!
https://github.com/advisories/GHSA-5phf-pp7p-vc2r
https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#1264-2021-03-15
https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0
https://github.com/urllib3/urllib3/commits/main
https://github.com/urllib3/urllib3/releases/tag/1.26.4
https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28363
https://pypi.org/project/urllib3/1.26.4/
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/satori/go.uuid | GO-2020-0018 | UNKNOWN | v1.2.0 | v1.2.1-0.20181016170032-d91630c85102 | Click to expand!
|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
-
diff --git a/charts/stable/deluge/security.md b/charts/stable/deluge/security.md
index a4243a44f47..d99934a1117 100644
--- a/charts/stable/deluge/security.md
+++ b/charts/stable/deluge/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:27:51.912Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:27:51.912Z [34mINFO[0m Detected config files: 1
#### deluge/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:27:52.943Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:27:52.943Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:27:52.947Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:52.943Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:27:52.943Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:27:52.947Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/deluge:version-2.0.3-2201906121747ubuntu18.04.1@sha256:ef71fa2986593ad6fe3d2c3f277f0340c28c0fbcdc8b91c3505b83be71784f08**
-2021-12-04T19:27:57.150Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:27:57.150Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:27:57.156Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:57.150Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:27:57.150Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:27:57.156Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/deluge:version-2.0.3-2201906121747ubuntu18.04.1@sha256:ef71fa2986593ad6fe3d2c3f277f0340c28c0fbcdc8b91c3505b83be71784f08 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -225,4 +225,3 @@
| python3.6-minimal | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| python3.6-minimal | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-1ubuntu1 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
-
diff --git a/charts/stable/digikam/security.md b/charts/stable/digikam/security.md
index d10cc5b437c..e955389e5ff 100644
--- a/charts/stable/digikam/security.md
+++ b/charts/stable/digikam/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:27:53.536Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:27:53.536Z [34mINFO[0m Detected config files: 1
#### digikam/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:27:57.778Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:27:57.778Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:27:57.786Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:57.778Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:27:57.778Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:27:57.786Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/digikam:version-7.3.0@sha256:97cc7525c0e77c75933eea57f2aa52b76077837971a7866338d79ea93adb069c**
-2021-12-04T19:28:20.999Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:28:20.999Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:28:21.008Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:28:21.008Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:28:20.999Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:28:20.999Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:28:21.008Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:28:21.008Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/digikam:version-7.3.0@sha256:97cc7525c0e77c75933eea57f2aa52b76077837971a7866338d79ea93adb069c (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -279,9 +279,8 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/charts/stable/dizquetv/security.md b/charts/stable/dizquetv/security.md
index 480f696450a..61ecb398e4f 100644
--- a/charts/stable/dizquetv/security.md
+++ b/charts/stable/dizquetv/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:28:29.247Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:28:29.247Z [34mINFO[0m Detected config files: 1
#### dizquetv/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:28:30.141Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:28:30.141Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:28:30.147Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:28:30.141Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:28:30.141Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:28:30.147Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/dizquetv:v1.5.0@sha256:e7fab135e5048700be9635208c5500b830ceddb7fa0b0f9fffd2fcaa645a8374**
-2021-12-04T19:28:39.148Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:28:39.148Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:28:39.154Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:28:39.148Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:28:39.148Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:28:39.154Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/dizquetv:v1.5.0@sha256:e7fab135e5048700be9635208c5500b830ceddb7fa0b0f9fffd2fcaa645a8374 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -131,4 +131,3 @@
| passwd | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
|
| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
|
| perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
-
diff --git a/charts/stable/doublecommander/security.md b/charts/stable/doublecommander/security.md
index a988dfae8f0..2912bc84d9a 100644
--- a/charts/stable/doublecommander/security.md
+++ b/charts/stable/doublecommander/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:28:42.665Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:28:42.665Z [34mINFO[0m Detected config files: 1
#### doublecommander/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:28:43.572Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:28:43.572Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:28:43.583Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:28:43.572Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:28:43.572Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:28:43.583Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/doublecommander:version-0.8.2-1@sha256:9c71e7178c24bdd646fa65e49fd9cef59ad9584eac2d60d59ea3e62ea53d47f9**
-2021-12-04T19:28:48.063Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:28:48.063Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:28:48.086Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:28:48.086Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:28:48.063Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:28:48.063Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:28:48.086Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:28:48.086Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/doublecommander:version-0.8.2-1@sha256:9c71e7178c24bdd646fa65e49fd9cef59ad9584eac2d60d59ea3e62ea53d47f9 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -310,9 +310,8 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/charts/stable/dsmr-reader/security.md b/charts/stable/dsmr-reader/security.md
index bd27f5320d6..ff0e0e6de8d 100644
--- a/charts/stable/dsmr-reader/security.md
+++ b/charts/stable/dsmr-reader/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:29:28.696Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:29:28.696Z [34mINFO[0m Detected config files: 2
#### dsmr-reader/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:29:32.375Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:29:32.375Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:29:32.385Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:32.375Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:29:32.375Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:29:32.385Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:29:53.342Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:29:53.342Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:29:53.398Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:29:53.398Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:29:53.404Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:29:53.342Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:29:53.342Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:29:53.398Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:29:53.398Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:29:53.404Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,32 +275,32 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/dsmr-reader:v2021.09.02@sha256:4858edb1ae63a20639a0ef9c51c7b2cf599686db5c582ead7b37b2a288122935**
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:29:54.945Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:29:54.945Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:29:54.952Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:54.945Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:29:54.945Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:29:54.952Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -328,16 +328,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:29:55.938Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:29:55.938Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:29:55.987Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:29:55.987Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:29:55.987Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:29:55.938Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:29:55.938Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:29:55.987Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:29:55.987Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:29:55.987Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -532,16 +532,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/duplicati/security.md b/charts/stable/duplicati/security.md
index eed194ce7f5..dcaf54b818b 100644
--- a/charts/stable/duplicati/security.md
+++ b/charts/stable/duplicati/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:29:14.708Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:29:14.708Z [34mINFO[0m Detected config files: 1
#### duplicati/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:29:16.013Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:29:16.013Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:29:16.017Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:16.013Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:29:16.013Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:29:16.017Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/duplicati:vbeta@sha256:88147d0b04d6c05a33e3910359e4a429769bf395bd52a0b6a0c91e19b1909965**
-2021-12-04T19:29:28.005Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:29:28.005Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:29:28.054Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:28.005Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:29:28.005Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:29:28.054Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/duplicati:vbeta@sha256:88147d0b04d6c05a33e3910359e4a429769bf395bd52a0b6a0c91e19b1909965 (debian 10.9)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -533,4 +533,3 @@
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-6 | | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| tar | CVE-2021-20193 | LOW | 1.30+dfsg-6 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
|
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
-
diff --git a/charts/stable/emby/security.md b/charts/stable/emby/security.md
index 5865de4cbac..21adcfe04aa 100644
--- a/charts/stable/emby/security.md
+++ b/charts/stable/emby/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:29:29.753Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:29:29.753Z [34mINFO[0m Detected config files: 1
#### emby/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:29:31.475Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:29:31.475Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:29:31.487Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:31.475Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:29:31.475Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:29:31.487Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/emby:v4.6.7.0@sha256:f2c60cee28b40d6eeeff72cda847eced2d069b410e63a5b0bdbab7783f34ec1b**
-2021-12-04T19:29:45.327Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:29:45.327Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:29:45.330Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:29:45.330Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:29:45.327Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:29:45.327Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:29:45.330Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:29:45.330Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/emby:v4.6.7.0@sha256:f2c60cee28b40d6eeeff72cda847eced2d069b410e63a5b0bdbab7783f34ec1b (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -151,8 +151,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/esphome/security.md b/charts/stable/esphome/security.md
index ac29165fa1f..38791ba5fd3 100644
--- a/charts/stable/esphome/security.md
+++ b/charts/stable/esphome/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:29:29.209Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:29:29.209Z [34mINFO[0m Detected config files: 1
#### esphome/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:29:30.710Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:29:30.711Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:29:30.723Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:30.710Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:29:30.711Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:29:30.723Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/esphome:v2021.11.4@sha256:c4e3f2174e8636578a2a619eef7644f5ac94f427c531eedc31436e47f27b21a3**
-2021-12-04T19:29:52.028Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:29:52.028Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:29:52.077Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:29:52.077Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:29:52.028Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:29:52.028Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:29:52.077Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:29:52.077Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/esphome:v2021.11.4@sha256:c4e3f2174e8636578a2a619eef7644f5ac94f427c531eedc31436e47f27b21a3 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -207,9 +207,6 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/etherpad/security.md b/charts/stable/etherpad/security.md
index d40adb6cbd8..62f39a7207d 100644
--- a/charts/stable/etherpad/security.md
+++ b/charts/stable/etherpad/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:30:08.158Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:30:08.158Z [34mINFO[0m Detected config files: 2
#### etherpad/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:30:09.081Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:30:09.081Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:30:09.096Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:30:09.081Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:30:09.081Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:30:09.096Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:30:09.968Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:30:09.968Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:30:10.027Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:30:10.027Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:30:10.027Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:30:09.968Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:30:09.968Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:30:10.027Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:30:10.027Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:30:10.027Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/etherpad:version-1.8.14@sha256:4900f0e787ca22cf93090ae44ecceb5689d4427c739e1eb637a6e3a913161bf8**
-2021-12-04T19:30:16.654Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:30:16.654Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:30:16.656Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:30:16.656Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:30:16.654Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:30:16.654Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:30:16.656Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:30:16.656Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/etherpad:version-1.8.14@sha256:4900f0e787ca22cf93090ae44ecceb5689d4427c739e1eb637a6e3a913161bf8 (alpine 3.14.0)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.12.5-r1 | 2.12.6-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -343,7 +343,7 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r2 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -361,14 +361,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:30:17.520Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:30:17.520Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:30:17.528Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:30:17.520Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:30:17.520Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:30:17.528Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -396,16 +396,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:30:18.314Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:30:18.314Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:30:18.364Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:30:18.364Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:30:18.365Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:30:18.314Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:30:18.314Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:30:18.364Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:30:18.364Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:30:18.365Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -600,16 +600,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/external-service/security.md b/charts/stable/external-service/security.md
index 1c7d4ae6eff..382adfce433 100644
--- a/charts/stable/external-service/security.md
+++ b/charts/stable/external-service/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:30:32.117Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:30:32.117Z [34mINFO[0m Detected config files: 1
#### external-service/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -21,4 +21,3 @@
##### Scan Results
-
diff --git a/charts/stable/filezilla/security.md b/charts/stable/filezilla/security.md
index b5d39052d4a..2e4f0f300e3 100644
--- a/charts/stable/filezilla/security.md
+++ b/charts/stable/filezilla/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:30:40.280Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:30:40.280Z [34mINFO[0m Detected config files: 1
#### filezilla/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:30:41.150Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:30:41.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:30:41.158Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:30:41.150Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:30:41.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:30:41.158Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,15 @@
**Container: tccr.io/truecharts/filezilla:version-3.51.0-r1@sha256:92421eae5b47e6e98d5157db3f6a453ab0d7733a693b5e8724edeef4090593eb**
-2021-12-04T19:30:59.589Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:30:59.589Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:30:59.589Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:30:59.589Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/charts/stable/fireflyiii/security.md b/charts/stable/fireflyiii/security.md
index d9b4ed71be3..9a53c87c0e6 100644
--- a/charts/stable/fireflyiii/security.md
+++ b/charts/stable/fireflyiii/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:31:00.565Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:31:00.565Z [34mINFO[0m Detected config files: 2
#### fireflyiii/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:01.710Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:01.710Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:01.722Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:01.710Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:01.710Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:01.722Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:31:02.756Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:31:02.756Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:31:02.820Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:31:02.821Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:31:02.821Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:31:02.756Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:31:02.756Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:31:02.820Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:31:02.821Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:31:02.821Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/fireflyiii-core:version-5.5.12@sha256:f6dddfae65571d7995d5b24bf28fdf453775b825c35cac0c48b8ce52449090cf**
-2021-12-04T19:31:17.470Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:31:17.470Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:31:17.553Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:31:17.553Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:31:17.470Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:31:17.470Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:31:17.553Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:31:17.553Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/fireflyiii-core:version-5.5.12@sha256:f6dddfae65571d7995d5b24bf28fdf453775b825c35cac0c48b8ce52449090cf (debian 10.10)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2021-26691 | CRITICAL | 2.4.38-3+deb10u4 | 2.4.38-3+deb10u5 | Click to expand!
http://httpd.apache.org/security/vulnerabilities_24.html
http://www.openwall.com/lists/oss-security/2021/06/10/7
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-26691
https://linux.oracle.com/cve/CVE-2021-26691.html
https://linux.oracle.com/errata/ELSA-2021-3816.html
https://lists.apache.org/thread.html/r50cae1b71f1e7421069036b213c26da7d8f47dd59874e3bd956959fe@%3Cannounce.httpd.apache.org%3E
https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
https://security.gentoo.org/glsa/202107-38
https://security.netapp.com/advisory/ntap-20210702-0001/
https://ubuntu.com/security/notices/USN-4994-1
https://ubuntu.com/security/notices/USN-4994-2
https://www.debian.org/security/2021/dsa-4937
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -1064,7 +1064,7 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| doctrine/dbal | CVE-2021-43608 | CRITICAL | 3.1.0 | 3.0.99, 3.1.4 | Click to expand!
https://github.com/advisories/GHSA-r7cj-8hjg-x622
https://github.com/doctrine/dbal/security/advisories/GHSA-r7cj-8hjg-x622
|
@@ -1074,14 +1074,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:18.798Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:18.798Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:18.805Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:18.798Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:18.798Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:18.805Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1109,16 +1109,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:31:19.616Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:31:19.616Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:31:19.663Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:31:19.663Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:31:19.663Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:31:19.616Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:31:19.616Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:31:19.663Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:31:19.663Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:31:19.663Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1313,16 +1313,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/firefox-syncserver/security.md b/charts/stable/firefox-syncserver/security.md
index bc9ad837bb7..5f54b19343f 100644
--- a/charts/stable/firefox-syncserver/security.md
+++ b/charts/stable/firefox-syncserver/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:31:23.724Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:31:23.724Z [34mINFO[0m Detected config files: 2
#### firefox-syncserver/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:24.962Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:24.963Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:24.969Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:24.962Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:24.963Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:24.969Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:31:36.631Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:31:36.631Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:31:36.679Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:31:36.679Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:31:36.679Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:31:36.631Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:31:36.631Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:31:36.679Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:31:36.679Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:31:36.679Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,32 +275,32 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/firefox-syncserver:v1.8.0@sha256:d0fbf65c8c7a99ad4ba7ffcfdad2e7b2555e0d829867c21cefc9314ace94f747**
-2021-12-04T19:31:42.917Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:42.917Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:42.933Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:31:42.933Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:31:42.959Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.10.4
-2021-12-04T19:31:42.959Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:31:42.917Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:42.917Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:42.933Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:31:42.933Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:31:42.959Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.10.4
+2021-12-04T19:31:42.959Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/firefox-syncserver:v1.8.0@sha256:d0fbf65c8c7a99ad4ba7ffcfdad2e7b2555e0d829867c21cefc9314ace94f747 (alpine 3.10.4)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.4-r2 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -350,7 +350,7 @@
| ssl_client | CVE-2021-28831 | HIGH | 1.30.1-r3 | 1.30.1-r5 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd
https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/
https://security.gentoo.org/glsa/202105-09
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Python | CVE-2021-3177 | CRITICAL | 2.7.18 | 3.6.13, 3.7.10, 3.8.8, 3.9.2 | Click to expand!
https://bugs.python.org/issue42938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177
https://github.com/python/cpython/pull/24239
https://linux.oracle.com/cve/CVE-2021-3177.html
https://linux.oracle.com/errata/ELSA-2021-9130.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/
https://news.ycombinator.com/item?id=26185005
https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html
https://security.gentoo.org/glsa/202101-18
https://security.netapp.com/advisory/ntap-20210226-0003/
https://ubuntu.com/security/notices/USN-4754-1
https://ubuntu.com/security/notices/USN-4754-2 (regression in python2.7)
https://ubuntu.com/security/notices/USN-4754-3
https://ubuntu.com/security/notices/USN-4754-4
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -388,14 +388,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:44.473Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:44.473Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:44.481Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:44.473Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:44.473Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:44.481Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -423,16 +423,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:31:45.692Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:31:45.692Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:31:45.738Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:31:45.738Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:31:45.739Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:31:45.692Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:31:45.692Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:31:45.738Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:31:45.738Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:31:45.739Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -627,16 +627,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/flaresolverr/security.md b/charts/stable/flaresolverr/security.md
index 9ba5041728c..e948bf0fc04 100644
--- a/charts/stable/flaresolverr/security.md
+++ b/charts/stable/flaresolverr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:31:22.518Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:31:22.518Z [34mINFO[0m Detected config files: 1
#### flaresolverr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:24.356Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:24.356Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:24.362Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:24.356Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:24.356Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:24.362Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/flaresolverr:v2.0.2@sha256:80ece1e679d8a569ed538a6b0a48449703723d4941ea851b3a1fedc20428ad4b**
-2021-12-04T19:31:35.798Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:35.798Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:35.817Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:31:35.817Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:31:35.798Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:35.798Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:35.817Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:31:35.817Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/flaresolverr:v2.0.2@sha256:80ece1e679d8a569ed538a6b0a48449703723d4941ea851b3a1fedc20428ad4b (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -99,9 +99,8 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| ansi-regex | CVE-2021-3807 | HIGH | 5.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
-
diff --git a/charts/stable/flood/security.md b/charts/stable/flood/security.md
index 8ec466131ee..e25189a7ca3 100644
--- a/charts/stable/flood/security.md
+++ b/charts/stable/flood/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:31:45.091Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:31:45.091Z [34mINFO[0m Detected config files: 1
#### flood/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:46.819Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:46.819Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:46.833Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:46.819Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:46.819Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:46.833Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/flood:v4.7.0@sha256:6ad4f3eb39e6b04d1632dd0436031377eb35759e0edcd56a95e5dd8c58c09ed8**
-2021-12-04T19:31:53.208Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:53.208Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:53.213Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:31:53.213Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:31:53.208Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:53.208Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:53.213Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:31:53.213Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/flood:v4.7.0@sha256:6ad4f3eb39e6b04d1632dd0436031377eb35759e0edcd56a95e5dd8c58c09ed8 (alpine 3.13.6)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.32.1-r6 | 1.32.1-r7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -96,10 +96,9 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.32.1-r6 | 1.32.1-r7 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| ansi-regex | CVE-2021-3807 | HIGH | 5.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | Click to expand!
https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://nvd.nist.gov/vuln/detail/CVE-2021-3918
|
-
diff --git a/charts/stable/focalboard/security.md b/charts/stable/focalboard/security.md
index 7f5ecc96c56..5ffc9d4748a 100644
--- a/charts/stable/focalboard/security.md
+++ b/charts/stable/focalboard/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:32:09.126Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:32:09.126Z [34mINFO[0m Detected config files: 1
#### focalboard/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:32:09.916Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:32:09.916Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:32:09.923Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:09.916Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:32:09.916Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:32:09.923Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/focalboard:v0.8.0@sha256:dfd035116b3f17dd01d82b13cf1823cb8fc2663a9bdc8defe6827481ea9a9c66**
-2021-12-04T19:32:15.056Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:32:15.056Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:32:15.057Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:32:15.057Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:32:15.056Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:32:15.056Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:32:15.057Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:32:15.057Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/focalboard:v0.8.0@sha256:dfd035116b3f17dd01d82b13cf1823cb8fc2663a9bdc8defe6827481ea9a9c66 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -112,8 +112,7 @@
| perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/tidwall/gjson | CVE-2021-42836 | HIGH | v1.7.3 | v1.9.3 | Click to expand!
https://github.com/tidwall/gjson/commit/590010fdac311cc8990ef5c97448d4fec8f29944
https://github.com/tidwall/gjson/commit/77a57fda87dca6d0d7d4627d512a630f89a91c96
https://github.com/tidwall/gjson/compare/v1.9.2...v1.9.3
https://github.com/tidwall/gjson/issues/236
https://github.com/tidwall/gjson/issues/237
https://nvd.nist.gov/vuln/detail/CVE-2021-42836
|
-
diff --git a/charts/stable/fossil/security.md b/charts/stable/fossil/security.md
index 6a01bf651dc..08f134e7cbf 100644
--- a/charts/stable/fossil/security.md
+++ b/charts/stable/fossil/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:32:21.526Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:32:21.526Z [34mINFO[0m Detected config files: 1
#### fossil/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:32:22.618Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:32:22.618Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:32:22.622Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:22.618Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:32:22.618Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:32:22.622Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/fossil:v2.15.1-ls4@sha256:5894297e0c90a431a7e93382054ac120e10860c132fce1ac35467c74c900e330**
-2021-12-04T19:32:24.806Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:24.806Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/freeradius/security.md b/charts/stable/freeradius/security.md
index b2b320a45fb..f1708b5f91a 100644
--- a/charts/stable/freeradius/security.md
+++ b/charts/stable/freeradius/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:32:38.451Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:32:38.451Z [34mINFO[0m Detected config files: 1
#### freeradius/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:32:39.248Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:32:39.248Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:32:39.256Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:39.248Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:32:39.248Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:32:39.256Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/freeradius:v3.0.23@sha256:21454da0a4f4950dd9b97e82de5b56556fdf2bf38f60ae427852b74a2622c972**
-2021-12-04T19:32:43.657Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:32:43.657Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:32:43.682Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:43.657Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:32:43.657Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:32:43.682Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/freeradius:v3.0.23@sha256:21454da0a4f4950dd9b97e82de5b56556fdf2bf38f60ae427852b74a2622c972 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -213,4 +213,3 @@
| perl | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
| perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
| perl-modules-5.26 | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
-
diff --git a/charts/stable/freshrss/security.md b/charts/stable/freshrss/security.md
index ce28ba3c5e3..c5e7596a8d7 100644
--- a/charts/stable/freshrss/security.md
+++ b/charts/stable/freshrss/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:32:44.337Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:32:44.337Z [34mINFO[0m Detected config files: 1
#### freshrss/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:32:45.022Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:32:45.022Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:32:45.025Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:45.022Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:32:45.022Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:32:45.025Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/freshrss:version-1.18.1@sha256:3fc8ef788681ba2c5026453131603fa4dda3b23f855ce2a6c467004eb38a09ec**
-2021-12-04T19:32:49.565Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:49.565Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/gaps/security.md b/charts/stable/gaps/security.md
index a9fdea170fd..d0d185f913c 100644
--- a/charts/stable/gaps/security.md
+++ b/charts/stable/gaps/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:33:01.952Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:33:01.952Z [34mINFO[0m Detected config files: 1
#### gaps/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:02.815Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:02.815Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:02.822Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:02.815Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:02.815Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:02.822Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/gaps:v0.8.8@sha256:7f7d33e4279f55bfaf5ea1a7e071b4266794052eddaba2294ab29be45a2133bf**
-2021-12-04T19:33:17.654Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:33:17.654Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:33:17.657Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:33:17.657Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:33:17.654Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:33:17.654Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:33:17.657Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:33:17.657Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/gaps:v0.8.8@sha256:7f7d33e4279f55bfaf5ea1a7e071b4266794052eddaba2294ab29be45a2133bf (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -200,7 +200,7 @@
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-7 | 1.30+dfsg-7ubuntu0.20.04.1 | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-17527 | HIGH | 9.0.39 | 8.5.60, 9.0.40, 10.0.2 | Click to expand!
http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M10
http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60
http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40
http://www.openwall.com/lists/oss-security/2020/12/03/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527
https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29 (8.5.60)
https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65 (9.0.40)
https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E
https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E
https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E
https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E
https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E
https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E
https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html
https://nvd.nist.gov/vuln/detail/CVE-2020-17527
https://security.gentoo.org/glsa/202012-23
https://security.netapp.com/advisory/ntap-20201210-0003/
https://www.debian.org/security/2021/dsa-4835
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
|
@@ -215,4 +215,3 @@
| org.springframework.security:spring-security-core | CVE-2021-22119 | HIGH | 5.4.1 | 5.2.11.RELEASE, 5.3.10.RELEASE, 5.4.7, 5.5.1 | Click to expand!
https://github.com/advisories/GHSA-w9jg-gvgr-354m
https://github.com/spring-projects/spring-security/pull/9513
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22119
https://tanzu.vmware.com/security/cve-2021-22119
|
| org.springframework.security:spring-security-web | CVE-2021-22112 | HIGH | 5.4.1 | 5.3.8, 5.4.4, 5.2.9 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/7
https://github.com/advisories/GHSA-gq28-h5vg-8prx
https://github.com/spring-projects/spring-security/releases/tag/5.4.4
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r2cb05e499807900ba23e539643eead9c5f0652fd271f223f89da1804@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r37423ec7eea340e92a409452c35b649dce02fdc467f0b3f52086c177@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r413e380088c427f56102968df89ef2f336473e1b56b7d4b3a571a378@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/ra6389b1b82108a3b6bbcd22979f7665fd437c2a3408c9509a15a9ca1@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/redbd004a503b3520ae5746c2ab5e93fd7da807a8c128e60d2002cd9b@%3Cissues.nifi.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22112
https://tanzu.vmware.com/security/cve-2021-22112
https://www.jenkins.io/security/advisory/2021-02-19/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.thymeleaf:thymeleaf-spring5 | CVE-2021-43466 | CRITICAL | 3.0.11.RELEASE | | Click to expand!
https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html
https://github.com/advisories/GHSA-qcj6-jqrg-4wp2
https://nvd.nist.gov/vuln/detail/CVE-2021-43466
|
-
diff --git a/charts/stable/gitea/security.md b/charts/stable/gitea/security.md
index 2d98f2f438b..9acc6072077 100644
--- a/charts/stable/gitea/security.md
+++ b/charts/stable/gitea/security.md
@@ -4,30 +4,30 @@
##### Scan Results
-2021-12-04T19:33:29.384Z [34mINFO[0m Detected config files: 3
+2021-12-04T19:33:29.384Z [34mINFO[0m Detected config files: 3
#### gitea/charts/memcached/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -47,14 +47,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:30.767Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:30.767Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:30.777Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:30.767Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:30.767Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:30.777Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -82,16 +82,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:33:31.564Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:33:31.564Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:33:31.601Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:33:31.601Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:33:31.602Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:33:31.564Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:33:31.564Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:33:31.601Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:33:31.601Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:31.602Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -286,18 +286,18 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: 'tccr.io/truecharts/gitea:v1.15.7-rootless'**
@@ -307,44 +307,44 @@
**Container: tccr.io/truecharts/gitea:v1.15.7-rootless**
-2021-12-04T19:33:37.721Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:37.721Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:37.723Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:33:37.723Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:37.721Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:37.721Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:37.723Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:33:37.723Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/gitea:v1.15.7-rootless (alpine 3.13.7)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:42.749Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:42.749Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:42.755Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:42.749Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:42.749Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:42.755Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -372,15 +372,15 @@
**Container: tccr.io/truecharts/memcached:v1.6.12@sha256:90da9d23e5c448d44ee3c1aa2af4c868ab5a3f8042a4000851fe55355db7c569**
-2021-12-04T19:33:45.053Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:33:45.053Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:33:45.090Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:33:45.090Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:45.053Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:33:45.053Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:33:45.090Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:33:45.090Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/memcached:v1.6.12@sha256:90da9d23e5c448d44ee3c1aa2af4c868ab5a3f8042a4000851fe55355db7c569 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -527,22 +527,22 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:46.801Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:46.801Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:46.808Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:46.801Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:46.801Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:46.808Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -570,16 +570,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:33:51.118Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:33:51.118Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:33:51.184Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:33:51.184Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:33:51.184Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:33:51.118Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:33:51.118Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:33:51.184Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:33:51.184Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:51.184Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -774,16 +774,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/golinks/security.md b/charts/stable/golinks/security.md
index 2064272d9bf..10cab117f33 100644
--- a/charts/stable/golinks/security.md
+++ b/charts/stable/golinks/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:33:32.350Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:33:32.350Z [34mINFO[0m Detected config files: 1
#### golinks/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:33.151Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:33.151Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:33.155Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:33.151Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:33.151Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:33.155Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/golinks:version-154c581@sha256:144d59d23c3b6580403e1a06b3567ac97c638205bc139ba54e058450d6564c73**
-2021-12-04T19:33:41.563Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:33:41.563Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:41.563Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:33:41.563Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### app/golinks
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/gonic/security.md b/charts/stable/gonic/security.md
index 059d1ddd290..5d4da517293 100644
--- a/charts/stable/gonic/security.md
+++ b/charts/stable/gonic/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:33:43.527Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:33:43.527Z [34mINFO[0m Detected config files: 1
#### gonic/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:46.150Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:46.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:46.159Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:46.150Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:46.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:46.159Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/gonic:v0.14.0@sha256:d0316271fcec20816f5f3f5e8ca470426e551f2f6de83845d474a2a7827a6f34**
-2021-12-04T19:33:50.499Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:50.499Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:50.517Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:33:50.517Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:50.499Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:50.499Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:50.517Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:33:50.517Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/gonic:v0.14.0@sha256:d0316271fcec20816f5f3f5e8ca470426e551f2f6de83845d474a2a7827a6f34 (alpine 3.13.5)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -125,9 +125,6 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.32.1-r6 | 1.32.1-r7 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/gotify/security.md b/charts/stable/gotify/security.md
index 48b688567c7..9f221f30be9 100644
--- a/charts/stable/gotify/security.md
+++ b/charts/stable/gotify/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:34:01.312Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:34:01.312Z [34mINFO[0m Detected config files: 2
#### gotify/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:34:02.142Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:34:02.142Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:34:02.148Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:34:02.142Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:34:02.142Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:34:02.148Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:34:02.981Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:34:02.981Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:34:03.026Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:34:03.026Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:34:03.026Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:34:02.981Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:34:02.981Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:34:03.026Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:34:03.026Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:34:03.026Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/gotify-server:v2.1.0@sha256:a2edccce285e1303ce7d3be3f2cb001d40aaa24182581f772ce23c1e8d1b7d20**
-2021-12-04T19:34:07.744Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:34:07.744Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:34:07.791Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:34:07.792Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:34:07.744Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:34:07.744Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:34:07.791Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:34:07.792Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/gotify-server:v2.1.0@sha256:a2edccce285e1303ce7d3be3f2cb001d40aaa24182581f772ce23c1e8d1b7d20 (debian 11.0)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -392,22 +392,22 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:34:09.100Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:34:09.100Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:34:09.111Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:34:09.100Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:34:09.100Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:34:09.111Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -435,16 +435,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:34:09.900Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:34:09.900Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:34:09.954Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:34:09.954Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:34:09.954Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:34:09.900Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:34:09.900Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:34:09.954Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:34:09.954Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:34:09.954Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -639,16 +639,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/grafana/security.md b/charts/stable/grafana/security.md
index 904065ba2f1..49b5d5a376c 100644
--- a/charts/stable/grafana/security.md
+++ b/charts/stable/grafana/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:34:25.747Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:34:25.747Z [34mINFO[0m Detected config files: 1
#### grafana/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:34:26.541Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:34:26.541Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:34:26.546Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:34:26.541Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:34:26.541Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:34:26.546Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/grafana:v8.3.0@sha256:d0e471cc547dae02bcd7ae1355ad98b280ea11a1b3bd902217662670c4c2d4fe**
-2021-12-04T19:34:35.709Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:34:35.709Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:34:35.739Z [34mINFO[0m Number of language-specific files: 3
-2021-12-04T19:34:35.739Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:34:35.709Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:34:35.709Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:34:35.739Z [34mINFO[0m Number of language-specific files: 3
+2021-12-04T19:34:35.739Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/grafana:v8.3.0@sha256:d0e471cc547dae02bcd7ae1355ad98b280ea11a1b3bd902217662670c4c2d4fe (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -220,22 +220,21 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/prometheus/prometheus | CVE-2019-3826 | MEDIUM | v1.8.2-0.20211011171444-354d8d2ecfac | v2.7.1 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:0327
https://advisory.checkmarx.net/advisory/CX-2019-4297
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3826
https://github.com/prometheus/prometheus/commit/62e591f9
https://github.com/prometheus/prometheus/pull/5163
https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3Ccommits.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/grafana/loki | CVE-2021-36156 | MEDIUM | v1.6.2-0.20211015002020-7832783b1caa | v2.3.0 | Click to expand!
https://github.com/grafana/loki/pull/4020#issue-694377133
https://github.com/grafana/loki/releases/tag/v2.3.0
https://nvd.nist.gov/vuln/detail/CVE-2021-36156
|
| github.com/prometheus/prometheus | CVE-2019-3826 | MEDIUM | v1.8.2-0.20211011171444-354d8d2ecfac | v2.7.1 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:0327
https://advisory.checkmarx.net/advisory/CX-2019-4297
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3826
https://github.com/prometheus/prometheus/commit/62e591f9
https://github.com/prometheus/prometheus/pull/5163
https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3Ccommits.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
-
diff --git a/charts/stable/grav/security.md b/charts/stable/grav/security.md
index 77382b3ae8c..51b586c839a 100644
--- a/charts/stable/grav/security.md
+++ b/charts/stable/grav/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:34:38.787Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:34:38.787Z [34mINFO[0m Detected config files: 1
#### grav/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:34:39.547Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:34:39.547Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:34:39.554Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:34:39.547Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:34:39.547Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:34:39.554Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,51 +61,48 @@
**Container: tccr.io/truecharts/grav:version-1.7.18@sha256:709e672ef2cbe1235d896ed9bac213d773abfe70b37925f5870a8a925a047e16**
-2021-12-04T19:34:47.108Z [34mINFO[0m Number of language-specific files: 6
-2021-12-04T19:34:47.108Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:34:47.112Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:34:47.108Z [34mINFO[0m Number of language-specific files: 6
+2021-12-04T19:34:47.108Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:34:47.112Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/grocy/security.md b/charts/stable/grocy/security.md
index 5ae7bd7044e..fe74f6ebabe 100644
--- a/charts/stable/grocy/security.md
+++ b/charts/stable/grocy/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:34:49.810Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:34:49.810Z [34mINFO[0m Detected config files: 1
#### grocy/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:34:50.709Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:34:50.709Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:34:50.716Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:34:50.709Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:34:50.709Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:34:50.716Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/grocy:version-v3.1.1@sha256:5c036b40671fcddb2a53edceacb1dc2d03df2b2bf1c0b97e5d820c0b84d6faab**
-2021-12-04T19:35:01.113Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:35:01.113Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:35:01.116Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:35:01.113Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:35:01.113Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:35:01.116Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bootbox | GHSA-87mg-h5r3-hw88 | MEDIUM | 5.5.2 | | Click to expand!
https://github.com/advisories/GHSA-87mg-h5r3-hw88
https://github.com/makeusabrew/bootbox/issues/661
https://hackerone.com/reports/508446
https://www.npmjs.com/advisories/882
|
@@ -85,9 +85,6 @@
| moment | CVE-2017-18214 | HIGH | 2.18.1 | 2.19.3 | Click to expand!
https://github.com/advisories/GHSA-446m-mv8f-q348
https://github.com/moment/moment/issues/4163
https://github.com/moment/moment/pull/4326
https://nodesecurity.io/advisories/532
https://nvd.nist.gov/vuln/detail/CVE-2017-18214
https://www.npmjs.com/advisories/532
https://www.tenable.com/security/tns-2019-02
|
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/handbrake/security.md b/charts/stable/handbrake/security.md
index 701d95004a9..c4976d11373 100644
--- a/charts/stable/handbrake/security.md
+++ b/charts/stable/handbrake/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:35:04.912Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:35:04.912Z [34mINFO[0m Detected config files: 1
#### handbrake/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:35:05.893Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:35:05.893Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:35:05.898Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:35:05.893Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:35:05.893Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:35:05.898Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/handbrake:v1.24.2@sha256:312ddf5ec046fd0ca3f84015b55c8b4cbe1d6e8340ffcaf244489592a3fc92da**
-2021-12-04T19:35:16.598Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:35:16.598Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:35:16.609Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:35:16.598Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:35:16.598Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:35:16.609Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/handbrake:v1.24.2@sha256:312ddf5ec046fd0ca3f84015b55c8b4cbe1d6e8340ffcaf244489592a3fc92da (alpine 3.12.6)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -103,4 +103,3 @@
| ssl_client | CVE-2021-42386 | HIGH | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| xvfb | CVE-2021-3472 | HIGH | 1.20.10-r0 | 1.20.10-r1 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/04/13/1
https://bugzilla.redhat.com/show_bug.cgi?id=1944167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472
https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd
https://linux.oracle.com/cve/CVE-2021-3472.html
https://linux.oracle.com/errata/ELSA-2021-2033.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00013.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDF7TAJE7NPZPNVOXSD5HBIFLNPUOD2V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6S5OPXUDYBSRSVWVLFLJ6AFERG4HNY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N63KL3T22HNFT4FJ7VMVF6U5Q4RFJIQF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEXPCLMVU25AUZTUXC4MYBGPKOAIM5TW/
https://lists.x.org/archives/xorg-announce/2021-April/003080.html
https://seclists.org/oss-sec/2021/q2/20
https://security.gentoo.org/glsa/202104-02
https://ubuntu.com/security/notices/USN-4905-1
https://ubuntu.com/security/notices/USN-4905-2
https://www.debian.org/security/2021/dsa-4893
https://www.tenable.com/plugins/nessus/148701
https://www.zerodayinitiative.com/advisories/ZDI-21-463/
|
-
diff --git a/charts/stable/haste-server/security.md b/charts/stable/haste-server/security.md
index 85f92f4d724..47255257ff4 100644
--- a/charts/stable/haste-server/security.md
+++ b/charts/stable/haste-server/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:35:26.603Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:35:26.603Z [34mINFO[0m Detected config files: 1
#### haste-server/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:35:27.411Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:35:27.411Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:35:27.417Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:35:27.411Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:35:27.411Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:35:27.417Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/haste-server:latest@sha256:046b4d04aa5c23a7a4de10b678aad8f62932e2ae04b2db123107e753b7929f86**
-2021-12-04T19:35:39.144Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:35:39.144Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:35:39.146Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:35:39.146Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:35:39.147Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:35:39.144Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:35:39.144Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:35:39.146Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:35:39.146Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:35:39.147Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/haste-server:latest@sha256:046b4d04aa5c23a7a4de10b678aad8f62932e2ae04b2db123107e753b7929f86 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -160,7 +160,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -171,8 +171,7 @@
| y18n | CVE-2020-7774 | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | Click to expand!
https://github.com/advisories/GHSA-c4w7-xm78-47vh
https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25
https://github.com/yargs/y18n/issues/96
https://github.com/yargs/y18n/pull/108
https://linux.oracle.com/cve/CVE-2020-7774.html
https://linux.oracle.com/errata/ELSA-2021-0551.html
https://nvd.nist.gov/vuln/detail/CVE-2020-7774
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
https://snyk.io/vuln/SNYK-JS-Y18N-1021887
https://www.oracle.com/security-alerts/cpuApr2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/headphones/security.md b/charts/stable/headphones/security.md
index b5aa281ce01..bea3b5b8a34 100644
--- a/charts/stable/headphones/security.md
+++ b/charts/stable/headphones/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:35:39.947Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:35:39.947Z [34mINFO[0m Detected config files: 1
#### headphones/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:35:41.595Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:35:41.595Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:35:41.601Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:35:41.595Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:35:41.595Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:35:41.601Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,13 +61,13 @@
**Container: tccr.io/truecharts/headphones:version-58edc604@sha256:f605d077d6d6023e3326421ce02eb81bd962163b68569f8e3953cb5ac2898344**
-2021-12-04T19:35:49.088Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:35:49.089Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:35:49.088Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:35:49.089Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-25287 | CRITICAL | 6.2.2 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25287
https://github.com/advisories/GHSA-77gc-v2xv-rvvh
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://github.com/python-pillow/Pillow/pull/5377/commits/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25287
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
@@ -99,4 +99,3 @@
| pip | CVE-2021-28363 | MEDIUM | 20.3.4 | 21.1 | Click to expand!
https://github.com/advisories/GHSA-5phf-pp7p-vc2r
https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#1264-2021-03-15
https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0
https://github.com/urllib3/urllib3/commits/main
https://github.com/urllib3/urllib3/releases/tag/1.26.4
https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28363
https://pypi.org/project/urllib3/1.26.4/
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| pip | CVE-2021-3572 | MEDIUM | 20.3.4 | 21.1 | Click to expand!
https://access.redhat.com/errata/RHSA-2021:3254
https://bugzilla.redhat.com/show_bug.cgi?id=1962856
https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
https://github.com/pypa/pip/pull/9827
https://linux.oracle.com/cve/CVE-2021-3572.html
https://linux.oracle.com/errata/ELSA-2021-4455.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3572
https://packetstormsecurity.com/files/162712/USN-4961-1.txt
|
| pip | pyup.io-42218 | UNKNOWN | 20.3.4 | 21.1 | Click to expand!
|
-
diff --git a/charts/stable/healthchecks/security.md b/charts/stable/healthchecks/security.md
index 2a9d0d3a1f9..16e7b1d8c3f 100644
--- a/charts/stable/healthchecks/security.md
+++ b/charts/stable/healthchecks/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:35:52.767Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:35:52.767Z [34mINFO[0m Detected config files: 1
#### healthchecks/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:35:53.674Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:35:53.674Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:35:53.681Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:35:53.674Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:35:53.674Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:35:53.681Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/healthchecks:version-v1.22.0@sha256:234347d239410227e8d4585c467293f7bb59859f2042bad885633c1ff30c98f2**
-2021-12-04T19:36:00.327Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:36:00.327Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:36:00.327Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:36:00.327Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/heimdall/security.md b/charts/stable/heimdall/security.md
index 60676e27e13..37f027ae66e 100644
--- a/charts/stable/heimdall/security.md
+++ b/charts/stable/heimdall/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:36:06.648Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:36:06.648Z [34mINFO[0m Detected config files: 1
#### heimdall/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:36:07.477Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:36:07.477Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:36:07.489Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:07.477Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:36:07.477Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:36:07.489Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/heimdall:version-2.2.2@sha256:eedb3180caf7388b206238120405d53baf9783692b14766ffed7bb388fadd6ce**
-2021-12-04T19:36:10.412Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:10.412Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/home-assistant/security.md b/charts/stable/home-assistant/security.md
index e77b6741509..014e4384ddb 100644
--- a/charts/stable/home-assistant/security.md
+++ b/charts/stable/home-assistant/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:36:37.444Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:36:37.444Z [34mINFO[0m Detected config files: 2
#### home-assistant/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -37,14 +37,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:36:39.008Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:36:39.008Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:36:39.016Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:39.008Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:36:39.008Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:36:39.016Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -72,16 +72,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:36:46.742Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:36:46.742Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:36:46.796Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:36:46.796Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:36:46.796Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:36:46.742Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:36:46.742Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:36:46.796Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:36:46.796Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:36:46.796Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -276,35 +276,35 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: 'tccr.io/truecharts/home-assistant:v2021.11.5@sha256:f4a4f4c85e51e6c08b36329110c95be441f53ac998bc51bc16f5b26290f7f9ef'**
**Container: tccr.io/truecharts/home-assistant:v2021.11.5@sha256:f4a4f4c85e51e6c08b36329110c95be441f53ac998bc51bc16f5b26290f7f9ef**
-2021-12-04T19:37:29.991Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:29.991Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:29.996Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:37:29.996Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:37:29.997Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:37:29.997Z [33mWARN[0m version error (3.7.4.post0): malformed version: 3.7.4.post0
+2021-12-04T19:37:29.991Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:37:29.991Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:37:29.996Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:37:29.996Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:37:29.997Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:37:29.997Z [33mWARN[0m version error (3.7.4.post0): malformed version: 3.7.4.post0
#### tccr.io/truecharts/home-assistant:v2021.11.5@sha256:f4a4f4c85e51e6c08b36329110c95be441f53ac998bc51bc16f5b26290f7f9ef (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -366,7 +366,7 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-34552 | CRITICAL | 8.2.0 | 8.3.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34552
https://github.com/advisories/GHSA-7534-mm45-c74v
https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V6LCG525ARIX6LX5QRYNAWVDD2MD2SV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUGBBT63VL7G4JNOEIPDJIOC34ZFBKNJ/
https://nvd.nist.gov/vuln/detail/CVE-2021-34552
https://pillow.readthedocs.io/en/stable/releasenotes/8.3.0.html#buffer-overflow
https://pillow.readthedocs.io/en/stable/releasenotes/index.html
|
@@ -381,22 +381,22 @@
| sendgrid | CVE-2021-43572 | CRITICAL | 6.8.2 | 6.9.1 | Click to expand!
https://github.com/advisories/GHSA-92vm-mxjf-jqf3
https://github.com/starkbank/ecdsa-python/releases/tag/v2.0.1
https://nvd.nist.gov/vuln/detail/CVE-2021-43572
https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:37:32.610Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:32.610Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:32.615Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:37:32.610Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:37:32.610Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:37:32.615Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -424,16 +424,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:37:42.139Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:37:42.139Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:37:42.172Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:37:42.172Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:37:42.172Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:37:42.139Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:37:42.139Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:37:42.172Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:37:42.172Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:37:42.172Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -628,16 +628,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/hyperion-ng/security.md b/charts/stable/hyperion-ng/security.md
index e7ddbe483eb..0b5e8ef6ef2 100644
--- a/charts/stable/hyperion-ng/security.md
+++ b/charts/stable/hyperion-ng/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:36:36.480Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:36:36.480Z [34mINFO[0m Detected config files: 1
#### hyperion-ng/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:36:38.433Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:36:38.433Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:36:38.440Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:38.433Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:36:38.433Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:36:38.440Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/hyperion.ng:v2.0.12@sha256:630cc8613290119f0d452b600418f2a3f4e78b73923ca47502989c4fc9bb394a**
-2021-12-04T19:36:45.512Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:36:45.512Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:36:45.547Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:45.512Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:36:45.512Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:36:45.547Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/hyperion.ng:v2.0.12@sha256:630cc8613290119f0d452b600418f2a3f4e78b73923ca47502989c4fc9bb394a (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -342,4 +342,3 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
-
diff --git a/charts/stable/icantbelieveitsnotvaletudo/security.md b/charts/stable/icantbelieveitsnotvaletudo/security.md
index 84c84d85c41..f733fc38034 100644
--- a/charts/stable/icantbelieveitsnotvaletudo/security.md
+++ b/charts/stable/icantbelieveitsnotvaletudo/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:36:46.058Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:36:46.058Z [34mINFO[0m Detected config files: 1
#### icantbelieveitsnotvaletudo/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:36:48.212Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:36:48.212Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:36:48.223Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:48.212Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:36:48.212Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:36:48.223Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/icantbelieveitsnotvaletudo:v2021.2.1@sha256:12546c37abe795970d27fda99f78fd45cd25522b11b4c6db6ce98d7484c68883**
-2021-12-04T19:36:54.169Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:36:54.169Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:36:54.176Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:36:54.176Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:36:54.169Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:36:54.169Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:36:54.176Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:36:54.176Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/icantbelieveitsnotvaletudo:v2021.2.1@sha256:12546c37abe795970d27fda99f78fd45cd25522b11b4c6db6ce98d7484c68883 (debian 9.13)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.4.11 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -264,7 +264,7 @@
| util-linux | CVE-2021-37600 | LOW | 2.29.2-1+deb9u1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -281,4 +281,3 @@
| tar | CVE-2021-37713 | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| ws | CVE-2021-32640 | MEDIUM | 7.4.3 | 5.2.3, 6.2.2, 7.4.6 | Click to expand!
https://github.com/advisories/GHSA-6fc8-4gx4-v693
https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff
https://github.com/websockets/ws/issues/1895
https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693
https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-32640
|
| y18n | CVE-2020-7774 | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | Click to expand!
https://github.com/advisories/GHSA-c4w7-xm78-47vh
https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25
https://github.com/yargs/y18n/issues/96
https://github.com/yargs/y18n/pull/108
https://linux.oracle.com/cve/CVE-2020-7774.html
https://linux.oracle.com/errata/ELSA-2021-0551.html
https://nvd.nist.gov/vuln/detail/CVE-2020-7774
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
https://snyk.io/vuln/SNYK-JS-Y18N-1021887
https://www.oracle.com/security-alerts/cpuApr2021.html
|
-
diff --git a/charts/stable/jackett/CHANGELOG.md b/charts/stable/jackett/CHANGELOG.md
index 18e92ec017c..766549af199 100644
--- a/charts/stable/jackett/CHANGELOG.md
+++ b/charts/stable/jackett/CHANGELOG.md
@@ -1,6 +1,15 @@
# Changelog
+
+### [jackett-9.0.31](https://github.com/truecharts/apps/compare/jackett-9.0.30...jackett-9.0.31) (2021-12-04)
+
+#### Chore
+
+* improve a bit on security docs generation
+
+
+
### [jackett-9.0.30](https://github.com/truecharts/apps/compare/jackett-9.0.28...jackett-9.0.30) (2021-12-04)
diff --git a/charts/stable/jackett/security.md b/charts/stable/jackett/security.md
index b5dcbf715c0..a8a542a92e7 100644
--- a/charts/stable/jackett/security.md
+++ b/charts/stable/jackett/security.md
@@ -4,16 +4,6 @@
##### Scan Results
-2021-12-04T19:37:30.988Z [34mINFO[0m Detected config files: 1
-#### jackett/templates/common.yaml
-
-**kubernetes**
-
-
-| No Vulnerabilities found |
-|:---------------------------------|
-
-
## Containers
@@ -26,14 +16,12 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:37:38.854Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:38.854Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:38.864Z [34mINFO[0m Number of language-specific files: 0
-#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
+
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +49,12 @@
**Container: tccr.io/truecharts/jackett:v0.20.83@sha256:b24ade69bfc1b9725c42043c0b4aab341aed7c2cb462fdc21bb5287aaa574d79**
-2021-12-04T19:37:43.399Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:37:43.399Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:37:43.405Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:37:43.405Z [34mINFO[0m Detecting gobinary vulnerabilities...
-#### tccr.io/truecharts/jackett:v0.20.83@sha256:b24ade69bfc1b9725c42043c0b4aab341aed7c2cb462fdc21bb5287aaa574d79 (ubuntu 20.04)
-
+#### Container: tccr.io/truecharts/jackett:v0.20.83@sha256:b24ade69bfc1b9725c42043c0b4aab341aed7c2cb462fdc21bb5287aaa574d79 (ubuntu 20.04)
+
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -148,10 +133,10 @@
| python3.8-minimal | CVE-2021-29921 | MEDIUM | 3.8.10-0ubuntu1~20.04 | 3.8.10-0ubuntu1~20.04.1 | Click to expand!
https://bugs.python.org/issue36384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921
https://docs.python.org/3/library/ipaddress.html
https://github.com/python/cpython/blob/63298930fb531ba2bb4f23bc3b915dbf1e17e9e1/Misc/NEWS.d/3.8.0a4.rst
https://github.com/python/cpython/pull/12577
https://github.com/python/cpython/pull/25099
https://github.com/sickcodes
https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-014.md
https://python-security.readthedocs.io/vuln/ipaddress-ipv4-leading-zeros.html
https://security.netapp.com/advisory/ntap-20210622-0003/
https://sick.codes/sick-2021-014
https://ubuntu.com/security/notices/USN-4973-1
https://ubuntu.com/security/notices/USN-4973-2
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| python3.8-minimal | CVE-2021-3737 | MEDIUM | 3.8.10-0ubuntu1~20.04 | | Click to expand!
https://bugs.python.org/issue44022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://ubuntu.com/security/notices/USN-5083-1
|
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/jdownloader2/security.md b/charts/stable/jdownloader2/security.md
index 46f3d833c16..ae39ee0d19f 100644
--- a/charts/stable/jdownloader2/security.md
+++ b/charts/stable/jdownloader2/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:37:30.386Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:37:30.386Z [34mINFO[0m Detected config files: 1
#### jdownloader2/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:37:32.014Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:32.014Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:32.018Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:37:32.014Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:37:32.014Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:37:32.018Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/jdownloader-2:v1.7.1@sha256:f5c7103d8870367cae893099a9a26929860ca5a13ebc7a1e4e335f1f296c40dd**
-2021-12-04T19:37:37.973Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:37.973Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:37.980Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:37:37.973Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:37:37.973Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:37:37.980Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/jdownloader-2:v1.7.1@sha256:f5c7103d8870367cae893099a9a26929860ca5a13ebc7a1e4e335f1f296c40dd (alpine 3.12.6)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -115,4 +115,3 @@
| ssl_client | CVE-2021-42386 | HIGH | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| xvfb | CVE-2021-3472 | HIGH | 1.20.10-r0 | 1.20.10-r1 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/04/13/1
https://bugzilla.redhat.com/show_bug.cgi?id=1944167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472
https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd
https://linux.oracle.com/cve/CVE-2021-3472.html
https://linux.oracle.com/errata/ELSA-2021-2033.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00013.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDF7TAJE7NPZPNVOXSD5HBIFLNPUOD2V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6S5OPXUDYBSRSVWVLFLJ6AFERG4HNY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N63KL3T22HNFT4FJ7VMVF6U5Q4RFJIQF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEXPCLMVU25AUZTUXC4MYBGPKOAIM5TW/
https://lists.x.org/archives/xorg-announce/2021-April/003080.html
https://seclists.org/oss-sec/2021/q2/20
https://security.gentoo.org/glsa/202104-02
https://ubuntu.com/security/notices/USN-4905-1
https://ubuntu.com/security/notices/USN-4905-2
https://www.debian.org/security/2021/dsa-4893
https://www.tenable.com/plugins/nessus/148701
https://www.zerodayinitiative.com/advisories/ZDI-21-463/
|
-
diff --git a/charts/stable/jellyfin/security.md b/charts/stable/jellyfin/security.md
index 2478ebd5114..de3604edb86 100644
--- a/charts/stable/jellyfin/security.md
+++ b/charts/stable/jellyfin/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:37:30.683Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:37:30.683Z [34mINFO[0m Detected config files: 1
#### jellyfin/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:37:41.491Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:41.491Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:41.501Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:37:41.491Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:37:41.491Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:37:41.501Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/jellyfin:v10.7.7@sha256:20febcab671b5281c5ecf8b792860119c9bda4806815bc2764660173b1866924**
-2021-12-04T19:38:05.263Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:38:05.263Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:38:05.305Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:38:05.263Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:38:05.263Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:38:05.305Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/jellyfin:v10.7.7@sha256:20febcab671b5281c5ecf8b792860119c9bda4806815bc2764660173b1866924 (debian 10.10)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -238,4 +238,3 @@
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-6 | | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| tar | CVE-2021-20193 | LOW | 1.30+dfsg-6 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
|
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
-
diff --git a/charts/stable/joplin-server/security.md b/charts/stable/joplin-server/security.md
index ab6478dadf3..cc506e3ac8f 100644
--- a/charts/stable/joplin-server/security.md
+++ b/charts/stable/joplin-server/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:38:29.736Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:38:29.736Z [34mINFO[0m Detected config files: 2
#### joplin-server/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:38:34.351Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:38:34.351Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:38:34.355Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:38:34.351Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:38:34.351Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:38:34.355Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:38:36.186Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:38:36.186Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:38:36.230Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:38:36.230Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:38:36.230Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:38:36.186Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:38:36.186Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:38:36.230Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:38:36.230Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:38:36.230Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/joplin-server:v2.5.1@sha256:a285ff0cf05f534efd28c6652925b57a9774ba41923d15536b873fbbdbabcd2b**
-2021-12-04T19:39:07.601Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:39:07.601Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:39:07.729Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:39:07.729Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:39:07.601Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:39:07.601Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:39:07.729Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:39:07.729Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/joplin-server:v2.5.1@sha256:a285ff0cf05f534efd28c6652925b57a9774ba41923d15536b873fbbdbabcd2b (debian 11.0)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1107,7 +1107,7 @@
| wget | CVE-2021-31879 | MEDIUM | 1.21-1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| @npmcli/arborist | CVE-2021-39134 | HIGH | 2.4.2 | 2.8.2 | Click to expand!
https://github.com/advisories/GHSA-2h3h-q99f-3fhc
https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc
https://nvd.nist.gov/vuln/detail/CVE-2021-39134
https://www.npmjs.com/package/@npmcli/arborist
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -1216,14 +1216,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:39:12.195Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:12.195Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:12.203Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:12.195Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:12.195Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:12.203Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1251,16 +1251,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:39:14.433Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:39:14.433Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:39:14.465Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:39:14.465Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:39:14.465Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:39:14.433Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:39:14.433Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:39:14.465Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:39:14.465Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:39:14.465Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1455,16 +1455,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/kanboard/security.md b/charts/stable/kanboard/security.md
index 37da380a89e..4cba7f93268 100644
--- a/charts/stable/kanboard/security.md
+++ b/charts/stable/kanboard/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:39:11.375Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:39:11.375Z [34mINFO[0m Detected config files: 2
#### kanboard/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:39:13.809Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:13.809Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:13.818Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:13.809Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:13.809Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:13.818Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:39:27.869Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:39:27.869Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:39:27.908Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:39:27.908Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:39:27.908Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:39:27.869Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:39:27.869Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:39:27.908Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:39:27.908Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:39:27.908Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,29 +275,29 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/kanboard:v1.2.20@sha256:1f953b23bf30dbea50a0db78a838c811859d83ab79fe259a93e8fdfe113392f6**
-2021-12-04T19:39:31.140Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:31.140Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:31.184Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:31.140Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:31.140Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:31.184Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/kanboard:v1.2.20@sha256:1f953b23bf30dbea50a0db78a838c811859d83ab79fe259a93e8fdfe113392f6 (alpine 3.13.5)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -455,14 +455,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:39:31.997Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:31.997Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:32.004Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:31.997Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:31.997Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:32.004Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -490,16 +490,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:39:32.887Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:39:32.888Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:39:32.957Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:39:32.957Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:39:32.957Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:39:32.887Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:39:32.888Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:39:32.957Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:39:32.957Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:39:32.957Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -694,16 +694,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/kms/security.md b/charts/stable/kms/security.md
index 6c81d00bb66..01021a4f957 100644
--- a/charts/stable/kms/security.md
+++ b/charts/stable/kms/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:38:34.872Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:38:34.872Z [34mINFO[0m Detected config files: 1
#### kms/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:38:36.884Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:38:36.884Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:38:36.890Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:38:36.884Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:38:36.884Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:38:36.890Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/kms:vminimal@sha256:808c060d4ad8cc05bf3bee5d959683f884845d3d625829bcb9e79d18a2c701fd**
-2021-12-04T19:39:10.268Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:10.268Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:10.270Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:39:10.270Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:39:10.268Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:10.268Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:10.270Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:39:10.270Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/kms:vminimal@sha256:808c060d4ad8cc05bf3bee5d959683f884845d3d625829bcb9e79d18a2c701fd (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -96,9 +96,6 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/komga/security.md b/charts/stable/komga/security.md
index b7e5bf93038..cc9db4683f4 100644
--- a/charts/stable/komga/security.md
+++ b/charts/stable/komga/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:39:10.687Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:39:10.687Z [34mINFO[0m Detected config files: 1
#### komga/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:39:12.816Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:12.816Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:12.821Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:12.816Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:12.816Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:12.821Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/komga:v0.134.0@sha256:b38ff9fd6502fe1272adef4d8b0780e3164ed32a4ccac21ada0912a1cc4a16e1**
-2021-12-04T19:39:26.642Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:39:26.642Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:39:26.646Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:39:26.646Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:39:26.642Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:39:26.642Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:39:26.646Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:39:26.646Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/komga:v0.134.0@sha256:b38ff9fd6502fe1272adef4d8b0780e3164ed32a4ccac21ada0912a1cc4a16e1 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2020-27350 | MEDIUM | 1.6.12ubuntu0.1 | 1.6.12ubuntu0.2 | Click to expand!
https://bugs.launchpad.net/bugs/1899193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350
https://security.netapp.com/advisory/ntap-20210108-0005/
https://ubuntu.com/security/notices/USN-4667-1
https://ubuntu.com/security/notices/USN-4667-2
https://usn.ubuntu.com/usn/usn-4667-1
https://www.debian.org/security/2020/dsa-4808
|
@@ -261,7 +261,7 @@
| tar | CVE-2019-9923 | LOW | 1.29b-2ubuntu0.1 | 1.29b-2ubuntu0.2 | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| org.apache.activemq:artemis-server | CVE-2020-13947 | MEDIUM | 2.17.0 | | Click to expand!
http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt
https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E
https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E
https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-13947
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -275,4 +275,3 @@
| org.jsoup:jsoup | CVE-2021-37714 | HIGH | 1.13.1 | 1.14.2 | Click to expand!
https://github.com/advisories/GHSA-m72m-mhq2-9p6c
https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c
https://jsoup.org/news/release-1.14.1
https://jsoup.org/news/release-1.14.2
https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E
https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E
https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-37714
|
| org.springframework.data:spring-data-rest-core | CVE-2021-22047 | MEDIUM | 3.5.5 | 3.4.14, 3.5.6 | Click to expand!
https://nvd.nist.gov/vuln/detail/CVE-2021-22047
https://tanzu.vmware.com/security/cve-2021-22047
|
| org.thymeleaf:thymeleaf-spring5 | CVE-2021-43466 | CRITICAL | 3.0.12.RELEASE | | Click to expand!
https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html
https://github.com/advisories/GHSA-qcj6-jqrg-4wp2
https://nvd.nist.gov/vuln/detail/CVE-2021-43466
|
-
diff --git a/charts/stable/lazylibrarian/security.md b/charts/stable/lazylibrarian/security.md
index 8c2277a63b1..d0338f3c6b7 100644
--- a/charts/stable/lazylibrarian/security.md
+++ b/charts/stable/lazylibrarian/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:39:50.026Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:39:50.026Z [34mINFO[0m Detected config files: 1
#### lazylibrarian/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:39:50.808Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:50.808Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:50.814Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:50.808Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:50.808Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:50.814Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/lazylibrarian:latest@sha256:39be22df562748105a54b77ed8914e097cae98a1ccfde86f975c288588d1a71a**
-2021-12-04T19:39:55.865Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:39:55.866Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:39:55.881Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:39:55.881Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:39:55.865Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:39:55.866Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:39:55.881Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:39:55.881Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/lazylibrarian:latest@sha256:39be22df562748105a54b77ed8914e097cae98a1ccfde86f975c288588d1a71a (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -226,9 +226,6 @@
| python3.6-minimal | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/leaf2mqtt/security.md b/charts/stable/leaf2mqtt/security.md
index 608a593964f..c1bc967addf 100644
--- a/charts/stable/leaf2mqtt/security.md
+++ b/charts/stable/leaf2mqtt/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:40:04.190Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:40:04.190Z [34mINFO[0m Detected config files: 1
#### leaf2mqtt/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:40:05.150Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:40:05.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:40:05.158Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:05.150Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:40:05.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:40:05.158Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/leaf2mqtt:v0.5@sha256:0073361400f5f077d4eece95d6e13a86b7744fc564bd1bed151e8afcc6bdf143**
-2021-12-04T19:40:23.115Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:40:23.115Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:40:23.145Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:23.115Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:40:23.115Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:40:23.145Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/leaf2mqtt:v0.5@sha256:0073361400f5f077d4eece95d6e13a86b7744fc564bd1bed151e8afcc6bdf143 (debian 10.9)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -285,4 +285,3 @@
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-6 | | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| tar | CVE-2021-20193 | LOW | 1.30+dfsg-6 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
|
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
-
diff --git a/charts/stable/librespeed/security.md b/charts/stable/librespeed/security.md
index 50b3fd1d09b..95b25254ddb 100644
--- a/charts/stable/librespeed/security.md
+++ b/charts/stable/librespeed/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:40:24.330Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:40:24.330Z [34mINFO[0m Detected config files: 1
#### librespeed/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:40:25.682Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:40:25.682Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:40:25.689Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:25.682Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:40:25.682Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:40:25.689Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/librespeed:version-5.2.4@sha256:c441bc4d4d086a95966e93b4dea82674d1a258774f97084b02e87c0bc38deb2a**
-2021-12-04T19:40:37.744Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:37.744Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/lidarr/security.md b/charts/stable/lidarr/security.md
index 7d1f84471c2..4fabf7b4f4b 100644
--- a/charts/stable/lidarr/security.md
+++ b/charts/stable/lidarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:40:23.709Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:40:23.709Z [34mINFO[0m Detected config files: 1
#### lidarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:40:25.110Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:40:25.110Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:40:25.123Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:25.110Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:40:25.110Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:40:25.123Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/lidarr:v1.0.0.2255@sha256:73262a0dcd0b594cc77a8f232e11aad4e54bbeee0f2ab33c7cda3b83ab298b40**
-2021-12-04T19:40:35.749Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:40:35.750Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:40:35.752Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:40:35.752Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:40:35.749Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:40:35.750Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:40:35.752Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:40:35.752Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/lidarr:v1.0.0.2255@sha256:73262a0dcd0b594cc77a8f232e11aad4e54bbeee0f2ab33c7cda3b83ab298b40 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -395,8 +395,7 @@
| perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/littlelink/security.md b/charts/stable/littlelink/security.md
index cc402017dd8..48365dca9dd 100644
--- a/charts/stable/littlelink/security.md
+++ b/charts/stable/littlelink/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:40:38.362Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:40:38.362Z [34mINFO[0m Detected config files: 1
#### littlelink/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:40:39.237Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:40:39.237Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:40:39.240Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:39.237Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:40:39.237Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:40:39.240Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,24 +61,23 @@
**Container: tccr.io/truecharts/littlelink-server:latest@sha256:29d95d1d215342d2e627a082b0049116c627781517b3626a8afd9af97f26b605**
-2021-12-04T19:40:45.157Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:40:45.157Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:40:45.158Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:40:45.158Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:40:45.157Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:40:45.157Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:40:45.158Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:40:45.158Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/littlelink-server:latest@sha256:29d95d1d215342d2e627a082b0049116c627781517b3626a8afd9af97f26b605 (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| ansi-regex | CVE-2021-3807 | HIGH | 5.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
-
diff --git a/charts/stable/logitech-media-server/security.md b/charts/stable/logitech-media-server/security.md
index 5a968307a88..19175cf241c 100644
--- a/charts/stable/logitech-media-server/security.md
+++ b/charts/stable/logitech-media-server/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:41:05.970Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:41:05.970Z [34mINFO[0m Detected config files: 1
#### logitech-media-server/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:06.757Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:06.757Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:06.761Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:06.757Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:06.757Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:06.761Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/logitechmediaserver:v8.3.0@sha256:9a3d016f99856b8a1ce846a70b1c17dbf8c730030850e48a1b2c632952510dc4**
-2021-12-04T19:41:11.023Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:41:11.023Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:41:11.061Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:11.023Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:41:11.023Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:41:11.061Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/logitechmediaserver:v8.3.0@sha256:9a3d016f99856b8a1ce846a70b1c17dbf8c730030850e48a1b2c632952510dc4 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -160,4 +160,3 @@
| perl-modules-5.32 | CVE-2011-4116 | LOW | 5.32.1-4+deb11u2 | | Click to expand!
http://www.openwall.com/lists/oss-security/2011/11/04/2
http://www.openwall.com/lists/oss-security/2011/11/04/4
https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14
https://rt.cpan.org/Public/Bug/Display.html?id=69106
https://seclists.org/oss-sec/2011/q4/238
|
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
| wget | CVE-2021-31879 | MEDIUM | 1.21-1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
-
diff --git a/charts/stable/loki/security.md b/charts/stable/loki/security.md
index 15ce6f21470..b05e525acc8 100644
--- a/charts/stable/loki/security.md
+++ b/charts/stable/loki/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:41:40.630Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:41:40.630Z [34mINFO[0m Detected config files: 2
#### loki/charts/promtail/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:41.885Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:41.885Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:41.892Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:41.885Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:41.885Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:41.892Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,15 +70,15 @@
**Container: tccr.io/truecharts/loki:v2.4.1@sha256:79c6f31e246f6edac4efa651f1e246273bd1370bb140d1fa4f3fe143c2251aff**
-2021-12-04T19:41:45.496Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:45.497Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:45.497Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:41:45.497Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:41:45.496Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:45.497Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:45.497Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:41:45.497Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/loki:v2.4.1@sha256:79c6f31e246f6edac4efa651f1e246273bd1370bb140d1fa4f3fe143c2251aff (alpine 3.13.6)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.32.1-r6 | 1.32.1-r7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -105,21 +105,21 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.32.1-r6 | 1.32.1-r7 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/prometheus/prometheus | CVE-2019-3826 | MEDIUM | v1.8.2-0.20211011171444-354d8d2ecfac | v2.7.1 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:0327
https://advisory.checkmarx.net/advisory/CX-2019-4297
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3826
https://github.com/prometheus/prometheus/commit/62e591f9
https://github.com/prometheus/prometheus/pull/5163
https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3Ccommits.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:52.703Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:52.703Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:52.717Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:52.703Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:52.703Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:52.717Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -147,15 +147,15 @@
**Container: tccr.io/truecharts/promtail:v2.4.1@sha256:83bceed26a638b211d65b6e80d4a33d01dc82b81e630d57e883b490ac0c57ef4**
-2021-12-04T19:41:58.361Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:41:58.361Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:41:58.373Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:41:58.373Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:41:58.361Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:41:58.361Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:41:58.373Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:41:58.373Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/promtail:v2.4.1@sha256:83bceed26a638b211d65b6e80d4a33d01dc82b81e630d57e883b490ac0c57ef4 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -225,9 +225,8 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/containerd/containerd | CVE-2021-41103 | HIGH | v1.5.4 | v1.4.11, v1.5.7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103
https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8
https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41103
https://ubuntu.com/security/notices/USN-5100-1
https://www.debian.org/security/2021/dsa-5002
|
| github.com/prometheus/prometheus | CVE-2019-3826 | MEDIUM | v1.8.2-0.20211011171444-354d8d2ecfac | v2.7.1 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:0327
https://advisory.checkmarx.net/advisory/CX-2019-4297
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3826
https://github.com/prometheus/prometheus/commit/62e591f9
https://github.com/prometheus/prometheus/pull/5163
https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3Ccommits.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
-
diff --git a/charts/stable/lychee/security.md b/charts/stable/lychee/security.md
index 1eecb0353be..89033d060d5 100644
--- a/charts/stable/lychee/security.md
+++ b/charts/stable/lychee/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:41:25.342Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:41:25.342Z [34mINFO[0m Detected config files: 1
#### lychee/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:26.619Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:26.619Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:26.626Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:26.619Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:26.619Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:26.626Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/lychee-laravel:v4.3.6@sha256:4bed7b11de627f40477b8865869cd757610969dcecbafaa1a1aac4ea1e8ae1bf**
-2021-12-04T19:41:39.790Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:41:39.790Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:41:39.889Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:41:39.889Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:41:39.790Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:41:39.790Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:41:39.889Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:41:39.889Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/lychee-laravel:v4.3.6@sha256:4bed7b11de627f40477b8865869cd757610969dcecbafaa1a1aac4ea1e8ae1bf (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -342,8 +342,7 @@
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| symfony/http-kernel | CVE-2021-41267 | MEDIUM | v5.2.9 | 5.3.0, 5.3.12 | Click to expand!
https://github.com/advisories/GHSA-q3j3-w37x-hq2q
https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487
https://github.com/symfony/symfony/pull/44243
https://github.com/symfony/symfony/releases/tag/v5.3.12
https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q
https://nvd.nist.gov/vuln/detail/CVE-2021-41267
https://symfony.com/cve-2021-41267
|
-
diff --git a/charts/stable/mealie/security.md b/charts/stable/mealie/security.md
index 01d46f74146..1f4f39dadc3 100644
--- a/charts/stable/mealie/security.md
+++ b/charts/stable/mealie/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:41:41.205Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:41:41.205Z [34mINFO[0m Detected config files: 1
#### mealie/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:42.520Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:42.520Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:42.534Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:42.520Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:42.520Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:42.534Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/mealie:v0.5.4@sha256:52a05feaf3cac813c0540e8c59b0f99900662558254c657e9d0335f0d9c8b4a9**
-2021-12-04T19:41:51.738Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:41:51.738Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:41:51.755Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:41:51.755Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:41:51.755Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:41:51.738Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:41:51.738Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:41:51.755Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:41:51.755Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:41:51.755Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/mealie:v0.5.4@sha256:52a05feaf3cac813c0540e8c59b0f99900662558254c657e9d0335f0d9c8b4a9 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -159,7 +159,7 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apprise | CVE-2021-39229 | HIGH | 0.9.3 | 0.9.5.1 | Click to expand!
https://github.com/advisories/GHSA-qhmp-h54x-38qr
https://github.com/caronc/apprise/blob/0007eade20934ddef0aba38b8f1aad980cfff253/apprise/plugins/NotifyIFTTT.py#L356-L359
https://github.com/caronc/apprise/commit/e20fce630d55e4ca9b0a1e325a5fea6997489831
https://github.com/caronc/apprise/pull/436
https://github.com/caronc/apprise/releases/tag/v0.9.5.1
https://github.com/caronc/apprise/security/advisories/GHSA-qhmp-h54x-38qr
https://nvd.nist.gov/vuln/detail/CVE-2021-39229
|
@@ -170,9 +170,6 @@
| websockets | CVE-2021-33880 | MEDIUM | 8.1 | 9.1 | Click to expand!
https://github.com/aaugustin/websockets/commit/547a26b685d08cac0aa64e5e65f7867ac0ea9bc0
https://github.com/advisories/GHSA-8ch4-58qp-g3mp
https://nvd.nist.gov/vuln/detail/CVE-2021-33880
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/medusa/security.md b/charts/stable/medusa/security.md
index ec1b3f91101..73816139d2a 100644
--- a/charts/stable/medusa/security.md
+++ b/charts/stable/medusa/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:41:53.361Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:41:53.361Z [34mINFO[0m Detected config files: 1
#### medusa/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:59.388Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:59.388Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:59.398Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:59.388Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:59.388Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:59.398Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/medusa:v0.5.20@sha256:5de16df497fc0800e47cbd5761c04966403d38445ba54f076f336e70437d3cd9**
-2021-12-04T19:42:07.267Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:42:07.267Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:42:07.267Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:42:07.267Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/miniflux/security.md b/charts/stable/miniflux/security.md
index 999dd3becab..a34c1e50244 100644
--- a/charts/stable/miniflux/security.md
+++ b/charts/stable/miniflux/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:42:28.048Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:42:28.048Z [34mINFO[0m Detected config files: 2
#### miniflux/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:42:28.842Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:28.842Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:28.855Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:42:28.842Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:28.842Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:28.855Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:42:29.701Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:42:29.701Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:42:29.743Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:42:29.743Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:42:29.743Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:42:29.701Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:42:29.701Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:42:29.743Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:42:29.743Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:42:29.743Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/miniflux:v2.0.33@sha256:1fcc67ba8a5e9f06c6b67bc654b3276d51c304cb3a2ac4985114b6785c149cb2**
-2021-12-04T19:42:31.561Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:31.561Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:31.561Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:42:31.561Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:42:31.561Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:31.561Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:31.561Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:42:31.561Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/miniflux:v2.0.33@sha256:1fcc67ba8a5e9f06c6b67bc654b3276d51c304cb3a2ac4985114b6785c149cb2 (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -325,21 +325,21 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:42:32.314Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:32.314Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:32.320Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:42:32.314Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:32.314Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:32.320Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -367,16 +367,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:42:33.524Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:42:33.524Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:42:33.565Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:42:33.565Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:42:33.565Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:42:33.524Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:42:33.524Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:42:33.565Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:42:33.565Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:42:33.565Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -571,16 +571,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/minio-console/security.md b/charts/stable/minio-console/security.md
index dc1f68d9ea2..4c17237ffcd 100644
--- a/charts/stable/minio-console/security.md
+++ b/charts/stable/minio-console/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:42:35.148Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:42:35.148Z [34mINFO[0m Detected config files: 1
#### minio-console/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:42:36.143Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:36.143Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:36.149Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:42:36.143Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:36.143Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:36.149Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -60,5 +60,3 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**Container: tccr.io/truecharts/minio-console:v0.12.5@sha256:95b3c2b2e67b8f61f5d3e09c37875a37b9f4aeaa47f392c02dba191b041517d1**
-
-
diff --git a/charts/stable/minio/security.md b/charts/stable/minio/security.md
index 2e1bb7c658c..15094e7c2f2 100644
--- a/charts/stable/minio/security.md
+++ b/charts/stable/minio/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:42:49.584Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:42:49.584Z [34mINFO[0m Detected config files: 1
#### minio/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:42:51.014Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:51.014Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:51.021Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:42:51.014Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:51.014Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:51.021Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/minio:latest@sha256:8129f69c85b84e13f085a1ce127f108cee0ea84a1f496e8065796c7a15a08442**
-2021-12-04T19:42:57.834Z [34mINFO[0m Detected OS: redhat
-2021-12-04T19:42:57.834Z [34mINFO[0m Detecting RHEL/CentOS vulnerabilities...
-2021-12-04T19:42:57.837Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:42:57.834Z [34mINFO[0m Detected OS: redhat
+2021-12-04T19:42:57.834Z [34mINFO[0m Detecting RHEL/CentOS vulnerabilities...
+2021-12-04T19:42:57.837Z [34mINFO[0m Number of language-specific files: 1
#### tccr.io/truecharts/minio:latest@sha256:8129f69c85b84e13f085a1ce127f108cee0ea84a1f496e8065796c7a15a08442 (redhat 8.4)
-
+
**redhat**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bzip2-libs | CVE-2019-12900 | LOW | 1.0.6-26.el8 | | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html
http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900
https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774@%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html
https://seclists.org/bugtraq/2019/Aug/4
https://seclists.org/bugtraq/2019/Jul/22
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc
https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-4038-1
https://ubuntu.com/security/notices/USN-4038-2
https://ubuntu.com/security/notices/USN-4038-3
https://ubuntu.com/security/notices/USN-4038-4
https://ubuntu.com/security/notices/USN-4146-1
https://ubuntu.com/security/notices/USN-4146-2
https://usn.ubuntu.com/4038-1/
https://usn.ubuntu.com/4038-2/
https://usn.ubuntu.com/4146-1/
https://usn.ubuntu.com/4146-2/
https://www.oracle.com/security-alerts/cpuoct2020.html
|
@@ -173,4 +173,3 @@
| sqlite-libs | CVE-2019-9936 | LOW | 3.26.0-13.el8 | | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html
http://www.securityfocus.com/bid/107562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9936
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/
https://security.gentoo.org/glsa/201908-09
https://security.netapp.com/advisory/ntap-20190416-0005/
https://sqlite.org/src/info/b3fa58dd7403dbd4
https://ubuntu.com/security/notices/USN-4019-1
https://usn.ubuntu.com/4019-1/
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114382.html
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114394.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
|
| sqlite-libs | CVE-2019-9937 | LOW | 3.26.0-13.el8 | | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html
http://www.securityfocus.com/bid/107562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9937
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/
https://security.gentoo.org/glsa/201908-09
https://security.netapp.com/advisory/ntap-20190416-0005/
https://sqlite.org/src/info/45c73deb440496e8
https://ubuntu.com/security/notices/USN-4019-1
https://usn.ubuntu.com/4019-1/
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114383.html
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114393.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
|
| systemd-libs | CVE-2018-20839 | MEDIUM | 239-45.el8_4.3 | | Click to expand!
http://www.securityfocus.com/bid/108389
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993
https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f
https://github.com/systemd/systemd/pull/12378
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.netapp.com/advisory/ntap-20190530-0002/
|
-
diff --git a/charts/stable/mosquitto/security.md b/charts/stable/mosquitto/security.md
index 11da3aa2ba5..a9b3603ff6e 100644
--- a/charts/stable/mosquitto/security.md
+++ b/charts/stable/mosquitto/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:42:58.623Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:42:58.623Z [34mINFO[0m Detected config files: 1
#### mosquitto/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:42:59.848Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:59.848Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:59.852Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:42:59.848Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:59.848Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:59.852Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,13 @@
**Container: tccr.io/truecharts/eclipse-mosquitto:v2.0.14@sha256:047eb800158878c1bea9e6281e2dc3081b53b61ca10fdca5a17816c6fbe15216**
-2021-12-04T19:43:01.308Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:01.308Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:01.309Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:01.308Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:01.308Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:01.309Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/eclipse-mosquitto:v2.0.14@sha256:047eb800158878c1bea9e6281e2dc3081b53b61ca10fdca5a17816c6fbe15216 (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/mstream/security.md b/charts/stable/mstream/security.md
index c6102b79f70..66010431f95 100644
--- a/charts/stable/mstream/security.md
+++ b/charts/stable/mstream/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:43:21.772Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:43:21.772Z [34mINFO[0m Detected config files: 1
#### mstream/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:43:23.265Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:23.265Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:23.272Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:23.265Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:23.265Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:23.272Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/mstream:version-v5.2.5@sha256:1ac2f1c3177e09428cf5be1f33c7110863b69a748f691f8385dc96a313d84e7b**
-2021-12-04T19:43:34.582Z [34mINFO[0m Number of language-specific files: 6
-2021-12-04T19:43:34.582Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:43:34.583Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:43:34.582Z [34mINFO[0m Number of language-specific files: 6
+2021-12-04T19:43:34.582Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:43:34.583Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 4.1.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -77,37 +77,34 @@
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | Click to expand!
https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://nvd.nist.gov/vuln/detail/CVE-2021-3918
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/muximux/security.md b/charts/stable/muximux/security.md
index d443fedd394..304c14406ff 100644
--- a/charts/stable/muximux/security.md
+++ b/charts/stable/muximux/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:43:23.815Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:43:23.815Z [34mINFO[0m Detected config files: 1
#### muximux/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:43:36.042Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:36.042Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:36.048Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:36.042Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:36.042Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:36.048Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/muximux:version-057352e8@sha256:5942aa00a99c51a0d0fc9afda2f875450515a27a312572c0fcc62471131184e9**
-2021-12-04T19:43:37.391Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:37.391Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/mylar/security.md b/charts/stable/mylar/security.md
index 077592dc0ea..7b6fd07377c 100644
--- a/charts/stable/mylar/security.md
+++ b/charts/stable/mylar/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:43:39.197Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:43:39.197Z [34mINFO[0m Detected config files: 1
#### mylar/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:43:40.381Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:40.381Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:40.388Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:40.381Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:40.381Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:40.388Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,13 +61,13 @@
**Container: tccr.io/truecharts/mylar3:version-v0.5.3@sha256:97892fdbd4aaa622ea5b77d1c9c467985545094a13f4acd1ab3f5d4b0bb094ea**
-2021-12-04T19:43:46.626Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:43:46.626Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:43:46.626Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:43:46.626Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-25287 | CRITICAL | 6.2.2 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25287
https://github.com/advisories/GHSA-77gc-v2xv-rvvh
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://github.com/python-pillow/Pillow/pull/5377/commits/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25287
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
@@ -96,4 +96,3 @@
| Pillow | CVE-2021-28675 | MEDIUM | 6.2.2 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28675
https://github.com/advisories/GHSA-g6rj-rv7j-xwp4
https://github.com/python-pillow/Pillow/pull/5377/commits/22e9bee4ef225c0edbb9323f94c26cee0c623497
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28675
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28675-fix-dos-in-psdimageplugin
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
| Pillow | CVE-2021-28678 | MEDIUM | 6.2.2 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28678
https://github.com/advisories/GHSA-hjfx-8p6c-g7gx
https://github.com/python-pillow/Pillow/pull/5377
https://github.com/python-pillow/Pillow/pull/5377/commits/496245aa4365d0827390bd0b6fbd11287453b3a1
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28678
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28678-fix-blp-dos
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
| Pillow | GHSA-jgpv-4h4c-xhw3 | MEDIUM | 6.2.2 | 8.1.2 | Click to expand!
https://github.com/advisories/GHSA-jgpv-4h4c-xhw3
https://github.com/calix2/pyVulApp/security/advisories/GHSA-jgpv-4h4c-xhw3
|
-
diff --git a/charts/stable/navidrome/security.md b/charts/stable/navidrome/security.md
index 749c1341078..afd8f776020 100644
--- a/charts/stable/navidrome/security.md
+++ b/charts/stable/navidrome/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:43:47.237Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:43:47.237Z [34mINFO[0m Detected config files: 1
#### navidrome/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:43:48.670Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:48.670Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:48.678Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:48.670Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:48.670Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:48.678Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,24 +61,21 @@
**Container: tccr.io/truecharts/navidrome:v0.47.0@sha256:0ca8781ecf33f961d9e1157b8f0aa0ad8d69cde3dac99e8084bd34aa73094128**
-2021-12-04T19:43:54.304Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:54.304Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:54.312Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:43:54.312Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:43:54.304Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:54.304Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:54.312Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:43:54.312Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/navidrome:v0.47.0@sha256:0ca8781ecf33f961d9e1157b8f0aa0ad8d69cde3dac99e8084bd34aa73094128 (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/nextcloud/security.md b/charts/stable/nextcloud/security.md
index 4630541a79e..e24879021eb 100644
--- a/charts/stable/nextcloud/security.md
+++ b/charts/stable/nextcloud/security.md
@@ -4,30 +4,30 @@
##### Scan Results
-2021-12-04T19:44:40.066Z [34mINFO[0m Detected config files: 3
+2021-12-04T19:44:40.066Z [34mINFO[0m Detected config files: 3
#### nextcloud/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -46,14 +46,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:44:42.515Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:44:42.515Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:44:42.526Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:44:42.515Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:44:42.515Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:44:42.526Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -81,16 +81,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:44:46.503Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:44:46.503Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:44:46.539Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:44:46.540Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:44:46.540Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:44:46.503Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:44:46.503Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:44:46.539Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:44:46.540Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:44:46.540Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -285,30 +285,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e**
-2021-12-04T19:45:14.960Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:45:14.960Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:45:15.089Z [34mINFO[0m Number of language-specific files: 5
-2021-12-04T19:45:15.089Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:45:14.960Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:45:14.960Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:45:15.089Z [34mINFO[0m Number of language-specific files: 5
+2021-12-04T19:45:15.089Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2001-1534 | LOW | 2.4.51-1~deb11u1 | | Click to expand!
http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html
http://www.iss.net/security_center/static/7494.php
http://www.securityfocus.com/bid/3521
|
@@ -766,51 +766,51 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e**
-2021-12-04T19:45:16.403Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:45:16.403Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:45:16.590Z [34mINFO[0m Number of language-specific files: 5
-2021-12-04T19:45:16.590Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:45:16.403Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:45:16.403Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:45:16.590Z [34mINFO[0m Number of language-specific files: 5
+2021-12-04T19:45:16.590Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2001-1534 | LOW | 2.4.51-1~deb11u1 | | Click to expand!
http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html
http://www.iss.net/security_center/static/7494.php
http://www.securityfocus.com/bid/3521
|
@@ -1268,50 +1268,50 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:45:17.969Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:45:17.970Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:45:17.975Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:45:17.969Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:45:17.970Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:45:17.975Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1339,15 +1339,15 @@
**Container: tccr.io/truecharts/redis:v6.2.6@sha256:741dc63de7fed6f7f4fff41ac4b23a40f6850e9fb361e35e2959c71d8f10aeae**
-2021-12-04T19:45:19.229Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:45:19.229Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:45:19.278Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:45:19.278Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:45:19.229Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:45:19.229Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:45:19.278Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:45:19.278Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/redis:v6.2.6@sha256:741dc63de7fed6f7f4fff41ac4b23a40f6850e9fb361e35e2959c71d8f10aeae (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1494,29 +1494,29 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:45:20.755Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:45:20.755Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:45:20.765Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:45:20.755Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:45:20.755Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:45:20.765Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1544,16 +1544,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:45:24.701Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:45:24.701Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:45:24.761Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:45:24.761Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:45:24.764Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:45:24.701Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:45:24.701Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:45:24.761Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:45:24.761Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:45:24.764Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1748,16 +1748,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/node-red/security.md b/charts/stable/node-red/security.md
index ca0185c11d9..a4084e2a39c 100644
--- a/charts/stable/node-red/security.md
+++ b/charts/stable/node-red/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:44:24.039Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:44:24.039Z [34mINFO[0m Detected config files: 1
#### node-red/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:44:24.889Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:44:24.890Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:44:24.905Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:44:24.889Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:44:24.890Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:44:24.905Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,25 +61,24 @@
**Container: tccr.io/truecharts/node-red:v2.1.4@sha256:ede5c67753313e35ea6e0317573a74c77212822c33444b4b00ab562d2bdce97e**
-2021-12-04T19:44:38.052Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:44:38.052Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:44:38.055Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:44:38.055Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:44:38.052Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:44:38.052Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:44:38.055Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:44:38.055Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/node-red:v2.1.4@sha256:ede5c67753313e35ea6e0317573a74c77212822c33444b4b00ab562d2bdce97e (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| ansi-regex | CVE-2021-3807 | HIGH | 4.1.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | Click to expand!
https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://nvd.nist.gov/vuln/detail/CVE-2021-3918
|
-
diff --git a/charts/stable/novnc/security.md b/charts/stable/novnc/security.md
index 07df1d41f3c..c85665beb34 100644
--- a/charts/stable/novnc/security.md
+++ b/charts/stable/novnc/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:44:38.541Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:44:38.541Z [34mINFO[0m Detected config files: 1
#### novnc/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:44:41.889Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:44:41.889Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:44:41.892Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:44:41.889Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:44:41.889Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:44:41.892Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/novnc:version-1.2.0@sha256:aac782a823a7c34efce17d635a706cf967c6690784f0da9bd8efd4bb0bb598c1**
-2021-12-04T19:44:45.918Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:44:45.918Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:44:45.918Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:44:45.918Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/nullserv/security.md b/charts/stable/nullserv/security.md
index d20774f7ad7..7233f83582b 100644
--- a/charts/stable/nullserv/security.md
+++ b/charts/stable/nullserv/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:44:38.997Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:44:38.997Z [34mINFO[0m Detected config files: 1
#### nullserv/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:44:41.267Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:44:41.267Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:44:41.273Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:44:41.267Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:44:41.267Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:44:41.273Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/nullserv:v1.3.0@sha256:67aa9d50ba0c9547b4b0f7fc68c023a34b5e2b027f7bc9233120d5fbd6bcf3cd**
-2021-12-04T19:44:48.390Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:44:48.390Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/nzbget/security.md b/charts/stable/nzbget/security.md
index bec1092277f..467321a8762 100644
--- a/charts/stable/nzbget/security.md
+++ b/charts/stable/nzbget/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:45:18.567Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:45:18.567Z [34mINFO[0m Detected config files: 1
#### nzbget/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:45:19.970Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:45:19.971Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:45:19.979Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:45:19.970Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:45:19.971Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:45:19.979Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/nzbget:v21.1@sha256:381d4e760ee2de5b2f3a83d1f2885b3bffe891f6b961db0df94986b03868333a**
-2021-12-04T19:45:23.988Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:45:23.988Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:45:24.000Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:45:24.000Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:45:24.000Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:45:23.988Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:45:23.988Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:45:24.000Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:45:24.000Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:45:24.000Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/nzbget:v21.1@sha256:381d4e760ee2de5b2f3a83d1f2885b3bffe891f6b961db0df94986b03868333a (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -150,15 +150,14 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.3-1ubuntu1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/nzbhydra/security.md b/charts/stable/nzbhydra/security.md
index cd4d3c1decf..f03ceb5f0de 100644
--- a/charts/stable/nzbhydra/security.md
+++ b/charts/stable/nzbhydra/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:45:31.207Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:45:31.207Z [34mINFO[0m Detected config files: 1
#### nzbhydra/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:45:32.082Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:45:32.082Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:45:32.092Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:45:32.082Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:45:32.082Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:45:32.092Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/nzbhydra2:v3.18.1@sha256:49f70e9135edc8afcc3343569f7d6dbc4b693012f502ed70783241b975990ef6**
-2021-12-04T19:45:42.742Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:45:42.742Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:45:42.746Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:45:42.746Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:45:42.742Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:45:42.742Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:45:42.746Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:45:42.746Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/nzbhydra2:v3.18.1@sha256:49f70e9135edc8afcc3343569f7d6dbc4b693012f502ed70783241b975990ef6 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -159,8 +159,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/octoprint/security.md b/charts/stable/octoprint/security.md
index e2ee9b3e49e..c43f5179f1d 100644
--- a/charts/stable/octoprint/security.md
+++ b/charts/stable/octoprint/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:45:43.427Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:45:43.427Z [34mINFO[0m Detected config files: 1
#### octoprint/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:45:44.310Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:45:44.310Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:45:44.317Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:45:44.310Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:45:44.310Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:45:44.317Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/octoprint:v1.7.2@sha256:80d677488365ad240b0cef90fa381ba849dcd82dfc62b11689d88da9867956c6**
-2021-12-04T19:46:11.144Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:46:11.144Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:46:11.377Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:46:11.379Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:46:11.382Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:46:11.144Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:46:11.144Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:46:11.377Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:46:11.379Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:46:11.382Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/octoprint:v1.7.2@sha256:80d677488365ad240b0cef90fa381ba849dcd82dfc62b11689d88da9867956c6 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1477,15 +1477,14 @@
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Werkzeug | pyup.io-42050 | UNKNOWN | 1.0.1 | 2.0.2 | Click to expand!
|
-
diff --git a/charts/stable/odoo/security.md b/charts/stable/odoo/security.md
index da57d5ee192..55c82744b5f 100644
--- a/charts/stable/odoo/security.md
+++ b/charts/stable/odoo/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:46:19.308Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:46:19.308Z [34mINFO[0m Detected config files: 2
#### odoo/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:46:24.427Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:46:24.427Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:46:24.438Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:46:24.427Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:46:24.427Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:46:24.438Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:46:26.755Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:46:26.755Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:46:26.782Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:46:26.782Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:46:26.782Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:46:26.755Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:46:26.755Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:46:26.782Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:46:26.782Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:46:26.782Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/odoo:version-14.0@sha256:dec23986ced979e029a78512272e2be18bab60d811bccb3d7ddc4b3241b210e2**
-2021-12-04T19:46:54.798Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:46:54.798Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:46:54.842Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:46:54.843Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:46:54.798Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:46:54.798Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:46:54.842Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:46:54.843Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/odoo:version-14.0@sha256:dec23986ced979e029a78512272e2be18bab60d811bccb3d7ddc4b3241b210e2 (debian 10.10)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -686,22 +686,22 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:46:56.073Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:46:56.073Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:46:56.078Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:46:56.073Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:46:56.073Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:46:56.078Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -729,16 +729,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:46:57.394Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:46:57.394Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:46:57.421Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:46:57.421Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:46:57.421Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:46:57.394Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:46:57.394Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:46:57.421Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:46:57.421Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:46:57.421Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -933,16 +933,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/ombi/security.md b/charts/stable/ombi/security.md
index 4ee99a3ac67..22a7092ca2a 100644
--- a/charts/stable/ombi/security.md
+++ b/charts/stable/ombi/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:46:20.029Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:46:20.029Z [34mINFO[0m Detected config files: 1
#### ombi/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:46:25.004Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:46:25.004Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:46:25.012Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:46:25.004Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:46:25.004Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:46:25.012Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/ombi:v4.0.1482@sha256:0fa4e81029d9adef9d773ce99db13ff3039fd087d58d7266cbcfd7462e7afc56**
-2021-12-04T19:46:33.364Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:46:33.364Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:46:33.367Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:46:33.367Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:46:33.364Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:46:33.364Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:46:33.367Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:46:33.367Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/ombi:v4.0.1482@sha256:0fa4e81029d9adef9d773ce99db13ff3039fd087d58d7266cbcfd7462e7afc56 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -157,8 +157,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/onlyoffice-document-server/security.md b/charts/stable/onlyoffice-document-server/security.md
index d0fd89484ba..590130214d0 100644
--- a/charts/stable/onlyoffice-document-server/security.md
+++ b/charts/stable/onlyoffice-document-server/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:46:27.249Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:46:27.249Z [34mINFO[0m Detected config files: 1
#### onlyoffice-document-server/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:46:56.675Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:46:56.675Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:46:56.679Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:46:56.675Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:46:56.675Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:46:56.679Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/documentserver:v6.4.2.6@sha256:c298cbb59a2d7f73a5a9bc5cc11f9e0e299ef2ab966e64f3e8d8382921a6341c**
-2021-12-04T19:47:36.848Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:47:36.848Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:47:36.860Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:47:36.848Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:47:36.848Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:47:36.860Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/documentserver:v6.4.2.6@sha256:c298cbb59a2d7f73a5a9bc5cc11f9e0e299ef2ab966e64f3e8d8382921a6341c (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -440,4 +440,3 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.3-1ubuntu1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu14 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2ubuntu1 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
-
diff --git a/charts/stable/openkm/security.md b/charts/stable/openkm/security.md
index eb80875ab12..1a4ef288953 100644
--- a/charts/stable/openkm/security.md
+++ b/charts/stable/openkm/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:46:55.490Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:46:55.490Z [34mINFO[0m Detected config files: 2
#### openkm/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -37,14 +37,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:46:58.372Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:46:58.372Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:46:58.383Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:46:58.372Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:46:58.372Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:46:58.383Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -72,16 +72,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:47:39.208Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:47:39.208Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:47:39.238Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:47:39.238Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:47:39.238Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:47:39.208Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:47:39.208Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:47:39.238Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:47:39.238Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:47:39.238Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -276,33 +276,33 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: 'tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c'**
**Container: tccr.io/truecharts/openkm-ce:v6.3.11@sha256:941156f70c16350fb92d66f60007ac68abaee11265448eaacc40e821a46afc4d**
-2021-12-04T19:48:32.457Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:48:32.457Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:48:32.479Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:48:32.479Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:48:32.457Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:48:32.457Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:48:32.479Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:48:32.479Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/openkm-ce:v6.3.11@sha256:941156f70c16350fb92d66f60007ac68abaee11265448eaacc40e821a46afc4d (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -726,7 +726,7 @@
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-1ubuntu1 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ch.qos.logback:logback-classic | CVE-2017-5929 | CRITICAL | 1.1.3 | 1.2.0 | Click to expand!
http://www.cvedetails.com/cve/CVE-2017-5929/
https://access.redhat.com/errata/RHSA-2017:1675
https://access.redhat.com/errata/RHSA-2017:1676
https://access.redhat.com/errata/RHSA-2017:1832
https://access.redhat.com/errata/RHSA-2018:2927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929
https://github.com/advisories/GHSA-vmfg-rjjm-rjrj
https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8
https://lists.apache.org/thread.html/18d509024d9aeb07f0e9579066f80bf5d4dcf20467b0c240043890d1@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/a6db61616180d73711d6db25703085940026e2dbc40f153f9d22b203@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/fa4eaaa6ff41ac6f79811e053c152ee89b7c5da8a6ac848ae97df67f@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r0bb19330e48d5ad784fa20dacba9e5538d8d60f5cd9142e0f1432b4b@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2a08573ddee4a86dc96d469485a5843a01710ee0dc2078dfca410c79@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2c2d57ca180e8173c90fe313ddf8eabbdcf8e3ae196f8b9f42599790@%3Ccommits.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/r397bf63783240fbb5713389d3f889d287ae0c11509006700ac720037@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r4673642893562c58cbee60c151ded6c077e8a2d02296e862224a9161@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r632ec30791b441e2eb5a3129532bf1b689bf181d0ef7daf50bcf0fd6@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r718f27bed898008a8e037d9cc848cfc1df4d18abcbaee0cb0c142cfb@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r967953a14e05016bc4bcae9ef3dd92e770181158b4246976ed8295c9@%3Cdev.brooklyn.apache.org%3E
https://lists.apache.org/thread.html/ra007cec726a3927c918ec94c4316d05d1829c49eae8dc3648adc35e2@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rbb4dfca2f7e3e8f3570eec21c79832d33a51dfde6762725660b60169@%3Cdev.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/rc5f0cc2f3b153bdf15ee7389d78585829abc9c7af4d322ba1085dd3e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rd2227af3c9ada2a72dc72ed05517f5857a34d487580e1f2803922ff9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/re9b787727291786dfe088e3cd078c7d195c0b5781e15d3cd24a3b2fc@%3Cdev.mnemonic.apache.org%3E
https://logback.qos.ch/news.html
https://nvd.nist.gov/vuln/detail/CVE-2017-5929
|
@@ -870,14 +870,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:48:34.780Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:34.780Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:34.783Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:48:34.780Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:34.780Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:34.783Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -905,16 +905,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:48:38.094Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:48:38.094Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:48:38.112Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:48:38.112Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:48:38.112Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:48:38.094Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:48:38.094Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:48:38.112Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:48:38.112Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:48:38.112Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1109,16 +1109,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/openldap/security.md b/charts/stable/openldap/security.md
index 9755ee7f319..f001ddc7f17 100644
--- a/charts/stable/openldap/security.md
+++ b/charts/stable/openldap/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:47:37.294Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:47:37.294Z [34mINFO[0m Detected config files: 1
#### openldap/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:47:38.590Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:47:38.590Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:47:38.601Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:47:38.590Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:47:38.590Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:47:38.601Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/openldap:v1.5.0@sha256:d7e4f9279595ea1772efac4063876b29a96ff54c214f2c3ba52d2c3bfca8928c**
-2021-12-04T19:47:44.128Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:47:44.128Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:47:44.171Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:47:44.171Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:47:44.128Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:47:44.128Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:47:44.171Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:47:44.171Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/openldap:v1.5.0@sha256:d7e4f9279595ea1772efac4063876b29a96ff54c214f2c3ba52d2c3bfca8928c (debian 10.8)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.2 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -434,14 +434,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20201012173705-84dcc777aaee | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20201012173705-84dcc777aaee | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
-
diff --git a/charts/stable/organizr/security.md b/charts/stable/organizr/security.md
index 133b0145e2f..87bc7f1b9a4 100644
--- a/charts/stable/organizr/security.md
+++ b/charts/stable/organizr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:47:37.746Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:47:37.746Z [34mINFO[0m Detected config files: 1
#### organizr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:47:47.295Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:47:47.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:47:47.302Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:47:47.295Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:47:47.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:47:47.302Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/organizr:latest@sha256:ca1794e822f705b63c5753d56c7eecfd23e1ae77ddffb5a66b13c2ec7f587ad3**
-2021-12-04T19:47:51.140Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:47:51.140Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:47:51.157Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:47:51.140Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:47:51.140Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:47:51.157Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/organizr:latest@sha256:ca1794e822f705b63c5753d56c7eecfd23e1ae77ddffb5a66b13c2ec7f587ad3 (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -114,4 +114,3 @@
| ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
-
diff --git a/charts/stable/oscam/security.md b/charts/stable/oscam/security.md
index 7677d728a0e..1df8e0b28b0 100644
--- a/charts/stable/oscam/security.md
+++ b/charts/stable/oscam/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:48:33.326Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:48:33.326Z [34mINFO[0m Detected config files: 1
#### oscam/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:48:43.241Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:43.241Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:43.251Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:48:43.241Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:43.241Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:43.251Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/oscam:version-11693@sha256:dcaa24c5076e020243aa0bcf2b5e2edbd1fcf6f9066c50e3f5c2f32937c68cb9**
-2021-12-04T19:49:00.993Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:00.993Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/overseerr/security.md b/charts/stable/overseerr/security.md
index e3831eae476..0ecc00df157 100644
--- a/charts/stable/overseerr/security.md
+++ b/charts/stable/overseerr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:48:35.093Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:48:35.093Z [34mINFO[0m Detected config files: 1
#### overseerr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:48:36.515Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:36.516Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:36.519Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:48:36.515Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:36.516Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:36.519Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,17 +61,17 @@
**Container: tccr.io/truecharts/overseerr:v1.27.0@sha256:cf3d0ae6c0df50e397a567e49d2ba891c2dc46cb1145f11acf0a12b82a3bfcd9**
-2021-12-04T19:48:58.965Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:58.965Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:58.966Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:48:58.966Z [34mINFO[0m Detecting node-pkg vulnerabilities...
-2021-12-04T19:48:58.990Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.11.12
-2021-12-04T19:48:58.990Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:48:58.965Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:58.965Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:58.966Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:48:58.966Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:48:58.990Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.11.12
+2021-12-04T19:48:58.990Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/overseerr:v1.27.0@sha256:cf3d0ae6c0df50e397a567e49d2ba891c2dc46cb1145f11acf0a12b82a3bfcd9 (alpine 3.11.12)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.31.1-r10 | 1.31.1-r11 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -96,7 +96,7 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r10 | 1.31.1-r11 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -118,4 +118,3 @@
| tar | CVE-2021-37701 | HIGH | 6.1.0 | 6.1.7, 5.0.8, 4.4.16 | Click to expand!
https://github.com/advisories/GHSA-9r2w-394v-53qc
https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
https://nvd.nist.gov/vuln/detail/CVE-2021-37701
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1779
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37712 | HIGH | 6.1.0 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-qq89-hq3f-393p
https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
https://nvd.nist.gov/vuln/detail/CVE-2021-37712
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1780
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37713 | HIGH | 6.1.0 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/charts/stable/owncast/security.md b/charts/stable/owncast/security.md
index 8a9ace4fa1c..e2d27558a45 100644
--- a/charts/stable/owncast/security.md
+++ b/charts/stable/owncast/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:48:33.033Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:48:33.033Z [34mINFO[0m Detected config files: 1
#### owncast/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:48:35.660Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:35.660Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:35.666Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:48:35.660Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:35.660Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:35.666Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/owncast:v0.0.10@sha256:59e455798cacf118a74184755b060f48bcc05dc56bb9d4f696bcc77f411f1ad0**
-2021-12-04T19:48:41.846Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:41.846Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:41.849Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:48:41.849Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:48:41.846Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:41.846Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:41.849Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:48:41.849Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/owncast:v0.0.10@sha256:59e455798cacf118a74184755b060f48bcc05dc56bb9d4f696bcc77f411f1ad0 (alpine 3.12.0)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -117,9 +117,6 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r16 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/owncloud-ocis/security.md b/charts/stable/owncloud-ocis/security.md
index 814276e668d..8b45e287d68 100644
--- a/charts/stable/owncloud-ocis/security.md
+++ b/charts/stable/owncloud-ocis/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:49:22.457Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:49:22.457Z [34mINFO[0m Detected config files: 1
#### owncloud-ocis/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:49:23.264Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:23.264Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:23.275Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:23.264Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:23.264Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:23.275Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,24 +61,23 @@
**Container: tccr.io/truecharts/ocis:v1.15.0@sha256:513bf715f330afcd06918be63f47b8ad7bf80515d3ed2b29afdb7da00ed66eb4**
-2021-12-04T19:49:26.300Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:26.300Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:26.300Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:49:26.301Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:49:26.300Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:26.300Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:26.300Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:49:26.301Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/ocis:v1.15.0@sha256:513bf715f330afcd06918be63f47b8ad7bf80515d3ed2b29afdb7da00ed66eb4 (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/dgrijalva/jwt-go | CVE-2020-26160 | HIGH | v3.2.0+incompatible | | Click to expand!
https://github.com/dgrijalva/jwt-go/pull/426
https://nvd.nist.gov/vuln/detail/CVE-2020-26160
https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515
|
| github.com/satori/go.uuid | GO-2020-0018 | UNKNOWN | v1.2.0 | v1.2.1-0.20181016170032-d91630c85102 | Click to expand!
|
-
diff --git a/charts/stable/pgadmin/security.md b/charts/stable/pgadmin/security.md
index a655638ccfa..b42525e23f4 100644
--- a/charts/stable/pgadmin/security.md
+++ b/charts/stable/pgadmin/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:49:26.951Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:49:26.951Z [34mINFO[0m Detected config files: 1
#### pgadmin/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:49:27.762Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:27.762Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:27.781Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:27.762Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:27.762Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:27.781Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,25 +61,24 @@
**Container: tccr.io/truecharts/pgadmin4:v6.2@sha256:56a1cc09742301c5cca10f75f9766a85f7b8c9a256ee88cdf04ad1038db2f2cd**
-2021-12-04T19:49:35.161Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:35.161Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:35.162Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:49:35.162Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:49:35.161Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:35.161Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:35.162Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:49:35.162Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/pgadmin4:v6.2@sha256:56a1cc09742301c5cca10f75f9766a85f7b8c9a256ee88cdf04ad1038db2f2cd (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Flask-Security-Too | CVE-2021-32618 | MEDIUM | 4.1.2 | | Click to expand!
https://github.com/Flask-Middleware/flask-security/issues/486
https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-6qmf-fj6m-686c
https://github.com/advisories/GHSA-6qmf-fj6m-686c
https://nvd.nist.gov/vuln/detail/CVE-2021-32618
|
| WTForms | pyup.io-42852 | UNKNOWN | 2.3.3 | 3.0.0a1 | Click to expand!
|
| Werkzeug | pyup.io-42050 | UNKNOWN | 1.0.1 | 2.0.2 | Click to expand!
|
-
diff --git a/charts/stable/photoprism/security.md b/charts/stable/photoprism/security.md
index c4456535361..00d20a13a83 100644
--- a/charts/stable/photoprism/security.md
+++ b/charts/stable/photoprism/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:49:56.482Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:49:56.482Z [34mINFO[0m Detected config files: 2
#### photoprism/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:49:57.995Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:57.995Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:58.003Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:57.995Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:57.995Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:58.003Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,15 +70,15 @@
**Container: tccr.io/truecharts/photoprism:v20211130@sha256:97fa3752e28cd26282f06b87f299c63f5b8413b84de09acd8b71375a2b77540f**
-2021-12-04T19:50:32.255Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:50:32.255Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:50:32.258Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:50:32.258Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:50:32.255Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:50:32.255Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:50:32.258Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:50:32.258Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/photoprism:v20211130@sha256:97fa3752e28cd26282f06b87f299c63f5b8413b84de09acd8b71375a2b77540f (ubuntu 21.10)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| coreutils | CVE-2016-2781 | LOW | 8.32-4ubuntu2 | | Click to expand!
http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
|
@@ -251,28 +251,28 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+22ubuntu2 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/satori/go.uuid | GO-2020-0018 | UNKNOWN | v1.2.0 | v1.2.1-0.20181016170032-d91630c85102 | Click to expand!
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:50:33.452Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:50:33.452Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:50:33.456Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:50:33.452Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:50:33.452Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:50:33.456Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -300,15 +300,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:51:01.039Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:51:01.039Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:51:01.074Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:51:01.074Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:51:01.039Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:51:01.039Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:51:01.074Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:51:01.074Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -457,16 +457,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/photoshow/security.md b/charts/stable/photoshow/security.md
index cc95e05c6e1..76b81a1df5c 100644
--- a/charts/stable/photoshow/security.md
+++ b/charts/stable/photoshow/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:49:49.158Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:49:49.158Z [34mINFO[0m Detected config files: 1
#### photoshow/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:49:49.954Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:49.954Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:49.961Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:49.954Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:49.954Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:49.961Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/photoshow:version-48aabb98@sha256:03c034b9ffc3db42e8255c502665ddb352f0219404494bceba8e7c1263f53dfc**
-2021-12-04T19:49:55.464Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:55.464Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/phpldapadmin/security.md b/charts/stable/phpldapadmin/security.md
index 9311b1dfe5b..8beb7957f3c 100644
--- a/charts/stable/phpldapadmin/security.md
+++ b/charts/stable/phpldapadmin/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:50:33.848Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:50:33.848Z [34mINFO[0m Detected config files: 1
#### phpldapadmin/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:50:47.244Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:50:47.244Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:50:47.251Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:50:47.244Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:50:47.244Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:50:47.251Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/phpldapadmin:v0.9.0@sha256:5e68d251665b187cc920985f74f57f8ba2ce44cb8d7efaaa100cc19493974807**
-2021-12-04T19:50:59.904Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:50:59.904Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:50:59.958Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:50:59.904Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:50:59.904Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:50:59.958Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/phpldapadmin:v0.9.0@sha256:5e68d251665b187cc920985f74f57f8ba2ce44cb8d7efaaa100cc19493974807 (debian 10.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2020-11984 | CRITICAL | 2.4.38-3+deb10u3 | 2.4.38-3+deb10u4 | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html
http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html
http://www.openwall.com/lists/oss-security/2020/08/08/1
http://www.openwall.com/lists/oss-security/2020/08/08/10
http://www.openwall.com/lists/oss-security/2020/08/08/8
http://www.openwall.com/lists/oss-security/2020/08/08/9
http://www.openwall.com/lists/oss-security/2020/08/10/5
http://www.openwall.com/lists/oss-security/2020/08/17/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984
https://linux.oracle.com/cve/CVE-2020-11984.html
https://linux.oracle.com/errata/ELSA-2021-1809.html
https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r34753590ae8e3f2b6af689af4fe84269b592f5fda9f3244fd9abbce8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1@%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9@%3Ccvs.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/
https://security.gentoo.org/glsa/202008-04
https://security.netapp.com/advisory/ntap-20200814-0005/
https://ubuntu.com/security/notices/USN-4458-1
https://ubuntu.com/security/notices/USN-5054-1
https://usn.ubuntu.com/4458-1/
https://www.debian.org/security/2020/dsa-4757
https://www.openwall.com/lists/oss-security/2020/08/07/1
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
|
@@ -816,4 +816,3 @@
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-6 | | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| tar | CVE-2021-20193 | LOW | 1.30+dfsg-6 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
|
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
-
diff --git a/charts/stable/piaware/security.md b/charts/stable/piaware/security.md
index 6df9d72df11..aaffe96d436 100644
--- a/charts/stable/piaware/security.md
+++ b/charts/stable/piaware/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:50:32.785Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:50:32.785Z [34mINFO[0m Detected config files: 1
#### piaware/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:50:35.144Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:50:35.144Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:50:35.149Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:50:35.144Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:50:35.144Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:50:35.149Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/piaware:v6.1@sha256:89938418a62cd3b4bed5e556fb64443f9e0cb9f14bbf41777c09b04f2f1e4f8a**
-2021-12-04T19:50:42.077Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:50:42.077Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:50:42.098Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:50:42.098Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:50:42.077Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:50:42.077Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:50:42.098Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:50:42.098Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/piaware:v6.1@sha256:89938418a62cd3b4bed5e556fb64443f9e0cb9f14bbf41777c09b04f2f1e4f8a (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -240,9 +240,6 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/pihole/security.md b/charts/stable/pihole/security.md
index ae95b2fbe18..36e2bd5fcf2 100644
--- a/charts/stable/pihole/security.md
+++ b/charts/stable/pihole/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:50:35.610Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:50:35.610Z [34mINFO[0m Detected config files: 1
#### pihole/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:50:43.031Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:50:43.031Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:50:43.039Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:50:43.031Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:50:43.031Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:50:43.039Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/pihole:v2021.10.1@sha256:406a7368955ed3248a924bcb9c578d8554793048e025deb59f03caf6fd3f17c4**
-2021-12-04T19:50:52.356Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:50:52.356Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:50:52.423Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:50:52.424Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:50:52.424Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:50:52.356Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:50:52.356Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:50:52.423Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:50:52.424Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:50:52.424Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/pihole:v2021.10.1@sha256:406a7368955ed3248a924bcb9c578d8554793048e025deb59f03caf6fd3f17c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -310,16 +310,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/pixapop/security.md b/charts/stable/pixapop/security.md
index 244619a0717..83825173a9e 100644
--- a/charts/stable/pixapop/security.md
+++ b/charts/stable/pixapop/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:51:16.882Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:51:16.882Z [34mINFO[0m Detected config files: 1
#### pixapop/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:51:18.169Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:51:18.169Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:51:18.172Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:51:18.169Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:51:18.169Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:51:18.172Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/pixapop:v1.2-ls15@sha256:6a05383524fcd51b0b692d508dd16ed6948337aa272677e01baa6d8ba119c070**
-2021-12-04T19:51:32.200Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:51:32.200Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:51:32.211Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:51:32.200Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:51:32.200Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:51:32.211Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| acorn | GHSA-6chw-6frg-f759 | HIGH | 6.1.1 | 5.7.4, 7.1.1, 6.4.1 | Click to expand!
https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802
https://github.com/acornjs/acorn/issues/929
https://github.com/advisories/GHSA-6chw-6frg-f759
https://snyk.io/vuln/SNYK-JS-ACORN-559469
https://www.npmjs.com/advisories/1488
|
@@ -126,7 +126,7 @@
| yargs-parser | CVE-2020-7608 | MEDIUM | 7.0.0 | 5.0.1, 13.1.2, 18.1.2, 15.0.1 | Click to expand!
https://github.com/advisories/GHSA-p9pc-299p-vxgp
https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2
https://linux.oracle.com/cve/CVE-2020-7608.html
https://linux.oracle.com/errata/ELSA-2021-0548.html
https://nvd.nist.gov/vuln/detail/CVE-2020-7608
https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
https://www.npmjs.com/advisories/1500
|
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| symfony/cache | CVE-2019-18889 | CRITICAL | v4.2.3 | 3.4.35, 4.1.0, 4.2.0, 4.2.12, 4.3.8, 3.2.0, 3.3.0, 3.4.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18889
https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-18889.yaml
https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18889.yaml
https://github.com/advisories/GHSA-79gr-58r3-pwm3
https://github.com/symfony/symfony/commit/8817d28fcaacb31fe01d267f6e19b44d8179395a
https://github.com/symfony/symfony/releases/tag/v4.3.8
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
https://nvd.nist.gov/vuln/detail/CVE-2019-18889
https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances
https://symfony.com/blog/symfony-4-3-8-released
https://symfony.com/cve-2019-18889
|
@@ -138,4 +138,3 @@
| symfony/http-kernel | CVE-2019-18887 | HIGH | v4.2.4 | 2.8.0, 3.4.35, 4.3.8, 2.7.0, 2.6.0, 3.1.0, 4.1.0, 4.2.0, 4.2.12, 2.5.0, 3.2.0, 3.3.0, 3.4.0, 2.4.0, 2.8.52, 2.3.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18887
https://github.com/symfony/symfony/commit/cccefe6a7f12e776df0665aeb77fe9294c285fbb
https://github.com/symfony/symfony/releases/tag/v4.3.8
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner
https://symfony.com/blog/symfony-4-3-8-released
https://symfony.com/cve-2019-18887
|
| symfony/var-exporter | CVE-2019-11325 | CRITICAL | v4.2.3 | 4.2.12, 4.3.8 | Click to expand!
https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-11325.yaml
https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/var-exporter/CVE-2019-11325.yaml
https://github.com/advisories/GHSA-w4rc-rx25-8m86
https://github.com/symfony/symfony/releases/tag/v4.3.8
https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3
https://nvd.nist.gov/vuln/detail/CVE-2019-11325
https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter
https://symfony.com/blog/symfony-4-3-8-released
https://symfony.com/cve-2019-11325
|
| twig/twig | CVE-2019-9942 | LOW | v2.6.2 | 1.38.0, 2.7.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9942
https://github.com/twigphp/Twig/commit/eac5422956e1dcca89a3669a03a3ff32f0502077
https://seclists.org/bugtraq/2019/Mar/60
https://symfony.com/blog/twig-sandbox-information-disclosure
https://www.debian.org/security/2019/dsa-4419
|
-
diff --git a/charts/stable/plex/security.md b/charts/stable/plex/security.md
index 212ba810d8b..b34a5a968db 100644
--- a/charts/stable/plex/security.md
+++ b/charts/stable/plex/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:51:39.489Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:51:39.489Z [34mINFO[0m Detected config files: 1
#### plex/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:51:40.295Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:51:40.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:51:40.304Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:51:40.295Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:51:40.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:51:40.304Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/plex:v1.24.5.5173-8dcc73a59@sha256:48eeac73915041bd70aba28814e8b8f453dbf9948410c578e25d234089286437**
-2021-12-04T19:51:54.555Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:51:54.555Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:51:54.557Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:51:54.557Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:51:54.555Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:51:54.555Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:51:54.557Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:51:54.557Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/plex:v1.24.5.5173-8dcc73a59@sha256:48eeac73915041bd70aba28814e8b8f453dbf9948410c578e25d234089286437 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -153,8 +153,7 @@
| unrar | CVE-2018-25018 | MEDIUM | 1:5.6.6-2build1 | | Click to expand!
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25018
https://github.com/aawc/unrar/releases
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2018-204.yaml
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/podgrab/security.md b/charts/stable/podgrab/security.md
index 3dfe243c1bf..d20d4de1b31 100644
--- a/charts/stable/podgrab/security.md
+++ b/charts/stable/podgrab/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:51:55.158Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:51:55.158Z [34mINFO[0m Detected config files: 1
#### podgrab/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:51:56.895Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:51:56.895Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:51:56.901Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:51:56.895Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:51:56.895Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:51:56.901Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,27 +61,26 @@
**Container: tccr.io/truecharts/podgrab:v1.0.0@sha256:069fb1ef81d47a37137da2cfd249423c8dc330086c2a2e1271c5895f9f8cae9f**
-2021-12-04T19:52:00.409Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:52:00.409Z [33mWARN[0m This OS version is not on the EOL list: alpine 3.15
-2021-12-04T19:52:00.409Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:52:00.410Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:52:00.410Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:52:00.411Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.15.0
-2021-12-04T19:52:00.411Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:52:00.409Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:52:00.409Z [33mWARN[0m This OS version is not on the EOL list: alpine 3.15
+2021-12-04T19:52:00.409Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:52:00.410Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:52:00.410Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:52:00.411Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.15.0
+2021-12-04T19:52:00.411Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/podgrab:v1.0.0@sha256:069fb1ef81d47a37137da2cfd249423c8dc330086c2a2e1271c5895f9f8cae9f (alpine 3.15.0)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/satori/go.uuid | GO-2020-0018 | UNKNOWN | v1.2.0 | v1.2.1-0.20181016170032-d91630c85102 | Click to expand!
|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200820211705-5c72a883971a | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
-
diff --git a/charts/stable/pretend-youre-xyzzy/security.md b/charts/stable/pretend-youre-xyzzy/security.md
index f59811ce4b8..986046c1306 100644
--- a/charts/stable/pretend-youre-xyzzy/security.md
+++ b/charts/stable/pretend-youre-xyzzy/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:51:55.621Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:51:55.621Z [34mINFO[0m Detected config files: 1
#### pretend-youre-xyzzy/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:51:57.630Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:51:57.630Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:51:57.637Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:51:57.630Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:51:57.630Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:51:57.637Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,17 +61,17 @@
**Container: tccr.io/truecharts/pretend-youre-xyzzy:v4@sha256:d2b339819975c546a5360e160c793a615e86ab04e5aed91427ff1dd850205ace**
-2021-12-04T19:52:11.214Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:52:11.214Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:52:11.217Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:52:11.217Z [34mINFO[0m Detecting jar vulnerabilities...
-2021-12-04T19:52:11.219Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.4.0
-2021-12-04T19:52:11.219Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:52:11.214Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:52:11.214Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:52:11.217Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:52:11.217Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:52:11.219Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.4.0
+2021-12-04T19:52:11.219Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/pretend-youre-xyzzy:v4@sha256:d2b339819975c546a5360e160c793a615e86ab04e5aed91427ff1dd850205ace (alpine 3.4.0)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| libcrypto1.0 | CVE-2018-0732 | HIGH | 1.0.2n-r0 | 1.0.2o-r1 | Click to expand!
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/104442
http://www.securitytracker.com/id/1041090
https://access.redhat.com/errata/RHSA-2018:2552
https://access.redhat.com/errata/RHSA-2018:2553
https://access.redhat.com/errata/RHSA-2018:3221
https://access.redhat.com/errata/RHSA-2018:3505
https://access.redhat.com/errata/RHSA-2019:1296
https://access.redhat.com/errata/RHSA-2019:1297
https://access.redhat.com/errata/RHSA-2019:1543
https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3984ef0b72831da8b3ece4745cac4f8575b19098
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ea7abeeabf92b7aca160bdd0208636d4da69f4f4
https://linux.oracle.com/cve/CVE-2018-0732.html
https://linux.oracle.com/errata/ELSA-2018-4249.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
https://security.gentoo.org/glsa/201811-03
https://security.netapp.com/advisory/ntap-20181105-0001/
https://security.netapp.com/advisory/ntap-20190118-0002/
https://securityadvisories.paloaltonetworks.com/Home/Detail/133
https://ubuntu.com/security/notices/USN-3692-1
https://ubuntu.com/security/notices/USN-3692-2
https://usn.ubuntu.com/3692-1/
https://usn.ubuntu.com/3692-2/
https://www.debian.org/security/2018/dsa-4348
https://www.debian.org/security/2018/dsa-4355
https://www.openssl.org/news/secadv/20180612.txt
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.tenable.com/security/tns-2018-12
https://www.tenable.com/security/tns-2018-13
https://www.tenable.com/security/tns-2018-14
https://www.tenable.com/security/tns-2018-17
|
@@ -88,7 +88,7 @@
| libssl1.0 | CVE-2018-5407 | MEDIUM | 1.0.2n-r0 | 1.0.2q-r0 | Click to expand!
http://www.securityfocus.com/bid/105897
https://access.redhat.com/errata/RHSA-2019:0483
https://access.redhat.com/errata/RHSA-2019:0651
https://access.redhat.com/errata/RHSA-2019:0652
https://access.redhat.com/errata/RHSA-2019:2125
https://access.redhat.com/errata/RHSA-2019:3929
https://access.redhat.com/errata/RHSA-2019:3931
https://access.redhat.com/errata/RHSA-2019:3932
https://access.redhat.com/errata/RHSA-2019:3933
https://access.redhat.com/errata/RHSA-2019:3935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407
https://eprint.iacr.org/2018/1060.pdf
https://github.com/bbbrumley/portsmash
https://linux.oracle.com/cve/CVE-2018-5407.html
https://linux.oracle.com/errata/ELSA-2019-2125.html
https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
https://security.gentoo.org/glsa/201903-10
https://security.netapp.com/advisory/ntap-20181126-0001/
https://support.f5.com/csp/article/K49711130?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-3840-1
https://usn.ubuntu.com/3840-1/
https://www.debian.org/security/2018/dsa-4348
https://www.debian.org/security/2018/dsa-4355
https://www.exploit-db.com/exploits/45785/
https://www.openssl.org/news/secadv/20181112.txt
https://www.openwall.com/lists/oss-security/2018/11/01/4
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.tenable.com/security/tns-2018-16
https://www.tenable.com/security/tns-2018-17
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.google.guava:guava | CVE-2018-10237 | MEDIUM | 20.0 | 24.1.1-jre, 24.1.1-android | Click to expand!
http://www.securitytracker.com/id/1041707
https://access.redhat.com/errata/RHSA-2018:2423
https://access.redhat.com/errata/RHSA-2018:2424
https://access.redhat.com/errata/RHSA-2018:2425
https://access.redhat.com/errata/RHSA-2018:2428
https://access.redhat.com/errata/RHSA-2018:2598
https://access.redhat.com/errata/RHSA-2018:2643
https://access.redhat.com/errata/RHSA-2018:2740
https://access.redhat.com/errata/RHSA-2018:2741
https://access.redhat.com/errata/RHSA-2018:2742
https://access.redhat.com/errata/RHSA-2018:2743
https://access.redhat.com/errata/RHSA-2018:2927
https://access.redhat.com/errata/RHSA-2019:2858
https://access.redhat.com/errata/RHSA-2019:3149
https://github.com/advisories/GHSA-mvr2-9pj6-7w5j
https://github.com/google/guava/wiki/CVE-2018-10237
https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion
https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion
https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084@%3Cgitbox.activemq.apache.org%3E
https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc@%3Chdfs-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94@%3Cissues.storm.apache.org%3E
https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E
https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540@%3Cdev.syncope.apache.org%3E
https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E
https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45@%3Cissues.flink.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2018-10237
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -97,4 +97,3 @@
| commons-io:commons-io | CVE-2021-29425 | MEDIUM | 2.6 | 2.7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425
https://github.com/advisories/GHSA-gwrp-pvrq-jmwv
https://issues.apache.org/jira/browse/IO-556
https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E
https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa@%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E
https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a@%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00016.html
https://nvd.nist.gov/vuln/detail/CVE-2021-29425
https://ubuntu.com/security/notices/USN-5095-1
https://www.openwall.com/lists/oss-security/2021/04/12/1
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.apache.httpcomponents:httpclient | CVE-2020-13956 | MEDIUM | 4.5.5 | 4.5.13 | Click to expand!
https://github.com/advisories/GHSA-7r82-7xv7-xcpj
https://lists.apache.org/thread.html/r03bbc318c81be21f5c8a9b85e34f2ecc741aa804a8e43b0ef2c37749@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r043a75acdeb52b15dd5e9524cdadef4202e6a5228644206acf9363f9@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/r06cf3ca5c8ceb94b39cd24a73d4e96153b485a7dac88444dd876accb@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/r0a75b8f0f72f3e18442dc56d33f3827b905f2fe5b7ba48997436f5d1@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/r0bebe6f9808ac7bdf572873b4fa96a29c6398c90dab29f131f3ebffe@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/r12cb62751b35bdcda0ae2a08b67877d665a1f4d41eee0fa7367169e0@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r132e4c6a560cfc519caa1aaee63bdd4036327610eadbd89f76dd5457@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2835543ef0f91adcc47da72389b816e36936f584c7be584d2314fac3@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/r2a03dc210231d7e852ef73015f71792ac0fcaca6cccc024c522ef17d@%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2dc7930b43eadc78220d269b79e13ecd387e4bee52db67b2f47d4303@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/r34178ab6ef106bc940665fd3f4ba5026fac3603b3fa2aefafa0b619d@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r34efec51cb817397ccf9f86e25a75676d435ba5f83ee7b2eabdad707@%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/r3cecd59fba74404cbf4eb430135e1080897fb376f111406a78bed13a@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/r3f740e4c38bba1face49078aa5cbeeb558c27be601cc9712ad2dcd1e@%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/r4850b3fbaea02fde2886e461005e4af8d37c80a48b3ce2a6edca0e30@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/r549ac8c159bf0c568c19670bedeb8d7c0074beded951d34b1c1d0d05@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r55b2a1d1e9b1ec9db792b93da8f0f99a4fd5a5310b02673359d9b4d1@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r5b55f65c123a7481104d663a915ec45a0d103e6aaa03f42ed1c07a89@%3Cdev.jackrabbit.apache.org%3E
https://lists.apache.org/thread.html/r5de3d3808e7b5028df966e45115e006456c4e8931dc1e29036f17927@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/r5fec9c1d67f928179adf484b01e7becd7c0a6fdfe3a08f92ea743b90@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r63296c45d5d84447babaf39bd1487329d8a80d8d563e67a4b6f3d8a7@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r69a94e2f302d1b778bdfefe90fcb4b8c50b226438c3c8c1d0de85a19@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r6a3cda38d050ebe13c1bc9a28d0a8ec38945095d07eca49046bcb89f@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/r6d672b46622842e565e00f6ef6bef83eb55d8792aac2bee75bff9a2a@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/r6dab7da30f8bf075f79ee189e33b45a197502e2676481bb8787fc0d7%40%3Cdev.hc.apache.org%3E
https://lists.apache.org/thread.html/r6eb2dae157dbc9af1f30d1f64e9c60d4ebef618f3dce4a0e32d6ea4d@%3Ccommits.drill.apache.org%3E
https://lists.apache.org/thread.html/r70c429923100c5a4fae8e5bc71c8a2d39af3de4888f50a0ac3755e6f@%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/r87ddc09295c27f25471269ad0a79433a91224045988b88f0413a97ec@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r8aa1e5c343b89aec5b69961471950e862f15246cb6392910161c389b@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r9e52a6c72c8365000ecd035e48cc9fee5a677a150350d4420c46443d@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/ra539f20ef0fb0c27ee39945b5f56bf162e5c13d1c60f7344dab8de3b@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/ra8bc6b61c5df301a6fe5a716315528ecd17ccb8a7f907e24a47a1a5e@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/rad6222134183046f3928f733bf680919e0c390739bfbfe6c90049673@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/rae14ae25ff4a60251e3ba2629c082c5ba3851dfd4d21218b99b56652@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/rb33212dab7beccaf1ffef9b88610047c644f644c7a0ebdc44d77e381@%3Ccommits.turbine.apache.org%3E
https://lists.apache.org/thread.html/rb4ba262d6f08ab9cf8b1ebbcd9b00b0368ffe90dad7ad7918b4b56fc@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/rb725052404fabffbe093c83b2c46f3f87e12c3193a82379afbc529f8@%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/rc0863892ccfd9fd0d0ae10091f24ee769fb39b8957fe4ebabfc11f17@%3Cdev.jackrabbit.apache.org%3E
https://lists.apache.org/thread.html/rc3739e0ad4bcf1888c6925233bfc37dd71156bbc8416604833095c42@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/rc505fee574fe8d18f9b0c655a4d120b0ae21bb6a73b96003e1d9be35@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/rc5c6ccb86d2afe46bbd4b71573f0448dc1f87bbcd5a0d8c7f8f904b2@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/rc990e2462ec32b09523deafb2c73606208599e196fa2d7f50bdbc587@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/rcced7ed3237c29cd19c1e9bf465d0038b8b2e967b99fc283db7ca553@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/rcd9ad5dda60c82ab0d0c9bd3e9cb1dc740804451fc20c7f451ef5cc4@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rd5ab56beb2ac6879f6ab427bc4e5f7691aed8362d17b713f61779858@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/re504acd4d63b8df2a7353658f45c9a3137e5f80e41cf7de50058b2c1@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/rea3dbf633dde5008d38bf6600a3738b9216e733e03f9ff7becf79625@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/ree942561f4620313c75982a4e5f3b74fe6f7062b073210779648eec2@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/reef569c2419705754a3acf42b5f19b2a158153cef0e448158bc54917@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/rf03228972e56cb4a03e6d9558188c2938078cf3ceb23a3fead87c9ca@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf43d17ed0d1fb4fb79036b582810ef60b18b1ef3add0d5dea825af1e@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/rf4db88c22e1be9eb60c7dc623d0528642c045fb196a24774ac2fa3a3@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/rf7ca60f78f05b772cc07d27e31bcd112f9910a05caf9095e38ee150f@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/rfb35f6db9ba1f1e061b63769a4eff5abadcc254ebfefc280e5a0dcf1@%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/rfbedcb586a1e7dfce87ee03c720e583fc2ceeafa05f35c542cecc624@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/rfc00884c7b7ca878297bffe45fcb742c362b00b26ba37070706d44c3@%3Cissues.hive.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-13956
https://www.openwall.com/lists/oss-security/2020/10/08/4
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.jsoup:jsoup | CVE-2021-37714 | HIGH | 1.11.2 | 1.14.2 | Click to expand!
https://github.com/advisories/GHSA-m72m-mhq2-9p6c
https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c
https://jsoup.org/news/release-1.14.1
https://jsoup.org/news/release-1.14.2
https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E
https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E
https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-37714
|
-
diff --git a/charts/stable/promcord/security.md b/charts/stable/promcord/security.md
index 95165f1156a..23e23f43906 100644
--- a/charts/stable/promcord/security.md
+++ b/charts/stable/promcord/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:52:12.453Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:52:12.453Z [34mINFO[0m Detected config files: 1
#### promcord/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:52:13.353Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:52:13.353Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:52:13.360Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:52:13.353Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:52:13.353Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:52:13.360Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/promcord:latest@sha256:ba9bee8d89b3ce86ca55d1bd29e13deb31f73a004991b17d8d80c73f2cc1c03c**
-2021-12-04T19:52:27.089Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:52:27.089Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:52:27.123Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:52:27.123Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:52:27.089Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:52:27.089Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:52:27.123Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:52:27.123Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/promcord:latest@sha256:ba9bee8d89b3ce86ca55d1bd29e13deb31f73a004991b17d8d80c73f2cc1c03c (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -137,8 +137,7 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-25649 | HIGH | 2.10.1 | 2.6.7.4, 2.9.10.7, 2.10.5.1 | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1887664
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25649
https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59 (jackson-databind-2.11.0.rc1)
https://github.com/FasterXML/jackson-databind/issues/2589
https://github.com/advisories/GHSA-288c-cq4h-88gq
https://lists.apache.org/thread.html/r011d1430e8f40dff9550c3bc5d0f48b14c01ba8aecabd91d5e495386@%3Ccommits.turbine.apache.org%3E
https://lists.apache.org/thread.html/r024b7bda9c43c5560d81238748775c5ecfe01b57280f90df1f773949@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r04529cedaca40c2ff90af4880493f9c88a8ebf4d1d6c861d23108a5a@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0881e23bd9034c8f51fdccdc8f4d085ba985dcd738f8520569ca5c3d@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r0b8dc3acd4503e4ecb6fbd6ea7d95f59941168d8452ac0ab1d1d96bb@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r1b7ed0c4b6c4301d4dfd6fdbc5581b0a789d3240cab55d766f33c6c6@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2882fc1f3032cd7be66e28787f04ec6f1874ac68d47e310e30ff7eb1@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2b6ddb3a4f4cd11d8f6305011e1b7438ba813511f2e3ab3180c7ffda@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r2eb66c182853c69ecfb52f63d3dec09495e9b65be829fd889a081ae1@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/r2f5c5479f99398ef344b7ebd4d90bc3316236c45d0f3bc42090efcd7@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r31f4ee7d561d56a0c2c2c6eb1d6ce3e05917ff9654fdbfec05dc2b83@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r3e6ae311842de4e64c5d560a475b7f9cc7e0a9a8649363c6cf7537eb@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r407538adec3185dd35a05c9a26ae2f74425b15132470cf540f41d85b@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r45e7350dfc92bb192f3f88e9971c11ab2be0953cc375be3dda5170bd@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r5b130fe668503c4b7e2caf1b16f86b7f2070fd1b7ef8f26195a2ffbd@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r5f8a1608d758936bd6bbc5eed980777437b611537bf6fff40663fc71@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r605764e05e201db33b3e9c2e66ff620658f07ad74f296abe483f7042@%3Creviews.iotdb.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r63c87aab97155f3f3cbe11d030c4a184ea0de440ee714977db02e956@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r68d029ee74ab0f3b0569d0c05f5688cb45dd3abe96a6534735252805@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r6a4f3ef6edfed2e0884269d84798f766779bbbc1005f7884e0800d61@%3Cdev.knox.apache.org%3E
https://lists.apache.org/thread.html/r6a6df5647583541e3cb71c75141008802f7025cee1c430d4ed78f4cc@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r6cbd599b80e787f02ff7a1391d9278a03f37d6a6f4f943f0f01a62fb@%3Creviews.iotdb.apache.org%3E
https://lists.apache.org/thread.html/r6e3d4f7991542119a4ca6330271d7fbf7b9fb3abab24ada82ddf1ee4@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r73bef1bb601a9f093f915f8075eb49fcca51efade57b817afd5def07@%3Ccommits.iotdb.apache.org%3E
https://lists.apache.org/thread.html/r765283e145049df9b8998f14dcd444345555aae02b1610cfb3188bf8@%3Cnotifications.iotdb.apache.org%3E
https://lists.apache.org/thread.html/r78d53a0a269c18394daf5940105dc8c7f9a2399503c2e78be20abe7e@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r7cb5b4b3e4bd41a8042e5725b7285877a17bcbf07f4eb3f7b316af60@%3Creviews.iotdb.apache.org%3E
https://lists.apache.org/thread.html/r86c78bf7656fdb2dab69cbf17f3d7492300f771025f1a3a65d5e5ce5@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8764bb835bcb8e311c882ff91dd3949c9824e905e880930be56f6ba3@%3Cuser.spark.apache.org%3E
https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r8ae961c80930e2717c75025414ce48a432cea1137c02f648b1fb9524@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r900d4408c4189b376d1ec580ea7740ea6f8710dc2f0b7e9c9eeb5ae0@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r90d1e97b0a743cf697d89a792a9b669909cc5a1692d1e0083a22e66c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r91722ecfba688b0c565675f8bf380269fde8ec62b54d6161db544c22@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r94c7e86e546120f157264ba5ba61fd29b3a8d530ed325a9b4fa334d7@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r95a297eb5fd1f2d3a2281f15340e2413f952e9d5503296c3adc7201a@%3Ccommits.tomee.apache.org%3E
https://lists.apache.org/thread.html/r98bfe3b90ea9408f12c4b447edcb5638703d80bc782430aa0c210a54@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra1157e57a01d25e36b0dc17959ace758fc21ba36746de29ba1d8b130@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/ra409f798a1e5a6652b7097429b388650ccd65fd958cee0b6f69bba00@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/ra95faf968f3463acb3f31a6fbec31453fc5045325f99f396961886d3@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/raf13235de6df1d47a717199e1ecd700dff3236632f5c9a1488d9845b@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rb674520b9f6c808c1bf263b1369e14048ec3243615f35cfd24e33604@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rc15e90bbef196a5c6c01659e015249d6c9a73581ca9afb8aeecf00d2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rc82ff47853289e9cd17f5cfbb053c04cafc75ee32e3d7223963f83bb@%3Cdev.knox.apache.org%3E
https://lists.apache.org/thread.html/rc88f2fa2b7bd6443921727aeee7704a1fb02433e722e2abf677e0d3d@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc959cdb57c4fe198316130ff4a5ecbf9d680e356032ff2e9f4f05d54@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rd317f15a675d114dbf5b488d27eeb2467b4424356b16116eb18a652d@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rd57c7582adc90e233f23f3727db3df9115b27a823b92374f11453f34@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rd6f6bf848c2d47fa4a85c27d011d948778b8f7e58ba495968435a0b3@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdca8711bb7aa5d47a44682606cd0ea3497e2e922f22b7ee83e81e6c1@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rdf9a34726482222c90d50ae1b9847881de67dde8cfde4999633d2cdc@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re16f81d3ad49a93dd2f0cba9f8fc88e5fb89f30bf9a2ad7b6f3e69c1@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/re96dc7a13e13e56190a5d80f9e5440a0d0c83aeec6467b562fbf2dca@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rf1809a1374041a969d77afab21fc38925de066bc97e86157d3ac3402@%3Ccommits.karaf.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6X2UT4X6M7DLQYBOOHMXBWGYJ65RL2CT/
https://nvd.nist.gov/vuln/detail/CVE-2020-25649
https://security.netapp.com/advisory/ntap-20210108-0007/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/charts/stable/protonmail-bridge/security.md b/charts/stable/protonmail-bridge/security.md
index 30a6ec54afc..d04efe49963 100644
--- a/charts/stable/protonmail-bridge/security.md
+++ b/charts/stable/protonmail-bridge/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:52:39.475Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:52:39.475Z [34mINFO[0m Detected config files: 1
#### protonmail-bridge/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:52:40.282Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:52:40.282Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:52:40.289Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:52:40.282Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:52:40.282Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:52:40.289Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/protonmail-bridge:v1.8.10-1@sha256:58a54002123cc9a83cfb3170deb0a1dbf4cedabdced09a9c6bcafc19ee4b5631**
-2021-12-04T19:52:50.299Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:52:50.299Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:52:50.309Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:52:50.299Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:52:50.299Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:52:50.309Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/protonmail-bridge:v1.8.10-1@sha256:58a54002123cc9a83cfb3170deb0a1dbf4cedabdced09a9c6bcafc19ee4b5631 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -164,4 +164,3 @@
| passwd | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
|
| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
|
| perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
-
diff --git a/charts/stable/prowlarr/security.md b/charts/stable/prowlarr/security.md
index 2c6de50696f..ccfedee3c35 100644
--- a/charts/stable/prowlarr/security.md
+++ b/charts/stable/prowlarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:52:51.030Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:52:51.030Z [34mINFO[0m Detected config files: 1
#### prowlarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:52:51.717Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:52:51.717Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:52:51.727Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:52:51.717Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:52:51.717Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:52:51.727Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/prowlarr:v0.1.6.1184@sha256:44938a94880e98d0636612cbb3a92b0dc0688c060f7415265c44372e272f4deb**
-2021-12-04T19:53:00.578Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:53:00.578Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:53:00.580Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:53:00.580Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:53:00.578Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:53:00.578Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:53:00.580Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:53:00.580Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/prowlarr:v0.1.6.1184@sha256:44938a94880e98d0636612cbb3a92b0dc0688c060f7415265c44372e272f4deb (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -150,8 +150,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/pyload/security.md b/charts/stable/pyload/security.md
index 4e0c5f734dd..51795e3e5d2 100644
--- a/charts/stable/pyload/security.md
+++ b/charts/stable/pyload/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:53:01.277Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:53:01.277Z [34mINFO[0m Detected config files: 1
#### pyload/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:53:02.112Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:53:02.112Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:53:02.117Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:53:02.112Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:53:02.112Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:53:02.117Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,13 +61,13 @@
**Container: tccr.io/truecharts/pyload:version-5de90278@sha256:c33489498cb4541bbf936b1ebd1eaebfb0cae279f738aa0e6184969089e94081**
-2021-12-04T19:53:13.623Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:53:13.623Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:53:13.623Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:53:13.623Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-25287 | CRITICAL | 6.2.2 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25287
https://github.com/advisories/GHSA-77gc-v2xv-rvvh
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://github.com/python-pillow/Pillow/pull/5377/commits/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25287
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
@@ -98,4 +98,3 @@
| Pillow | GHSA-jgpv-4h4c-xhw3 | MEDIUM | 6.2.2 | 8.1.2 | Click to expand!
https://github.com/advisories/GHSA-jgpv-4h4c-xhw3
https://github.com/calix2/pyVulApp/security/advisories/GHSA-jgpv-4h4c-xhw3
|
| pycrypto | CVE-2013-7459 | CRITICAL | 2.6.1 | | Click to expand!
http://www.openwall.com/lists/oss-security/2016/12/27/8
http://www.securityfocus.com/bid/95122
https://bugzilla.redhat.com/show_bug.cgi?id=1409754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7459
https://github.com/advisories/GHSA-cq27-v7xp-c356
https://github.com/dlitz/pycrypto/commit/8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4
https://github.com/dlitz/pycrypto/issues/176
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C6BWNADPLKDBBQBUT3P75W7HAJCE7M3B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RJ37R2YLX56YZABFNAOWV4VTHTGYREAE/
https://nvd.nist.gov/vuln/detail/CVE-2013-7459
https://pony7.fr/ctf:public:32c3:cryptmsg
https://security.gentoo.org/glsa/201702-14
https://ubuntu.com/security/notices/USN-3199-1
https://ubuntu.com/security/notices/USN-3199-2
https://ubuntu.com/security/notices/USN-3199-3
|
| pycrypto | CVE-2018-6594 | HIGH | 2.6.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6594
https://github.com/Legrandin/pycryptodome/issues/90
https://github.com/TElgamal/attack-on-pycrypto-elgamal
https://github.com/advisories/GHSA-6528-wvf6-f6qg
https://github.com/dlitz/pycrypto/issues/253
https://lists.debian.org/debian-lts-announce/2018/02/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2018-6594
https://security.gentoo.org/glsa/202007-62
https://ubuntu.com/security/notices/USN-3616-1
https://ubuntu.com/security/notices/USN-3616-2
https://usn.ubuntu.com/3616-1/
https://usn.ubuntu.com/3616-2/
|
-
diff --git a/charts/stable/qbittorrent/security.md b/charts/stable/qbittorrent/security.md
index fce32d16feb..36edb139675 100644
--- a/charts/stable/qbittorrent/security.md
+++ b/charts/stable/qbittorrent/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:53:14.440Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:53:14.440Z [34mINFO[0m Detected config files: 1
#### qbittorrent/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:53:15.325Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:53:15.325Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:53:15.330Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:53:15.325Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:53:15.325Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:53:15.330Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/qbittorrent:v4.3.9@sha256:6508ca6bd05d003d92852d5bd8deaae3176d776a5789ad68199ba1807d43cf8c**
-2021-12-04T19:53:19.253Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:53:19.253Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:53:19.263Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:53:19.263Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:53:19.253Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:53:19.253Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:53:19.263Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:53:19.263Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/qbittorrent:v4.3.9@sha256:6508ca6bd05d003d92852d5bd8deaae3176d776a5789ad68199ba1807d43cf8c (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -164,8 +164,7 @@
| unrar | CVE-2018-25018 | MEDIUM | 1:5.6.6-2build1 | | Click to expand!
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25018
https://github.com/aawc/unrar/releases
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2018-204.yaml
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/radarr/security.md b/charts/stable/radarr/security.md
index 59856c3446c..0549b92d84f 100644
--- a/charts/stable/radarr/security.md
+++ b/charts/stable/radarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:53:35.250Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:53:35.250Z [34mINFO[0m Detected config files: 1
#### radarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:53:36.742Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:53:36.742Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:53:36.748Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:53:36.742Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:53:36.742Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:53:36.748Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/radarr:v3.2.2.5080@sha256:6013953bf2b8c6546fed1b2265f5978b30403fa26b990aab7a5ed6e86088866e**
-2021-12-04T19:53:42.459Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:53:42.459Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:53:42.461Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:53:42.461Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:53:42.459Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:53:42.459Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:53:42.461Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:53:42.461Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/radarr:v3.2.2.5080@sha256:6013953bf2b8c6546fed1b2265f5978b30403fa26b990aab7a5ed6e86088866e (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -154,8 +154,7 @@
| perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/readarr/security.md b/charts/stable/readarr/security.md
index 0657e7081b4..f86cfe5d71a 100644
--- a/charts/stable/readarr/security.md
+++ b/charts/stable/readarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:53:46.659Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:53:46.659Z [34mINFO[0m Detected config files: 1
#### readarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:53:49.441Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:53:49.441Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:53:49.448Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:53:49.441Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:53:49.441Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:53:49.448Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/readarr:v0.1.0.1081@sha256:0750f1d772a4e9915f0241bff4e7aee030d53186ec83a0bad4630b3bf6926880**
-2021-12-04T19:54:00.112Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:54:00.112Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:54:00.131Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:54:00.131Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:54:00.112Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:54:00.112Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:54:00.131Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:54:00.131Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/readarr:v0.1.0.1081@sha256:0750f1d772a4e9915f0241bff4e7aee030d53186ec83a0bad4630b3bf6926880 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -150,8 +150,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/recipes/security.md b/charts/stable/recipes/security.md
index 1f63080cf91..b5ce651bafc 100644
--- a/charts/stable/recipes/security.md
+++ b/charts/stable/recipes/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:54:11.231Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:54:11.231Z [34mINFO[0m Detected config files: 2
#### recipes/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -37,14 +37,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:12.167Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:12.168Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:12.172Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:12.167Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:12.168Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:12.172Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -72,16 +72,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:54:13.238Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:54:13.238Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:54:13.279Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:54:13.279Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:54:13.279Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:54:13.238Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:54:13.238Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:54:13.279Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:54:13.279Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:54:13.279Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -276,31 +276,31 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/recipes:v1.0.2@sha256:d61f230769c64948f1b2c56ec189666bb08821b02f383f4e0c299c35d2542cbc**
-2021-12-04T19:54:42.983Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:42.983Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:42.985Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:54:42.985Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:54:42.998Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:54:42.983Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:42.983Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:42.985Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:54:42.985Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:54:42.998Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/recipes:v1.0.2@sha256:d61f230769c64948f1b2c56ec189666bb08821b02f383f4e0c299c35d2542cbc (alpine 3.12.7)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.6-r0 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -331,7 +331,7 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| @actions/core | CVE-2020-15228 | MEDIUM | 1.2.0 | 1.2.6 | Click to expand!
http://packetstormsecurity.com/files/159794/GitHub-Widespread-Injection.html
https://github.com/actions/toolkit/security/advisories/GHSA-mfwh-5m23-j46w
https://github.com/advisories/GHSA-mfwh-5m23-j46w
https://nvd.nist.gov/vuln/detail/CVE-2020-15228
|
@@ -343,7 +343,7 @@
| nth-check | CVE-2021-3803 | HIGH | 1.0.2 | 2.0.1 | Click to expand!
https://github.com/advisories/GHSA-rp65-9cf3-cjxr
https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726
https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0
https://nvd.nist.gov/vuln/detail/CVE-2021-3803
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| python-ldap | GHSA-r8wq-qrxc-hmcm | MEDIUM | 3.3.1 | 3.4.0 | Click to expand!
https://github.com/advisories/GHSA-r8wq-qrxc-hmcm
https://github.com/python-ldap/python-ldap/issues/424
https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm
|
@@ -356,14 +356,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:48.281Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:48.281Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:48.288Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:48.281Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:48.281Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:48.288Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -391,16 +391,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:54:53.455Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:54:53.455Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:54:53.518Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:54:53.518Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:54:53.518Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:54:53.455Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:54:53.455Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:54:53.518Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:54:53.518Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:54:53.518Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -595,16 +595,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/reg/security.md b/charts/stable/reg/security.md
index 4a060692c17..740348d0f26 100644
--- a/charts/stable/reg/security.md
+++ b/charts/stable/reg/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:54:04.941Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:54:04.941Z [34mINFO[0m Detected config files: 1
#### reg/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:05.759Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:05.759Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:05.767Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:05.759Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:05.759Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:05.767Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/reg:v0.16.1@sha256:ae581387764a23c62c1386389e27358bac5088790904938264cb0bcd4e8c946c**
-2021-12-04T19:54:10.068Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:54:10.068Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:54:10.072Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:54:10.072Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:54:10.068Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:54:10.068Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:54:10.072Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:54:10.072Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/reg:v0.16.1@sha256:ae581387764a23c62c1386389e27358bac5088790904938264cb0bcd4e8c946c (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -171,7 +171,7 @@
| perl-modules-5.30 | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/containerd/containerd | CVE-2021-41103 | HIGH | v1.2.9 | v1.4.11, v1.5.7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103
https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8
https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41103
https://ubuntu.com/security/notices/USN-5100-1
https://www.debian.org/security/2021/dsa-5002
|
@@ -185,8 +185,7 @@
| github.com/opencontainers/runc | CVE-2019-19921 | HIGH | v0.1.1 | v1.0.0-rc9.0.20200122160610-2fc03cc11c77 | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00018.html
https://access.redhat.com/errata/RHSA-2020:0688
https://access.redhat.com/errata/RHSA-2020:0695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19921
https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9
https://github.com/opencontainers/runc/issues/2197
https://github.com/opencontainers/runc/pull/2190
https://github.com/opencontainers/runc/pull/2207
https://github.com/opencontainers/runc/releases
https://linux.oracle.com/cve/CVE-2019-19921.html
https://linux.oracle.com/errata/ELSA-2020-1650.html
https://security-tracker.debian.org/tracker/CVE-2019-19921
https://security.gentoo.org/glsa/202003-21
https://ubuntu.com/security/notices/USN-4297-1
https://usn.ubuntu.com/4297-1/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/remmina/security.md b/charts/stable/remmina/security.md
index f999f515639..0e06e0a1cd0 100644
--- a/charts/stable/remmina/security.md
+++ b/charts/stable/remmina/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:54:43.607Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:54:43.607Z [34mINFO[0m Detected config files: 1
#### remmina/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:44.408Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:44.408Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:44.417Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:44.408Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:44.408Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:44.417Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/remmina:version-1.2.0-rcgit.29dfsg-1ubuntu1@sha256:c7795b9222063e436c77a94436da5e1bcdc1b13891f936673369588830a5ae8d**
-2021-12-04T19:54:46.555Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:54:46.555Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:54:46.566Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:54:46.566Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:54:46.555Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:54:46.555Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:54:46.566Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:54:46.566Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/remmina:version-1.2.0-rcgit.29dfsg-1ubuntu1@sha256:c7795b9222063e436c77a94436da5e1bcdc1b13891f936673369588830a5ae8d (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -298,9 +298,8 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/charts/stable/resilio-sync/security.md b/charts/stable/resilio-sync/security.md
index 5b060d68200..8fe5ecb25ca 100644
--- a/charts/stable/resilio-sync/security.md
+++ b/charts/stable/resilio-sync/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:54:45.053Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:54:45.053Z [34mINFO[0m Detected config files: 1
#### resilio-sync/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:47.633Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:47.633Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:47.643Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:47.633Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:47.633Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:47.643Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/resilio-sync:version-2.7.2.1375@sha256:54f42485d39a7773ff2e13c27ebfc32fc448eaf13f8972f38e14eedadb0b3a2e**
-2021-12-04T19:54:52.339Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:54:52.339Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:54:52.342Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:52.339Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:54:52.339Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:54:52.342Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/resilio-sync:version-2.7.2.1375@sha256:54f42485d39a7773ff2e13c27ebfc32fc448eaf13f8972f38e14eedadb0b3a2e (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -183,4 +183,3 @@
| passwd | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
|
| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
|
| perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
-
diff --git a/charts/stable/sabnzbd/security.md b/charts/stable/sabnzbd/security.md
index f32eb00b4ab..f36e918568a 100644
--- a/charts/stable/sabnzbd/security.md
+++ b/charts/stable/sabnzbd/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:54:54.455Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:54:54.455Z [34mINFO[0m Detected config files: 1
#### sabnzbd/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:55.570Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:55.570Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:55.583Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:55.570Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:55.570Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:55.583Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/sabnzbd:v3.4.2@sha256:23f1fd8ff6709a1f11b08134f5463887efcfaa5aa1beadf32984d56b9b93c35d**
-2021-12-04T19:55:00.638Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:55:00.638Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:55:00.641Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:55:00.641Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:55:00.641Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:55:00.638Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:55:00.638Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:55:00.641Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:55:00.641Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:55:00.641Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/sabnzbd:v3.4.2@sha256:23f1fd8ff6709a1f11b08134f5463887efcfaa5aa1beadf32984d56b9b93c35d (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -149,15 +149,14 @@
| unrar | CVE-2018-25018 | MEDIUM | 1:5.6.6-2build1 | | Click to expand!
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25018
https://github.com/aawc/unrar/releases
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2018-204.yaml
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/ser2sock/security.md b/charts/stable/ser2sock/security.md
index 8976e57fa25..4bec5c0ecb2 100644
--- a/charts/stable/ser2sock/security.md
+++ b/charts/stable/ser2sock/security.md
@@ -4,7 +4,7 @@
##### Scan Results
-2021-12-04T19:55:29.375Z [34mINFO[0m Detected config files: 0
+2021-12-04T19:55:29.375Z [34mINFO[0m Detected config files: 0
| No Vulnerabilities found |
|:---------------------------------|
@@ -15,4 +15,3 @@
##### Scan Results
-
diff --git a/charts/stable/shiori/security.md b/charts/stable/shiori/security.md
index b8f5d978bfb..9c2a93f43c8 100644
--- a/charts/stable/shiori/security.md
+++ b/charts/stable/shiori/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:55:50.174Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:55:50.174Z [34mINFO[0m Detected config files: 2
#### shiori/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:55:53.657Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:55:53.657Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:55:53.665Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:55:53.657Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:55:53.657Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:55:53.665Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:55:55.004Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:55:55.005Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:55:55.041Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:55:55.041Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:55:55.042Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:55:55.004Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:55:55.005Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:55:55.041Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:55:55.041Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:55:55.042Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,28 +275,28 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/shiori:version-v1.5.0@sha256:6c6331888c9a5162def49b6212327242f7f5c96e2d5a1bb031f79321cc1c0549**
-2021-12-04T19:56:03.324Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:56:03.324Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:56:03.324Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:56:03.324Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### go/bin/shiori
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20190701094942-4def268fd1a4 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
@@ -304,14 +304,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:56:04.946Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:56:04.946Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:56:04.960Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:04.946Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:56:04.946Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:56:04.960Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -339,16 +339,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:56:06.183Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:56:06.183Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:56:06.236Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:56:06.236Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:56:06.236Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:56:06.183Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:56:06.183Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:56:06.236Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:56:06.236Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:56:06.236Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -543,16 +543,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/shorturl/security.md b/charts/stable/shorturl/security.md
index 5b7c2366542..1c8b3b5232e 100644
--- a/charts/stable/shorturl/security.md
+++ b/charts/stable/shorturl/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:55:45.195Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:55:45.195Z [34mINFO[0m Detected config files: 1
#### shorturl/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:55:49.512Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:55:49.512Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:55:49.521Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:55:49.512Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:55:49.512Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:55:49.521Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/shorturl:version-v0.1.0@sha256:3893eab50b4d790958b31cbb7fd5d545369e7f91ee2d77551352a6510c86ba03**
-2021-12-04T19:55:52.102Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:55:52.102Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/sickchill/security.md b/charts/stable/sickchill/security.md
index 531b954abb5..4780e01c8b1 100644
--- a/charts/stable/sickchill/security.md
+++ b/charts/stable/sickchill/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:55:52.602Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:55:52.602Z [34mINFO[0m Detected config files: 1
#### sickchill/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:55:54.295Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:55:54.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:55:54.301Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:55:54.295Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:55:54.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:55:54.301Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/sickchill:v2021.5.10-1-ls63@sha256:f9fd82d8c6d12bc85dcc7813b7216087efb006dc05104ce67386ec989be25dc4**
-2021-12-04T19:56:01.534Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:56:01.534Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:56:01.534Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:56:01.534Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/sickgear/security.md b/charts/stable/sickgear/security.md
index be19d0d7441..6464eebf7e7 100644
--- a/charts/stable/sickgear/security.md
+++ b/charts/stable/sickgear/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:56:04.011Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:56:04.011Z [34mINFO[0m Detected config files: 1
#### sickgear/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:56:05.604Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:56:05.605Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:56:05.620Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:05.604Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:56:05.605Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:56:05.620Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/sickgear:version-release_0.25.4@sha256:6a78e9f784cf298552402143bee239858956f4783c7619e9a2b960c0d0d15d73**
-2021-12-04T19:56:10.897Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:10.897Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/smokeping/security.md b/charts/stable/smokeping/security.md
index 325ef7d9953..976bf057228 100644
--- a/charts/stable/smokeping/security.md
+++ b/charts/stable/smokeping/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:56:31.963Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:56:31.963Z [34mINFO[0m Detected config files: 1
#### smokeping/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:56:33.193Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:56:33.193Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:56:33.202Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:33.193Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:56:33.193Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:56:33.202Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/smokeping:version-2.7.3-r5@sha256:e56ba2420901250afb865a7e03e43956dcff17503ce44c48b20064980a42f5a4**
-2021-12-04T19:56:42.773Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:42.773Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/sonarr/security.md b/charts/stable/sonarr/security.md
index aa44f5c7bb4..38625eae526 100644
--- a/charts/stable/sonarr/security.md
+++ b/charts/stable/sonarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:56:44.447Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:56:44.447Z [34mINFO[0m Detected config files: 1
#### sonarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:56:45.218Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:56:45.218Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:56:45.231Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:45.218Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:56:45.218Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:56:45.231Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/sonarr:v3.0.6.1342@sha256:245800dc1c4304f8121bf0d3e5dda4251eb613b0dfe20e5975ceb9f88eaba8e6**
-2021-12-04T19:57:01.803Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:57:01.803Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:57:01.806Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:57:01.806Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:57:01.803Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:57:01.803Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:57:01.806Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:57:01.806Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/sonarr:v3.0.6.1342@sha256:245800dc1c4304f8121bf0d3e5dda4251eb613b0dfe20e5975ceb9f88eaba8e6 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -181,8 +181,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/speedtest-exporter/security.md b/charts/stable/speedtest-exporter/security.md
index dd52f59a0e2..5d5e5b3c487 100644
--- a/charts/stable/speedtest-exporter/security.md
+++ b/charts/stable/speedtest-exporter/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:57:02.665Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:57:02.665Z [34mINFO[0m Detected config files: 1
#### speedtest-exporter/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:57:03.873Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:03.873Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:03.882Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:57:03.873Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:03.873Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:03.882Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/speedtest-exporter:v3.3.4**
-2021-12-04T19:57:09.310Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:09.310Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:09.318Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:57:09.318Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:57:09.310Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:09.310Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:09.318Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:57:09.318Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/speedtest-exporter:v3.3.4 (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -97,9 +97,6 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/sqlitebrowser/security.md b/charts/stable/sqlitebrowser/security.md
index da5a8ae5dd4..83edd6fd0c2 100644
--- a/charts/stable/sqlitebrowser/security.md
+++ b/charts/stable/sqlitebrowser/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:57:02.264Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:57:02.264Z [34mINFO[0m Detected config files: 1
#### sqlitebrowser/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:57:03.304Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:03.304Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:03.310Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:57:03.304Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:03.304Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:03.310Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/sqlitebrowser:version-3.12.2-02876202105241947ubuntu18.04.1@sha256:fc18746d4b3c37355ef0015b34c9bdd1d023c528d05097bf6dc839d54234fc48**
-2021-12-04T19:57:06.495Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:57:06.495Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:57:06.506Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:57:06.506Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:57:06.495Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:57:06.495Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:57:06.506Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:57:06.506Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/sqlitebrowser:version-3.12.2-02876202105241947ubuntu18.04.1@sha256:fc18746d4b3c37355ef0015b34c9bdd1d023c528d05097bf6dc839d54234fc48 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -284,9 +284,8 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/charts/stable/stash/security.md b/charts/stable/stash/security.md
index 7857f219385..994b1cc347f 100644
--- a/charts/stable/stash/security.md
+++ b/charts/stable/stash/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:57:23.328Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:57:23.328Z [34mINFO[0m Detected config files: 1
#### stash/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:57:24.345Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:24.345Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:24.360Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:57:24.345Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:24.345Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:24.360Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,32 +61,29 @@
**Container: tccr.io/truecharts/stash:v0.11.0@sha256:8ce5c582a35c7ad8db0ef9e0bcfeb03bccfa1bc7e8432f36ec572f8e5a2fc97d**
-2021-12-04T19:57:32.061Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:32.061Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:32.084Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:57:32.084Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:57:32.085Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:57:32.061Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:32.061Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:32.084Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:57:32.084Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:57:32.085Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/stash:v0.11.0@sha256:8ce5c582a35c7ad8db0ef9e0bcfeb03bccfa1bc7e8432f36ec572f8e5a2fc97d (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/static/security.md b/charts/stable/static/security.md
index 7fa02b82fec..455e99b1249 100644
--- a/charts/stable/static/security.md
+++ b/charts/stable/static/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:57:48.240Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:57:48.240Z [34mINFO[0m Detected config files: 1
#### static/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:57:49.600Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:49.600Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:49.606Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:57:49.600Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:49.600Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:49.606Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/static:version-ee8a20c@sha256:5644e67d64d9c23330ffd83e62a99f268a801b6d76b67d07a998952de131e00b**
-2021-12-04T19:57:52.038Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:57:52.038Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:57:52.038Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:57:52.038Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### go/bin/static
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/statping/security.md b/charts/stable/statping/security.md
index 554100818d9..a67e153a8be 100644
--- a/charts/stable/statping/security.md
+++ b/charts/stable/statping/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:58:03.642Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:58:03.642Z [34mINFO[0m Detected config files: 2
#### statping/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:58:04.723Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:04.723Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:04.728Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:04.723Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:04.723Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:04.728Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:58:05.556Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:58:05.557Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:58:05.594Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:58:05.594Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:58:05.603Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:58:05.556Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:58:05.557Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:58:05.594Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:58:05.594Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:05.603Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/statping:v0.90.74@sha256:1c7e6cf35253668dd55ab20dde3c3e10d2fefd31416963b81d63846b672f38ce**
-2021-12-04T19:58:09.072Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:09.072Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:09.073Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:58:09.073Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:09.072Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:09.072Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:09.073Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:58:09.073Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/statping:v0.90.74@sha256:1c7e6cf35253668dd55ab20dde3c3e10d2fefd31416963b81d63846b672f38ce (alpine 3.12.3)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -365,7 +365,7 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r19 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/dgrijalva/jwt-go | CVE-2020-26160 | HIGH | v3.2.0+incompatible | | Click to expand!
https://github.com/dgrijalva/jwt-go/pull/426
https://nvd.nist.gov/vuln/detail/CVE-2020-26160
https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515
|
@@ -373,14 +373,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:58:09.949Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:09.949Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:09.959Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:09.949Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:09.949Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:09.959Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -408,16 +408,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:58:10.725Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:58:10.725Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:58:10.770Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:58:10.770Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:58:10.770Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:58:10.725Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:58:10.725Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:58:10.770Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:58:10.770Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:10.770Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -612,16 +612,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/syncthing/security.md b/charts/stable/syncthing/security.md
index 2385d47c974..b3cf4505aed 100644
--- a/charts/stable/syncthing/security.md
+++ b/charts/stable/syncthing/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:57:57.764Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:57:57.764Z [34mINFO[0m Detected config files: 1
#### syncthing/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:57:58.598Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:58.598Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:58.605Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:57:58.598Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:58.598Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:58.605Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/syncthing:v1.18.4@sha256:cc2bd691927ec19b9aac2d4a3e2330cb0ce9458dda761ead7dddd5f2d8338221**
-2021-12-04T19:58:00.666Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:00.666Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:00.668Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:58:00.668Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:00.666Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:00.666Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:00.668Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:58:00.668Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/syncthing:v1.18.4@sha256:cc2bd691927ec19b9aac2d4a3e2330cb0ce9458dda761ead7dddd5f2d8338221 (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -96,9 +96,6 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/tautulli/security.md b/charts/stable/tautulli/security.md
index 79d324706f8..c3c814653df 100644
--- a/charts/stable/tautulli/security.md
+++ b/charts/stable/tautulli/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:58:17.750Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:58:17.750Z [34mINFO[0m Detected config files: 1
#### tautulli/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:58:18.899Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:18.899Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:18.908Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:18.899Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:18.899Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:18.908Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/tautulli:v2.7.7@sha256:c63a409b9d44b5018dfe72955609f6b25b70945976739cd28f1f0af6e73484df**
-2021-12-04T19:58:22.626Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:58:22.626Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:58:22.630Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:58:22.630Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:58:22.631Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:58:22.626Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:58:22.626Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:58:22.630Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:58:22.630Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:22.631Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/tautulli:v2.7.7@sha256:c63a409b9d44b5018dfe72955609f6b25b70945976739cd28f1f0af6e73484df (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -148,15 +148,14 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04.1 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/teamspeak3/security.md b/charts/stable/teamspeak3/security.md
index dc1f2356d3f..5afbd026d36 100644
--- a/charts/stable/teamspeak3/security.md
+++ b/charts/stable/teamspeak3/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:58:38.915Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:58:38.915Z [34mINFO[0m Detected config files: 1
#### teamspeak3/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:58:43.063Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:43.063Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:43.071Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:43.063Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:43.063Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:43.071Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,15 @@
**Container: tccr.io/truecharts/teamspeak:v3.13.6@sha256:24acbeffda16a22105e06d60286e1c93d148c8467177feaf760bbe1ef3b9654c**
-2021-12-04T19:58:47.002Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:47.002Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:47.004Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:47.002Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:47.002Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:47.004Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/teamspeak:v3.13.6@sha256:24acbeffda16a22105e06d60286e1c93d148c8467177feaf760bbe1ef3b9654c (alpine 3.13.7)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| libpq | CVE-2021-23214 | HIGH | 13.4-r0 | 13.5-r0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23214
https://ubuntu.com/security/notices/USN-5145-1
https://www.postgresql.org/about/news/postgresql-141-135-129-1114-1019-and-9624-released-2349/
|
| libpq | CVE-2021-23222 | LOW | 13.4-r0 | 13.5-r0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23222
https://ubuntu.com/security/notices/USN-5145-1
https://www.postgresql.org/about/news/postgresql-141-135-129-1114-1019-and-9624-released-2349/
|
-
diff --git a/charts/stable/teedy/security.md b/charts/stable/teedy/security.md
index 7b9f7b5aafa..bda77fe291b 100644
--- a/charts/stable/teedy/security.md
+++ b/charts/stable/teedy/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:58:52.691Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:58:52.691Z [34mINFO[0m Detected config files: 2
#### teedy/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:58:53.599Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:53.599Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:53.606Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:53.599Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:53.599Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:53.606Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:58:54.448Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:58:54.448Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:58:54.506Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:58:54.506Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:58:54.506Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:58:54.448Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:58:54.448Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:58:54.506Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:58:54.506Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:54.506Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/docs:v1.9@sha256:23e9053e5eb837b31ae08bc770865827c7a2dc49dfc46fa2eba55f18fe8b21da**
-2021-12-04T19:59:18.424Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:59:18.424Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:59:18.436Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:59:18.436Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:59:18.424Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:59:18.424Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:59:18.436Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:59:18.436Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/docs:v1.9@sha256:23e9053e5eb837b31ae08bc770865827c7a2dc49dfc46fa2eba55f18fe8b21da (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2018-0501 | HIGH | 1.6~alpha7ubuntu2 | 1.6.3ubuntu0.1 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0501
https://mirror.fail
https://mirror.fail/
https://salsa.debian.org/apt-team/apt/commit/29658a3a74af49e2a24e17bdebb20e1612aac3ec
https://salsa.debian.org/apt-team/apt/commit/aebd4278bacc728ab00ebe31556983e140f60e47
https://ubuntu.com/security/notices/USN-3746-1
https://usn.ubuntu.com/3746-1/
|
@@ -1508,7 +1508,7 @@
| xxd | CVE-2021-3903 | LOW | 2:8.0.1453-1ubuntu1 | 2:8.0.1453-1ubuntu1.7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3903
https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43
https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/
https://ubuntu.com/security/notices/USN-5147-1
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.google.guava:guava | CVE-2020-8908 | LOW | 28.2-jre | 30.0 | Click to expand!
https://github.com/advisories/GHSA-5mg8-w23w-74h3
https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40
https://github.com/google/guava/issues/4011
https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r037fed1d0ebde50c9caf8d99815db3093c344c3f651c5a49a09824ce@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E
https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E
https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-8908
https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -1566,14 +1566,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:59:19.875Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:19.875Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:19.881Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:59:19.875Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:19.875Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:19.881Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1601,16 +1601,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:59:36.837Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:59:36.837Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:59:36.891Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:59:36.891Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:59:36.891Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:59:36.837Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:59:36.837Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:59:36.891Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:59:36.891Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:59:36.891Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1805,16 +1805,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/thelounge/security.md b/charts/stable/thelounge/security.md
index 49105887670..22cac9698da 100644
--- a/charts/stable/thelounge/security.md
+++ b/charts/stable/thelounge/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:59:19.289Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:59:19.289Z [34mINFO[0m Detected config files: 1
#### thelounge/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:59:21.037Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:21.037Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:21.050Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:59:21.037Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:21.037Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:21.050Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/thelounge:v4.3.0@sha256:642d2b46f679b666e7b7458e761de135b7fb6761e986a8bcb620d81803195051**
-2021-12-04T19:59:34.722Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:59:34.722Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:59:34.863Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:59:34.863Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:59:34.722Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:59:34.722Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:59:34.863Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:59:34.863Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/thelounge:v4.3.0@sha256:642d2b46f679b666e7b7458e761de135b7fb6761e986a8bcb620d81803195051 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -822,7 +822,7 @@
| wget | CVE-2021-31879 | MEDIUM | 1.21-1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -833,4 +833,3 @@
| tar | CVE-2021-37701 | HIGH | 2.2.2 | 6.1.7, 5.0.8, 4.4.16 | Click to expand!
https://github.com/advisories/GHSA-9r2w-394v-53qc
https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
https://nvd.nist.gov/vuln/detail/CVE-2021-37701
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1779
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37712 | HIGH | 2.2.2 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-qq89-hq3f-393p
https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
https://nvd.nist.gov/vuln/detail/CVE-2021-37712
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1780
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37713 | HIGH | 2.2.2 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/charts/stable/traccar/security.md b/charts/stable/traccar/security.md
index a22dd1e1002..7a6ca47112f 100644
--- a/charts/stable/traccar/security.md
+++ b/charts/stable/traccar/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:59:20.429Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:59:20.429Z [34mINFO[0m Detected config files: 2
#### traccar/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:59:24.066Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:24.066Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:24.071Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:59:24.066Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:24.066Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:24.071Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:59:36.029Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:59:36.029Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:59:36.071Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:59:36.071Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:59:36.071Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:59:36.029Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:59:36.029Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:59:36.071Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:59:36.071Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:59:36.071Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/traccar:v4.14@sha256:39fe3c8c65caef00ab79591c98b383432fe2d21bf745c925df6fd7891ce6fe78**
-2021-12-04T19:59:47.923Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:47.923Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:47.927Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:59:47.927Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:59:47.923Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:47.923Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:47.927Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:59:47.927Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/traccar:v4.14@sha256:39fe3c8c65caef00ab79591c98b383432fe2d21bf745c925df6fd7891ce6fe78 (alpine 3.14.1)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -329,7 +329,7 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ch.qos.logback:logback-core | CVE-2017-5929 | CRITICAL | 1.1.3 | 1.2.0 | Click to expand!
http://www.cvedetails.com/cve/CVE-2017-5929/
https://access.redhat.com/errata/RHSA-2017:1675
https://access.redhat.com/errata/RHSA-2017:1676
https://access.redhat.com/errata/RHSA-2017:1832
https://access.redhat.com/errata/RHSA-2018:2927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929
https://github.com/advisories/GHSA-vmfg-rjjm-rjrj
https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8
https://lists.apache.org/thread.html/18d509024d9aeb07f0e9579066f80bf5d4dcf20467b0c240043890d1@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/a6db61616180d73711d6db25703085940026e2dbc40f153f9d22b203@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/fa4eaaa6ff41ac6f79811e053c152ee89b7c5da8a6ac848ae97df67f@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r0bb19330e48d5ad784fa20dacba9e5538d8d60f5cd9142e0f1432b4b@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2a08573ddee4a86dc96d469485a5843a01710ee0dc2078dfca410c79@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2c2d57ca180e8173c90fe313ddf8eabbdcf8e3ae196f8b9f42599790@%3Ccommits.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/r397bf63783240fbb5713389d3f889d287ae0c11509006700ac720037@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r4673642893562c58cbee60c151ded6c077e8a2d02296e862224a9161@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r632ec30791b441e2eb5a3129532bf1b689bf181d0ef7daf50bcf0fd6@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r718f27bed898008a8e037d9cc848cfc1df4d18abcbaee0cb0c142cfb@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r967953a14e05016bc4bcae9ef3dd92e770181158b4246976ed8295c9@%3Cdev.brooklyn.apache.org%3E
https://lists.apache.org/thread.html/ra007cec726a3927c918ec94c4316d05d1829c49eae8dc3648adc35e2@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rbb4dfca2f7e3e8f3570eec21c79832d33a51dfde6762725660b60169@%3Cdev.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/rc5f0cc2f3b153bdf15ee7389d78585829abc9c7af4d322ba1085dd3e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rd2227af3c9ada2a72dc72ed05517f5857a34d487580e1f2803922ff9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/re9b787727291786dfe088e3cd078c7d195c0b5781e15d3cd24a3b2fc@%3Cdev.mnemonic.apache.org%3E
https://logback.qos.ch/news.html
https://nvd.nist.gov/vuln/detail/CVE-2017-5929
|
@@ -357,14 +357,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:59:49.454Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:49.454Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:49.460Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:59:49.454Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:49.454Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:49.460Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -392,16 +392,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:59:56.847Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:59:56.847Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:59:56.892Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:59:56.892Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:59:56.892Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:59:56.847Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:59:56.847Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:59:56.892Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:59:56.892Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:59:56.892Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -596,16 +596,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/transmission/security.md b/charts/stable/transmission/security.md
index 340175d3b1f..0f5bf45f808 100644
--- a/charts/stable/transmission/security.md
+++ b/charts/stable/transmission/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:59:35.444Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:59:35.444Z [34mINFO[0m Detected config files: 1
#### transmission/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:59:48.678Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:48.678Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:48.685Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:59:48.678Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:48.678Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:48.685Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/transmission:v3.00@sha256:9a4f48483b93f74394b69555c9324c746414836de247fbeafec5f53c0b077b9f**
-2021-12-04T19:59:56.219Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:59:56.219Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:59:56.222Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:59:56.222Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:59:56.219Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:59:56.219Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:59:56.222Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:59:56.222Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/transmission:v3.00@sha256:9a4f48483b93f74394b69555c9324c746414836de247fbeafec5f53c0b077b9f (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -161,8 +161,7 @@
| unrar | CVE-2018-25018 | MEDIUM | 1:5.6.6-2build1 | | Click to expand!
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25018
https://github.com/aawc/unrar/releases
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2018-204.yaml
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/truecommand/security.md b/charts/stable/truecommand/security.md
index 95b6ebd4271..25bf5867e47 100644
--- a/charts/stable/truecommand/security.md
+++ b/charts/stable/truecommand/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:00:11.664Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:00:11.664Z [34mINFO[0m Detected config files: 1
#### truecommand/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:00:13.087Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:00:13.087Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:00:13.106Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:13.087Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:00:13.087Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:00:13.106Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/truecommand:v2.0.2@sha256:adee76b6a9149ea15dc56e8e6692f6cc60355cfb83c55a7a94a117923dc67ad0**
-2021-12-04T20:00:33.910Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:00:33.910Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:00:33.962Z [34mINFO[0m Number of language-specific files: 5
-2021-12-04T20:00:33.962Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:00:33.964Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:00:33.910Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:00:33.910Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:00:33.962Z [34mINFO[0m Number of language-specific files: 5
+2021-12-04T20:00:33.962Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:00:33.964Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/truecommand:v2.0.2@sha256:adee76b6a9149ea15dc56e8e6692f6cc60355cfb83c55a7a94a117923dc67ad0 (debian 10.4)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2020-27350 | MEDIUM | 1.8.2.1 | 1.8.2.2 | Click to expand!
https://bugs.launchpad.net/bugs/1899193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350
https://security.netapp.com/advisory/ntap-20210108-0005/
https://ubuntu.com/security/notices/USN-4667-1
https://ubuntu.com/security/notices/USN-4667-2
https://usn.ubuntu.com/usn/usn-4667-1
https://www.debian.org/security/2020/dsa-4808
|
@@ -379,14 +379,14 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/buger/jsonparser | CVE-2020-10675 | HIGH | v0.0.0-20191004114745-ee4c978eae7e | v0.0.0-20200321185410-91ac96899e49 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10675
https://github.com/buger/jsonparser/issues/188
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4C7PV6KEUUM76V4B2J5IFN2U6LEOWB67/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6KUHKDQSEYJNROA66OMN6AAQMGAAN6WI/
https://nvd.nist.gov/vuln/detail/CVE-2020-10675
|
@@ -396,7 +396,7 @@
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/buger/jsonparser | CVE-2020-10675 | HIGH | v0.0.0-20191004114745-ee4c978eae7e | v0.0.0-20200321185410-91ac96899e49 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10675
https://github.com/buger/jsonparser/issues/188
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4C7PV6KEUUM76V4B2J5IFN2U6LEOWB67/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6KUHKDQSEYJNROA66OMN6AAQMGAAN6WI/
https://nvd.nist.gov/vuln/detail/CVE-2020-10675
|
@@ -406,15 +406,12 @@
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/tt-rss/security.md b/charts/stable/tt-rss/security.md
index e9cd4976ab5..fb2206b7364 100644
--- a/charts/stable/tt-rss/security.md
+++ b/charts/stable/tt-rss/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T20:00:34.938Z [34mINFO[0m Detected config files: 2
+2021-12-04T20:00:34.938Z [34mINFO[0m Detected config files: 2
#### tt-rss/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:00:37.814Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:00:37.814Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:00:37.827Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:37.814Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:00:37.814Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:00:37.827Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:00:39.013Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:00:39.013Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:00:39.060Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:00:39.060Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:00:39.061Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:00:39.013Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:00:39.013Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:00:39.060Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:00:39.060Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:00:39.061Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,32 +275,32 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/tt-rss:v1.9075.0@sha256:9779b47027627c16b3f6c0e69b9a5c7964a7b701ff8ccc6b1f0a7d5d371c7c6b**
-2021-12-04T20:00:47.176Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T20:00:47.176Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T20:00:47.181Z [34mINFO[0m Number of language-specific files: 4
-2021-12-04T20:00:47.181Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:00:47.181Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T20:00:47.181Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:00:47.176Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T20:00:47.176Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T20:00:47.181Z [34mINFO[0m Number of language-specific files: 4
+2021-12-04T20:00:47.181Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:00:47.181Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T20:00:47.181Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/tt-rss:v1.9075.0@sha256:9779b47027627c16b3f6c0e69b9a5c7964a7b701ff8ccc6b1f0a7d5d371c7c6b (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -414,42 +414,42 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:00:48.308Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:00:48.308Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:00:48.317Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:48.308Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:00:48.308Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:00:48.317Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -477,16 +477,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:00:59.789Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:00:59.789Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:00:59.824Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:00:59.824Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:00:59.824Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:00:59.789Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:00:59.789Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:00:59.824Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:00:59.824Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:00:59.824Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -681,16 +681,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/tvheadend/security.md b/charts/stable/tvheadend/security.md
index a56aa676b80..8b88580a1de 100644
--- a/charts/stable/tvheadend/security.md
+++ b/charts/stable/tvheadend/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:00:47.706Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:00:47.706Z [34mINFO[0m Detected config files: 1
#### tvheadend/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:00:49.278Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:00:49.278Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:00:49.287Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:49.278Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:00:49.278Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:00:49.287Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/tvheadend:version-63784405@sha256:55617b2f0e1a9d9cefb853c5d52f3729da88c9662ad18813e688201dbe3aee9a**
-2021-12-04T20:00:58.606Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:58.606Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/twtxt/security.md b/charts/stable/twtxt/security.md
index bbbf074281a..04f5a290525 100644
--- a/charts/stable/twtxt/security.md
+++ b/charts/stable/twtxt/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:00:49.795Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:00:49.795Z [34mINFO[0m Detected config files: 1
#### twtxt/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:00:59.162Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:00:59.162Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:00:59.175Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:59.162Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:00:59.162Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:00:59.175Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,14 @@
**Container: tccr.io/truecharts/twtxt:version-0.1.1@sha256:9f34f0557d2a46aa7952c55f5a368c130659fafa0780785a647721edd001cdaa**
-2021-12-04T20:01:04.681Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:01:04.681Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:01:04.681Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:01:04.681Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### app/twtd
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/dgrijalva/jwt-go | CVE-2020-26160 | HIGH | v3.2.0+incompatible | | Click to expand!
https://github.com/dgrijalva/jwt-go/pull/426
https://nvd.nist.gov/vuln/detail/CVE-2020-26160
https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515
|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200709230013-948cd5f35899 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
-
diff --git a/charts/stable/unifi/security.md b/charts/stable/unifi/security.md
index 06eca42d2b4..d6de5e30155 100644
--- a/charts/stable/unifi/security.md
+++ b/charts/stable/unifi/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:01:06.079Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:01:06.079Z [34mINFO[0m Detected config files: 1
#### unifi/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:01:07.015Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:01:07.015Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:01:07.047Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:07.015Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:01:07.015Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:01:07.047Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/unifi:v6.5.53@sha256:c6cf26dcd8e73e95503a9a8fb5ab36458c05c724b33add8dc1a6152648f33d3d**
-2021-12-04T20:01:36.779Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T20:01:36.780Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T20:01:36.786Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:36.779Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T20:01:36.780Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T20:01:36.786Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/unifi:v6.5.53@sha256:c6cf26dcd8e73e95503a9a8fb5ab36458c05c724b33add8dc1a6152648f33d3d (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -214,4 +214,3 @@
| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
|
| perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
-
diff --git a/charts/stable/unpackerr/security.md b/charts/stable/unpackerr/security.md
index 535a387968a..37ceef7439a 100644
--- a/charts/stable/unpackerr/security.md
+++ b/charts/stable/unpackerr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:01:46.149Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:01:46.149Z [34mINFO[0m Detected config files: 1
#### unpackerr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:01:46.934Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:01:46.934Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:01:46.946Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:46.934Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:01:46.934Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:01:46.946Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/unpackerr:v0.9.8@sha256:a76546d014ad85dac797bbb3d7753d1c0b5778ea907a7f2b21dad908a1c7712c**
-2021-12-04T20:01:49.496Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:49.496Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/unpoller/security.md b/charts/stable/unpoller/security.md
index 7e37743a380..e0760419368 100644
--- a/charts/stable/unpoller/security.md
+++ b/charts/stable/unpoller/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:01:52.263Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:01:52.263Z [34mINFO[0m Detected config files: 1
#### unpoller/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:01:53.858Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:01:53.858Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:01:53.864Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:53.858Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:01:53.858Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:01:53.864Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/unifi-poller:v2.1.3@sha256:2d6cd1f4cdc3d8522d697830f69ca12aa2fe24fda4e5476610af6e0b5c0597e9**
-2021-12-04T20:01:57.370Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:57.370Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/charts/stable/uptime-kuma/security.md b/charts/stable/uptime-kuma/security.md
index 93bce54bf4d..3c43870623d 100644
--- a/charts/stable/uptime-kuma/security.md
+++ b/charts/stable/uptime-kuma/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:01:52.960Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:01:52.960Z [34mINFO[0m Detected config files: 1
#### uptime-kuma/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:01:54.994Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:01:54.994Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:01:55.002Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:54.994Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:01:54.994Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:01:55.002Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/uptime-kuma:v1.10.2-debian@sha256:002dbdff764a1d26278efadeecacc62602e3aba7714317afd83ec501a2b71769**
-2021-12-04T20:02:07.954Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:02:07.954Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:02:07.977Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:02:07.977Z [34mINFO[0m Detecting node-pkg vulnerabilities...
-2021-12-04T20:02:08.009Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T20:02:07.954Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:02:07.954Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:02:07.977Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:02:07.977Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:02:08.009Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/uptime-kuma:v1.10.2-debian@sha256:002dbdff764a1d26278efadeecacc62602e3aba7714317afd83ec501a2b71769 (debian 10.10)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -246,7 +246,7 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -254,9 +254,6 @@
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | Click to expand!
https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://nvd.nist.gov/vuln/detail/CVE-2021-3918
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/uptimerobot-prometheus/security.md b/charts/stable/uptimerobot-prometheus/security.md
index 06fc0c57414..5efc0f968ee 100644
--- a/charts/stable/uptimerobot-prometheus/security.md
+++ b/charts/stable/uptimerobot-prometheus/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:02:22.608Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:02:22.608Z [34mINFO[0m Detected config files: 1
#### uptimerobot-prometheus/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:02:23.308Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:02:23.309Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:02:23.316Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:02:23.308Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:02:23.309Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:02:23.316Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/prometheus-uptimerobot-exporter:v0.0.1@sha256:c73a86e73ab47e0974eb3d6bd6ce5834befe8363979a9da2b53922b630ec084a**
-2021-12-04T20:02:26.416Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:02:26.416Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:02:26.424Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:02:26.424Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T20:02:26.416Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:02:26.416Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:02:26.424Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:02:26.424Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/prometheus-uptimerobot-exporter:v0.0.1@sha256:c73a86e73ab47e0974eb3d6bd6ce5834befe8363979a9da2b53922b630ec084a (alpine 3.12.0)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -154,11 +154,10 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r16 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| pip | CVE-2021-28363 | MEDIUM | 20.1.1 | 21.1 | Click to expand!
https://github.com/advisories/GHSA-5phf-pp7p-vc2r
https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#1264-2021-03-15
https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0
https://github.com/urllib3/urllib3/commits/main
https://github.com/urllib3/urllib3/releases/tag/1.26.4
https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28363
https://pypi.org/project/urllib3/1.26.4/
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| pip | CVE-2021-3572 | MEDIUM | 20.1.1 | 21.1 | Click to expand!
https://access.redhat.com/errata/RHSA-2021:3254
https://bugzilla.redhat.com/show_bug.cgi?id=1962856
https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
https://github.com/pypa/pip/pull/9827
https://linux.oracle.com/cve/CVE-2021-3572.html
https://linux.oracle.com/errata/ELSA-2021-4455.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3572
https://packetstormsecurity.com/files/162712/USN-4961-1.txt
|
| pip | pyup.io-42218 | UNKNOWN | 20.1.1 | 21.1 | Click to expand!
|
| urllib3 | CVE-2021-33503 | HIGH | 1.25.9 | 1.26.5 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
https://nvd.nist.gov/vuln/detail/CVE-2021-33503
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/charts/stable/valheim/security.md b/charts/stable/valheim/security.md
index b168b5c9887..914d8531d3b 100644
--- a/charts/stable/valheim/security.md
+++ b/charts/stable/valheim/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:02:35.141Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:02:35.141Z [34mINFO[0m Detected config files: 1
#### valheim/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:02:36.782Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:02:36.782Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:02:36.790Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:02:36.782Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:02:36.782Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:02:36.790Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/valheim-server:latest@sha256:12a0e638db1b54e93af61d8a94c275224ec8524e65304f058eff34dfdbaafef0**
-2021-12-04T20:02:52.094Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:02:52.094Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:02:52.177Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:02:52.177Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T20:02:52.094Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:02:52.094Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:02:52.177Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:02:52.177Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/valheim-server:latest@sha256:12a0e638db1b54e93af61d8a94c275224ec8524e65304f058eff34dfdbaafef0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -491,9 +491,6 @@
| zip | CVE-2018-13410 | LOW | 3.0-11 | | Click to expand!
http://seclists.org/fulldisclosure/2018/Jul/24
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/vaultwarden/security.md b/charts/stable/vaultwarden/security.md
index 6bbd18ea17f..bd38f2ddf3e 100644
--- a/charts/stable/vaultwarden/security.md
+++ b/charts/stable/vaultwarden/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T20:02:54.062Z [34mINFO[0m Detected config files: 2
+2021-12-04T20:02:54.062Z [34mINFO[0m Detected config files: 2
#### vaultwarden/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:02:56.947Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:02:56.947Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:02:56.955Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:02:56.947Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:02:56.947Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:02:56.955Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:02:58.241Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:02:58.241Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:02:58.303Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:02:58.303Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:02:58.303Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:02:58.241Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:02:58.241Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:02:58.303Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:02:58.303Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:02:58.303Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,29 +275,29 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/vaultwarden:v1.23.0@sha256:1e65dd23569e566576c3c80de76f711e0b9fc5e29a39d45f49f0a44d1282d869**
-2021-12-04T20:03:07.218Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:03:07.218Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:03:07.308Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:07.218Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:03:07.218Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:03:07.308Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/vaultwarden:v1.23.0@sha256:1e65dd23569e566576c3c80de76f711e0b9fc5e29a39d45f49f0a44d1282d869 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -608,14 +608,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:03:08.318Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:08.318Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:08.324Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:08.318Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:08.318Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:08.324Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -643,16 +643,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:03:09.114Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:03:09.114Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:03:09.161Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:03:09.161Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:03:09.161Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:03:09.114Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:03:09.114Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:03:09.161Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:03:09.161Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:03:09.161Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -847,16 +847,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/whoogle/security.md b/charts/stable/whoogle/security.md
index bf0293241fc..a5aef80eff6 100644
--- a/charts/stable/whoogle/security.md
+++ b/charts/stable/whoogle/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:02:54.735Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:02:54.735Z [34mINFO[0m Detected config files: 1
#### whoogle/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:02:57.621Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:02:57.621Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:02:57.628Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:02:57.621Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:02:57.621Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:02:57.628Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/whoogle-search:v0.6.0@sha256:3eeb08a974169f6f1abd884d0923a86d594f9d41c881c7558cb1cbe8dfeb454f**
-2021-12-04T20:03:02.134Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:03:02.134Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:03:02.167Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:03:02.167Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T20:03:02.134Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:03:02.134Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:03:02.167Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:03:02.167Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/whoogle-search:v0.6.0@sha256:3eeb08a974169f6f1abd884d0923a86d594f9d41c881c7558cb1cbe8dfeb454f (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -199,8 +199,7 @@
| tor-geoipdb | CVE-2020-8516 | LOW | 0.4.5.10-1~deb11u1 | | Click to expand!
https://lists.torproject.org/pipermail/tor-dev/2020-February/014146.html
https://lists.torproject.org/pipermail/tor-dev/2020-February/014147.html
https://security-tracker.debian.org/tracker/CVE-2020-8516
https://trac.torproject.org/projects/tor/ticket/33129
https://www.hackerfactor.com/blog/index.php?/archives/868-Deanonymizing-Tor-Circuits.html
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Werkzeug | pyup.io-42050 | UNKNOWN | 0.16.0 | 2.0.2 | Click to expand!
|
-
diff --git a/charts/stable/wiki/security.md b/charts/stable/wiki/security.md
index f18b9faba7b..ac437d701b3 100644
--- a/charts/stable/wiki/security.md
+++ b/charts/stable/wiki/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:03:10.131Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:03:10.131Z [34mINFO[0m Detected config files: 1
#### wiki/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:03:10.955Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:10.955Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:10.960Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:10.955Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:10.955Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:10.960Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,17 +61,17 @@
**Container: tccr.io/truecharts/wiki:version-900b76a@sha256:26548fe894831ba1fbd7b68da370583363be3f992bd99e71c8b678c2583df951**
-2021-12-04T20:03:28.136Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:28.136Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:28.141Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:03:28.141Z [34mINFO[0m Detecting node-pkg vulnerabilities...
-2021-12-04T20:03:28.180Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.11.12
-2021-12-04T20:03:28.180Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T20:03:28.136Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:28.136Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:28.141Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:03:28.141Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:03:28.180Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.11.12
+2021-12-04T20:03:28.180Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/wiki:version-900b76a@sha256:26548fe894831ba1fbd7b68da370583363be3f992bd99e71c8b678c2583df951 (alpine 3.11.12)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.31.1-r10 | 1.31.1-r11 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -102,7 +102,7 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r10 | 1.31.1-r11 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -133,4 +133,3 @@
| ws | CVE-2021-32640 | MEDIUM | 7.4.5 | 5.2.3, 6.2.2, 7.4.6 | Click to expand!
https://github.com/advisories/GHSA-6fc8-4gx4-v693
https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff
https://github.com/websockets/ws/issues/1895
https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693
https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-32640
|
| xmldom | CVE-2021-21366 | MEDIUM | 0.1.31 | 0.5.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21366
https://github.com/advisories/GHSA-h6q6-9hqw-rwfv
https://github.com/xmldom/xmldom/commit/d4201b9dfbf760049f457f9f08a3888d48835135
https://github.com/xmldom/xmldom/releases/tag/0.5.0
https://github.com/xmldom/xmldom/security/advisories/GHSA-h6q6-9hqw-rwfv
https://nvd.nist.gov/vuln/detail/CVE-2021-21366
https://www.npmjs.com/package/xmldom
|
| xmldom | CVE-2021-32796 | MEDIUM | 0.1.31 | | Click to expand!
https://github.com/advisories/GHSA-5fg8-2547-mr8q
https://github.com/xmldom/xmldom/commit/7b4b743917a892d407356e055b296dcd6d107e8b
https://github.com/xmldom/xmldom/security/advisories/GHSA-5fg8-2547-mr8q
https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/
https://mattermost.com/blog/securing-xml-implementations-across-the-web/
https://nvd.nist.gov/vuln/detail/CVE-2021-32796
https://www.npmjs.com/package/@xmldom/xmldom
|
-
diff --git a/charts/stable/wikijs/security.md b/charts/stable/wikijs/security.md
index 17323c60314..6d71237951a 100644
--- a/charts/stable/wikijs/security.md
+++ b/charts/stable/wikijs/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T20:03:46.199Z [34mINFO[0m Detected config files: 2
+2021-12-04T20:03:46.199Z [34mINFO[0m Detected config files: 2
#### wikijs/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:03:47.000Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:47.000Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:47.007Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:47.000Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:47.000Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:47.007Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:03:47.991Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:03:47.991Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:03:48.056Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:03:48.056Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:03:48.056Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:03:47.991Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:03:47.991Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:03:48.056Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:03:48.056Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:03:48.056Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,32 +275,32 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/wiki:v2.5@sha256:4241796c343106f89fdc585229993df05c0ae81bdbbfc13a6f6a5be9b23d662e**
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:03:49.393Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:49.393Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:49.402Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:49.393Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:49.393Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:49.402Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -328,16 +328,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:03:50.207Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:03:50.207Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:03:50.255Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:03:50.255Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:03:50.255Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:03:50.207Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:03:50.207Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:03:50.255Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:03:50.255Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:03:50.255Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -532,16 +532,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/charts/stable/xteve/security.md b/charts/stable/xteve/security.md
index acac804d5b2..01f672ff93c 100644
--- a/charts/stable/xteve/security.md
+++ b/charts/stable/xteve/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:03:50.970Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:03:50.970Z [34mINFO[0m Detected config files: 1
#### xteve/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:03:51.700Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:51.701Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:51.707Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:51.700Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:51.701Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:51.707Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/xteve:v2.2.0.200@sha256:77a1e4d934da1361c349fc3b9548e4e01b421df078759e5d11b4cc552c50bd7e**
-2021-12-04T20:04:05.108Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T20:04:05.108Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T20:04:05.112Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:04:05.112Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:04:05.108Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T20:04:05.108Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T20:04:05.112Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:04:05.112Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/xteve:v2.2.0.200@sha256:77a1e4d934da1361c349fc3b9548e4e01b421df078759e5d11b4cc552c50bd7e (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -768,8 +768,7 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu14 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/charts/stable/zigbee2mqtt/security.md b/charts/stable/zigbee2mqtt/security.md
index 02dd2280a19..5eb31322fd9 100644
--- a/charts/stable/zigbee2mqtt/security.md
+++ b/charts/stable/zigbee2mqtt/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:04:06.124Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:04:06.124Z [34mINFO[0m Detected config files: 1
#### zigbee2mqtt/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:04:07.156Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:04:07.156Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:04:07.166Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:04:07.156Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:04:07.156Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:04:07.166Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,25 +61,24 @@
**Container: tccr.io/truecharts/zigbee2mqtt:v1.22.1@sha256:ee52cfe959f3e5a05dc4ca4fee50a4d7572522664cf1b275749a4c85da6f4736**
-2021-12-04T20:04:13.326Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:04:13.326Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:04:13.327Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:04:13.327Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:04:13.326Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:04:13.326Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:04:13.327Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:04:13.327Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/zigbee2mqtt:v1.22.1@sha256:ee52cfe959f3e5a05dc4ca4fee50a4d7572522664cf1b275749a4c85da6f4736 (alpine 3.12.9)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-28831 | HIGH | 1.31.1-r21 | 1.32.1-r4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd
https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/
https://security.gentoo.org/glsa/202105-09
|
| ssl_client | CVE-2021-28831 | HIGH | 1.31.1-r21 | 1.32.1-r4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd
https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/
https://security.gentoo.org/glsa/202105-09
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| ansi-regex | CVE-2021-3807 | HIGH | 4.1.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | Click to expand!
https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://nvd.nist.gov/vuln/detail/CVE-2021-3918
|
-
diff --git a/charts/stable/zwavejs2mqtt/security.md b/charts/stable/zwavejs2mqtt/security.md
index 7580582ba8a..db883928594 100644
--- a/charts/stable/zwavejs2mqtt/security.md
+++ b/charts/stable/zwavejs2mqtt/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:04:14.153Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:04:14.153Z [34mINFO[0m Detected config files: 1
#### zwavejs2mqtt/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:04:15.268Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:04:15.268Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:04:15.275Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:04:15.268Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:04:15.268Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:04:15.275Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/zwavejs2mqtt:v6.0.3@sha256:8fdac2ebee3443d0c1e62a3d52e14959e4717b1c33e4a7ed76f0c45b74d09fcd**
-2021-12-04T20:04:26.031Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:04:26.031Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:04:26.033Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:04:26.033Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:04:26.031Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:04:26.031Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:04:26.033Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:04:26.033Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/zwavejs2mqtt:v6.0.3@sha256:8fdac2ebee3443d0c1e62a3d52e14959e4717b1c33e4a7ed76f0c45b74d09fcd (alpine 3.12.7)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.6-r0 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -101,7 +101,7 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| @npmcli/arborist | CVE-2021-39134 | HIGH | 2.6.1 | 2.8.2 | Click to expand!
https://github.com/advisories/GHSA-2h3h-q99f-3fhc
https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc
https://nvd.nist.gov/vuln/detail/CVE-2021-39134
https://www.npmjs.com/package/@npmcli/arborist
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -125,4 +125,3 @@
| tar | CVE-2021-37713 | HIGH | 6.1.0 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| trim-newlines | CVE-2021-33623 | HIGH | 1.0.0 | 4.0.1, 3.0.1 | Click to expand!
https://github.com/advisories/GHSA-7p7h-4mm5-852v
https://github.com/sindresorhus/trim-newlines/commit/25246c6ce5eea1c82d448998733a6302a4350d91
https://github.com/sindresorhus/trim-newlines/releases/tag/v4.0.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33623
https://security.netapp.com/advisory/ntap-20210702-0007/
https://www.npmjs.com/package/trim-newlines
|
| trim-off-newlines | CVE-2021-23425 | MEDIUM | 1.0.1 | | Click to expand!
https://github.com/advisories/GHSA-38fc-wpqx-33j7
https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6
https://github.com/stevemao/trim-off-newlines/pull/3
https://nvd.nist.gov/vuln/detail/CVE-2021-23425
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197
https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850
|
-
diff --git a/docs/apps/core/k8s-gateway/security.md b/docs/apps/core/k8s-gateway/security.md
index 4b795971f15..4af908e2da4 100644
--- a/docs/apps/core/k8s-gateway/security.md
+++ b/docs/apps/core/k8s-gateway/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:15:36.224Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:15:36.224Z [34mINFO[0m Detected config files: 1
#### k8s-gateway/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:15:41.635Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:15:41.635Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:15:41.643Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:15:41.635Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:15:41.635Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:15:41.643Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,13 @@
**Container: tccr.io/truecharts/k8s_gateway:v0.1.8@sha256:c71ea11938d6c93b0af6f25230810ec13c7d28b29dfb8512adc6d1def7f200b6**
-2021-12-04T19:15:44.065Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:15:44.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:15:44.065Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:15:44.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### coredns
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| go.etcd.io/etcd | CVE-2020-15106 | MEDIUM | v0.5.0-alpha.5.0.20200306183522-221f0cc107cb | v0.5.0-alpha.5.0.20200423152442-f4b650b51dc4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15106
https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/
|
-
diff --git a/docs/apps/core/prometheus/security.md b/docs/apps/core/prometheus/security.md
index 91bf26a6ae3..e3cdb1e3729 100644
--- a/docs/apps/core/prometheus/security.md
+++ b/docs/apps/core/prometheus/security.md
@@ -4,114 +4,114 @@
##### Scan Results
-2021-12-04T19:15:54.454Z [34mINFO[0m Detected config files: 15
+2021-12-04T19:15:54.454Z [34mINFO[0m Detected config files: 15
#### prometheus/charts/kube-state-metrics/templates/deployment.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -126,14 +126,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:16:01.381Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:16:01.381Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:16:01.387Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:01.381Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:16:01.381Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:16:01.387Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -161,15 +161,15 @@
**Container: tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:4b88f439ad22896e917ab39fb1ea7f0ec115e902e026c0ac27a8bc5a507e0493**
-2021-12-04T19:16:13.111Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:13.111Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:13.144Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:16:13.144Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:13.111Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:13.111Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:13.144Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:16:13.144Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:4b88f439ad22896e917ab39fb1ea7f0ec115e902e026c0ac27a8bc5a507e0493 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -318,29 +318,29 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/prometheus/prometheus | CVE-2019-3826 | MEDIUM | v1.8.2-0.20211005150130-f29caccc4255 | v2.7.1 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:0327
https://advisory.checkmarx.net/advisory/CX-2019-4297
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3826
https://github.com/prometheus/prometheus/commit/62e591f9
https://github.com/prometheus/prometheus/pull/5163
https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3Ccommits.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: bitnami/kube-state-metrics:2.2.4-debian-10-r0**
-2021-12-04T19:16:18.293Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:18.293Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:18.331Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:16:18.331Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:18.293Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:18.293Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:18.331Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:16:18.331Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### bitnami/kube-state-metrics:2.2.4-debian-10-r0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -489,23 +489,23 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: bitnami/node-exporter:1.3.0-debian-10-r0**
-2021-12-04T19:16:20.765Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:20.765Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:20.792Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:16:20.792Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:20.765Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:20.765Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:20.792Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:16:20.792Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### bitnami/node-exporter:1.3.0-debian-10-r0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -654,9 +654,6 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/core/traefik/security.md b/docs/apps/core/traefik/security.md
index 4871a5fc1b7..c06fb4f3930 100644
--- a/docs/apps/core/traefik/security.md
+++ b/docs/apps/core/traefik/security.md
@@ -4,32 +4,32 @@
##### Scan Results
-2021-12-04T19:15:33.717Z [34mINFO[0m Need to update the built-in policies
-2021-12-04T19:15:33.717Z [34mINFO[0m Downloading the built-in policies...
-2021-12-04T19:15:35.556Z [34mINFO[0m Detected config files: 3
+2021-12-04T19:15:33.717Z [34mINFO[0m Need to update the built-in policies
+2021-12-04T19:15:33.717Z [34mINFO[0m Downloading the built-in policies...
+2021-12-04T19:15:35.556Z [34mINFO[0m Detected config files: 3
#### traefik/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -42,16 +42,16 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:15:36.314Z [34mINFO[0m Need to update DB
-2021-12-04T19:15:36.314Z [34mINFO[0m Downloading DB...
-2021-12-04T19:15:40.413Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:15:40.413Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:15:40.422Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:15:36.314Z [34mINFO[0m Need to update DB
+2021-12-04T19:15:36.314Z [34mINFO[0m Downloading DB...
+2021-12-04T19:15:40.413Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:15:40.413Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:15:40.422Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -79,22 +79,22 @@
**Container: tccr.io/truecharts/traefik:v2.5.4@sha256:e01f2de2f69fcf1a9ac2d8978455ce9731222c7fb78e3885e3f610eaeba6feee**
-2021-12-04T19:15:59.477Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:15:59.477Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:15:59.477Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:15:59.477Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:15:59.477Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:15:59.477Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:15:59.477Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:15:59.477Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/traefik:v2.5.4@sha256:e01f2de2f69fcf1a9ac2d8978455ce9731222c7fb78e3885e3f610eaeba6feee (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/containerd/containerd | CVE-2021-41103 | HIGH | v1.3.2 | v1.4.11, v1.5.7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103
https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8
https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41103
https://ubuntu.com/security/notices/USN-5100-1
https://www.debian.org/security/2021/dsa-5002
|
@@ -102,4 +102,3 @@
| github.com/containerd/containerd | CVE-2021-21334 | MEDIUM | v1.3.2 | v1.3.10, v1.4.4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21334
https://github.com/containerd/containerd/commit/05f951a3781f4f2c1911b05e61c160e9c30eaa8e
https://github.com/containerd/containerd/releases/tag/v1.3.10
https://github.com/containerd/containerd/releases/tag/v1.4.4
https://github.com/containerd/containerd/security/advisories/GHSA-6g2q-w5j3-fwh4
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUE2Z2ZUWBHRU36ZGBD2YSJCYB6ELPXE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIBPKSX5IOWPM3ZPFB3JVLXWDHSZTTWT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VTXHA5JOWQRCCUZH7ZQBEYN6KZKJEYSD/
https://nvd.nist.gov/vuln/detail/CVE-2021-21334
https://security.gentoo.org/glsa/202105-33
https://ubuntu.com/security/notices/USN-4881-1
|
| github.com/containerd/containerd | CVE-2021-32760 | MEDIUM | v1.3.2 | v1.4.8, v1.5.4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32760
https://github.com/containerd/containerd/releases/tag/v1.4.8
https://github.com/containerd/containerd/releases/tag/v1.5.4
https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w
https://linux.oracle.com/cve/CVE-2021-32760.html
https://linux.oracle.com/errata/ELSA-2021-9373.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3/
https://nvd.nist.gov/vuln/detail/CVE-2021-32760
https://ubuntu.com/security/notices/USN-5012-1
|
| github.com/docker/cli | CVE-2021-41092 | HIGH | v0.0.0-20200221155518-740919cc7fc0 | v20.10.9 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41092
https://github.com/docker/cli/commit/893e52cf4ba4b048d72e99748e0f86b2767c6c6b
https://github.com/docker/cli/security/advisories/GHSA-99pg-grm5-qq3v
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41092
https://ubuntu.com/security/notices/USN-5134-1
|
-
diff --git a/docs/apps/incubator/anonaddy/security.md b/docs/apps/incubator/anonaddy/security.md
index f9c0e918e2c..d3bc0cd17de 100644
--- a/docs/apps/incubator/anonaddy/security.md
+++ b/docs/apps/incubator/anonaddy/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:15:41.056Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:15:41.056Z [34mINFO[0m Detected config files: 2
#### anonaddy/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:15:42.300Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:15:42.300Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:15:42.308Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:15:42.300Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:15:42.300Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:15:42.308Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,17 +70,17 @@
**Container: tccr.io/truecharts/anonaddy:v0.8.7@sha256:ec36fa40052eed3629b2346fee28cee0c3c7f00903903f846bfc5261802197d6**
-2021-12-04T19:15:52.686Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:15:52.686Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:15:52.708Z [34mINFO[0m Number of language-specific files: 3
-2021-12-04T19:15:52.708Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:15:52.709Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:15:52.720Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:15:52.686Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:15:52.686Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:15:52.708Z [34mINFO[0m Number of language-specific files: 3
+2021-12-04T19:15:52.708Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:15:52.709Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:15:52.720Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/anonaddy:v0.8.7@sha256:ec36fa40052eed3629b2346fee28cee0c3c7f00903903f846bfc5261802197d6 (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -141,21 +141,21 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| doctrine/dbal | CVE-2021-43608 | CRITICAL | 3.1.3 | 3.0.99, 3.1.4 | Click to expand!
https://github.com/advisories/GHSA-r7cj-8hjg-x622
https://github.com/doctrine/dbal/security/advisories/GHSA-r7cj-8hjg-x622
|
@@ -163,14 +163,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:16:00.072Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:16:00.072Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:16:00.078Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:00.072Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:16:00.072Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:16:00.078Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -198,15 +198,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:16:09.836Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:09.837Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:09.852Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:16:09.852Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:09.836Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:09.837Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:09.852Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:16:09.852Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -355,16 +355,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/incubator/blog/security.md b/docs/apps/incubator/blog/security.md
index 81c3dfd97cf..a14dfa6f1b9 100644
--- a/docs/apps/incubator/blog/security.md
+++ b/docs/apps/incubator/blog/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:16:28.296Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:16:28.296Z [34mINFO[0m Detected config files: 2
#### blog/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:16:29.195Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:16:29.195Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:16:29.203Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:29.195Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:16:29.195Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:16:29.203Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:16:36.250Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:36.253Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:36.324Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:16:36.324Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:16:36.324Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:16:36.250Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:36.253Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:36.324Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:16:36.324Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:36.324Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,29 +275,29 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/blog:latest@sha256:22871bf5fcf28e31ca4389e7fff6c44978f4eed9c106fba6e862fe165e649cb0**
-2021-12-04T19:16:49.078Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:49.078Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:49.239Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:49.078Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:49.078Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:49.239Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/blog:latest@sha256:22871bf5fcf28e31ca4389e7fff6c44978f4eed9c106fba6e862fe165e649cb0 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2001-1534 | LOW | 2.4.51-1~deb11u1 | | Click to expand!
http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html
http://www.iss.net/security_center/static/7494.php
http://www.securityfocus.com/bid/3521
|
@@ -647,14 +647,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:16:50.219Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:16:50.219Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:16:50.228Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:50.219Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:16:50.219Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:16:50.228Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -682,16 +682,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:16:51.035Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:16:51.035Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:16:51.096Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:16:51.098Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:16:51.098Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:16:51.035Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:16:51.035Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:16:51.096Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:16:51.098Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:16:51.098Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -886,16 +886,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/incubator/bookstack/security.md b/docs/apps/incubator/bookstack/security.md
index 649be5fb551..0c7b6a59287 100644
--- a/docs/apps/incubator/bookstack/security.md
+++ b/docs/apps/incubator/bookstack/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:16:54.657Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:16:54.657Z [34mINFO[0m Detected config files: 2
#### bookstack/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:16:56.078Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:16:56.078Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:16:56.092Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:16:56.078Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:16:56.078Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:16:56.092Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,27 +70,27 @@
**Container: tccr.io/truecharts/bookstack:v21.11.20211118@sha256:f56ca2e8e3a74e5753700e5835c017264a1ca9b1a9a6740d25a50a003815149e**
-2021-12-04T19:17:09.970Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:17:09.971Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:17:09.970Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:17:09.971Z [34mINFO[0m Detecting composer vulnerabilities...
#### var/www-tmp/html/composer.lock
-
+
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| symfony/http-kernel | CVE-2021-41267 | MEDIUM | v5.3.10 | 5.3.0, 5.3.12 | Click to expand!
https://github.com/advisories/GHSA-q3j3-w37x-hq2q
https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487
https://github.com/symfony/symfony/pull/44243
https://github.com/symfony/symfony/releases/tag/v5.3.12
https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q
https://nvd.nist.gov/vuln/detail/CVE-2021-41267
https://symfony.com/cve-2021-41267
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:10.757Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:10.757Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:10.770Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:10.757Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:10.757Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:10.770Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -118,15 +118,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:17:11.844Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:17:11.845Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:17:11.871Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:17:11.871Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:17:11.844Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:17:11.845Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:17:11.871Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:17:11.871Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,16 +275,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/incubator/clarkson/security.md b/docs/apps/incubator/clarkson/security.md
index 685cac4f3ca..b87127ed22b 100644
--- a/docs/apps/incubator/clarkson/security.md
+++ b/docs/apps/incubator/clarkson/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:17:12.879Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:17:12.879Z [34mINFO[0m Detected config files: 2
#### clarkson/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:13.756Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:13.756Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:13.764Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:13.756Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:13.756Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:13.764Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,25 +70,25 @@
**Container: tccr.io/truecharts/clarkson:v1.1.2@sha256:e54364ee0c78fbfec7e8e220ff1cf7cb49086b3b76c0577e36d6d894b7f20c0d**
-2021-12-04T19:17:25.068Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:17:25.068Z [34mINFO[0m Detecting node-pkg vulnerabilities...
-2021-12-04T19:17:25.069Z [34mINFO[0m Detecting jar vulnerabilities...
-2021-12-04T19:17:25.070Z [33mWARN[0m maven constraint error ([10.5-alpha0,10.5.3.0_1]): failed to new comparer: 2 errors occurred:
- * improper constraint: [10.5-alpha0,10.5.3.0_1]
- * improper requirements: []
+2021-12-04T19:17:25.068Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:17:25.068Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:17:25.069Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:17:25.070Z [33mWARN[0m maven constraint error ([10.5-alpha0,10.5.3.0_1]): failed to new comparer: 2 errors occurred:
+ * improper constraint: [10.5-alpha0,10.5.3.0_1]
+ * improper requirements: []
#### Java
-
+
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| org.apache.derby:derby | CVE-2018-1313 | MEDIUM | 10.12.1.1 | 10.14.2.0 | Click to expand!
http://www.securityfocus.com/bid/104140
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/r437d94437e6aef31af689b1e7025d024d676fd1ea9901d74e3e9ae48@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r6755f48d4f5e44e39bba7dbf8d746678239d7f1f2cc108125519ce53@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/re29ab90978e6c997377fb975f674f7514f6beb642bbf79deb45477e5@%3Cdev.hive.apache.org%3E
https://markmail.org/message/akkappppxcdqrgxk
https://nvd.nist.gov/vuln/detail/CVE-2018-1313
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| express-jwt | CVE-2020-15084 | CRITICAL | 5.3.3 | 6.0.0 | Click to expand!
https://github.com/advisories/GHSA-6g6m-m6h5-w9gf
https://github.com/auth0/express-jwt/commit/7ecab5f8f0cab5297c2b863596566eb0c019cdef
https://github.com/auth0/express-jwt/security/advisories/GHSA-6g6m-m6h5-w9gf
https://nvd.nist.gov/vuln/detail/CVE-2020-15084
|
@@ -96,14 +96,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:26.089Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:26.089Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:26.095Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:26.089Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:26.089Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:26.095Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -131,15 +131,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:17:27.031Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:17:27.031Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:17:27.065Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:17:27.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:17:27.031Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:17:27.031Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:17:27.065Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:17:27.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -288,16 +288,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/incubator/friendica/security.md b/docs/apps/incubator/friendica/security.md
index e4f19aae12c..3a647a57ff1 100644
--- a/docs/apps/incubator/friendica/security.md
+++ b/docs/apps/incubator/friendica/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:17:38.802Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:17:38.802Z [34mINFO[0m Detected config files: 2
#### friendica/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:39.584Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:39.584Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:39.591Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:39.584Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:39.584Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:39.591Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,17 +70,17 @@
**Container: tccr.io/truecharts/friendica:v2021.09@sha256:593f97fbe798f2b73e5129717dd178318b2448942de540e49ba9649bac1ef4c3**
-2021-12-04T19:17:55.180Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:17:55.180Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:17:55.302Z [34mINFO[0m Number of language-specific files: 8
-2021-12-04T19:17:55.302Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:17:55.302Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:17:55.303Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:17:55.180Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:17:55.180Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:17:55.302Z [34mINFO[0m Number of language-specific files: 8
+2021-12-04T19:17:55.302Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:17:55.302Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:17:55.303Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/friendica:v2021.09@sha256:593f97fbe798f2b73e5129717dd178318b2448942de540e49ba9649bac1ef4c3 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2021-33193 | HIGH | 2.4.38-3+deb10u6 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193
https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch
https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70@%3Ccvs.httpd.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/
https://portswigger.net/research/http2
https://security.netapp.com/advisory/ntap-20210917-0004/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ
https://ubuntu.com/security/notices/USN-5090-1
https://www.tenable.com/security/tns-2021-17
|
@@ -933,7 +933,7 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| dompurify | GHSA-mjjq-c88q-qhr6 | CRITICAL | 1.0.11 | 2.0.7 | Click to expand!
https://github.com/advisories/GHSA-mjjq-c88q-qhr6
https://github.com/cure53/DOMPurify/releases/tag/2.0.7
https://www.npmjs.com/advisories/1223
|
@@ -947,63 +947,63 @@
| jquery | CVE-2020-11023 | MEDIUM | 2.2.4 | 3.5.0 | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
https://github.com/advisories/GHSA-jpcq-cgw6-v4j6
https://github.com/jquery/jquery/releases/tag/3.5.0
https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440
https://jquery.com/upgrade-guide/3.5/
https://linux.oracle.com/cve/CVE-2020-11023.html
https://linux.oracle.com/errata/ELSA-2021-9552.html
https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E
https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E
https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E
https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/
https://nvd.nist.gov/vuln/detail/CVE-2020-11023
https://security.gentoo.org/glsa/202007-03
https://security.netapp.com/advisory/ntap-20200511-0006/
https://www.debian.org/security/2020/dsa-4693
https://www.drupal.org/sa-core-2020-002
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-02
https://www.tenable.com/security/tns-2021-10
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| phpseclib/phpseclib | CVE-2021-30130 | HIGH | 2.0.4 | 2.0.31, 3.0.7 | Click to expand!
https://github.com/advisories/GHSA-vf4w-fg7r-5v94
https://github.com/phpseclib/phpseclib/pull/1635
https://github.com/phpseclib/phpseclib/releases/tag/2.0.31
https://github.com/phpseclib/phpseclib/releases/tag/3.0.7
https://nvd.nist.gov/vuln/detail/CVE-2021-30130
|
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:57.345Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:57.345Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:57.364Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:57.345Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:57.345Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:57.364Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1031,15 +1031,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:17:58.841Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:17:58.841Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:17:58.872Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:17:58.872Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:17:58.841Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:17:58.841Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:17:58.872Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:17:58.872Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1188,16 +1188,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/incubator/icinga2/security.md b/docs/apps/incubator/icinga2/security.md
index 10d19a70c41..47711f05d5b 100644
--- a/docs/apps/incubator/icinga2/security.md
+++ b/docs/apps/incubator/icinga2/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:17:56.736Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:17:56.736Z [34mINFO[0m Detected config files: 2
#### icinga2/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:17:57.980Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:17:57.980Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:17:57.984Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:17:57.980Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:17:57.980Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:17:57.984Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,15 +70,15 @@
**Container: tccr.io/truecharts/icinga2:v2.13.1@sha256:64116a1e267397888bcd6dd62b428322c81bf925f955867ada5207657a9d79db**
-2021-12-04T19:18:19.214Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:18:19.214Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:18:19.392Z [34mINFO[0m Number of language-specific files: 4
-2021-12-04T19:18:19.392Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:18:19.214Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:18:19.214Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:18:19.392Z [34mINFO[0m Number of language-specific files: 4
+2021-12-04T19:18:19.392Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/icinga2:v2.13.1@sha256:64116a1e267397888bcd6dd62b428322c81bf925f955867ada5207657a9d79db (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2021-33193 | HIGH | 2.4.38-3+deb10u6 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193
https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch
https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70@%3Ccvs.httpd.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/
https://portswigger.net/research/http2
https://security.netapp.com/advisory/ntap-20210917-0004/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ
https://ubuntu.com/security/notices/USN-5090-1
https://www.tenable.com/security/tns-2021-17
|
@@ -1292,43 +1292,43 @@
| zip | CVE-2018-13410 | LOW | 3.0-11 | | Click to expand!
http://seclists.org/fulldisclosure/2018/Jul/24
|
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:21.541Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:21.541Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:21.549Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:21.541Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:21.541Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:21.549Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1356,15 +1356,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:18:23.159Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:18:23.159Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:18:23.189Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:18:23.189Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:18:23.159Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:18:23.159Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:18:23.189Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:18:23.189Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1513,16 +1513,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/incubator/leantime/security.md b/docs/apps/incubator/leantime/security.md
index 39de497bdc7..f677d57a085 100644
--- a/docs/apps/incubator/leantime/security.md
+++ b/docs/apps/incubator/leantime/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:18:20.929Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:18:20.929Z [34mINFO[0m Detected config files: 2
#### leantime/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:22.159Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:22.159Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:22.166Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:22.159Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:22.159Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:22.166Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,14 +70,14 @@
**Container: tccr.io/truecharts/leantime:v2.1.7-ls6@sha256:09f51955b47e8bf7cf8c95b7fa4e023ce2fae4aa15ef42db1568b4c23830b5a6**
-2021-12-04T19:18:32.296Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:32.296Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:32.310Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:32.296Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:32.296Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:32.310Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/leantime:v2.1.7-ls6@sha256:09f51955b47e8bf7cf8c95b7fa4e023ce2fae4aa15ef42db1568b4c23830b5a6 (alpine 3.12.3)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2021-26691 | CRITICAL | 2.4.46-r1 | 2.4.48-r0 | Click to expand!
http://httpd.apache.org/security/vulnerabilities_24.html
http://www.openwall.com/lists/oss-security/2021/06/10/7
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-26691
https://linux.oracle.com/cve/CVE-2021-26691.html
https://linux.oracle.com/errata/ELSA-2021-3816.html
https://lists.apache.org/thread.html/r50cae1b71f1e7421069036b213c26da7d8f47dd59874e3bd956959fe@%3Cannounce.httpd.apache.org%3E
https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
https://security.gentoo.org/glsa/202107-38
https://security.netapp.com/advisory/ntap-20210702-0001/
https://ubuntu.com/security/notices/USN-4994-1
https://ubuntu.com/security/notices/USN-4994-2
https://www.debian.org/security/2021/dsa-4937
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -222,14 +222,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:36.295Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:36.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:36.299Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:36.295Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:36.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:36.299Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -257,15 +257,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:18:37.613Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:18:37.613Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:18:37.665Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:18:37.665Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:18:37.613Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:18:37.613Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:18:37.665Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:18:37.665Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -414,16 +414,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/incubator/monica/security.md b/docs/apps/incubator/monica/security.md
index 81e34444191..2538687b11b 100644
--- a/docs/apps/incubator/monica/security.md
+++ b/docs/apps/incubator/monica/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:18:33.269Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:18:33.269Z [34mINFO[0m Detected config files: 2
#### monica/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:36.976Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:36.976Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:36.981Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:36.976Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:36.976Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:36.981Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,15 +70,15 @@
**Container: tccr.io/truecharts/monica:v3.5.0@sha256:5f4af565ef3b381c31abc8415d701b7b0019e9986b026cc2dfb263130f5e4214**
-2021-12-04T19:18:44.138Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:18:44.138Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:18:44.235Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:18:44.235Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:18:44.138Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:18:44.138Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:18:44.235Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:18:44.235Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/monica:v3.5.0@sha256:5f4af565ef3b381c31abc8415d701b7b0019e9986b026cc2dfb263130f5e4214 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2001-1534 | LOW | 2.4.51-1~deb11u1 | | Click to expand!
http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html
http://www.iss.net/security_center/static/7494.php
http://www.securityfocus.com/bid/3521
|
@@ -432,7 +432,7 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| doctrine/dbal | CVE-2021-43608 | CRITICAL | 3.1.3 | 3.0.99, 3.1.4 | Click to expand!
https://github.com/advisories/GHSA-r7cj-8hjg-x622
https://github.com/doctrine/dbal/security/advisories/GHSA-r7cj-8hjg-x622
|
@@ -440,14 +440,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:50.823Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:50.823Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:50.832Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:50.823Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:50.823Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:50.832Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -475,15 +475,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:18:52.889Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:18:52.889Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:18:52.938Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:18:52.938Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:18:52.889Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:18:52.889Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:18:52.938Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:18:52.938Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -632,16 +632,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/incubator/omada-controller/security.md b/docs/apps/incubator/omada-controller/security.md
index 9216b5b4038..1c049ab00b5 100644
--- a/docs/apps/incubator/omada-controller/security.md
+++ b/docs/apps/incubator/omada-controller/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:18:45.293Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:18:45.293Z [34mINFO[0m Detected config files: 1
#### omada-controller/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:18:51.444Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:18:51.444Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:18:51.452Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:18:51.444Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:18:51.444Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:18:51.452Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/omada-controller:v4.4@sha256:7c06f9deb40f1fea1968eedf6da8b49192b89d0c4bcaa11f040d95c127141fb3**
-2021-12-04T19:19:08.047Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:19:08.047Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:19:08.054Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:19:08.054Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:19:08.047Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:19:08.047Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:19:08.054Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:19:08.054Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/omada-controller:v4.4@sha256:7c06f9deb40f1fea1968eedf6da8b49192b89d0c4bcaa11f040d95c127141fb3 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -177,7 +177,7 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14379 | CRITICAL | 2.9.8 | 2.7.9.6, 2.8.11.4, 2.9.9.2 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:2824
https://access.redhat.com/errata/RHSA-2019:2743
https://access.redhat.com/errata/RHSA-2019:2858
https://access.redhat.com/errata/RHSA-2019:2935
https://access.redhat.com/errata/RHSA-2019:2936
https://access.redhat.com/errata/RHSA-2019:2937
https://access.redhat.com/errata/RHSA-2019:2938
https://access.redhat.com/errata/RHSA-2019:2998
https://access.redhat.com/errata/RHSA-2019:3044
https://access.redhat.com/errata/RHSA-2019:3045
https://access.redhat.com/errata/RHSA-2019:3046
https://access.redhat.com/errata/RHSA-2019:3050
https://access.redhat.com/errata/RHSA-2019:3149
https://access.redhat.com/errata/RHSA-2019:3200
https://access.redhat.com/errata/RHSA-2019:3292
https://access.redhat.com/errata/RHSA-2019:3297
https://access.redhat.com/errata/RHSA-2019:3901
https://access.redhat.com/errata/RHSA-2020:0727
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379
https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b
https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2
https://github.com/FasterXML/jackson-databind/issues/2387
https://github.com/advisories/GHSA-6fpp-rgj9-8rwc
https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E
https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/525bcf949a4b0da87a375cbad2680b8beccde749522f24c49befe7fb@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/689c6bcc6c7612eee71e453a115a4c8581e7b718537025d4b265783d@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/75f482fdc84abe6d0c8f438a76437c335a7bbeb5cddd4d70b4bc0cbf@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/859815b2e9f1575acbb2b260b73861c16ca49bca627fa0c46419051f@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/8723b52c2544e6cb804bc8a36622c584acd1bd6c53f2b6034c9fea54@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E
https://lists.apache.org/thread.html/99944f86abefde389da9b4040ea2327c6aa0b53a2ff9352bd4cfec17@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/d161ff3d59c5a8213400dd6afb1cce1fac4f687c32d1e0c0bfbfaa2d@%3Cissues.iceberg.apache.org%3E
https://lists.apache.org/thread.html/e25e734c315f70d8876a846926cfe3bfa1a4888044f146e844caf72f@%3Ccommits.ambari.apache.org%3E
https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E
https://lists.apache.org/thread.html/f17f63b0f8a57e4a5759e01d25cffc0548f0b61ff5c6bfd704ad2f2a@%3Ccommits.ambari.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/08/msg00011.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/
https://nvd.nist.gov/vuln/detail/CVE-2019-14379
https://security.netapp.com/advisory/ntap-20190814-0001/
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
|
@@ -271,4 +271,3 @@
| org.eclipse.jetty:jetty-webapp | CVE-2020-27218 | MEDIUM | 9.4.15.v20190215 | 9.4.35.v20201120, 11.0.1 | Click to expand!
https://bugs.eclipse.org/bugs/show_bug.cgi?id=568892
https://github.com/advisories/GHSA-86wm-rrjm-8wh8
https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8
https://lists.apache.org/thread.html/r00858fe27ee35ac8fa0e1549d67e0efb789d63b791b5300390bd8480@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r01806ad8c9cb0590584baf5b1a60237ad92e4ad5bba082ca04d98179@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r05b7ffde2b8c180709e14bc9ca036407bea3ed9f09b32c4705d23a4a@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r078c1203e48089b2c934b9f86b61bebe8c049e0ea6273b124f349988@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r0d2de2ab5558da68b504bd30db74da1d97dc152a857f5b7e462288ab@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r153fbefc27a1b2033692f32ef728ca909a7c7bcc1d21b6c35b38bdd5@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r15500b77c52390e2ec048cea4a6b45edf907ea61cd13259193ff8601@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r186748e676e5aeb4eb603361e6367555ae4daecbde55cfd69fa68ec6@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r1dd302323c6fe1a542d0371de66a484918fa6c2831ae70d924974bea@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r22776d06582985cca5bd2a92519a2b13b4cae2d8e087318da03c036d@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r23ce6b8965e30808daa77a80fcd69833b1fc632d80465d0419eff619@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r25a47cd06750ebb4b0f23a9b7a57c209702c8566a4c970a41ac088df@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r2a541f08bf5f847394297c13a5305c2f76c11e46504ce2a49653890a@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r2a57c7bbf36afc87f8ad9e1dd2f53a08e85a1b531283fc2efce4fe17@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2f168fd22c071bdd95ec696e45d2a01e928b9fcadbe94fbabeb1549d@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r2fda4dab73097051977f2ab818f75e04fbcb15bb1003c8530eac1059@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2ffe719224cbe5897f2d06dd22fc77fa12377c39efe9de0c3bf3f837@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r306c8e5aad1b9afc0c9278430fb571950fbb3ab7dd5d369eb618ffa4@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r32a25679d97bf5969d130f8e9b3a3fc54110095397d89952e93dbeb0@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E
https://lists.apache.org/thread.html/r3554a4f192db6008c03f2c6c3e0f1691a9b0d615ce955ef67a876ff7@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r3807b1c54066797c4870e03bd2376bdcce9c7c4e6143499f53cd9ca2@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r380e9257bacb8551ee6fcf2c59890ae9477b2c78e553fa9ea08e9d9a@%3Ccommits.nifi.apache.org%3E
https://lists.apache.org/thread.html/r391d20ab6ec03d6becc7a9f0c5e0f45a7ad8af6b996ae0a49839f6bd@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r39f1b1be8e5c0935f7c515eedf907909474bad15185125daacb36d50@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r3b7c8bc7a1cb8acdcf7753f436564d289d22f2906e934d1b11de3a40@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r3d43529452c5a16338e8267eb911e8aedc64c3241624302e673961c1@%3Cdev.hbase.apache.org%3E
https://lists.apache.org/thread.html/r46589f4228aabd5fb16135ff5bef0f77f06cdef64f9785ac3349fa02@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r489dfc3e259ad3837141985dd9291b93e6b40496cdf58808915d67e9@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r4981622ba15e8be1657d30b7c85044c7aabe89751fa7324f8604b834@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4aff5ca6bc94a6f13ff77914fd960185ab70cd6cebe96fffd74543ac@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r4b2e7417a76e3dd4dc9855c6c138c49484080754a09927454f6d89f0@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r500e22d0aedba1866d0b5e76429b76652a473a0209fa8bf66c9f7aab@%3Ccommits.spark.apache.org%3E
https://lists.apache.org/thread.html/r51ec0120b6c849d12fb7fef34db87ef0bf79fcfcd3d703a9800afbba@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r543ea0a861a78d84c22656fb76880d7ab327048cf7ee3ccc7281375d@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r5464405909eb0e1059d5dd57d10c435b9f19325fdebbadb4f1126997@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r5c64173663c71f222ea40617ab362d7a590935fb75c18817fdec377e@%3Ccommits.spark.apache.org%3E
https://lists.apache.org/thread.html/r5e5cb33b545548ec4684d33bd88b05a0ae89c4d7cac93eb63255f58f@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r602683484f607cd1b9598caf3e549fbb01c43fd46a582a32cc3bb545@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r6493e43007f41e34cdbbb66622307fa235374dd2ec5bf52c61075a68@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r66456df852de06a0eed2c0a50252a2c8d360b8a5c005f63c0b1e3d25@%3Ccommits.kafka.apache.org%3E
https://lists.apache.org/thread.html/r6d5bb60a13e8b539600f86cb72097967b951de5c7ef1e4005cda74a7@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r706562cbbdda569cc556d8a7983d1f9229606e7b51337b820785af26@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r70940cb30356642f0c49af49259680d6bd866f51c4e8de0f8a498fb0@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r74ab0f5a5f16ca01eb145403ab753df5b348b8c1656d7c8501d0bfc6@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r7669dab41f2b34d56bb67700d869dc9c025ff72e9468204799f5ac29@%3Ccommits.spark.apache.org%3E
https://lists.apache.org/thread.html/r769e1ba36c607772f7403e7ef2a8ae14d9ddcab4a844f9b28bcf7959@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r7d37d33f2d68912985daf40203182e3d86f3e81266b7a7f350689eeb@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r81f82ab8ecb83568bafbecf9ce0e73be73980ac1e2af6baf0f344a59@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r821bbffb64da0f062b4e72d1aa600b91e26bc82a28298ab159121215@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r850d1d0413716e8ba6d910cae7b01a0e560636e17d664769b5080ca5@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r870bc5e6e354c3e28ea029cb5726c9e8dd2b88cb0f5f7de1d4e3133d@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r8b2271909dabb45f0f1482ef35ffe106ae4b0cf8e877eb514e9cd421@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r8be8c6f0e404a3179d988eb8afed03ede5f2d5ce986d3f709fb82610@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8c22aad0711321537183ccddcade7274ebf9dcbdcdacc6c4f90f43de@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r8c839a0d88cd6504abbe72c260371094f47014b2ba08d8d2c0232e3c@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8ed14a84656fa0bb8df3bf9373c5be80f47ceac1e2ff068ee734fdb3@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r8eea4c7797e701f6494c72942dd89f471cda4c2c6e9abbaf05d113d8@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r8f5b144e7a7c2b338f01139d891abbaba12a8173ee01110d21bd0b4d@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8fee46fd9f1254150cc55eecf1ea6a448fca1f7cf1d1e7f9c4803fdb@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r94230f46b91c364d39922a8ba0cfe12b8dba1556b14792719a7d921f@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r942e21ee90e2617a00a08b17b0ac2db961959bec969b91df61584d38@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r964d226dd08527fddd7a44410c50daa9d34d398e5c4793f1d7e19da8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r96ef6d20c5bd3d42dab500bac56a427e1dce00cf85b083987617643d@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r990e0296b188d4530d1053882f687fa4f938f108425db2999a180944@%3Ccommits.kafka.apache.org%3E
https://lists.apache.org/thread.html/r9b46505868794fba04d401956304e63e4d8e39bdc118d30e5e87dcd9@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/r9d7a86fb0b45e5b1855d4df83a5820eef813d55eae3edf224f3d5055@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r9f571b086965b35d4e91e47fb67c27b42b62762248b4900ba723599f@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra09a653997cbf10aab8c0deabc0fa49f5a8a8ce4305ce9089b98485f@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/ra1c234f045871827f73e4d68326b067e72d3139e109207345fa57d9e@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/racd55c9b704aa68cfb4436f17739b612b5d4f887155e04ed521a4b67@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/racf9e6ad2482cb9b1e3e1b2c1b443d9d5cf14055fb54dec3d2dcce91@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rb4ca79d1af5237108ce8770b7c46ca78095f62ef21331d9d06142388@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rb6a3866c02ac4446451c7d9dceab2373b6d32fb058f9085c6143de30@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rb8f413dc923070919b09db3ac87d079a2dcc6f0adfbb029e206a7930@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rba4bca48d2cdfa8c08afc368a9cc4572ec85a5915ba29b8a194bf505@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rbbd003149f929b0e2fe58fb315de1658e98377225632e7e4239323fb@%3Ccommits.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbc5a8d7a0a13bc8152d427a7e9097cdeb139c6cfe111b2f00f26d16b@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rbe3f2e0a3c38ed9cbef81507b7cc6e523341865e30dc15c7503adc76@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rbea4d456d88b043be86739ab0200ad06ba5a7921064411c098f79831@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rc0e35f4e8a8a36127e3ae7a67f325a3a6a4dbe05034130fb04b6f3b6@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc1de630c6ed9a958d9f811e816d6d8efb6ca94aed0869bc5cda9d7f8@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc2b603b7fa7f8dbfe0b3b59a6140b4d66868db3bf4b29d69a772d72a@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rc91c405c08b529b7292c75d9bd497849db700a1297fe3432990f6774@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rcbc408088ae99dc3167ea293a562a3a9a7295a20e9a1bfc93e43ae1b@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/rccc7ba8c51d662e13496df20466d27dbab54d7001e9e7b2f31468a9e@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/rce9e232a663d8405c003fe83d5c86c27d1ed65561f3690e824717bc4@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/rcf7b5818f71bb97fd695eb0f54f8f4f69e15cc5f9ec761ea8be0d0d3@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rd20651e102cb6742a9d9322ea7b5fc3ab60a7ffecb50fa9157cbf176@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rd9a960429741406f6557fa344a13d50a0c9976dac2e4c46bb54b32d7@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rdbdbb4e51f8857e082b464cd128decd7263cf0fb8557f12993562c56@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rdde0ad0a03eec962c56b46e70e225918ea2368dcc3fd3488741fad53@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rde11c433675143d8d27551c3d9e821fe1955f1551a518033d3716553@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re014afaa14f4df9d33912ab64dc57249e1c170c7448d7175c6d014ff@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/re03a566114435a8cc8eb72158242b0f560c5eeccbb4ee98d22de8373@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re3918edd403b0d3857a13ef2ccf3d2bc0231f3b8758e2a5777ea1cd3@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/re4ae7ada52c5ecfe805eb86ddc0af399ec8a57bfb0d8c632b8723b88@%3Cdev.hbase.apache.org%3E
https://lists.apache.org/thread.html/re4e67541a0a25a8589e89f52f8cd163c863fe04b59e048f9f1a04958@%3Ccommits.hbase.apache.org%3E
https://lists.apache.org/thread.html/re86a6ba09dc74e709db843e3561ead923c8fd1cba32343656dd8c44b@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re9214a4232b7ae204288c283bcee4e39f07da6cc34798e9217ba4eb6@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/reb75282901d0969ba6582725ce8672070715d0773f6ff54dedd60156@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/ree677ff289ba9a90850f2e3ba7279555df1a170263ba39c5272db236@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf0181750e321518c8afa8001e0529d50a9447714ef4f58d98af57904@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rf273267fa2e49314643af3141cec239f97d41de8a59be4ef7e10c65a@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rf31e24700f725ef81bc5a2e0444a60e1f295ed0a54c0098362a7bdfa@%3Creviews.spark.apache.org%3E
https://lists.apache.org/thread.html/rfa34d2a3e423421a4a1354cf457edba2ce78cee2d3ebd8aab151a559@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rfa8879a713480b206c152334419499e6af0878c36217abcc9ab4f0d1@%3Cnotifications.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-27218
https://security.netapp.com/advisory/ntap-20201218-0003/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.hibernate:hibernate-validator | CVE-2020-10693 | MEDIUM | 5.4.3.Final | 6.0.20.Final, 6.1.5.Final, 7.0.0.CR1 | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693
https://github.com/advisories/GHSA-rmrm-75hp-phr2
https://nvd.nist.gov/vuln/detail/CVE-2020-10693
https://www.ibm.com/support/pages/node/6348216
|
| org.springframework:spring-webmvc | CVE-2020-5398 | HIGH | 5.1.6.RELEASE | 5.0.16, 5.1.13, 5.2.3 | Click to expand!
https://github.com/advisories/GHSA-8wx2-9q48-vm9r
https://lists.apache.org/thread.html/r028977b9b9d44a89823639aa3296fb0f0cfdd76b4450df89d3c4fbbf@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r0f2d0ae1bad2edb3d4a863d77f3097b5e88cfbdae7b809f4f42d6aad@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r0f3530f7cb510036e497532ffc4e0bd0b882940448cf4e233994b08b@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r1accbd4f31ad2f40e1661d70a4510a584eb3efd1e32e8660ccf46676@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r1bc5d673c01cfbb8e4a91914e9748ead3e5f56b61bca54d314c0419b@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r1c679c43fa4f7846d748a937955c7921436d1b315445978254442163@%3Ccommits.ambari.apache.org%3E
https://lists.apache.org/thread.html/r1eccdbd7986618a7319ee7a533bd9d9bf6e8678e59dd4cca9b5b2d7a@%3Cissues.ambari.apache.org%3E
https://lists.apache.org/thread.html/r27552d2fa10d96f2810c50d16ad1fd1899e37796c81a0c5e7585a02d@%3Cdev.rocketmq.apache.org%3E
https://lists.apache.org/thread.html/r2dfd5b331b46d3f90c4dd63a060e9f04300468293874bd7e41af7163@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r3765353ff434fd00d8fa5a44734b3625a06eeb2a3fb468da7dfae134@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r4639e821ef9ca6ca10887988f410a60261400a7766560e7a97a22efc@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r4b1886e82cc98ef38f582fef7d4ea722e3fcf46637cd4674926ba682@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r5c95eff679dfc642e9e4ab5ac6d202248a59cb1e9457cfbe8b729ac5@%3Cissues.ambari.apache.org%3E
https://lists.apache.org/thread.html/r645408661a8df9158f49e337072df39838fa76da629a7e25a20928a6@%3Cdev.rocketmq.apache.org%3E
https://lists.apache.org/thread.html/r6dac0e365d1b2df9a7ffca12b4195181ec14ff0abdf59e1fdb088ce5@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r712a6fce928e24e7b6ec30994a7e115a70f1f6e4cf2c2fbf0347ce46@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r7361bfe84bde9d233f9800c3a96673e7bd81207549ced0236f07a29d@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r74f81f93a9b69140fe41e236afa7cbe8dfa75692e7ab31a468fddaa0@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r7d5e518088e2e778928b02bcd3be3b948b59acefe2f0ebb57ec2ebb0@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r8736185eb921022225a83e56d7285a217fd83f5524bd64a6ca3bf5cc@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/r881fb5a95ab251106fed38f836257276feb026bfe01290e72ff91c2a@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r8b496b1743d128e6861ee0ed3c3c48cc56c505b38f84fa5baf7ae33a@%3Cdev.ambari.apache.org%3E
https://lists.apache.org/thread.html/r8cc37a60a5056351377ee5f1258f2a4fdd39822a257838ba6bcc1e88@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r9f13cccb214495e14648d2c9b8f2c6072fd5219e74502dd35ede81e1@%3Cdev.ambari.apache.org%3E
https://lists.apache.org/thread.html/r9fb1ee08cf337d16c3364feb0f35a072438c1a956afd7b77859aa090@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/ra996b56e1f5ab2fed235a8b91fa0cc3cf34c2e9fee290b7fa4380a0d@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/rab0de39839b4c208dcd73f01e12899dc453361935a816a784548e048@%3Cissues.karaf.apache.org%3E
https://lists.apache.org/thread.html/rb4d1fc078f086ec2e98b2693e8b358e58a6a4ef903ceed93a1ee2b18@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/rc05acaacad089613e9642f939b3a44f7199b5537493945c3e045287f@%3Cdev.geode.apache.org%3E
https://lists.apache.org/thread.html/rc9c7f96f08c8554225dba9050ea5e64bebc129d0d836303143fe3160@%3Cdev.rocketmq.apache.org%3E
https://lists.apache.org/thread.html/rdcaadaa9a68b31b7d093d76eacfaacf6c7a819f976b595c75ad2d4dc@%3Cdev.geode.apache.org%3E
https://lists.apache.org/thread.html/rded5291e25a4c4085a6d43cf262e479140198bf4eabb84986e0a1ef3@%3Cdev.rocketmq.apache.org%3E
https://lists.apache.org/thread.html/reaa8a6674baf2724b1b88a621b0d72d9f7a6f5577c88759842c16eb6@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/rf8dc72b974ee74f17bce661ea7d124e733a1f4c4f236354ac0cf48e8@%3Ccommits.camel.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-5398
https://pivotal.io/security/cve-2020-5398
https://security.netapp.com/advisory/ntap-20210917-0006/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/docs/apps/incubator/piwigo/security.md b/docs/apps/incubator/piwigo/security.md
index 19eab0c4624..892d20d8471 100644
--- a/docs/apps/incubator/piwigo/security.md
+++ b/docs/apps/incubator/piwigo/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:19:08.996Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:19:08.996Z [34mINFO[0m Detected config files: 1
#### piwigo/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:19:13.749Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:19:13.749Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:19:13.756Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:19:13.749Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:19:13.749Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:19:13.756Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/piwigo:version-11.5.0@sha256:8f8bb5d28b930edfded154d71dd2eab4ffe5631d2e4f21773bf33b220ab76f05**
-2021-12-04T19:19:24.622Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:19:24.622Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/incubator/snipe-it/security.md b/docs/apps/incubator/snipe-it/security.md
index 13cd50b4b3d..ddff880b3b2 100644
--- a/docs/apps/incubator/snipe-it/security.md
+++ b/docs/apps/incubator/snipe-it/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:19:30.498Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:19:30.498Z [34mINFO[0m Detected config files: 2
#### snipe-it/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:19:31.343Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:19:31.343Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:19:31.351Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:19:31.343Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:19:31.343Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:19:31.351Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,27 +70,27 @@
**Container: tccr.io/truecharts/snipe-it:v5.3.3@sha256:e4e26d777996c34fba581dcb26f05843ece36797f032a01df7fed1f1e32898cb**
-2021-12-04T19:19:37.435Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:19:37.435Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:19:37.435Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:19:37.435Z [34mINFO[0m Detecting composer vulnerabilities...
#### var/www/html/composer.lock
-
+
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| lcobucci/jwt | CVE-2021-41106 | LOW | 3.4.5 | 3.4.6, 4.0.4, 4.1.5 | Click to expand!
https://github.com/advisories/GHSA-7322-jrq4-x5hf
https://github.com/lcobucci/jwt/commit/8175de5b841fbe3fd97d2d49b3fc15c4ecb39a73
https://github.com/lcobucci/jwt/commit/c45bb8b961a8e742d8f6b88ef5ff1bd5cca5d01c
https://github.com/lcobucci/jwt/security/advisories/GHSA-7322-jrq4-x5hf
https://nvd.nist.gov/vuln/detail/CVE-2021-41106
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:19:38.343Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:19:38.344Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:19:38.349Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:19:38.343Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:19:38.344Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:19:38.349Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -118,15 +118,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:19:39.171Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:19:39.171Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:19:39.212Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:19:39.212Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:19:39.171Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:19:39.171Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:19:39.212Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:19:39.212Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,16 +275,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/incubator/tdarr-node/security.md b/docs/apps/incubator/tdarr-node/security.md
index 5df0e39e854..8fa2b148477 100644
--- a/docs/apps/incubator/tdarr-node/security.md
+++ b/docs/apps/incubator/tdarr-node/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:19:43.512Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:19:43.512Z [34mINFO[0m Detected config files: 1
#### tdarr-node/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:19:44.568Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:19:44.568Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:19:44.580Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:19:44.568Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:19:44.568Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:19:44.580Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/tdarr_node:v2.00.11@sha256:f4ff41e5a09ea97bb468bb584e44c0f7d869a989404aa6a7618db1e040ccb31e**
-2021-12-04T19:20:12.452Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:20:12.452Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:20:12.463Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:12.452Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:20:12.452Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:20:12.463Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/tdarr_node:v2.00.11@sha256:f4ff41e5a09ea97bb468bb584e44c0f7d869a989404aa6a7618db1e040ccb31e (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -314,4 +314,3 @@
| systemd-timesyncd | CVE-2020-13529 | LOW | 245.4-4ubuntu3.3 | 245.4-4ubuntu3.10 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/08/04/2
http://www.openwall.com/lists/oss-security/2021/08/17/3
http://www.openwall.com/lists/oss-security/2021/09/07/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529
https://linux.oracle.com/cve/CVE-2020-13529.html
https://linux.oracle.com/errata/ELSA-2021-4361.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/
https://security.gentoo.org/glsa/202107-48
https://security.netapp.com/advisory/ntap-20210625-0005/
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
https://ubuntu.com/security/notices/USN-5013-1
https://ubuntu.com/security/notices/USN-5013-2
|
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-7 | 1.30+dfsg-7ubuntu0.20.04.1 | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| wget | CVE-2021-31879 | MEDIUM | 1.20.3-1ubuntu1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
-
diff --git a/docs/apps/incubator/tdarr/security.md b/docs/apps/incubator/tdarr/security.md
index 7ca62d46ae9..17951e7746a 100644
--- a/docs/apps/incubator/tdarr/security.md
+++ b/docs/apps/incubator/tdarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:20:13.433Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:20:13.433Z [34mINFO[0m Detected config files: 1
#### tdarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:20:14.420Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:14.420Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:14.428Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:14.420Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:14.420Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:14.428Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/tdarr:v2.00.11@sha256:6fdd803b7a48519691ae1b18bf0700cf287fd8773557a0d6d0d16c782528ae18**
-2021-12-04T19:20:31.295Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:20:31.295Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:20:31.299Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:31.295Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:20:31.295Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:20:31.299Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/tdarr:v2.00.11@sha256:6fdd803b7a48519691ae1b18bf0700cf287fd8773557a0d6d0d16c782528ae18 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -314,4 +314,3 @@
| systemd-timesyncd | CVE-2020-13529 | LOW | 245.4-4ubuntu3.3 | 245.4-4ubuntu3.10 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/08/04/2
http://www.openwall.com/lists/oss-security/2021/08/17/3
http://www.openwall.com/lists/oss-security/2021/09/07/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529
https://linux.oracle.com/cve/CVE-2020-13529.html
https://linux.oracle.com/errata/ELSA-2021-4361.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/
https://security.gentoo.org/glsa/202107-48
https://security.netapp.com/advisory/ntap-20210625-0005/
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
https://ubuntu.com/security/notices/USN-5013-1
https://ubuntu.com/security/notices/USN-5013-2
|
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-7 | 1.30+dfsg-7ubuntu0.20.04.1 | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| wget | CVE-2021-31879 | MEDIUM | 1.20.3-1ubuntu1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
-
diff --git a/docs/apps/incubator/xbackbone/security.md b/docs/apps/incubator/xbackbone/security.md
index e14aba3f726..8536ea2e0f9 100644
--- a/docs/apps/incubator/xbackbone/security.md
+++ b/docs/apps/incubator/xbackbone/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:20:32.170Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:20:32.170Z [34mINFO[0m Detected config files: 2
#### xbackbone/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:20:33.875Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:33.875Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:33.882Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:33.875Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:33.875Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:33.882Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,17 +70,17 @@
**Container: tccr.io/truecharts/xbackbone:v3.3.3@sha256:c22e8806732b5a63a9761d413f4dd3a39af9427a12818e8ff769094ebc141c99**
-2021-12-04T19:20:43.175Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:43.175Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:43.239Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:20:43.239Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:20:43.240Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.9.5
-2021-12-04T19:20:43.240Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:20:43.175Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:43.175Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:43.239Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:20:43.239Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:20:43.240Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.9.5
+2021-12-04T19:20:43.240Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/xbackbone:v3.3.3@sha256:c22e8806732b5a63a9761d413f4dd3a39af9427a12818e8ff769094ebc141c99 (alpine 3.9.5)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| cups-libs | CVE-2020-3898 | HIGH | 2.2.12-r0 | 2.2.12-r1 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
https://linux.oracle.com/cve/CVE-2020-3898.html
https://linux.oracle.com/errata/ELSA-2020-4469.html
https://support.apple.com/en-us/HT211100
https://support.apple.com/kb/HT211100
https://ubuntu.com/security/notices/USN-4340-1
|
@@ -442,21 +442,21 @@
| sqlite-libs | CVE-2020-11655 | HIGH | 3.28.0-r2 | 3.28.0-r3 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11655
https://lists.debian.org/debian-lts-announce/2020/05/msg00006.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc
https://security.gentoo.org/glsa/202007-26
https://security.netapp.com/advisory/ntap-20200416-0001/
https://ubuntu.com/security/notices/USN-4394-1
https://usn.ubuntu.com/4394-1/
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11
https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c
|
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| league/flysystem | CVE-2021-32708 | HIGH | 1.0.70 | 1.1.4, 2.1.1 | Click to expand!
https://github.com/advisories/GHSA-9f46-5r25-5wfm
https://github.com/thephpleague/flysystem/commit/a3c694de9f7e844b76f9d1b61296ebf6e8d89d74
https://github.com/thephpleague/flysystem/commit/f3ad69181b8afed2c9edf7be5a2918144ff4ea32
https://github.com/thephpleague/flysystem/security/advisories/GHSA-9f46-5r25-5wfm
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWPTENBYKI2IG47GI4DHAACLNRLTWUR5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNZSWK4GOMJOOHKLZEOE5AQSLC4DNCRZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-32708
https://packagist.org/packages/league/flysystem
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:20:59.051Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:59.051Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:59.069Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:59.051Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:59.051Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:59.069Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -484,15 +484,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:21:00.409Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:21:00.409Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:21:00.448Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:21:00.448Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:21:00.409Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:21:00.409Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:21:00.448Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:21:00.448Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -641,16 +641,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/airsonic/security.md b/docs/apps/stable/airsonic/security.md
index b6b020ba61f..1c5d5e45c19 100644
--- a/docs/apps/stable/airsonic/security.md
+++ b/docs/apps/stable/airsonic/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:20:32.747Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:20:32.747Z [34mINFO[0m Detected config files: 1
#### airsonic/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:20:35.271Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:35.271Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:35.275Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:35.271Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:35.271Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:35.275Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/airsonic:version-v10.6.2@sha256:f0065aa44fb1c38b7fc30d34e220138dc0a0c6477b78eb7f59015622c2052030**
-2021-12-04T19:20:57.872Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:20:57.872Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:20:57.882Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:20:57.882Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:20:57.872Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:20:57.872Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:20:57.882Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:20:57.882Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/airsonic:version-v10.6.2@sha256:f0065aa44fb1c38b7fc30d34e220138dc0a0c6477b78eb7f59015622c2052030 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -675,7 +675,7 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ch.qos.logback:logback-classic | CVE-2017-5929 | CRITICAL | 1.1.11 | 1.2.0 | Click to expand!
http://www.cvedetails.com/cve/CVE-2017-5929/
https://access.redhat.com/errata/RHSA-2017:1675
https://access.redhat.com/errata/RHSA-2017:1676
https://access.redhat.com/errata/RHSA-2017:1832
https://access.redhat.com/errata/RHSA-2018:2927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929
https://github.com/advisories/GHSA-vmfg-rjjm-rjrj
https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8
https://lists.apache.org/thread.html/18d509024d9aeb07f0e9579066f80bf5d4dcf20467b0c240043890d1@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/a6db61616180d73711d6db25703085940026e2dbc40f153f9d22b203@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/fa4eaaa6ff41ac6f79811e053c152ee89b7c5da8a6ac848ae97df67f@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r0bb19330e48d5ad784fa20dacba9e5538d8d60f5cd9142e0f1432b4b@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2a08573ddee4a86dc96d469485a5843a01710ee0dc2078dfca410c79@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2c2d57ca180e8173c90fe313ddf8eabbdcf8e3ae196f8b9f42599790@%3Ccommits.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/r397bf63783240fbb5713389d3f889d287ae0c11509006700ac720037@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r4673642893562c58cbee60c151ded6c077e8a2d02296e862224a9161@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r632ec30791b441e2eb5a3129532bf1b689bf181d0ef7daf50bcf0fd6@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r718f27bed898008a8e037d9cc848cfc1df4d18abcbaee0cb0c142cfb@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r967953a14e05016bc4bcae9ef3dd92e770181158b4246976ed8295c9@%3Cdev.brooklyn.apache.org%3E
https://lists.apache.org/thread.html/ra007cec726a3927c918ec94c4316d05d1829c49eae8dc3648adc35e2@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rbb4dfca2f7e3e8f3570eec21c79832d33a51dfde6762725660b60169@%3Cdev.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/rc5f0cc2f3b153bdf15ee7389d78585829abc9c7af4d322ba1085dd3e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rd2227af3c9ada2a72dc72ed05517f5857a34d487580e1f2803922ff9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/re9b787727291786dfe088e3cd078c7d195c0b5781e15d3cd24a3b2fc@%3Cdev.mnemonic.apache.org%3E
https://logback.qos.ch/news.html
https://nvd.nist.gov/vuln/detail/CVE-2017-5929
|
@@ -703,4 +703,3 @@
| org.springframework.security:spring-security-core | CVE-2020-5408 | MEDIUM | 4.2.13.RELEASE | 4.2.16.RELEASE, 5.0.16.RELEASE, 5.1.10.RELEASE, 5.2.4.RELEASE, 5.3.2.RELEASE | Click to expand!
https://github.com/advisories/GHSA-2ppp-9496-p23q
https://nvd.nist.gov/vuln/detail/CVE-2020-5408
https://tanzu.vmware.com/security/cve-2020-5408
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
|
| org.springframework.security:spring-security-web | CVE-2021-22112 | HIGH | 4.2.13.RELEASE | 5.3.8, 5.4.4, 5.2.9 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/7
https://github.com/advisories/GHSA-gq28-h5vg-8prx
https://github.com/spring-projects/spring-security/releases/tag/5.4.4
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r2cb05e499807900ba23e539643eead9c5f0652fd271f223f89da1804@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r37423ec7eea340e92a409452c35b649dce02fdc467f0b3f52086c177@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r413e380088c427f56102968df89ef2f336473e1b56b7d4b3a571a378@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/ra6389b1b82108a3b6bbcd22979f7665fd437c2a3408c9509a15a9ca1@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/redbd004a503b3520ae5746c2ab5e93fd7da807a8c128e60d2002cd9b@%3Cissues.nifi.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22112
https://tanzu.vmware.com/security/cve-2021-22112
https://www.jenkins.io/security/advisory/2021-02-19/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.yaml:snakeyaml | CVE-2017-18640 | HIGH | 1.17 | 1.26 | Click to expand!
https://bitbucket.org/asomov/snakeyaml/commits/da11ddbd91c1f8392ea932b37fa48110fa54ed8c
https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion
https://bitbucket.org/asomov/snakeyaml/wiki/Billion%20laughs%20attack
https://bitbucket.org/asomov/snakeyaml/wiki/Changes
https://github.com/advisories/GHSA-rvwf-54qp-4r6v
https://linux.oracle.com/cve/CVE-2017-18640.html
https://linux.oracle.com/errata/ELSA-2020-4807.html
https://lists.apache.org/thread.html/r1058e7646988394de6a3fd0857ea9b1ee0de14d7bb28fee5ff782457@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/r154090b871cf96d985b90864442d84eb027c72c94bc3f0a5727ba2d1@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r16ae4e529401b75a1f5aa462b272b31bf2a108236f882f06fddc14bc@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1703a402f30c8a2ee409f8c6f393e95a63f8c952cc9ee5bf9dd586dc@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r182e9cf6f3fb22b9be0cac4ff0685199741d2ab6e9a4e27a3693c224@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r191ceadb1b883357384981848dfa5235cb02a90070c553afbaf9b3d9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r1aab47b48a757c70e40fc0bcb1fcf1a3951afa6a17aee7cd66cf79f8@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1dfac8b6a7097bcb4979402bbb6e2f8c36d0d9001e3018717eb22b7e@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r1ffce2ed3017e9964f03ad2c539d69e49144fc8e9bf772d641612f98@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r20350031c60a77b45e0eded33e9b3e9cb0cbfc5e24e1c63bf264df12@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r22ac2aa053b7d9c6b75a49db78125c9316499668d0f4a044f3402e2f@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r28c9009a48d52cf448f8b02cd823da0f8601d2dff4d66f387a35f1e0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2a5b84fdf59042dc398497e914b5bb1aed77328320b1438144ae1953@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2b05744c0c2867daa5d1a96832965b7d6220328b0ead06c22a6e7854@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r2db207a2431a5e9e95e899858ab1f5eabd9bcc790a6ca7193ae07e94@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r436988d2cfe8a770ae361c82b181c5b2bf48a249bad84d8a55a3b46e@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r465d2553a31265b042cf5457ef649b71e0722ab89b6ea94a5d59529b@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r4c682fb8cf69dd14162439656a6ebdf42ea6ad0e4edba95907ea3f14@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r4d7f37da1bc2df90a5a0f56eb7629b5ea131bfe11eeeb4b4c193f64a@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5510f0125ba409fc1cabd098ab8b457741e5fa314cbd0e61e4339422@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r55d807f31e64a080c54455897c20b1667ec792e5915132c7b7750533@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r56805265475919252ba7fc10123f15b91097f3009bae86476624ca25@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r643ba53f002ae59068f9352fe1d82e1b6f375387ffb776f13efe8fda@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r666f29a7d0e1f98fa1425ca01efcfa86e6e3856e01d300828aa7c6ea@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6c91e52b3cc9f4e64afe0f34f20507143fd1f756d12681a56a9b38da@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6d54c2da792c74cc14b9b7665ea89e144c9e238ed478d37fd56292e6@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r72a3588d62b2de1361dc9648f5d355385735e47f7ba49d089b0e680d@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r7ce3de03facf7e7f3e24fc25d26d555818519dafdb20f29398a3414b@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r8464b6ec951aace8c807bac9ea526d4f9e3116aa16d38be06f7c6524@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r8b57c57cffa01e418868a3c7535b987635ff1fb5ab534203bfa2d64a@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r900e020760c89f082df1c6e0d46320eba721e4e47bb9eb521e68cd95@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/raebd2019b3da8c2f90f31e8b203b45353f78770ca93bfe5376f5532e@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb0e033d5ec8233360203431ad96580cf2ec56f47d9a425d894e279c2@%3Cpr.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb34d8d3269ad47a1400f5a1a2d8310e13a80b6576ebd7f512144198d@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb5c33d0069c927fae16084f0605895b98d231d7c48527bcb822ac48c@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb7b28ac741e32dd5edb2c22485d635275bead7290b056ee56baf8ce0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/rbaa1f513d903c89a08267c91d86811fa5bcc82e0596b6142c5cea7ea@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rc3211c71f7e0973a1825d1988a3921288c06cd9d793eae97ecd34948@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rcb2a7037366c58bac6aec6ce3df843a11ef97ae4eb049f05f410eaa5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rcb4b61dbe2ed1c7a88781a9aff5a9e7342cc7ed026aec0418ee67596@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rce5c93bba6e815fb62ad38e28ca1943b3019af1eddeb06507ad4e11a@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/rd582c64f66c354240290072f340505f5d026ca944ec417226bb0272e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rdd34c0479587e32a656d976649409487d51ca0d296b3e26b6b89c3f5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/re791a854001ec1f79cd4f47328b270e7a1d9d7056debb8f16d962722@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/re851bbfbedd47c690b6e01942acb98ee08bd00df1a94910b905bc8cd@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/reb1751562ee5146d3aca654a2df76a2c13d8036645ce69946f9c219e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/recfe569f4f260328b0036f1c82b2956e864d519ab941a5e75d0d832d@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rf95bebee6dfcc55067cebe8482bd31e6f481d9f74ba8e03f860c3ec7@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rfe0aab6c3bebbd9cbfdedb65ff3fdf420714bcb8acdfd346077e1263@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKN7VGIKTYBCAKYBRG55QHXAY5UDZ7HA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTVJC54XGX26UJVVYCXZ7D25X3R5T2G6/
https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.25/usages
https://nvd.nist.gov/vuln/detail/CVE-2017-18640
https://www.oracle.com/security-alerts/cpuApr2021.html
|
-
diff --git a/docs/apps/stable/amcrest2mqtt/security.md b/docs/apps/stable/amcrest2mqtt/security.md
index 3b8a4bc61b0..080e87e449a 100644
--- a/docs/apps/stable/amcrest2mqtt/security.md
+++ b/docs/apps/stable/amcrest2mqtt/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:20:58.430Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:20:58.430Z [34mINFO[0m Detected config files: 1
#### amcrest2mqtt/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:20:59.709Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:20:59.709Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:20:59.715Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:20:59.709Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:20:59.709Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:20:59.715Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/amcrest2mqtt:v1.0.11@sha256:8721ad99bcd3392b206c71720718f8e56e58188ecae5076b75c71a46cf1239fc**
-2021-12-04T19:21:02.759Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:21:02.759Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:21:02.763Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:21:02.763Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:21:02.759Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:21:02.759Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:21:02.763Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:21:02.763Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/amcrest2mqtt:v1.0.11@sha256:8721ad99bcd3392b206c71720718f8e56e58188ecae5076b75c71a46cf1239fc (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -97,9 +97,6 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/apache-musicindex/security.md b/docs/apps/stable/apache-musicindex/security.md
index f291f1be0ba..77349e3984a 100644
--- a/docs/apps/stable/apache-musicindex/security.md
+++ b/docs/apps/stable/apache-musicindex/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:21:03.543Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:21:03.543Z [34mINFO[0m Detected config files: 1
#### apache-musicindex/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:21:04.419Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:21:04.419Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:21:04.423Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:21:04.419Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:21:04.419Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:21:04.423Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/apache-musicindex:v1.4.1-2@sha256:442d1edfbf89b8a2a42c0d649f53f091c39256c65f922078ad38ff60bdbdadf9**
-2021-12-04T19:21:13.410Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:21:13.410Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:21:13.420Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:21:13.421Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:21:13.410Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:21:13.410Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:21:13.420Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:21:13.421Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/apache-musicindex:v1.4.1-2@sha256:442d1edfbf89b8a2a42c0d649f53f091c39256c65f922078ad38ff60bdbdadf9 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2019-17567 | MEDIUM | 2.4.41-4ubuntu3.3 | | Click to expand!
http://httpd.apache.org/security/vulnerabilities_24.html
http://www.openwall.com/lists/oss-security/2021/06/10/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-17567
https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c@%3Cannounce.httpd.apache.org%3E
https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
https://security.gentoo.org/glsa/202107-38
https://security.netapp.com/advisory/ntap-20210702-0001/
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -267,8 +267,7 @@
| perl-modules-5.30 | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/appdaemon/security.md b/docs/apps/stable/appdaemon/security.md
index f619dd73ab9..8c44517d58b 100644
--- a/docs/apps/stable/appdaemon/security.md
+++ b/docs/apps/stable/appdaemon/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:21:44.334Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:21:44.334Z [34mINFO[0m Detected config files: 1
#### appdaemon/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:21:45.369Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:21:45.369Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:21:45.378Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:21:45.369Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:21:45.369Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:21:45.378Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,17 +61,17 @@
**Container: tccr.io/truecharts/appdaemon:v4.1.0@sha256:f490c318750595459824cb9355b95c8cdab768271288477454b212a8a93499a6**
-2021-12-04T19:22:07.262Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:07.262Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:07.266Z [34mINFO[0m Number of language-specific files: 4
-2021-12-04T19:22:07.266Z [34mINFO[0m Detecting cargo vulnerabilities...
-2021-12-04T19:22:07.266Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:22:07.269Z [33mWARN[0m version error (3.7.4.post0): malformed version: 3.7.4.post0
+2021-12-04T19:22:07.262Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:07.262Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:07.266Z [34mINFO[0m Number of language-specific files: 4
+2021-12-04T19:22:07.266Z [34mINFO[0m Detecting cargo vulnerabilities...
+2021-12-04T19:22:07.266Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:22:07.269Z [33mWARN[0m version error (3.7.4.post0): malformed version: 3.7.4.post0
#### tccr.io/truecharts/appdaemon:v4.1.0@sha256:f490c318750595459824cb9355b95c8cdab768271288477454b212a8a93499a6 (alpine 3.14.1)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -111,29 +111,26 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| aiohttp | pyup.io-42692 | UNKNOWN | 3.7.4.post0 | 3.8.0 | Click to expand!
|
**cargo**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**cargo**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**cargo**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/aria2/security.md b/docs/apps/stable/aria2/security.md
index ba05f2ed8ec..e97c70448e5 100644
--- a/docs/apps/stable/aria2/security.md
+++ b/docs/apps/stable/aria2/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:22:11.653Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:22:11.653Z [34mINFO[0m Detected config files: 1
#### aria2/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:16.626Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:16.626Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:16.636Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:16.626Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:16.626Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:16.636Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/aria2-pro:latest@sha256:6c0ddcc7be4da69ac146ff3153df727a5818f733636a1c4d9b78ccffd6106a23**
-2021-12-04T19:22:47.545Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:47.545Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:47.554Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:47.545Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:47.545Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:47.554Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/aria2-pro:latest@sha256:6c0ddcc7be4da69ac146ff3153df727a5818f733636a1c4d9b78ccffd6106a23 (alpine 3.12.7)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-28831 | HIGH | 1.31.1-r20 | 1.32.1-r4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd
https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/
https://security.gentoo.org/glsa/202105-09
|
@@ -103,4 +103,3 @@
| ssl_client | CVE-2021-42385 | HIGH | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42386 | HIGH | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
-
diff --git a/docs/apps/stable/audacity/security.md b/docs/apps/stable/audacity/security.md
index 821183e7f7b..d71cffce9cc 100644
--- a/docs/apps/stable/audacity/security.md
+++ b/docs/apps/stable/audacity/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:22:08.572Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:22:08.572Z [34mINFO[0m Detected config files: 1
#### audacity/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:16.032Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:16.032Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:16.042Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:16.032Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:16.032Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:16.042Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/audacity:v3.0.2@sha256:a0a829c08c74236b405888f26c4a52251b403db6ca8946895d00505ba1a1ffc7**
-2021-12-04T19:22:36.414Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:22:36.414Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:22:36.419Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:22:36.419Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:22:36.414Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:22:36.414Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:22:36.419Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:22:36.419Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/audacity:v3.0.2@sha256:a0a829c08c74236b405888f26c4a52251b403db6ca8946895d00505ba1a1ffc7 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -440,7 +440,7 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu14 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -451,4 +451,3 @@
| tar | CVE-2021-37701 | HIGH | 6.1.1 | 6.1.7, 5.0.8, 4.4.16 | Click to expand!
https://github.com/advisories/GHSA-9r2w-394v-53qc
https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
https://nvd.nist.gov/vuln/detail/CVE-2021-37701
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1779
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37712 | HIGH | 6.1.1 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-qq89-hq3f-393p
https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
https://nvd.nist.gov/vuln/detail/CVE-2021-37712
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1780
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37713 | HIGH | 6.1.1 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/docs/apps/stable/authelia/security.md b/docs/apps/stable/authelia/security.md
index 213a9eb6b93..3fc764712ac 100644
--- a/docs/apps/stable/authelia/security.md
+++ b/docs/apps/stable/authelia/security.md
@@ -4,30 +4,30 @@
##### Scan Results
-2021-12-04T19:22:08.025Z [34mINFO[0m Detected config files: 3
+2021-12-04T19:22:08.025Z [34mINFO[0m Detected config files: 3
#### authelia/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -45,14 +45,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:11.130Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:11.130Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:11.139Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:11.130Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:11.130Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:11.139Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -80,16 +80,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:22:12.985Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:22:12.985Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:22:13.014Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:22:13.014Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:22:13.014Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:22:12.985Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:22:12.985Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:22:13.014Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:22:13.014Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:22:13.014Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -284,55 +284,55 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/authelia:v4.33.0@sha256:8e5d19769c2c01fa8f3b5e96ccee2262b7a8aab1560ce3c40f80ee207be18f9d**
-2021-12-04T19:22:39.064Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:39.064Z [33mWARN[0m This OS version is not on the EOL list: alpine 3.15
-2021-12-04T19:22:39.064Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:39.065Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:22:39.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:22:39.066Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.15.0
-2021-12-04T19:22:39.066Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:22:39.064Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:39.064Z [33mWARN[0m This OS version is not on the EOL list: alpine 3.15
+2021-12-04T19:22:39.064Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:39.065Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:22:39.065Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:22:39.066Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.15.0
+2021-12-04T19:22:39.066Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/authelia:v4.33.0@sha256:8e5d19769c2c01fa8f3b5e96ccee2262b7a8aab1560ce3c40f80ee207be18f9d (alpine 3.15.0)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:40.646Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:40.646Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:40.668Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:40.646Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:40.646Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:40.668Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -360,15 +360,15 @@
**Container: tccr.io/truecharts/redis:v6.2.6@sha256:741dc63de7fed6f7f4fff41ac4b23a40f6850e9fb361e35e2959c71d8f10aeae**
-2021-12-04T19:22:52.900Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:22:52.900Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:22:52.932Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:22:52.932Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:22:52.900Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:22:52.900Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:22:52.932Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:22:52.932Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/redis:v6.2.6@sha256:741dc63de7fed6f7f4fff41ac4b23a40f6850e9fb361e35e2959c71d8f10aeae (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -515,29 +515,29 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:54.651Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:54.651Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:54.664Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:54.651Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:54.651Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:54.664Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -565,16 +565,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:22:56.329Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:22:56.329Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:22:56.362Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:22:56.362Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:22:56.362Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:22:56.329Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:22:56.329Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:22:56.362Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:22:56.362Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:22:56.362Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -769,16 +769,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/babybuddy/security.md b/docs/apps/stable/babybuddy/security.md
index 5f5558f9b2f..facfc72d029 100644
--- a/docs/apps/stable/babybuddy/security.md
+++ b/docs/apps/stable/babybuddy/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:22:39.948Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:22:39.948Z [34mINFO[0m Detected config files: 2
#### babybuddy/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:22:54.039Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:22:54.039Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:22:54.045Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:22:54.039Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:22:54.039Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:22:54.045Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:22:55.616Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:22:55.616Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:22:55.658Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:22:55.658Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:22:55.658Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:22:55.616Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:22:55.616Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:22:55.658Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:22:55.658Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:22:55.658Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,50 +275,50 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/babybuddy:v1.9.1@sha256:da34791df622b4eea3c1bd6c3c585f0e7e229140f6b60802fabed2ffcad238b2**
-2021-12-04T19:23:17.867Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:23:17.867Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:23:17.892Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:23:17.867Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:23:17.867Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:23:17.892Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| reportlab | CVE-2020-28463 | MEDIUM | 3.6.2 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1930417
https://github.com/advisories/GHSA-mpvw-25mg-59vx
https://hg.reportlab.com/hg-public/reportlab/file/f094d273903a/CHANGES.md#l71
https://hg.reportlab.com/hg-public/reportlab/rev/7f2231703dc7
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMUJA5GZTPQ5WRYUCCK2GEZM4W43N7HH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YZQSFCID67K6BTC655EQY6MNOF35QI44/
https://nvd.nist.gov/vuln/detail/CVE-2020-28463
https://snyk.io/vuln/SNYK-PYTHON-REPORTLAB-1022145
https://www.reportlab.com/docs/reportlab-userguide.pdf
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:23:19.420Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:23:19.420Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:23:19.425Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:23:19.420Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:23:19.420Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:23:19.425Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -346,16 +346,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:23:20.640Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:23:20.640Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:23:20.686Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:23:20.686Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:23:20.686Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:23:20.640Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:23:20.640Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:23:20.686Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:23:20.686Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:23:20.686Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -550,16 +550,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/bazarr/security.md b/docs/apps/stable/bazarr/security.md
index 93135a8e825..f86618d7281 100644
--- a/docs/apps/stable/bazarr/security.md
+++ b/docs/apps/stable/bazarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:23:18.527Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:23:18.527Z [34mINFO[0m Detected config files: 1
#### bazarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:23:19.995Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:23:19.995Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:23:20.001Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:23:19.995Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:23:19.995Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:23:20.001Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/bazarr:v1.0.1@sha256:b6d3d33d3f964e4de7563096f07476f9f2c990f2268e1f9814d3281c3181111e**
-2021-12-04T19:23:37.001Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:23:37.001Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:23:37.005Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:23:37.005Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:23:37.006Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:23:37.001Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:23:37.001Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:23:37.005Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:23:37.005Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:23:37.006Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/bazarr:v1.0.1@sha256:b6d3d33d3f964e4de7563096f07476f9f2c990f2268e1f9814d3281c3181111e (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -728,15 +728,14 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu14 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/beets/security.md b/docs/apps/stable/beets/security.md
index 98f279e4e92..3a8a9c8af9c 100644
--- a/docs/apps/stable/beets/security.md
+++ b/docs/apps/stable/beets/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:23:37.846Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:23:37.846Z [34mINFO[0m Detected config files: 1
#### beets/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:23:39.006Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:23:39.006Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:23:39.013Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:23:39.006Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:23:39.006Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:23:39.013Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,13 @@
**Container: tccr.io/truecharts/beets:v1.5.0@sha256:031e2eec738848149e808eb102279817aa3fea8e57d012191daf1c471de07703**
-2021-12-04T19:23:47.194Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:23:47.194Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:23:47.194Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:23:47.194Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| beets | pyup.io-42892 | UNKNOWN | 1.5.0 | 1.6.0 | Click to expand!
|
-
diff --git a/docs/apps/stable/booksonic-air/security.md b/docs/apps/stable/booksonic-air/security.md
index 5a7a73add3f..d5eaed58838 100644
--- a/docs/apps/stable/booksonic-air/security.md
+++ b/docs/apps/stable/booksonic-air/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:23:47.705Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:23:47.705Z [34mINFO[0m Detected config files: 1
#### booksonic-air/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:23:48.807Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:23:48.807Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:23:48.815Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:23:48.807Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:23:48.807Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:23:48.815Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/booksonic-air:v2009.1.0@sha256:300d9d7d0c343daf7e5964737cfb25fb1dad5cff29ebe45076070e04c924014a**
-2021-12-04T19:24:10.473Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:24:10.473Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:24:10.501Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:24:10.501Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:24:10.473Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:24:10.473Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:24:10.501Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:24:10.501Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/booksonic-air:v2009.1.0@sha256:300d9d7d0c343daf7e5964737cfb25fb1dad5cff29ebe45076070e04c924014a (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -676,7 +676,7 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.google.guava:guava | CVE-2020-8908 | LOW | 28.2-jre | 30.0 | Click to expand!
https://github.com/advisories/GHSA-5mg8-w23w-74h3
https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40
https://github.com/google/guava/issues/4011
https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r037fed1d0ebde50c9caf8d99815db3093c344c3f651c5a49a09824ce@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E
https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E
https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-8908
https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -698,4 +698,3 @@
| org.springframework.security:spring-security-core | CVE-2021-22119 | HIGH | 5.2.4.RELEASE | 5.2.11.RELEASE, 5.3.10.RELEASE, 5.4.7, 5.5.1 | Click to expand!
https://github.com/advisories/GHSA-w9jg-gvgr-354m
https://github.com/spring-projects/spring-security/pull/9513
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22119
https://tanzu.vmware.com/security/cve-2021-22119
|
| org.springframework.security:spring-security-web | CVE-2021-22112 | HIGH | 5.2.4.RELEASE | 5.3.8, 5.4.4, 5.2.9 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/7
https://github.com/advisories/GHSA-gq28-h5vg-8prx
https://github.com/spring-projects/spring-security/releases/tag/5.4.4
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r2cb05e499807900ba23e539643eead9c5f0652fd271f223f89da1804@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r37423ec7eea340e92a409452c35b649dce02fdc467f0b3f52086c177@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r413e380088c427f56102968df89ef2f336473e1b56b7d4b3a571a378@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/ra6389b1b82108a3b6bbcd22979f7665fd437c2a3408c9509a15a9ca1@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/redbd004a503b3520ae5746c2ab5e93fd7da807a8c128e60d2002cd9b@%3Cissues.nifi.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22112
https://tanzu.vmware.com/security/cve-2021-22112
https://www.jenkins.io/security/advisory/2021-02-19/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.yaml:snakeyaml | CVE-2017-18640 | HIGH | 1.25 | 1.26 | Click to expand!
https://bitbucket.org/asomov/snakeyaml/commits/da11ddbd91c1f8392ea932b37fa48110fa54ed8c
https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion
https://bitbucket.org/asomov/snakeyaml/wiki/Billion%20laughs%20attack
https://bitbucket.org/asomov/snakeyaml/wiki/Changes
https://github.com/advisories/GHSA-rvwf-54qp-4r6v
https://linux.oracle.com/cve/CVE-2017-18640.html
https://linux.oracle.com/errata/ELSA-2020-4807.html
https://lists.apache.org/thread.html/r1058e7646988394de6a3fd0857ea9b1ee0de14d7bb28fee5ff782457@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/r154090b871cf96d985b90864442d84eb027c72c94bc3f0a5727ba2d1@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r16ae4e529401b75a1f5aa462b272b31bf2a108236f882f06fddc14bc@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1703a402f30c8a2ee409f8c6f393e95a63f8c952cc9ee5bf9dd586dc@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r182e9cf6f3fb22b9be0cac4ff0685199741d2ab6e9a4e27a3693c224@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r191ceadb1b883357384981848dfa5235cb02a90070c553afbaf9b3d9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r1aab47b48a757c70e40fc0bcb1fcf1a3951afa6a17aee7cd66cf79f8@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1dfac8b6a7097bcb4979402bbb6e2f8c36d0d9001e3018717eb22b7e@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r1ffce2ed3017e9964f03ad2c539d69e49144fc8e9bf772d641612f98@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r20350031c60a77b45e0eded33e9b3e9cb0cbfc5e24e1c63bf264df12@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r22ac2aa053b7d9c6b75a49db78125c9316499668d0f4a044f3402e2f@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r28c9009a48d52cf448f8b02cd823da0f8601d2dff4d66f387a35f1e0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2a5b84fdf59042dc398497e914b5bb1aed77328320b1438144ae1953@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2b05744c0c2867daa5d1a96832965b7d6220328b0ead06c22a6e7854@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r2db207a2431a5e9e95e899858ab1f5eabd9bcc790a6ca7193ae07e94@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r436988d2cfe8a770ae361c82b181c5b2bf48a249bad84d8a55a3b46e@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r465d2553a31265b042cf5457ef649b71e0722ab89b6ea94a5d59529b@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r4c682fb8cf69dd14162439656a6ebdf42ea6ad0e4edba95907ea3f14@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r4d7f37da1bc2df90a5a0f56eb7629b5ea131bfe11eeeb4b4c193f64a@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5510f0125ba409fc1cabd098ab8b457741e5fa314cbd0e61e4339422@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r55d807f31e64a080c54455897c20b1667ec792e5915132c7b7750533@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r56805265475919252ba7fc10123f15b91097f3009bae86476624ca25@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r643ba53f002ae59068f9352fe1d82e1b6f375387ffb776f13efe8fda@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r666f29a7d0e1f98fa1425ca01efcfa86e6e3856e01d300828aa7c6ea@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6c91e52b3cc9f4e64afe0f34f20507143fd1f756d12681a56a9b38da@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6d54c2da792c74cc14b9b7665ea89e144c9e238ed478d37fd56292e6@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r72a3588d62b2de1361dc9648f5d355385735e47f7ba49d089b0e680d@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r7ce3de03facf7e7f3e24fc25d26d555818519dafdb20f29398a3414b@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r8464b6ec951aace8c807bac9ea526d4f9e3116aa16d38be06f7c6524@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r8b57c57cffa01e418868a3c7535b987635ff1fb5ab534203bfa2d64a@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r900e020760c89f082df1c6e0d46320eba721e4e47bb9eb521e68cd95@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/raebd2019b3da8c2f90f31e8b203b45353f78770ca93bfe5376f5532e@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb0e033d5ec8233360203431ad96580cf2ec56f47d9a425d894e279c2@%3Cpr.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb34d8d3269ad47a1400f5a1a2d8310e13a80b6576ebd7f512144198d@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb5c33d0069c927fae16084f0605895b98d231d7c48527bcb822ac48c@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb7b28ac741e32dd5edb2c22485d635275bead7290b056ee56baf8ce0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/rbaa1f513d903c89a08267c91d86811fa5bcc82e0596b6142c5cea7ea@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rc3211c71f7e0973a1825d1988a3921288c06cd9d793eae97ecd34948@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rcb2a7037366c58bac6aec6ce3df843a11ef97ae4eb049f05f410eaa5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rcb4b61dbe2ed1c7a88781a9aff5a9e7342cc7ed026aec0418ee67596@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rce5c93bba6e815fb62ad38e28ca1943b3019af1eddeb06507ad4e11a@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/rd582c64f66c354240290072f340505f5d026ca944ec417226bb0272e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rdd34c0479587e32a656d976649409487d51ca0d296b3e26b6b89c3f5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/re791a854001ec1f79cd4f47328b270e7a1d9d7056debb8f16d962722@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/re851bbfbedd47c690b6e01942acb98ee08bd00df1a94910b905bc8cd@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/reb1751562ee5146d3aca654a2df76a2c13d8036645ce69946f9c219e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/recfe569f4f260328b0036f1c82b2956e864d519ab941a5e75d0d832d@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rf95bebee6dfcc55067cebe8482bd31e6f481d9f74ba8e03f860c3ec7@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rfe0aab6c3bebbd9cbfdedb65ff3fdf420714bcb8acdfd346077e1263@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKN7VGIKTYBCAKYBRG55QHXAY5UDZ7HA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTVJC54XGX26UJVVYCXZ7D25X3R5T2G6/
https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.25/usages
https://nvd.nist.gov/vuln/detail/CVE-2017-18640
https://www.oracle.com/security-alerts/cpuApr2021.html
|
-
diff --git a/docs/apps/stable/calibre-web/security.md b/docs/apps/stable/calibre-web/security.md
index 9da028a49ea..4bcb5e3eb02 100644
--- a/docs/apps/stable/calibre-web/security.md
+++ b/docs/apps/stable/calibre-web/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:24:11.523Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:24:11.523Z [34mINFO[0m Detected config files: 1
#### calibre-web/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:24:12.326Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:24:12.326Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:24:12.333Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:24:12.326Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:24:12.326Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:24:12.333Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/calibre-web:version-0.6.12@sha256:3f54c0f7bec8c635f019d88039b986c5fa8951445daf5016b4cdb1118694c612**
-2021-12-04T19:24:32.635Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:24:32.635Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:24:32.641Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:24:32.641Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:24:32.635Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:24:32.635Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:24:32.641Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:24:32.641Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/calibre-web:version-0.6.12@sha256:3f54c0f7bec8c635f019d88039b986c5fa8951445daf5016b4cdb1118694c612 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -245,11 +245,10 @@
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2ubuntu1 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| SQLAlchemy-Utils | pyup.io-42194 | UNKNOWN | 0.37.8 | | Click to expand!
|
| Werkzeug | pyup.io-42050 | UNKNOWN | 1.0.1 | 2.0.2 | Click to expand!
|
| python-ldap | GHSA-r8wq-qrxc-hmcm | MEDIUM | 3.3.1 | 3.4.0 | Click to expand!
https://github.com/advisories/GHSA-r8wq-qrxc-hmcm
https://github.com/python-ldap/python-ldap/issues/424
https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm
|
| urllib3 | CVE-2021-33503 | HIGH | 1.25.11 | 1.26.5 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
https://nvd.nist.gov/vuln/detail/CVE-2021-33503
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/docs/apps/stable/calibre/security.md b/docs/apps/stable/calibre/security.md
index 6cf5c394f11..f8f2f9c0a9a 100644
--- a/docs/apps/stable/calibre/security.md
+++ b/docs/apps/stable/calibre/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:24:33.520Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:24:33.520Z [34mINFO[0m Detected config files: 1
#### calibre/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:24:34.364Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:24:34.364Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:24:34.372Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:24:34.364Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:24:34.364Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:24:34.372Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/calibre:v5.32.0-ls138@sha256:a7c6272300628eb747dc129001aef8bc53d9b462ebe6b4953de904a2a5e15c8e**
-2021-12-04T19:25:00.213Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:25:00.213Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:25:00.222Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:25:00.222Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:25:00.213Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:25:00.213Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:25:00.222Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:25:00.222Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/calibre:v5.32.0-ls138@sha256:a7c6272300628eb747dc129001aef8bc53d9b462ebe6b4953de904a2a5e15c8e (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -301,9 +301,8 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/docs/apps/stable/cloud9/security.md b/docs/apps/stable/cloud9/security.md
index 9ddbc221aa4..179c78b21c2 100644
--- a/docs/apps/stable/cloud9/security.md
+++ b/docs/apps/stable/cloud9/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:24:35.015Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:24:35.015Z [34mINFO[0m Detected config files: 1
#### cloud9/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:25:01.448Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:25:01.448Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:25:01.454Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:25:01.448Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:25:01.448Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:25:01.454Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/cloud9:version-1.29.2@sha256:4891fa151fe52c43719f0346124f29c81ed47be16cdc34554b8896b0cb80cb73**
-2021-12-04T19:25:16.818Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:25:16.818Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:25:16.823Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:25:16.823Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:25:16.818Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:25:16.818Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:25:16.823Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:25:16.823Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/cloud9:version-1.29.2@sha256:4891fa151fe52c43719f0346124f29c81ed47be16cdc34554b8896b0cb80cb73 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -202,7 +202,7 @@
| perl-modules-5.26 | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bl | CVE-2020-8244 | MEDIUM | 1.1.2 | 2.2.1, 1.2.3, 4.0.3, 3.0.1 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8244
https://github.com/advisories/GHSA-pp7h-53gx-mx7r
https://github.com/rvagg/bl/commit/8a8c13c880e2bef519133ea43e0e9b78b5d0c91e
https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190
https://github.com/rvagg/bl/commit/dacc4ac7d5fcd6201bcf26fbd886951be9537466
https://hackerone.com/reports/966347
https://nvd.nist.gov/vuln/detail/CVE-2020-8244
https://ubuntu.com/security/notices/USN-5098-1
|
@@ -313,4 +313,3 @@
| ws | NSWG-ECO-120 | HIGH | 1.0.1 | >=1.1.1 | Click to expand!
https://github.com/nodejs/node/issues/7388
|
| xmlhttprequest-ssl | CVE-2021-31597 | CRITICAL | 1.5.1 | 1.6.1 | Click to expand!
https://github.com/advisories/GHSA-72mh-269x-7mh5
https://github.com/mjwwit/node-XMLHttpRequest/commit/bf53329b61ca6afc5d28f6b8d2dc2e3ca740a9b2
https://github.com/mjwwit/node-XMLHttpRequest/compare/v1.6.0...1.6.1
https://nvd.nist.gov/vuln/detail/CVE-2021-31597
https://people.kingsds.network/wesgarland/xmlhttprequest-ssl-vuln.txt
https://security.netapp.com/advisory/ntap-20210618-0004/
|
| xmlhttprequest-ssl | CVE-2020-28502 | HIGH | 1.5.1 | 1.6.2 | Click to expand!
https://github.com/advisories/GHSA-h4j5-c7cj-74xg
https://github.com/driverdan/node-XMLHttpRequest/blob/1.6.0/lib/XMLHttpRequest.js#L480
https://github.com/driverdan/node-XMLHttpRequest/blob/1.6.0/lib/XMLHttpRequest.js%23L480
https://github.com/driverdan/node-XMLHttpRequest/commit/983cfc244c7567ad6a59e366e55a8037e0497fe6
https://github.com/mjwwit/node-XMLHttpRequest/blob/ae38832a0f1347c5e96dda665402509a3458e302/lib/XMLHttpRequest.js#L531
https://github.com/mjwwit/node-XMLHttpRequest/commit/ee1e81fc67729c7c0eba5537ed7fe1e30a6b3291
https://nvd.nist.gov/vuln/detail/CVE-2020-28502
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1082937
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1082938
https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUEST-1082935
https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1082936
|
-
diff --git a/docs/apps/stable/code-server/security.md b/docs/apps/stable/code-server/security.md
index 88579823468..78d55277c61 100644
--- a/docs/apps/stable/code-server/security.md
+++ b/docs/apps/stable/code-server/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:25:00.723Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:25:00.723Z [34mINFO[0m Detected config files: 1
#### code-server/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:25:02.061Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:25:02.062Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:25:02.085Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:25:02.061Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:25:02.062Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:25:02.085Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/code-server:v3.12.0@sha256:2853a8bdd8eed9c09bcd4b100b9d4be20c42a307b9d1cbae1a204276e948f9ce**
-2021-12-04T19:25:36.140Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:25:36.140Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:25:36.206Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:25:36.206Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:25:36.140Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:25:36.140Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:25:36.206Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:25:36.206Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/code-server:v3.12.0@sha256:2853a8bdd8eed9c09bcd4b100b9d4be20c42a307b9d1cbae1a204276e948f9ce (debian 11.0)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,10 +275,9 @@
| xxd | CVE-2017-1000382 | LOW | 2:8.2.2434-3 | | Click to expand!
http://security.cucumberlinux.com/security/details.php?id=120
http://www.openwall.com/lists/oss-security/2017/10/31/1
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.1 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
| gopkg.in/yaml.v2 | GMS-2019-2 | UNKNOWN | v2.2.1 | v2.2.3 | Click to expand!
https://github.com/docker/cli/pull/2117
|
| gopkg.in/yaml.v2 | GO-2021-0061 | UNKNOWN | v2.2.1 | v2.2.3 | Click to expand!
|
-
diff --git a/docs/apps/stable/collabora-online/security.md b/docs/apps/stable/collabora-online/security.md
index 0cd051bb2e3..7fed3e1558b 100644
--- a/docs/apps/stable/collabora-online/security.md
+++ b/docs/apps/stable/collabora-online/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:25:17.415Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:25:17.415Z [34mINFO[0m Detected config files: 1
#### collabora-online/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:25:37.694Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:25:37.694Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:25:37.711Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:25:37.694Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:25:37.694Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:25:37.711Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/collabora:v6.4.14.3@sha256:d4a55425927736cb167a8df37ba6f2a60c0e3e0bacc0ee2496ecb5e535176f60**
-2021-12-04T19:26:07.419Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:26:07.419Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:26:07.425Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:07.419Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:26:07.419Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:26:07.425Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/collabora:v6.4.14.3@sha256:d4a55425927736cb167a8df37ba6f2a60c0e3e0bacc0ee2496ecb5e535176f60 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -209,4 +209,3 @@
| python3.6-minimal | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| python3.6-minimal | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-1ubuntu1 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
-
diff --git a/docs/apps/stable/cryptofolio/security.md b/docs/apps/stable/cryptofolio/security.md
index 34bb4f84b5e..bb168cb828a 100644
--- a/docs/apps/stable/cryptofolio/security.md
+++ b/docs/apps/stable/cryptofolio/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:26:17.147Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:26:17.147Z [34mINFO[0m Detected config files: 1
#### cryptofolio/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:26:27.914Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:26:27.914Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:26:27.923Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:27.914Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:26:27.914Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:26:27.923Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/cryptofolio:v2.2.0@sha256:e77706dd4748dbdf2665cb53434802a3c2ef85f3d9b1ca809f2615b15758f3d0**
-2021-12-04T19:26:40.959Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:26:40.959Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:26:41.060Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:40.959Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:26:40.959Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:26:41.060Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/cryptofolio:v2.2.0@sha256:e77706dd4748dbdf2665cb53434802a3c2ef85f3d9b1ca809f2615b15758f3d0 (debian 11.0)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2021-39275 | CRITICAL | 2.4.48-3.1+deb11u1 | 2.4.51-1~deb11u1 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-39275
https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E
https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3Cusers.httpd.apache.org%3E
https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3Cusers.httpd.apache.org%3E
https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
https://security.netapp.com/advisory/ntap-20211008-0004/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ
https://ubuntu.com/security/notices/USN-5090-1
https://ubuntu.com/security/notices/USN-5090-2
https://www.debian.org/security/2021/dsa-4982
|
@@ -450,4 +450,3 @@
| perl-modules-5.32 | CVE-2011-4116 | LOW | 5.32.1-4+deb11u1 | | Click to expand!
http://www.openwall.com/lists/oss-security/2011/11/04/2
http://www.openwall.com/lists/oss-security/2011/11/04/4
https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14
https://rt.cpan.org/Public/Bug/Display.html?id=69106
https://seclists.org/oss-sec/2011/q4/238
|
| re2c | CVE-2018-21232 | LOW | 2.0.3-1 | | Click to expand!
http://www.openwall.com/lists/oss-security/2020/05/14/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21232
https://github.com/skvadrik/re2c/issues/219
https://www.openwall.com/lists/oss-security/2020/04/27/2
|
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
-
diff --git a/docs/apps/stable/custom-app/security.md b/docs/apps/stable/custom-app/security.md
index 67084e6e68f..4e36efff945 100644
--- a/docs/apps/stable/custom-app/security.md
+++ b/docs/apps/stable/custom-app/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:26:08.209Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:26:08.209Z [34mINFO[0m Detected config files: 1
#### custom-app/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:26:09.405Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:26:09.405Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:26:09.411Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:09.405Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:26:09.405Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:26:09.411Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/jackett:v0.20.83@sha256:b24ade69bfc1b9725c42043c0b4aab341aed7c2cb462fdc21bb5287aaa574d79**
-2021-12-04T19:26:26.812Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:26:26.812Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:26:26.815Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:26:26.815Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:26:26.812Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:26:26.812Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:26:26.815Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:26:26.815Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/jackett:v0.20.83@sha256:b24ade69bfc1b9725c42043c0b4aab341aed7c2cb462fdc21bb5287aaa574d79 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -150,8 +150,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/davos/security.md b/docs/apps/stable/davos/security.md
index 5f944549ab4..8ab6fd80ad8 100644
--- a/docs/apps/stable/davos/security.md
+++ b/docs/apps/stable/davos/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:26:07.812Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:26:07.812Z [34mINFO[0m Detected config files: 1
#### davos/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:26:08.804Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:26:08.804Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:26:08.808Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:08.804Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:26:08.804Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:26:08.808Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,13 +61,13 @@
**Container: tccr.io/truecharts/davos:v2.2.1-ls76@sha256:f9359583fb20278b436e7b018ee244f2cce1480d6834775f19e9da3503dd0e9b**
-2021-12-04T19:26:16.486Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:26:16.486Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:26:16.486Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:26:16.486Z [34mINFO[0m Detecting jar vulnerabilities...
#### Java
-
+
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.fasterxml.jackson.core:jackson-databind | CVE-2017-15095 | CRITICAL | 2.8.4 | 2.7.9.2, 2.8.10, 2.9.1 | Click to expand!
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/103880
http://www.securitytracker.com/id/1039769
https://access.redhat.com/errata/RHSA-2017:3189
https://access.redhat.com/errata/RHSA-2017:3190
https://access.redhat.com/errata/RHSA-2018:0342
https://access.redhat.com/errata/RHSA-2018:0478
https://access.redhat.com/errata/RHSA-2018:0479
https://access.redhat.com/errata/RHSA-2018:0480
https://access.redhat.com/errata/RHSA-2018:0481
https://access.redhat.com/errata/RHSA-2018:0576
https://access.redhat.com/errata/RHSA-2018:0577
https://access.redhat.com/errata/RHSA-2018:1447
https://access.redhat.com/errata/RHSA-2018:1448
https://access.redhat.com/errata/RHSA-2018:1449
https://access.redhat.com/errata/RHSA-2018:1450
https://access.redhat.com/errata/RHSA-2018:1451
https://access.redhat.com/errata/RHSA-2018:2927
https://access.redhat.com/errata/RHSA-2019:2858
https://access.redhat.com/errata/RHSA-2019:3149
https://access.redhat.com/errata/RHSA-2019:3892
https://access.redhat.com/solutions/3442891
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095
https://github.com/FasterXML/jackson-databind/blob/7093008aa2afe8068e120df850189ae072dfa1b2/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java#L43
https://github.com/FasterXML/jackson-databind/commit/3bfbb835
https://github.com/FasterXML/jackson-databind/commit/ddfddfba
https://github.com/FasterXML/jackson-databind/commit/e8f043d1
https://github.com/FasterXML/jackson-databind/issues/1680
https://github.com/FasterXML/jackson-databind/issues/1723
https://github.com/FasterXML/jackson-databind/issues/1737
https://github.com/advisories/GHSA-h592-38cm-4ggp
https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html
https://nvd.nist.gov/vuln/detail/CVE-2017-15095
https://security.netapp.com/advisory/ntap-20171214-0003/
https://ubuntu.com/security/notices/USN-4741-1
https://www.debian.org/security/2017/dsa-4037
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
|
@@ -166,4 +166,3 @@
| org.springframework:spring-core | CVE-2018-1257 | MEDIUM | 4.3.4.RELEASE | 4.3.17, 5.0.6 | Click to expand!
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/104260
https://access.redhat.com/errata/RHSA-2018:1809
https://access.redhat.com/errata/RHSA-2018:3768
https://github.com/advisories/GHSA-rcpf-vj53-7h2m
https://nvd.nist.gov/vuln/detail/CVE-2018-1257
https://pivotal.io/security/cve-2018-1257
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
|
| org.springframework:spring-core | CVE-2018-1271 | MEDIUM | 4.3.4.RELEASE | 4.3.15, 5.0.5 | Click to expand!
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/103699
https://access.redhat.com/errata/RHSA-2018:1320
https://access.redhat.com/errata/RHSA-2018:2669
https://access.redhat.com/errata/RHSA-2018:2939
https://github.com/advisories/GHSA-g8hw-794c-4j9g
https://nvd.nist.gov/vuln/detail/CVE-2018-1271
https://pivotal.io/security/cve-2018-1271
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
|
| org.yaml:snakeyaml | CVE-2017-18640 | HIGH | 1.17 | 1.26 | Click to expand!
https://bitbucket.org/asomov/snakeyaml/commits/da11ddbd91c1f8392ea932b37fa48110fa54ed8c
https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion
https://bitbucket.org/asomov/snakeyaml/wiki/Billion%20laughs%20attack
https://bitbucket.org/asomov/snakeyaml/wiki/Changes
https://github.com/advisories/GHSA-rvwf-54qp-4r6v
https://linux.oracle.com/cve/CVE-2017-18640.html
https://linux.oracle.com/errata/ELSA-2020-4807.html
https://lists.apache.org/thread.html/r1058e7646988394de6a3fd0857ea9b1ee0de14d7bb28fee5ff782457@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/r154090b871cf96d985b90864442d84eb027c72c94bc3f0a5727ba2d1@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r16ae4e529401b75a1f5aa462b272b31bf2a108236f882f06fddc14bc@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1703a402f30c8a2ee409f8c6f393e95a63f8c952cc9ee5bf9dd586dc@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r182e9cf6f3fb22b9be0cac4ff0685199741d2ab6e9a4e27a3693c224@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r191ceadb1b883357384981848dfa5235cb02a90070c553afbaf9b3d9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r1aab47b48a757c70e40fc0bcb1fcf1a3951afa6a17aee7cd66cf79f8@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r1dfac8b6a7097bcb4979402bbb6e2f8c36d0d9001e3018717eb22b7e@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r1ffce2ed3017e9964f03ad2c539d69e49144fc8e9bf772d641612f98@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r20350031c60a77b45e0eded33e9b3e9cb0cbfc5e24e1c63bf264df12@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r22ac2aa053b7d9c6b75a49db78125c9316499668d0f4a044f3402e2f@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r28c9009a48d52cf448f8b02cd823da0f8601d2dff4d66f387a35f1e0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2a5b84fdf59042dc398497e914b5bb1aed77328320b1438144ae1953@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r2b05744c0c2867daa5d1a96832965b7d6220328b0ead06c22a6e7854@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r2db207a2431a5e9e95e899858ab1f5eabd9bcc790a6ca7193ae07e94@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r436988d2cfe8a770ae361c82b181c5b2bf48a249bad84d8a55a3b46e@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r465d2553a31265b042cf5457ef649b71e0722ab89b6ea94a5d59529b@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r4c682fb8cf69dd14162439656a6ebdf42ea6ad0e4edba95907ea3f14@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r4d7f37da1bc2df90a5a0f56eb7629b5ea131bfe11eeeb4b4c193f64a@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5510f0125ba409fc1cabd098ab8b457741e5fa314cbd0e61e4339422@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r55d807f31e64a080c54455897c20b1667ec792e5915132c7b7750533@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r56805265475919252ba7fc10123f15b91097f3009bae86476624ca25@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r643ba53f002ae59068f9352fe1d82e1b6f375387ffb776f13efe8fda@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r666f29a7d0e1f98fa1425ca01efcfa86e6e3856e01d300828aa7c6ea@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6c91e52b3cc9f4e64afe0f34f20507143fd1f756d12681a56a9b38da@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r6d54c2da792c74cc14b9b7665ea89e144c9e238ed478d37fd56292e6@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/r72a3588d62b2de1361dc9648f5d355385735e47f7ba49d089b0e680d@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r7ce3de03facf7e7f3e24fc25d26d555818519dafdb20f29398a3414b@%3Cdev.phoenix.apache.org%3E
https://lists.apache.org/thread.html/r8464b6ec951aace8c807bac9ea526d4f9e3116aa16d38be06f7c6524@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r8b57c57cffa01e418868a3c7535b987635ff1fb5ab534203bfa2d64a@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r900e020760c89f082df1c6e0d46320eba721e4e47bb9eb521e68cd95@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/raebd2019b3da8c2f90f31e8b203b45353f78770ca93bfe5376f5532e@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb0e033d5ec8233360203431ad96580cf2ec56f47d9a425d894e279c2@%3Cpr.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb34d8d3269ad47a1400f5a1a2d8310e13a80b6576ebd7f512144198d@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb5c33d0069c927fae16084f0605895b98d231d7c48527bcb822ac48c@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rb7b28ac741e32dd5edb2c22485d635275bead7290b056ee56baf8ce0@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/rbaa1f513d903c89a08267c91d86811fa5bcc82e0596b6142c5cea7ea@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rc3211c71f7e0973a1825d1988a3921288c06cd9d793eae97ecd34948@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rcb2a7037366c58bac6aec6ce3df843a11ef97ae4eb049f05f410eaa5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rcb4b61dbe2ed1c7a88781a9aff5a9e7342cc7ed026aec0418ee67596@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rce5c93bba6e815fb62ad38e28ca1943b3019af1eddeb06507ad4e11a@%3Ccommits.atlas.apache.org%3E
https://lists.apache.org/thread.html/rd582c64f66c354240290072f340505f5d026ca944ec417226bb0272e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rdd34c0479587e32a656d976649409487d51ca0d296b3e26b6b89c3f5@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/re791a854001ec1f79cd4f47328b270e7a1d9d7056debb8f16d962722@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/re851bbfbedd47c690b6e01942acb98ee08bd00df1a94910b905bc8cd@%3Cdev.atlas.apache.org%3E
https://lists.apache.org/thread.html/reb1751562ee5146d3aca654a2df76a2c13d8036645ce69946f9c219e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/recfe569f4f260328b0036f1c82b2956e864d519ab941a5e75d0d832d@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rf95bebee6dfcc55067cebe8482bd31e6f481d9f74ba8e03f860c3ec7@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rfe0aab6c3bebbd9cbfdedb65ff3fdf420714bcb8acdfd346077e1263@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKN7VGIKTYBCAKYBRG55QHXAY5UDZ7HA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTVJC54XGX26UJVVYCXZ7D25X3R5T2G6/
https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.25/usages
https://nvd.nist.gov/vuln/detail/CVE-2017-18640
https://www.oracle.com/security-alerts/cpuApr2021.html
|
-
diff --git a/docs/apps/stable/deconz/security.md b/docs/apps/stable/deconz/security.md
index da9cf09ede3..f14e4087cd5 100644
--- a/docs/apps/stable/deconz/security.md
+++ b/docs/apps/stable/deconz/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:26:42.147Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:26:42.147Z [34mINFO[0m Detected config files: 1
#### deconz/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:26:43.389Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:26:43.389Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:26:43.397Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:26:43.389Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:26:43.389Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:26:43.397Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/deconz:v2.13.01@sha256:92a7a439e6010e21265fa5beaa47b0172bc6b6682f4e2d26bcd43c772ff7ddbd**
-2021-12-04T19:27:03.015Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:27:03.015Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:27:03.109Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:03.015Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:27:03.015Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:27:03.109Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/deconz:v2.13.01@sha256:92a7a439e6010e21265fa5beaa47b0172bc6b6682f4e2d26bcd43c772ff7ddbd (debian 10.9)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -655,4 +655,3 @@
| tar | CVE-2021-20193 | LOW | 1.30+dfsg-6 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
|
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
-
diff --git a/docs/apps/stable/deepstack-cpu/security.md b/docs/apps/stable/deepstack-cpu/security.md
index 49caf832f86..75cc73480c5 100644
--- a/docs/apps/stable/deepstack-cpu/security.md
+++ b/docs/apps/stable/deepstack-cpu/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:27:04.022Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:27:04.022Z [34mINFO[0m Detected config files: 1
#### deepstack-cpu/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:27:04.878Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:27:04.878Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:27:04.884Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:04.878Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:27:04.878Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:27:04.884Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/deepstack-cpu:v2021.09.1@sha256:f924cebf518a54bca2ca2ac33911cf3af4dd7403cad371781422436ce4254a28**
-2021-12-04T19:27:50.566Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:27:50.566Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:27:50.723Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:27:50.723Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:27:50.724Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:27:50.566Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:27:50.566Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:27:50.723Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:27:50.723Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:27:50.724Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/deepstack-cpu:v2021.09.1@sha256:f924cebf518a54bca2ca2ac33911cf3af4dd7403cad371781422436ce4254a28 (debian 10.6)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2020-27350 | MEDIUM | 1.8.2.1 | 1.8.2.2 | Click to expand!
https://bugs.launchpad.net/bugs/1899193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350
https://security.netapp.com/advisory/ntap-20210108-0005/
https://ubuntu.com/security/notices/USN-4667-1
https://ubuntu.com/security/notices/USN-4667-2
https://usn.ubuntu.com/usn/usn-4667-1
https://www.debian.org/security/2020/dsa-4808
|
@@ -3000,7 +3000,7 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-25287 | CRITICAL | 8.0.1 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25287
https://github.com/advisories/GHSA-77gc-v2xv-rvvh
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://github.com/python-pillow/Pillow/pull/5377/commits/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25287
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
@@ -3034,9 +3034,8 @@
| urllib3 | CVE-2021-28363 | MEDIUM | 1.26.2 | 1.26.4 | Click to expand!
https://github.com/advisories/GHSA-5phf-pp7p-vc2r
https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#1264-2021-03-15
https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0
https://github.com/urllib3/urllib3/commits/main
https://github.com/urllib3/urllib3/releases/tag/1.26.4
https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28363
https://pypi.org/project/urllib3/1.26.4/
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/satori/go.uuid | GO-2020-0018 | UNKNOWN | v1.2.0 | v1.2.1-0.20181016170032-d91630c85102 | Click to expand!
|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
-
diff --git a/docs/apps/stable/deepstack-gpu/security.md b/docs/apps/stable/deepstack-gpu/security.md
index d2762e89b6b..863939d8c36 100644
--- a/docs/apps/stable/deepstack-gpu/security.md
+++ b/docs/apps/stable/deepstack-gpu/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:27:52.343Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:27:52.343Z [34mINFO[0m Detected config files: 1
#### deepstack-gpu/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:27:58.702Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:27:58.702Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:27:58.711Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:58.702Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:27:58.702Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:27:58.711Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/deepstack-gpu:v2021.09.1@sha256:f924cebf518a54bca2ca2ac33911cf3af4dd7403cad371781422436ce4254a28**
-2021-12-04T19:28:22.371Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:28:22.374Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:28:22.845Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:28:22.845Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:28:22.846Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:28:22.371Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:28:22.374Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:28:22.845Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:28:22.845Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:28:22.846Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/deepstack-gpu:v2021.09.1@sha256:f924cebf518a54bca2ca2ac33911cf3af4dd7403cad371781422436ce4254a28 (debian 10.6)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2020-27350 | MEDIUM | 1.8.2.1 | 1.8.2.2 | Click to expand!
https://bugs.launchpad.net/bugs/1899193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350
https://security.netapp.com/advisory/ntap-20210108-0005/
https://ubuntu.com/security/notices/USN-4667-1
https://ubuntu.com/security/notices/USN-4667-2
https://usn.ubuntu.com/usn/usn-4667-1
https://www.debian.org/security/2020/dsa-4808
|
@@ -3000,7 +3000,7 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-25287 | CRITICAL | 8.0.1 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25287
https://github.com/advisories/GHSA-77gc-v2xv-rvvh
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://github.com/python-pillow/Pillow/pull/5377/commits/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25287
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
@@ -3034,9 +3034,8 @@
| urllib3 | CVE-2021-28363 | MEDIUM | 1.26.2 | 1.26.4 | Click to expand!
https://github.com/advisories/GHSA-5phf-pp7p-vc2r
https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#1264-2021-03-15
https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0
https://github.com/urllib3/urllib3/commits/main
https://github.com/urllib3/urllib3/releases/tag/1.26.4
https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28363
https://pypi.org/project/urllib3/1.26.4/
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/satori/go.uuid | GO-2020-0018 | UNKNOWN | v1.2.0 | v1.2.1-0.20181016170032-d91630c85102 | Click to expand!
|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
-
diff --git a/docs/apps/stable/deluge/security.md b/docs/apps/stable/deluge/security.md
index a4243a44f47..d99934a1117 100644
--- a/docs/apps/stable/deluge/security.md
+++ b/docs/apps/stable/deluge/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:27:51.912Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:27:51.912Z [34mINFO[0m Detected config files: 1
#### deluge/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:27:52.943Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:27:52.943Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:27:52.947Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:52.943Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:27:52.943Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:27:52.947Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/deluge:version-2.0.3-2201906121747ubuntu18.04.1@sha256:ef71fa2986593ad6fe3d2c3f277f0340c28c0fbcdc8b91c3505b83be71784f08**
-2021-12-04T19:27:57.150Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:27:57.150Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:27:57.156Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:57.150Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:27:57.150Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:27:57.156Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/deluge:version-2.0.3-2201906121747ubuntu18.04.1@sha256:ef71fa2986593ad6fe3d2c3f277f0340c28c0fbcdc8b91c3505b83be71784f08 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -225,4 +225,3 @@
| python3.6-minimal | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| python3.6-minimal | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-1ubuntu1 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
-
diff --git a/docs/apps/stable/digikam/security.md b/docs/apps/stable/digikam/security.md
index d10cc5b437c..e955389e5ff 100644
--- a/docs/apps/stable/digikam/security.md
+++ b/docs/apps/stable/digikam/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:27:53.536Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:27:53.536Z [34mINFO[0m Detected config files: 1
#### digikam/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:27:57.778Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:27:57.778Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:27:57.786Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:27:57.778Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:27:57.778Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:27:57.786Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/digikam:version-7.3.0@sha256:97cc7525c0e77c75933eea57f2aa52b76077837971a7866338d79ea93adb069c**
-2021-12-04T19:28:20.999Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:28:20.999Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:28:21.008Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:28:21.008Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:28:20.999Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:28:20.999Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:28:21.008Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:28:21.008Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/digikam:version-7.3.0@sha256:97cc7525c0e77c75933eea57f2aa52b76077837971a7866338d79ea93adb069c (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -279,9 +279,8 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/docs/apps/stable/dizquetv/security.md b/docs/apps/stable/dizquetv/security.md
index 480f696450a..61ecb398e4f 100644
--- a/docs/apps/stable/dizquetv/security.md
+++ b/docs/apps/stable/dizquetv/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:28:29.247Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:28:29.247Z [34mINFO[0m Detected config files: 1
#### dizquetv/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:28:30.141Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:28:30.141Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:28:30.147Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:28:30.141Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:28:30.141Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:28:30.147Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/dizquetv:v1.5.0@sha256:e7fab135e5048700be9635208c5500b830ceddb7fa0b0f9fffd2fcaa645a8374**
-2021-12-04T19:28:39.148Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:28:39.148Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:28:39.154Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:28:39.148Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:28:39.148Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:28:39.154Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/dizquetv:v1.5.0@sha256:e7fab135e5048700be9635208c5500b830ceddb7fa0b0f9fffd2fcaa645a8374 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -131,4 +131,3 @@
| passwd | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
|
| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
|
| perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
-
diff --git a/docs/apps/stable/doublecommander/security.md b/docs/apps/stable/doublecommander/security.md
index a988dfae8f0..2912bc84d9a 100644
--- a/docs/apps/stable/doublecommander/security.md
+++ b/docs/apps/stable/doublecommander/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:28:42.665Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:28:42.665Z [34mINFO[0m Detected config files: 1
#### doublecommander/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:28:43.572Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:28:43.572Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:28:43.583Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:28:43.572Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:28:43.572Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:28:43.583Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/doublecommander:version-0.8.2-1@sha256:9c71e7178c24bdd646fa65e49fd9cef59ad9584eac2d60d59ea3e62ea53d47f9**
-2021-12-04T19:28:48.063Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:28:48.063Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:28:48.086Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:28:48.086Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:28:48.063Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:28:48.063Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:28:48.086Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:28:48.086Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/doublecommander:version-0.8.2-1@sha256:9c71e7178c24bdd646fa65e49fd9cef59ad9584eac2d60d59ea3e62ea53d47f9 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -310,9 +310,8 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/docs/apps/stable/dsmr-reader/security.md b/docs/apps/stable/dsmr-reader/security.md
index bd27f5320d6..ff0e0e6de8d 100644
--- a/docs/apps/stable/dsmr-reader/security.md
+++ b/docs/apps/stable/dsmr-reader/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:29:28.696Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:29:28.696Z [34mINFO[0m Detected config files: 2
#### dsmr-reader/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:29:32.375Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:29:32.375Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:29:32.385Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:32.375Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:29:32.375Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:29:32.385Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:29:53.342Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:29:53.342Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:29:53.398Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:29:53.398Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:29:53.404Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:29:53.342Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:29:53.342Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:29:53.398Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:29:53.398Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:29:53.404Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,32 +275,32 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/dsmr-reader:v2021.09.02@sha256:4858edb1ae63a20639a0ef9c51c7b2cf599686db5c582ead7b37b2a288122935**
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:29:54.945Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:29:54.945Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:29:54.952Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:54.945Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:29:54.945Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:29:54.952Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -328,16 +328,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:29:55.938Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:29:55.938Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:29:55.987Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:29:55.987Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:29:55.987Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:29:55.938Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:29:55.938Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:29:55.987Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:29:55.987Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:29:55.987Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -532,16 +532,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/duplicati/security.md b/docs/apps/stable/duplicati/security.md
index eed194ce7f5..dcaf54b818b 100644
--- a/docs/apps/stable/duplicati/security.md
+++ b/docs/apps/stable/duplicati/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:29:14.708Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:29:14.708Z [34mINFO[0m Detected config files: 1
#### duplicati/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:29:16.013Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:29:16.013Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:29:16.017Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:16.013Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:29:16.013Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:29:16.017Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/duplicati:vbeta@sha256:88147d0b04d6c05a33e3910359e4a429769bf395bd52a0b6a0c91e19b1909965**
-2021-12-04T19:29:28.005Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:29:28.005Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:29:28.054Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:28.005Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:29:28.005Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:29:28.054Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/duplicati:vbeta@sha256:88147d0b04d6c05a33e3910359e4a429769bf395bd52a0b6a0c91e19b1909965 (debian 10.9)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -533,4 +533,3 @@
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-6 | | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| tar | CVE-2021-20193 | LOW | 1.30+dfsg-6 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
|
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
-
diff --git a/docs/apps/stable/emby/security.md b/docs/apps/stable/emby/security.md
index 5865de4cbac..21adcfe04aa 100644
--- a/docs/apps/stable/emby/security.md
+++ b/docs/apps/stable/emby/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:29:29.753Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:29:29.753Z [34mINFO[0m Detected config files: 1
#### emby/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:29:31.475Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:29:31.475Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:29:31.487Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:31.475Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:29:31.475Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:29:31.487Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/emby:v4.6.7.0@sha256:f2c60cee28b40d6eeeff72cda847eced2d069b410e63a5b0bdbab7783f34ec1b**
-2021-12-04T19:29:45.327Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:29:45.327Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:29:45.330Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:29:45.330Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:29:45.327Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:29:45.327Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:29:45.330Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:29:45.330Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/emby:v4.6.7.0@sha256:f2c60cee28b40d6eeeff72cda847eced2d069b410e63a5b0bdbab7783f34ec1b (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -151,8 +151,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/esphome/security.md b/docs/apps/stable/esphome/security.md
index ac29165fa1f..38791ba5fd3 100644
--- a/docs/apps/stable/esphome/security.md
+++ b/docs/apps/stable/esphome/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:29:29.209Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:29:29.209Z [34mINFO[0m Detected config files: 1
#### esphome/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:29:30.710Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:29:30.711Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:29:30.723Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:29:30.710Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:29:30.711Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:29:30.723Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/esphome:v2021.11.4@sha256:c4e3f2174e8636578a2a619eef7644f5ac94f427c531eedc31436e47f27b21a3**
-2021-12-04T19:29:52.028Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:29:52.028Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:29:52.077Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:29:52.077Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:29:52.028Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:29:52.028Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:29:52.077Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:29:52.077Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/esphome:v2021.11.4@sha256:c4e3f2174e8636578a2a619eef7644f5ac94f427c531eedc31436e47f27b21a3 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -207,9 +207,6 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/etherpad/security.md b/docs/apps/stable/etherpad/security.md
index d40adb6cbd8..62f39a7207d 100644
--- a/docs/apps/stable/etherpad/security.md
+++ b/docs/apps/stable/etherpad/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:30:08.158Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:30:08.158Z [34mINFO[0m Detected config files: 2
#### etherpad/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:30:09.081Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:30:09.081Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:30:09.096Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:30:09.081Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:30:09.081Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:30:09.096Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:30:09.968Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:30:09.968Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:30:10.027Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:30:10.027Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:30:10.027Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:30:09.968Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:30:09.968Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:30:10.027Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:30:10.027Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:30:10.027Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/etherpad:version-1.8.14@sha256:4900f0e787ca22cf93090ae44ecceb5689d4427c739e1eb637a6e3a913161bf8**
-2021-12-04T19:30:16.654Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:30:16.654Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:30:16.656Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:30:16.656Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:30:16.654Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:30:16.654Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:30:16.656Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:30:16.656Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/etherpad:version-1.8.14@sha256:4900f0e787ca22cf93090ae44ecceb5689d4427c739e1eb637a6e3a913161bf8 (alpine 3.14.0)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.12.5-r1 | 2.12.6-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -343,7 +343,7 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r2 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -361,14 +361,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:30:17.520Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:30:17.520Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:30:17.528Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:30:17.520Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:30:17.520Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:30:17.528Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -396,16 +396,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:30:18.314Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:30:18.314Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:30:18.364Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:30:18.364Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:30:18.365Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:30:18.314Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:30:18.314Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:30:18.364Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:30:18.364Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:30:18.365Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -600,16 +600,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/external-service/security.md b/docs/apps/stable/external-service/security.md
index 1c7d4ae6eff..382adfce433 100644
--- a/docs/apps/stable/external-service/security.md
+++ b/docs/apps/stable/external-service/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:30:32.117Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:30:32.117Z [34mINFO[0m Detected config files: 1
#### external-service/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -21,4 +21,3 @@
##### Scan Results
-
diff --git a/docs/apps/stable/filezilla/security.md b/docs/apps/stable/filezilla/security.md
index b5d39052d4a..2e4f0f300e3 100644
--- a/docs/apps/stable/filezilla/security.md
+++ b/docs/apps/stable/filezilla/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:30:40.280Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:30:40.280Z [34mINFO[0m Detected config files: 1
#### filezilla/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:30:41.150Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:30:41.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:30:41.158Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:30:41.150Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:30:41.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:30:41.158Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,15 @@
**Container: tccr.io/truecharts/filezilla:version-3.51.0-r1@sha256:92421eae5b47e6e98d5157db3f6a453ab0d7733a693b5e8724edeef4090593eb**
-2021-12-04T19:30:59.589Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:30:59.589Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:30:59.589Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:30:59.589Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/docs/apps/stable/fireflyiii/security.md b/docs/apps/stable/fireflyiii/security.md
index d9b4ed71be3..9a53c87c0e6 100644
--- a/docs/apps/stable/fireflyiii/security.md
+++ b/docs/apps/stable/fireflyiii/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:31:00.565Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:31:00.565Z [34mINFO[0m Detected config files: 2
#### fireflyiii/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:01.710Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:01.710Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:01.722Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:01.710Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:01.710Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:01.722Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:31:02.756Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:31:02.756Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:31:02.820Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:31:02.821Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:31:02.821Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:31:02.756Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:31:02.756Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:31:02.820Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:31:02.821Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:31:02.821Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/fireflyiii-core:version-5.5.12@sha256:f6dddfae65571d7995d5b24bf28fdf453775b825c35cac0c48b8ce52449090cf**
-2021-12-04T19:31:17.470Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:31:17.470Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:31:17.553Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:31:17.553Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:31:17.470Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:31:17.470Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:31:17.553Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:31:17.553Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/fireflyiii-core:version-5.5.12@sha256:f6dddfae65571d7995d5b24bf28fdf453775b825c35cac0c48b8ce52449090cf (debian 10.10)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2021-26691 | CRITICAL | 2.4.38-3+deb10u4 | 2.4.38-3+deb10u5 | Click to expand!
http://httpd.apache.org/security/vulnerabilities_24.html
http://www.openwall.com/lists/oss-security/2021/06/10/7
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-26691
https://linux.oracle.com/cve/CVE-2021-26691.html
https://linux.oracle.com/errata/ELSA-2021-3816.html
https://lists.apache.org/thread.html/r50cae1b71f1e7421069036b213c26da7d8f47dd59874e3bd956959fe@%3Cannounce.httpd.apache.org%3E
https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
https://security.gentoo.org/glsa/202107-38
https://security.netapp.com/advisory/ntap-20210702-0001/
https://ubuntu.com/security/notices/USN-4994-1
https://ubuntu.com/security/notices/USN-4994-2
https://www.debian.org/security/2021/dsa-4937
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -1064,7 +1064,7 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| doctrine/dbal | CVE-2021-43608 | CRITICAL | 3.1.0 | 3.0.99, 3.1.4 | Click to expand!
https://github.com/advisories/GHSA-r7cj-8hjg-x622
https://github.com/doctrine/dbal/security/advisories/GHSA-r7cj-8hjg-x622
|
@@ -1074,14 +1074,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:18.798Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:18.798Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:18.805Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:18.798Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:18.798Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:18.805Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1109,16 +1109,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:31:19.616Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:31:19.616Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:31:19.663Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:31:19.663Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:31:19.663Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:31:19.616Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:31:19.616Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:31:19.663Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:31:19.663Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:31:19.663Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1313,16 +1313,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/firefox-syncserver/security.md b/docs/apps/stable/firefox-syncserver/security.md
index bc9ad837bb7..5f54b19343f 100644
--- a/docs/apps/stable/firefox-syncserver/security.md
+++ b/docs/apps/stable/firefox-syncserver/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:31:23.724Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:31:23.724Z [34mINFO[0m Detected config files: 2
#### firefox-syncserver/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:24.962Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:24.963Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:24.969Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:24.962Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:24.963Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:24.969Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:31:36.631Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:31:36.631Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:31:36.679Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:31:36.679Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:31:36.679Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:31:36.631Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:31:36.631Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:31:36.679Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:31:36.679Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:31:36.679Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,32 +275,32 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/firefox-syncserver:v1.8.0@sha256:d0fbf65c8c7a99ad4ba7ffcfdad2e7b2555e0d829867c21cefc9314ace94f747**
-2021-12-04T19:31:42.917Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:42.917Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:42.933Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:31:42.933Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:31:42.959Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.10.4
-2021-12-04T19:31:42.959Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:31:42.917Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:42.917Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:42.933Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:31:42.933Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:31:42.959Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.10.4
+2021-12-04T19:31:42.959Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/firefox-syncserver:v1.8.0@sha256:d0fbf65c8c7a99ad4ba7ffcfdad2e7b2555e0d829867c21cefc9314ace94f747 (alpine 3.10.4)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.4-r2 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -350,7 +350,7 @@
| ssl_client | CVE-2021-28831 | HIGH | 1.30.1-r3 | 1.30.1-r5 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd
https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/
https://security.gentoo.org/glsa/202105-09
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Python | CVE-2021-3177 | CRITICAL | 2.7.18 | 3.6.13, 3.7.10, 3.8.8, 3.9.2 | Click to expand!
https://bugs.python.org/issue42938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177
https://github.com/python/cpython/pull/24239
https://linux.oracle.com/cve/CVE-2021-3177.html
https://linux.oracle.com/errata/ELSA-2021-9130.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/
https://news.ycombinator.com/item?id=26185005
https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html
https://security.gentoo.org/glsa/202101-18
https://security.netapp.com/advisory/ntap-20210226-0003/
https://ubuntu.com/security/notices/USN-4754-1
https://ubuntu.com/security/notices/USN-4754-2 (regression in python2.7)
https://ubuntu.com/security/notices/USN-4754-3
https://ubuntu.com/security/notices/USN-4754-4
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -388,14 +388,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:44.473Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:44.473Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:44.481Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:44.473Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:44.473Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:44.481Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -423,16 +423,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:31:45.692Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:31:45.692Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:31:45.738Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:31:45.738Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:31:45.739Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:31:45.692Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:31:45.692Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:31:45.738Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:31:45.738Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:31:45.739Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -627,16 +627,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/flaresolverr/security.md b/docs/apps/stable/flaresolverr/security.md
index 9ba5041728c..e948bf0fc04 100644
--- a/docs/apps/stable/flaresolverr/security.md
+++ b/docs/apps/stable/flaresolverr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:31:22.518Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:31:22.518Z [34mINFO[0m Detected config files: 1
#### flaresolverr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:24.356Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:24.356Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:24.362Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:24.356Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:24.356Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:24.362Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/flaresolverr:v2.0.2@sha256:80ece1e679d8a569ed538a6b0a48449703723d4941ea851b3a1fedc20428ad4b**
-2021-12-04T19:31:35.798Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:35.798Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:35.817Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:31:35.817Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:31:35.798Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:35.798Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:35.817Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:31:35.817Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/flaresolverr:v2.0.2@sha256:80ece1e679d8a569ed538a6b0a48449703723d4941ea851b3a1fedc20428ad4b (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -99,9 +99,8 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| ansi-regex | CVE-2021-3807 | HIGH | 5.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
-
diff --git a/docs/apps/stable/flood/security.md b/docs/apps/stable/flood/security.md
index 8ec466131ee..e25189a7ca3 100644
--- a/docs/apps/stable/flood/security.md
+++ b/docs/apps/stable/flood/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:31:45.091Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:31:45.091Z [34mINFO[0m Detected config files: 1
#### flood/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:31:46.819Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:46.819Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:46.833Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:31:46.819Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:46.819Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:46.833Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/flood:v4.7.0@sha256:6ad4f3eb39e6b04d1632dd0436031377eb35759e0edcd56a95e5dd8c58c09ed8**
-2021-12-04T19:31:53.208Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:31:53.208Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:31:53.213Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:31:53.213Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:31:53.208Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:31:53.208Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:31:53.213Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:31:53.213Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/flood:v4.7.0@sha256:6ad4f3eb39e6b04d1632dd0436031377eb35759e0edcd56a95e5dd8c58c09ed8 (alpine 3.13.6)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.32.1-r6 | 1.32.1-r7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -96,10 +96,9 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.32.1-r6 | 1.32.1-r7 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| ansi-regex | CVE-2021-3807 | HIGH | 5.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | Click to expand!
https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://nvd.nist.gov/vuln/detail/CVE-2021-3918
|
-
diff --git a/docs/apps/stable/focalboard/security.md b/docs/apps/stable/focalboard/security.md
index 7f5ecc96c56..5ffc9d4748a 100644
--- a/docs/apps/stable/focalboard/security.md
+++ b/docs/apps/stable/focalboard/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:32:09.126Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:32:09.126Z [34mINFO[0m Detected config files: 1
#### focalboard/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:32:09.916Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:32:09.916Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:32:09.923Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:09.916Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:32:09.916Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:32:09.923Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/focalboard:v0.8.0@sha256:dfd035116b3f17dd01d82b13cf1823cb8fc2663a9bdc8defe6827481ea9a9c66**
-2021-12-04T19:32:15.056Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:32:15.056Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:32:15.057Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:32:15.057Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:32:15.056Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:32:15.056Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:32:15.057Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:32:15.057Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/focalboard:v0.8.0@sha256:dfd035116b3f17dd01d82b13cf1823cb8fc2663a9bdc8defe6827481ea9a9c66 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -112,8 +112,7 @@
| perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/tidwall/gjson | CVE-2021-42836 | HIGH | v1.7.3 | v1.9.3 | Click to expand!
https://github.com/tidwall/gjson/commit/590010fdac311cc8990ef5c97448d4fec8f29944
https://github.com/tidwall/gjson/commit/77a57fda87dca6d0d7d4627d512a630f89a91c96
https://github.com/tidwall/gjson/compare/v1.9.2...v1.9.3
https://github.com/tidwall/gjson/issues/236
https://github.com/tidwall/gjson/issues/237
https://nvd.nist.gov/vuln/detail/CVE-2021-42836
|
-
diff --git a/docs/apps/stable/fossil/security.md b/docs/apps/stable/fossil/security.md
index 6a01bf651dc..08f134e7cbf 100644
--- a/docs/apps/stable/fossil/security.md
+++ b/docs/apps/stable/fossil/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:32:21.526Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:32:21.526Z [34mINFO[0m Detected config files: 1
#### fossil/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:32:22.618Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:32:22.618Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:32:22.622Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:22.618Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:32:22.618Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:32:22.622Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/fossil:v2.15.1-ls4@sha256:5894297e0c90a431a7e93382054ac120e10860c132fce1ac35467c74c900e330**
-2021-12-04T19:32:24.806Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:24.806Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/freeradius/security.md b/docs/apps/stable/freeradius/security.md
index b2b320a45fb..f1708b5f91a 100644
--- a/docs/apps/stable/freeradius/security.md
+++ b/docs/apps/stable/freeradius/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:32:38.451Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:32:38.451Z [34mINFO[0m Detected config files: 1
#### freeradius/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:32:39.248Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:32:39.248Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:32:39.256Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:39.248Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:32:39.248Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:32:39.256Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/freeradius:v3.0.23@sha256:21454da0a4f4950dd9b97e82de5b56556fdf2bf38f60ae427852b74a2622c972**
-2021-12-04T19:32:43.657Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:32:43.657Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:32:43.682Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:43.657Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:32:43.657Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:32:43.682Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/freeradius:v3.0.23@sha256:21454da0a4f4950dd9b97e82de5b56556fdf2bf38f60ae427852b74a2622c972 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -213,4 +213,3 @@
| perl | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
| perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
| perl-modules-5.26 | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
-
diff --git a/docs/apps/stable/freshrss/security.md b/docs/apps/stable/freshrss/security.md
index ce28ba3c5e3..c5e7596a8d7 100644
--- a/docs/apps/stable/freshrss/security.md
+++ b/docs/apps/stable/freshrss/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:32:44.337Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:32:44.337Z [34mINFO[0m Detected config files: 1
#### freshrss/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:32:45.022Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:32:45.022Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:32:45.025Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:45.022Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:32:45.022Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:32:45.025Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/freshrss:version-1.18.1@sha256:3fc8ef788681ba2c5026453131603fa4dda3b23f855ce2a6c467004eb38a09ec**
-2021-12-04T19:32:49.565Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:32:49.565Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/gaps/security.md b/docs/apps/stable/gaps/security.md
index a9fdea170fd..d0d185f913c 100644
--- a/docs/apps/stable/gaps/security.md
+++ b/docs/apps/stable/gaps/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:33:01.952Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:33:01.952Z [34mINFO[0m Detected config files: 1
#### gaps/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:02.815Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:02.815Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:02.822Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:02.815Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:02.815Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:02.822Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/gaps:v0.8.8@sha256:7f7d33e4279f55bfaf5ea1a7e071b4266794052eddaba2294ab29be45a2133bf**
-2021-12-04T19:33:17.654Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:33:17.654Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:33:17.657Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:33:17.657Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:33:17.654Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:33:17.654Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:33:17.657Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:33:17.657Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/gaps:v0.8.8@sha256:7f7d33e4279f55bfaf5ea1a7e071b4266794052eddaba2294ab29be45a2133bf (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -200,7 +200,7 @@
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-7 | 1.30+dfsg-7ubuntu0.20.04.1 | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-17527 | HIGH | 9.0.39 | 8.5.60, 9.0.40, 10.0.2 | Click to expand!
http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M10
http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60
http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40
http://www.openwall.com/lists/oss-security/2020/12/03/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527
https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29 (8.5.60)
https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65 (9.0.40)
https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E
https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E
https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E
https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E
https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E
https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E
https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html
https://nvd.nist.gov/vuln/detail/CVE-2020-17527
https://security.gentoo.org/glsa/202012-23
https://security.netapp.com/advisory/ntap-20201210-0003/
https://www.debian.org/security/2021/dsa-4835
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
|
@@ -215,4 +215,3 @@
| org.springframework.security:spring-security-core | CVE-2021-22119 | HIGH | 5.4.1 | 5.2.11.RELEASE, 5.3.10.RELEASE, 5.4.7, 5.5.1 | Click to expand!
https://github.com/advisories/GHSA-w9jg-gvgr-354m
https://github.com/spring-projects/spring-security/pull/9513
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22119
https://tanzu.vmware.com/security/cve-2021-22119
|
| org.springframework.security:spring-security-web | CVE-2021-22112 | HIGH | 5.4.1 | 5.3.8, 5.4.4, 5.2.9 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/7
https://github.com/advisories/GHSA-gq28-h5vg-8prx
https://github.com/spring-projects/spring-security/releases/tag/5.4.4
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r2cb05e499807900ba23e539643eead9c5f0652fd271f223f89da1804@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r37423ec7eea340e92a409452c35b649dce02fdc467f0b3f52086c177@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r413e380088c427f56102968df89ef2f336473e1b56b7d4b3a571a378@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/ra6389b1b82108a3b6bbcd22979f7665fd437c2a3408c9509a15a9ca1@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/redbd004a503b3520ae5746c2ab5e93fd7da807a8c128e60d2002cd9b@%3Cissues.nifi.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22112
https://tanzu.vmware.com/security/cve-2021-22112
https://www.jenkins.io/security/advisory/2021-02-19/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.thymeleaf:thymeleaf-spring5 | CVE-2021-43466 | CRITICAL | 3.0.11.RELEASE | | Click to expand!
https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html
https://github.com/advisories/GHSA-qcj6-jqrg-4wp2
https://nvd.nist.gov/vuln/detail/CVE-2021-43466
|
-
diff --git a/docs/apps/stable/gitea/security.md b/docs/apps/stable/gitea/security.md
index 2d98f2f438b..9acc6072077 100644
--- a/docs/apps/stable/gitea/security.md
+++ b/docs/apps/stable/gitea/security.md
@@ -4,30 +4,30 @@
##### Scan Results
-2021-12-04T19:33:29.384Z [34mINFO[0m Detected config files: 3
+2021-12-04T19:33:29.384Z [34mINFO[0m Detected config files: 3
#### gitea/charts/memcached/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -47,14 +47,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:30.767Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:30.767Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:30.777Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:30.767Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:30.767Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:30.777Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -82,16 +82,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:33:31.564Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:33:31.564Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:33:31.601Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:33:31.601Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:33:31.602Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:33:31.564Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:33:31.564Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:33:31.601Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:33:31.601Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:31.602Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -286,18 +286,18 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: 'tccr.io/truecharts/gitea:v1.15.7-rootless'**
@@ -307,44 +307,44 @@
**Container: tccr.io/truecharts/gitea:v1.15.7-rootless**
-2021-12-04T19:33:37.721Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:37.721Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:37.723Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:33:37.723Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:37.721Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:37.721Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:37.723Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:33:37.723Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/gitea:v1.15.7-rootless (alpine 3.13.7)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:42.749Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:42.749Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:42.755Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:42.749Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:42.749Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:42.755Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -372,15 +372,15 @@
**Container: tccr.io/truecharts/memcached:v1.6.12@sha256:90da9d23e5c448d44ee3c1aa2af4c868ab5a3f8042a4000851fe55355db7c569**
-2021-12-04T19:33:45.053Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:33:45.053Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:33:45.090Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:33:45.090Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:45.053Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:33:45.053Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:33:45.090Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:33:45.090Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/memcached:v1.6.12@sha256:90da9d23e5c448d44ee3c1aa2af4c868ab5a3f8042a4000851fe55355db7c569 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -527,22 +527,22 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:46.801Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:46.801Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:46.808Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:46.801Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:46.801Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:46.808Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -570,16 +570,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:33:51.118Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:33:51.118Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:33:51.184Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:33:51.184Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:33:51.184Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:33:51.118Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:33:51.118Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:33:51.184Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:33:51.184Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:51.184Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -774,16 +774,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/golinks/security.md b/docs/apps/stable/golinks/security.md
index 2064272d9bf..10cab117f33 100644
--- a/docs/apps/stable/golinks/security.md
+++ b/docs/apps/stable/golinks/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:33:32.350Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:33:32.350Z [34mINFO[0m Detected config files: 1
#### golinks/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:33.151Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:33.151Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:33.155Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:33.151Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:33.151Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:33.155Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/golinks:version-154c581@sha256:144d59d23c3b6580403e1a06b3567ac97c638205bc139ba54e058450d6564c73**
-2021-12-04T19:33:41.563Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:33:41.563Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:41.563Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:33:41.563Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### app/golinks
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/gonic/security.md b/docs/apps/stable/gonic/security.md
index 059d1ddd290..5d4da517293 100644
--- a/docs/apps/stable/gonic/security.md
+++ b/docs/apps/stable/gonic/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:33:43.527Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:33:43.527Z [34mINFO[0m Detected config files: 1
#### gonic/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:33:46.150Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:46.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:46.159Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:33:46.150Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:46.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:46.159Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/gonic:v0.14.0@sha256:d0316271fcec20816f5f3f5e8ca470426e551f2f6de83845d474a2a7827a6f34**
-2021-12-04T19:33:50.499Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:33:50.499Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:33:50.517Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:33:50.517Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:33:50.499Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:33:50.499Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:33:50.517Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:33:50.517Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/gonic:v0.14.0@sha256:d0316271fcec20816f5f3f5e8ca470426e551f2f6de83845d474a2a7827a6f34 (alpine 3.13.5)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -125,9 +125,6 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.32.1-r6 | 1.32.1-r7 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/gotify/security.md b/docs/apps/stable/gotify/security.md
index 48b688567c7..9f221f30be9 100644
--- a/docs/apps/stable/gotify/security.md
+++ b/docs/apps/stable/gotify/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:34:01.312Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:34:01.312Z [34mINFO[0m Detected config files: 2
#### gotify/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:34:02.142Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:34:02.142Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:34:02.148Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:34:02.142Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:34:02.142Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:34:02.148Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:34:02.981Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:34:02.981Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:34:03.026Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:34:03.026Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:34:03.026Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:34:02.981Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:34:02.981Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:34:03.026Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:34:03.026Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:34:03.026Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/gotify-server:v2.1.0@sha256:a2edccce285e1303ce7d3be3f2cb001d40aaa24182581f772ce23c1e8d1b7d20**
-2021-12-04T19:34:07.744Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:34:07.744Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:34:07.791Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:34:07.792Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:34:07.744Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:34:07.744Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:34:07.791Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:34:07.792Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/gotify-server:v2.1.0@sha256:a2edccce285e1303ce7d3be3f2cb001d40aaa24182581f772ce23c1e8d1b7d20 (debian 11.0)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -392,22 +392,22 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:34:09.100Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:34:09.100Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:34:09.111Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:34:09.100Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:34:09.100Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:34:09.111Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -435,16 +435,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:34:09.900Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:34:09.900Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:34:09.954Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:34:09.954Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:34:09.954Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:34:09.900Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:34:09.900Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:34:09.954Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:34:09.954Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:34:09.954Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -639,16 +639,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/grafana/security.md b/docs/apps/stable/grafana/security.md
index 904065ba2f1..49b5d5a376c 100644
--- a/docs/apps/stable/grafana/security.md
+++ b/docs/apps/stable/grafana/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:34:25.747Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:34:25.747Z [34mINFO[0m Detected config files: 1
#### grafana/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:34:26.541Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:34:26.541Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:34:26.546Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:34:26.541Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:34:26.541Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:34:26.546Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/grafana:v8.3.0@sha256:d0e471cc547dae02bcd7ae1355ad98b280ea11a1b3bd902217662670c4c2d4fe**
-2021-12-04T19:34:35.709Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:34:35.709Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:34:35.739Z [34mINFO[0m Number of language-specific files: 3
-2021-12-04T19:34:35.739Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:34:35.709Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:34:35.709Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:34:35.739Z [34mINFO[0m Number of language-specific files: 3
+2021-12-04T19:34:35.739Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/grafana:v8.3.0@sha256:d0e471cc547dae02bcd7ae1355ad98b280ea11a1b3bd902217662670c4c2d4fe (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -220,22 +220,21 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/prometheus/prometheus | CVE-2019-3826 | MEDIUM | v1.8.2-0.20211011171444-354d8d2ecfac | v2.7.1 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:0327
https://advisory.checkmarx.net/advisory/CX-2019-4297
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3826
https://github.com/prometheus/prometheus/commit/62e591f9
https://github.com/prometheus/prometheus/pull/5163
https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3Ccommits.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/grafana/loki | CVE-2021-36156 | MEDIUM | v1.6.2-0.20211015002020-7832783b1caa | v2.3.0 | Click to expand!
https://github.com/grafana/loki/pull/4020#issue-694377133
https://github.com/grafana/loki/releases/tag/v2.3.0
https://nvd.nist.gov/vuln/detail/CVE-2021-36156
|
| github.com/prometheus/prometheus | CVE-2019-3826 | MEDIUM | v1.8.2-0.20211011171444-354d8d2ecfac | v2.7.1 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:0327
https://advisory.checkmarx.net/advisory/CX-2019-4297
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3826
https://github.com/prometheus/prometheus/commit/62e591f9
https://github.com/prometheus/prometheus/pull/5163
https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3Ccommits.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
-
diff --git a/docs/apps/stable/grav/security.md b/docs/apps/stable/grav/security.md
index 77382b3ae8c..51b586c839a 100644
--- a/docs/apps/stable/grav/security.md
+++ b/docs/apps/stable/grav/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:34:38.787Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:34:38.787Z [34mINFO[0m Detected config files: 1
#### grav/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:34:39.547Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:34:39.547Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:34:39.554Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:34:39.547Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:34:39.547Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:34:39.554Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,51 +61,48 @@
**Container: tccr.io/truecharts/grav:version-1.7.18@sha256:709e672ef2cbe1235d896ed9bac213d773abfe70b37925f5870a8a925a047e16**
-2021-12-04T19:34:47.108Z [34mINFO[0m Number of language-specific files: 6
-2021-12-04T19:34:47.108Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:34:47.112Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:34:47.108Z [34mINFO[0m Number of language-specific files: 6
+2021-12-04T19:34:47.108Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:34:47.112Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/grocy/security.md b/docs/apps/stable/grocy/security.md
index 5ae7bd7044e..fe74f6ebabe 100644
--- a/docs/apps/stable/grocy/security.md
+++ b/docs/apps/stable/grocy/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:34:49.810Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:34:49.810Z [34mINFO[0m Detected config files: 1
#### grocy/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:34:50.709Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:34:50.709Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:34:50.716Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:34:50.709Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:34:50.709Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:34:50.716Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/grocy:version-v3.1.1@sha256:5c036b40671fcddb2a53edceacb1dc2d03df2b2bf1c0b97e5d820c0b84d6faab**
-2021-12-04T19:35:01.113Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:35:01.113Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:35:01.116Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:35:01.113Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:35:01.113Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:35:01.116Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bootbox | GHSA-87mg-h5r3-hw88 | MEDIUM | 5.5.2 | | Click to expand!
https://github.com/advisories/GHSA-87mg-h5r3-hw88
https://github.com/makeusabrew/bootbox/issues/661
https://hackerone.com/reports/508446
https://www.npmjs.com/advisories/882
|
@@ -85,9 +85,6 @@
| moment | CVE-2017-18214 | HIGH | 2.18.1 | 2.19.3 | Click to expand!
https://github.com/advisories/GHSA-446m-mv8f-q348
https://github.com/moment/moment/issues/4163
https://github.com/moment/moment/pull/4326
https://nodesecurity.io/advisories/532
https://nvd.nist.gov/vuln/detail/CVE-2017-18214
https://www.npmjs.com/advisories/532
https://www.tenable.com/security/tns-2019-02
|
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/handbrake/security.md b/docs/apps/stable/handbrake/security.md
index 701d95004a9..c4976d11373 100644
--- a/docs/apps/stable/handbrake/security.md
+++ b/docs/apps/stable/handbrake/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:35:04.912Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:35:04.912Z [34mINFO[0m Detected config files: 1
#### handbrake/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:35:05.893Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:35:05.893Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:35:05.898Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:35:05.893Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:35:05.893Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:35:05.898Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/handbrake:v1.24.2@sha256:312ddf5ec046fd0ca3f84015b55c8b4cbe1d6e8340ffcaf244489592a3fc92da**
-2021-12-04T19:35:16.598Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:35:16.598Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:35:16.609Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:35:16.598Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:35:16.598Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:35:16.609Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/handbrake:v1.24.2@sha256:312ddf5ec046fd0ca3f84015b55c8b4cbe1d6e8340ffcaf244489592a3fc92da (alpine 3.12.6)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -103,4 +103,3 @@
| ssl_client | CVE-2021-42386 | HIGH | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| xvfb | CVE-2021-3472 | HIGH | 1.20.10-r0 | 1.20.10-r1 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/04/13/1
https://bugzilla.redhat.com/show_bug.cgi?id=1944167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472
https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd
https://linux.oracle.com/cve/CVE-2021-3472.html
https://linux.oracle.com/errata/ELSA-2021-2033.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00013.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDF7TAJE7NPZPNVOXSD5HBIFLNPUOD2V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6S5OPXUDYBSRSVWVLFLJ6AFERG4HNY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N63KL3T22HNFT4FJ7VMVF6U5Q4RFJIQF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEXPCLMVU25AUZTUXC4MYBGPKOAIM5TW/
https://lists.x.org/archives/xorg-announce/2021-April/003080.html
https://seclists.org/oss-sec/2021/q2/20
https://security.gentoo.org/glsa/202104-02
https://ubuntu.com/security/notices/USN-4905-1
https://ubuntu.com/security/notices/USN-4905-2
https://www.debian.org/security/2021/dsa-4893
https://www.tenable.com/plugins/nessus/148701
https://www.zerodayinitiative.com/advisories/ZDI-21-463/
|
-
diff --git a/docs/apps/stable/haste-server/security.md b/docs/apps/stable/haste-server/security.md
index 85f92f4d724..47255257ff4 100644
--- a/docs/apps/stable/haste-server/security.md
+++ b/docs/apps/stable/haste-server/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:35:26.603Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:35:26.603Z [34mINFO[0m Detected config files: 1
#### haste-server/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:35:27.411Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:35:27.411Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:35:27.417Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:35:27.411Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:35:27.411Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:35:27.417Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/haste-server:latest@sha256:046b4d04aa5c23a7a4de10b678aad8f62932e2ae04b2db123107e753b7929f86**
-2021-12-04T19:35:39.144Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:35:39.144Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:35:39.146Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:35:39.146Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:35:39.147Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:35:39.144Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:35:39.144Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:35:39.146Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:35:39.146Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:35:39.147Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/haste-server:latest@sha256:046b4d04aa5c23a7a4de10b678aad8f62932e2ae04b2db123107e753b7929f86 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -160,7 +160,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -171,8 +171,7 @@
| y18n | CVE-2020-7774 | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | Click to expand!
https://github.com/advisories/GHSA-c4w7-xm78-47vh
https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25
https://github.com/yargs/y18n/issues/96
https://github.com/yargs/y18n/pull/108
https://linux.oracle.com/cve/CVE-2020-7774.html
https://linux.oracle.com/errata/ELSA-2021-0551.html
https://nvd.nist.gov/vuln/detail/CVE-2020-7774
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
https://snyk.io/vuln/SNYK-JS-Y18N-1021887
https://www.oracle.com/security-alerts/cpuApr2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/headphones/security.md b/docs/apps/stable/headphones/security.md
index b5aa281ce01..bea3b5b8a34 100644
--- a/docs/apps/stable/headphones/security.md
+++ b/docs/apps/stable/headphones/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:35:39.947Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:35:39.947Z [34mINFO[0m Detected config files: 1
#### headphones/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:35:41.595Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:35:41.595Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:35:41.601Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:35:41.595Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:35:41.595Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:35:41.601Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,13 +61,13 @@
**Container: tccr.io/truecharts/headphones:version-58edc604@sha256:f605d077d6d6023e3326421ce02eb81bd962163b68569f8e3953cb5ac2898344**
-2021-12-04T19:35:49.088Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:35:49.089Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:35:49.088Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:35:49.089Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-25287 | CRITICAL | 6.2.2 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25287
https://github.com/advisories/GHSA-77gc-v2xv-rvvh
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://github.com/python-pillow/Pillow/pull/5377/commits/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25287
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
@@ -99,4 +99,3 @@
| pip | CVE-2021-28363 | MEDIUM | 20.3.4 | 21.1 | Click to expand!
https://github.com/advisories/GHSA-5phf-pp7p-vc2r
https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#1264-2021-03-15
https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0
https://github.com/urllib3/urllib3/commits/main
https://github.com/urllib3/urllib3/releases/tag/1.26.4
https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28363
https://pypi.org/project/urllib3/1.26.4/
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| pip | CVE-2021-3572 | MEDIUM | 20.3.4 | 21.1 | Click to expand!
https://access.redhat.com/errata/RHSA-2021:3254
https://bugzilla.redhat.com/show_bug.cgi?id=1962856
https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
https://github.com/pypa/pip/pull/9827
https://linux.oracle.com/cve/CVE-2021-3572.html
https://linux.oracle.com/errata/ELSA-2021-4455.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3572
https://packetstormsecurity.com/files/162712/USN-4961-1.txt
|
| pip | pyup.io-42218 | UNKNOWN | 20.3.4 | 21.1 | Click to expand!
|
-
diff --git a/docs/apps/stable/healthchecks/security.md b/docs/apps/stable/healthchecks/security.md
index 2a9d0d3a1f9..16e7b1d8c3f 100644
--- a/docs/apps/stable/healthchecks/security.md
+++ b/docs/apps/stable/healthchecks/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:35:52.767Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:35:52.767Z [34mINFO[0m Detected config files: 1
#### healthchecks/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:35:53.674Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:35:53.674Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:35:53.681Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:35:53.674Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:35:53.674Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:35:53.681Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/healthchecks:version-v1.22.0@sha256:234347d239410227e8d4585c467293f7bb59859f2042bad885633c1ff30c98f2**
-2021-12-04T19:36:00.327Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:36:00.327Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:36:00.327Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:36:00.327Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/heimdall/security.md b/docs/apps/stable/heimdall/security.md
index 60676e27e13..37f027ae66e 100644
--- a/docs/apps/stable/heimdall/security.md
+++ b/docs/apps/stable/heimdall/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:36:06.648Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:36:06.648Z [34mINFO[0m Detected config files: 1
#### heimdall/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:36:07.477Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:36:07.477Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:36:07.489Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:07.477Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:36:07.477Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:36:07.489Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/heimdall:version-2.2.2@sha256:eedb3180caf7388b206238120405d53baf9783692b14766ffed7bb388fadd6ce**
-2021-12-04T19:36:10.412Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:10.412Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/home-assistant/security.md b/docs/apps/stable/home-assistant/security.md
index e77b6741509..014e4384ddb 100644
--- a/docs/apps/stable/home-assistant/security.md
+++ b/docs/apps/stable/home-assistant/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:36:37.444Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:36:37.444Z [34mINFO[0m Detected config files: 2
#### home-assistant/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -37,14 +37,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:36:39.008Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:36:39.008Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:36:39.016Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:39.008Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:36:39.008Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:36:39.016Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -72,16 +72,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:36:46.742Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:36:46.742Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:36:46.796Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:36:46.796Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:36:46.796Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:36:46.742Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:36:46.742Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:36:46.796Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:36:46.796Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:36:46.796Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -276,35 +276,35 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: 'tccr.io/truecharts/home-assistant:v2021.11.5@sha256:f4a4f4c85e51e6c08b36329110c95be441f53ac998bc51bc16f5b26290f7f9ef'**
**Container: tccr.io/truecharts/home-assistant:v2021.11.5@sha256:f4a4f4c85e51e6c08b36329110c95be441f53ac998bc51bc16f5b26290f7f9ef**
-2021-12-04T19:37:29.991Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:29.991Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:29.996Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:37:29.996Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:37:29.997Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:37:29.997Z [33mWARN[0m version error (3.7.4.post0): malformed version: 3.7.4.post0
+2021-12-04T19:37:29.991Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:37:29.991Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:37:29.996Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:37:29.996Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:37:29.997Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:37:29.997Z [33mWARN[0m version error (3.7.4.post0): malformed version: 3.7.4.post0
#### tccr.io/truecharts/home-assistant:v2021.11.5@sha256:f4a4f4c85e51e6c08b36329110c95be441f53ac998bc51bc16f5b26290f7f9ef (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -366,7 +366,7 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-34552 | CRITICAL | 8.2.0 | 8.3.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34552
https://github.com/advisories/GHSA-7534-mm45-c74v
https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V6LCG525ARIX6LX5QRYNAWVDD2MD2SV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUGBBT63VL7G4JNOEIPDJIOC34ZFBKNJ/
https://nvd.nist.gov/vuln/detail/CVE-2021-34552
https://pillow.readthedocs.io/en/stable/releasenotes/8.3.0.html#buffer-overflow
https://pillow.readthedocs.io/en/stable/releasenotes/index.html
|
@@ -381,22 +381,22 @@
| sendgrid | CVE-2021-43572 | CRITICAL | 6.8.2 | 6.9.1 | Click to expand!
https://github.com/advisories/GHSA-92vm-mxjf-jqf3
https://github.com/starkbank/ecdsa-python/releases/tag/v2.0.1
https://nvd.nist.gov/vuln/detail/CVE-2021-43572
https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:37:32.610Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:32.610Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:32.615Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:37:32.610Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:37:32.610Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:37:32.615Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -424,16 +424,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:37:42.139Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:37:42.139Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:37:42.172Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:37:42.172Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:37:42.172Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:37:42.139Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:37:42.139Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:37:42.172Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:37:42.172Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:37:42.172Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -628,16 +628,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/hyperion-ng/security.md b/docs/apps/stable/hyperion-ng/security.md
index e7ddbe483eb..0b5e8ef6ef2 100644
--- a/docs/apps/stable/hyperion-ng/security.md
+++ b/docs/apps/stable/hyperion-ng/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:36:36.480Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:36:36.480Z [34mINFO[0m Detected config files: 1
#### hyperion-ng/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:36:38.433Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:36:38.433Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:36:38.440Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:38.433Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:36:38.433Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:36:38.440Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/hyperion.ng:v2.0.12@sha256:630cc8613290119f0d452b600418f2a3f4e78b73923ca47502989c4fc9bb394a**
-2021-12-04T19:36:45.512Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:36:45.512Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:36:45.547Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:45.512Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:36:45.512Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:36:45.547Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/hyperion.ng:v2.0.12@sha256:630cc8613290119f0d452b600418f2a3f4e78b73923ca47502989c4fc9bb394a (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -342,4 +342,3 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
-
diff --git a/docs/apps/stable/icantbelieveitsnotvaletudo/security.md b/docs/apps/stable/icantbelieveitsnotvaletudo/security.md
index 84c84d85c41..f733fc38034 100644
--- a/docs/apps/stable/icantbelieveitsnotvaletudo/security.md
+++ b/docs/apps/stable/icantbelieveitsnotvaletudo/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:36:46.058Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:36:46.058Z [34mINFO[0m Detected config files: 1
#### icantbelieveitsnotvaletudo/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:36:48.212Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:36:48.212Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:36:48.223Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:36:48.212Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:36:48.212Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:36:48.223Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/icantbelieveitsnotvaletudo:v2021.2.1@sha256:12546c37abe795970d27fda99f78fd45cd25522b11b4c6db6ce98d7484c68883**
-2021-12-04T19:36:54.169Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:36:54.169Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:36:54.176Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:36:54.176Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:36:54.169Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:36:54.169Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:36:54.176Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:36:54.176Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/icantbelieveitsnotvaletudo:v2021.2.1@sha256:12546c37abe795970d27fda99f78fd45cd25522b11b4c6db6ce98d7484c68883 (debian 9.13)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.4.11 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -264,7 +264,7 @@
| util-linux | CVE-2021-37600 | LOW | 2.29.2-1+deb9u1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -281,4 +281,3 @@
| tar | CVE-2021-37713 | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| ws | CVE-2021-32640 | MEDIUM | 7.4.3 | 5.2.3, 6.2.2, 7.4.6 | Click to expand!
https://github.com/advisories/GHSA-6fc8-4gx4-v693
https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff
https://github.com/websockets/ws/issues/1895
https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693
https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-32640
|
| y18n | CVE-2020-7774 | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | Click to expand!
https://github.com/advisories/GHSA-c4w7-xm78-47vh
https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25
https://github.com/yargs/y18n/issues/96
https://github.com/yargs/y18n/pull/108
https://linux.oracle.com/cve/CVE-2020-7774.html
https://linux.oracle.com/errata/ELSA-2021-0551.html
https://nvd.nist.gov/vuln/detail/CVE-2020-7774
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
https://snyk.io/vuln/SNYK-JS-Y18N-1021887
https://www.oracle.com/security-alerts/cpuApr2021.html
|
-
diff --git a/docs/apps/stable/jackett/CHANGELOG.md b/docs/apps/stable/jackett/CHANGELOG.md
index 18e92ec017c..766549af199 100644
--- a/docs/apps/stable/jackett/CHANGELOG.md
+++ b/docs/apps/stable/jackett/CHANGELOG.md
@@ -1,6 +1,15 @@
# Changelog
+
+### [jackett-9.0.31](https://github.com/truecharts/apps/compare/jackett-9.0.30...jackett-9.0.31) (2021-12-04)
+
+#### Chore
+
+* improve a bit on security docs generation
+
+
+
### [jackett-9.0.30](https://github.com/truecharts/apps/compare/jackett-9.0.28...jackett-9.0.30) (2021-12-04)
diff --git a/docs/apps/stable/jackett/security.md b/docs/apps/stable/jackett/security.md
index b5dcbf715c0..a8a542a92e7 100644
--- a/docs/apps/stable/jackett/security.md
+++ b/docs/apps/stable/jackett/security.md
@@ -4,16 +4,6 @@
##### Scan Results
-2021-12-04T19:37:30.988Z [34mINFO[0m Detected config files: 1
-#### jackett/templates/common.yaml
-
-**kubernetes**
-
-
-| No Vulnerabilities found |
-|:---------------------------------|
-
-
## Containers
@@ -26,14 +16,12 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:37:38.854Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:38.854Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:38.864Z [34mINFO[0m Number of language-specific files: 0
-#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
+
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +49,12 @@
**Container: tccr.io/truecharts/jackett:v0.20.83@sha256:b24ade69bfc1b9725c42043c0b4aab341aed7c2cb462fdc21bb5287aaa574d79**
-2021-12-04T19:37:43.399Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:37:43.399Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:37:43.405Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:37:43.405Z [34mINFO[0m Detecting gobinary vulnerabilities...
-#### tccr.io/truecharts/jackett:v0.20.83@sha256:b24ade69bfc1b9725c42043c0b4aab341aed7c2cb462fdc21bb5287aaa574d79 (ubuntu 20.04)
-
+#### Container: tccr.io/truecharts/jackett:v0.20.83@sha256:b24ade69bfc1b9725c42043c0b4aab341aed7c2cb462fdc21bb5287aaa574d79 (ubuntu 20.04)
+
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -148,10 +133,10 @@
| python3.8-minimal | CVE-2021-29921 | MEDIUM | 3.8.10-0ubuntu1~20.04 | 3.8.10-0ubuntu1~20.04.1 | Click to expand!
https://bugs.python.org/issue36384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921
https://docs.python.org/3/library/ipaddress.html
https://github.com/python/cpython/blob/63298930fb531ba2bb4f23bc3b915dbf1e17e9e1/Misc/NEWS.d/3.8.0a4.rst
https://github.com/python/cpython/pull/12577
https://github.com/python/cpython/pull/25099
https://github.com/sickcodes
https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-014.md
https://python-security.readthedocs.io/vuln/ipaddress-ipv4-leading-zeros.html
https://security.netapp.com/advisory/ntap-20210622-0003/
https://sick.codes/sick-2021-014
https://ubuntu.com/security/notices/USN-4973-1
https://ubuntu.com/security/notices/USN-4973-2
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| python3.8-minimal | CVE-2021-3737 | MEDIUM | 3.8.10-0ubuntu1~20.04 | | Click to expand!
https://bugs.python.org/issue44022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://ubuntu.com/security/notices/USN-5083-1
|
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/jdownloader2/security.md b/docs/apps/stable/jdownloader2/security.md
index 46f3d833c16..ae39ee0d19f 100644
--- a/docs/apps/stable/jdownloader2/security.md
+++ b/docs/apps/stable/jdownloader2/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:37:30.386Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:37:30.386Z [34mINFO[0m Detected config files: 1
#### jdownloader2/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:37:32.014Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:32.014Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:32.018Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:37:32.014Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:37:32.014Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:37:32.018Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/jdownloader-2:v1.7.1@sha256:f5c7103d8870367cae893099a9a26929860ca5a13ebc7a1e4e335f1f296c40dd**
-2021-12-04T19:37:37.973Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:37.973Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:37.980Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:37:37.973Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:37:37.973Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:37:37.980Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/jdownloader-2:v1.7.1@sha256:f5c7103d8870367cae893099a9a26929860ca5a13ebc7a1e4e335f1f296c40dd (alpine 3.12.6)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -115,4 +115,3 @@
| ssl_client | CVE-2021-42386 | HIGH | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| xvfb | CVE-2021-3472 | HIGH | 1.20.10-r0 | 1.20.10-r1 | Click to expand!
http://www.openwall.com/lists/oss-security/2021/04/13/1
https://bugzilla.redhat.com/show_bug.cgi?id=1944167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472
https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd
https://linux.oracle.com/cve/CVE-2021-3472.html
https://linux.oracle.com/errata/ELSA-2021-2033.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00013.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDF7TAJE7NPZPNVOXSD5HBIFLNPUOD2V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6S5OPXUDYBSRSVWVLFLJ6AFERG4HNY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N63KL3T22HNFT4FJ7VMVF6U5Q4RFJIQF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEXPCLMVU25AUZTUXC4MYBGPKOAIM5TW/
https://lists.x.org/archives/xorg-announce/2021-April/003080.html
https://seclists.org/oss-sec/2021/q2/20
https://security.gentoo.org/glsa/202104-02
https://ubuntu.com/security/notices/USN-4905-1
https://ubuntu.com/security/notices/USN-4905-2
https://www.debian.org/security/2021/dsa-4893
https://www.tenable.com/plugins/nessus/148701
https://www.zerodayinitiative.com/advisories/ZDI-21-463/
|
-
diff --git a/docs/apps/stable/jellyfin/security.md b/docs/apps/stable/jellyfin/security.md
index 2478ebd5114..de3604edb86 100644
--- a/docs/apps/stable/jellyfin/security.md
+++ b/docs/apps/stable/jellyfin/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:37:30.683Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:37:30.683Z [34mINFO[0m Detected config files: 1
#### jellyfin/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:37:41.491Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:37:41.491Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:37:41.501Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:37:41.491Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:37:41.491Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:37:41.501Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/jellyfin:v10.7.7@sha256:20febcab671b5281c5ecf8b792860119c9bda4806815bc2764660173b1866924**
-2021-12-04T19:38:05.263Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:38:05.263Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:38:05.305Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:38:05.263Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:38:05.263Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:38:05.305Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/jellyfin:v10.7.7@sha256:20febcab671b5281c5ecf8b792860119c9bda4806815bc2764660173b1866924 (debian 10.10)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -238,4 +238,3 @@
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-6 | | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| tar | CVE-2021-20193 | LOW | 1.30+dfsg-6 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
|
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
-
diff --git a/docs/apps/stable/joplin-server/security.md b/docs/apps/stable/joplin-server/security.md
index ab6478dadf3..cc506e3ac8f 100644
--- a/docs/apps/stable/joplin-server/security.md
+++ b/docs/apps/stable/joplin-server/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:38:29.736Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:38:29.736Z [34mINFO[0m Detected config files: 2
#### joplin-server/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:38:34.351Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:38:34.351Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:38:34.355Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:38:34.351Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:38:34.351Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:38:34.355Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:38:36.186Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:38:36.186Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:38:36.230Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:38:36.230Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:38:36.230Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:38:36.186Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:38:36.186Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:38:36.230Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:38:36.230Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:38:36.230Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/joplin-server:v2.5.1@sha256:a285ff0cf05f534efd28c6652925b57a9774ba41923d15536b873fbbdbabcd2b**
-2021-12-04T19:39:07.601Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:39:07.601Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:39:07.729Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:39:07.729Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:39:07.601Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:39:07.601Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:39:07.729Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:39:07.729Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/joplin-server:v2.5.1@sha256:a285ff0cf05f534efd28c6652925b57a9774ba41923d15536b873fbbdbabcd2b (debian 11.0)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1107,7 +1107,7 @@
| wget | CVE-2021-31879 | MEDIUM | 1.21-1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| @npmcli/arborist | CVE-2021-39134 | HIGH | 2.4.2 | 2.8.2 | Click to expand!
https://github.com/advisories/GHSA-2h3h-q99f-3fhc
https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc
https://nvd.nist.gov/vuln/detail/CVE-2021-39134
https://www.npmjs.com/package/@npmcli/arborist
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -1216,14 +1216,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:39:12.195Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:12.195Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:12.203Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:12.195Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:12.195Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:12.203Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1251,16 +1251,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:39:14.433Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:39:14.433Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:39:14.465Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:39:14.465Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:39:14.465Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:39:14.433Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:39:14.433Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:39:14.465Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:39:14.465Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:39:14.465Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1455,16 +1455,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/kanboard/security.md b/docs/apps/stable/kanboard/security.md
index 37da380a89e..4cba7f93268 100644
--- a/docs/apps/stable/kanboard/security.md
+++ b/docs/apps/stable/kanboard/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:39:11.375Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:39:11.375Z [34mINFO[0m Detected config files: 2
#### kanboard/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:39:13.809Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:13.809Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:13.818Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:13.809Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:13.809Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:13.818Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:39:27.869Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:39:27.869Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:39:27.908Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:39:27.908Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:39:27.908Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:39:27.869Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:39:27.869Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:39:27.908Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:39:27.908Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:39:27.908Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,29 +275,29 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/kanboard:v1.2.20@sha256:1f953b23bf30dbea50a0db78a838c811859d83ab79fe259a93e8fdfe113392f6**
-2021-12-04T19:39:31.140Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:31.140Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:31.184Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:31.140Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:31.140Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:31.184Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/kanboard:v1.2.20@sha256:1f953b23bf30dbea50a0db78a838c811859d83ab79fe259a93e8fdfe113392f6 (alpine 3.13.5)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -455,14 +455,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:39:31.997Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:31.997Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:32.004Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:31.997Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:31.997Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:32.004Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -490,16 +490,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:39:32.887Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:39:32.888Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:39:32.957Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:39:32.957Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:39:32.957Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:39:32.887Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:39:32.888Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:39:32.957Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:39:32.957Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:39:32.957Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -694,16 +694,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/kms/security.md b/docs/apps/stable/kms/security.md
index 6c81d00bb66..01021a4f957 100644
--- a/docs/apps/stable/kms/security.md
+++ b/docs/apps/stable/kms/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:38:34.872Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:38:34.872Z [34mINFO[0m Detected config files: 1
#### kms/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:38:36.884Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:38:36.884Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:38:36.890Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:38:36.884Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:38:36.884Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:38:36.890Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/kms:vminimal@sha256:808c060d4ad8cc05bf3bee5d959683f884845d3d625829bcb9e79d18a2c701fd**
-2021-12-04T19:39:10.268Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:10.268Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:10.270Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:39:10.270Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:39:10.268Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:10.268Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:10.270Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:39:10.270Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/kms:vminimal@sha256:808c060d4ad8cc05bf3bee5d959683f884845d3d625829bcb9e79d18a2c701fd (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -96,9 +96,6 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/komga/security.md b/docs/apps/stable/komga/security.md
index b7e5bf93038..cc9db4683f4 100644
--- a/docs/apps/stable/komga/security.md
+++ b/docs/apps/stable/komga/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:39:10.687Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:39:10.687Z [34mINFO[0m Detected config files: 1
#### komga/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:39:12.816Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:12.816Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:12.821Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:12.816Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:12.816Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:12.821Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/komga:v0.134.0@sha256:b38ff9fd6502fe1272adef4d8b0780e3164ed32a4ccac21ada0912a1cc4a16e1**
-2021-12-04T19:39:26.642Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:39:26.642Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:39:26.646Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:39:26.646Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:39:26.642Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:39:26.642Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:39:26.646Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:39:26.646Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/komga:v0.134.0@sha256:b38ff9fd6502fe1272adef4d8b0780e3164ed32a4ccac21ada0912a1cc4a16e1 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2020-27350 | MEDIUM | 1.6.12ubuntu0.1 | 1.6.12ubuntu0.2 | Click to expand!
https://bugs.launchpad.net/bugs/1899193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350
https://security.netapp.com/advisory/ntap-20210108-0005/
https://ubuntu.com/security/notices/USN-4667-1
https://ubuntu.com/security/notices/USN-4667-2
https://usn.ubuntu.com/usn/usn-4667-1
https://www.debian.org/security/2020/dsa-4808
|
@@ -261,7 +261,7 @@
| tar | CVE-2019-9923 | LOW | 1.29b-2ubuntu0.1 | 1.29b-2ubuntu0.2 | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| org.apache.activemq:artemis-server | CVE-2020-13947 | MEDIUM | 2.17.0 | | Click to expand!
http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt
https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E
https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E
https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-13947
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -275,4 +275,3 @@
| org.jsoup:jsoup | CVE-2021-37714 | HIGH | 1.13.1 | 1.14.2 | Click to expand!
https://github.com/advisories/GHSA-m72m-mhq2-9p6c
https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c
https://jsoup.org/news/release-1.14.1
https://jsoup.org/news/release-1.14.2
https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E
https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E
https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-37714
|
| org.springframework.data:spring-data-rest-core | CVE-2021-22047 | MEDIUM | 3.5.5 | 3.4.14, 3.5.6 | Click to expand!
https://nvd.nist.gov/vuln/detail/CVE-2021-22047
https://tanzu.vmware.com/security/cve-2021-22047
|
| org.thymeleaf:thymeleaf-spring5 | CVE-2021-43466 | CRITICAL | 3.0.12.RELEASE | | Click to expand!
https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html
https://github.com/advisories/GHSA-qcj6-jqrg-4wp2
https://nvd.nist.gov/vuln/detail/CVE-2021-43466
|
-
diff --git a/docs/apps/stable/lazylibrarian/security.md b/docs/apps/stable/lazylibrarian/security.md
index 8c2277a63b1..d0338f3c6b7 100644
--- a/docs/apps/stable/lazylibrarian/security.md
+++ b/docs/apps/stable/lazylibrarian/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:39:50.026Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:39:50.026Z [34mINFO[0m Detected config files: 1
#### lazylibrarian/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:39:50.808Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:39:50.808Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:39:50.814Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:39:50.808Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:39:50.808Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:39:50.814Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/lazylibrarian:latest@sha256:39be22df562748105a54b77ed8914e097cae98a1ccfde86f975c288588d1a71a**
-2021-12-04T19:39:55.865Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:39:55.866Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:39:55.881Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:39:55.881Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:39:55.865Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:39:55.866Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:39:55.881Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:39:55.881Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/lazylibrarian:latest@sha256:39be22df562748105a54b77ed8914e097cae98a1ccfde86f975c288588d1a71a (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -226,9 +226,6 @@
| python3.6-minimal | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/leaf2mqtt/security.md b/docs/apps/stable/leaf2mqtt/security.md
index 608a593964f..c1bc967addf 100644
--- a/docs/apps/stable/leaf2mqtt/security.md
+++ b/docs/apps/stable/leaf2mqtt/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:40:04.190Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:40:04.190Z [34mINFO[0m Detected config files: 1
#### leaf2mqtt/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:40:05.150Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:40:05.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:40:05.158Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:05.150Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:40:05.150Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:40:05.158Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/leaf2mqtt:v0.5@sha256:0073361400f5f077d4eece95d6e13a86b7744fc564bd1bed151e8afcc6bdf143**
-2021-12-04T19:40:23.115Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:40:23.115Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:40:23.145Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:23.115Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:40:23.115Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:40:23.145Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/leaf2mqtt:v0.5@sha256:0073361400f5f077d4eece95d6e13a86b7744fc564bd1bed151e8afcc6bdf143 (debian 10.9)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -285,4 +285,3 @@
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-6 | | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| tar | CVE-2021-20193 | LOW | 1.30+dfsg-6 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
|
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
-
diff --git a/docs/apps/stable/librespeed/security.md b/docs/apps/stable/librespeed/security.md
index 50b3fd1d09b..95b25254ddb 100644
--- a/docs/apps/stable/librespeed/security.md
+++ b/docs/apps/stable/librespeed/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:40:24.330Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:40:24.330Z [34mINFO[0m Detected config files: 1
#### librespeed/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:40:25.682Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:40:25.682Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:40:25.689Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:25.682Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:40:25.682Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:40:25.689Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/librespeed:version-5.2.4@sha256:c441bc4d4d086a95966e93b4dea82674d1a258774f97084b02e87c0bc38deb2a**
-2021-12-04T19:40:37.744Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:37.744Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/lidarr/security.md b/docs/apps/stable/lidarr/security.md
index 7d1f84471c2..4fabf7b4f4b 100644
--- a/docs/apps/stable/lidarr/security.md
+++ b/docs/apps/stable/lidarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:40:23.709Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:40:23.709Z [34mINFO[0m Detected config files: 1
#### lidarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:40:25.110Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:40:25.110Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:40:25.123Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:25.110Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:40:25.110Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:40:25.123Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/lidarr:v1.0.0.2255@sha256:73262a0dcd0b594cc77a8f232e11aad4e54bbeee0f2ab33c7cda3b83ab298b40**
-2021-12-04T19:40:35.749Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:40:35.750Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:40:35.752Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:40:35.752Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:40:35.749Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:40:35.750Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:40:35.752Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:40:35.752Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/lidarr:v1.0.0.2255@sha256:73262a0dcd0b594cc77a8f232e11aad4e54bbeee0f2ab33c7cda3b83ab298b40 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -395,8 +395,7 @@
| perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/littlelink/security.md b/docs/apps/stable/littlelink/security.md
index cc402017dd8..48365dca9dd 100644
--- a/docs/apps/stable/littlelink/security.md
+++ b/docs/apps/stable/littlelink/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:40:38.362Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:40:38.362Z [34mINFO[0m Detected config files: 1
#### littlelink/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:40:39.237Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:40:39.237Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:40:39.240Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:40:39.237Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:40:39.237Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:40:39.240Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,24 +61,23 @@
**Container: tccr.io/truecharts/littlelink-server:latest@sha256:29d95d1d215342d2e627a082b0049116c627781517b3626a8afd9af97f26b605**
-2021-12-04T19:40:45.157Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:40:45.157Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:40:45.158Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:40:45.158Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:40:45.157Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:40:45.157Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:40:45.158Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:40:45.158Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/littlelink-server:latest@sha256:29d95d1d215342d2e627a082b0049116c627781517b3626a8afd9af97f26b605 (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| ansi-regex | CVE-2021-3807 | HIGH | 5.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
-
diff --git a/docs/apps/stable/logitech-media-server/security.md b/docs/apps/stable/logitech-media-server/security.md
index 5a968307a88..19175cf241c 100644
--- a/docs/apps/stable/logitech-media-server/security.md
+++ b/docs/apps/stable/logitech-media-server/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:41:05.970Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:41:05.970Z [34mINFO[0m Detected config files: 1
#### logitech-media-server/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:06.757Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:06.757Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:06.761Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:06.757Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:06.757Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:06.761Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/logitechmediaserver:v8.3.0@sha256:9a3d016f99856b8a1ce846a70b1c17dbf8c730030850e48a1b2c632952510dc4**
-2021-12-04T19:41:11.023Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:41:11.023Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:41:11.061Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:11.023Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:41:11.023Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:41:11.061Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/logitechmediaserver:v8.3.0@sha256:9a3d016f99856b8a1ce846a70b1c17dbf8c730030850e48a1b2c632952510dc4 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -160,4 +160,3 @@
| perl-modules-5.32 | CVE-2011-4116 | LOW | 5.32.1-4+deb11u2 | | Click to expand!
http://www.openwall.com/lists/oss-security/2011/11/04/2
http://www.openwall.com/lists/oss-security/2011/11/04/4
https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14
https://rt.cpan.org/Public/Bug/Display.html?id=69106
https://seclists.org/oss-sec/2011/q4/238
|
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
| wget | CVE-2021-31879 | MEDIUM | 1.21-1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
-
diff --git a/docs/apps/stable/loki/security.md b/docs/apps/stable/loki/security.md
index 15ce6f21470..b05e525acc8 100644
--- a/docs/apps/stable/loki/security.md
+++ b/docs/apps/stable/loki/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:41:40.630Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:41:40.630Z [34mINFO[0m Detected config files: 2
#### loki/charts/promtail/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:41.885Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:41.885Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:41.892Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:41.885Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:41.885Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:41.892Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,15 +70,15 @@
**Container: tccr.io/truecharts/loki:v2.4.1@sha256:79c6f31e246f6edac4efa651f1e246273bd1370bb140d1fa4f3fe143c2251aff**
-2021-12-04T19:41:45.496Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:45.497Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:45.497Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:41:45.497Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:41:45.496Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:45.497Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:45.497Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:41:45.497Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/loki:v2.4.1@sha256:79c6f31e246f6edac4efa651f1e246273bd1370bb140d1fa4f3fe143c2251aff (alpine 3.13.6)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.32.1-r6 | 1.32.1-r7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -105,21 +105,21 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.32.1-r6 | 1.32.1-r7 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/prometheus/prometheus | CVE-2019-3826 | MEDIUM | v1.8.2-0.20211011171444-354d8d2ecfac | v2.7.1 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:0327
https://advisory.checkmarx.net/advisory/CX-2019-4297
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3826
https://github.com/prometheus/prometheus/commit/62e591f9
https://github.com/prometheus/prometheus/pull/5163
https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3Ccommits.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:52.703Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:52.703Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:52.717Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:52.703Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:52.703Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:52.717Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -147,15 +147,15 @@
**Container: tccr.io/truecharts/promtail:v2.4.1@sha256:83bceed26a638b211d65b6e80d4a33d01dc82b81e630d57e883b490ac0c57ef4**
-2021-12-04T19:41:58.361Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:41:58.361Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:41:58.373Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:41:58.373Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:41:58.361Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:41:58.361Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:41:58.373Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:41:58.373Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/promtail:v2.4.1@sha256:83bceed26a638b211d65b6e80d4a33d01dc82b81e630d57e883b490ac0c57ef4 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -225,9 +225,8 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/containerd/containerd | CVE-2021-41103 | HIGH | v1.5.4 | v1.4.11, v1.5.7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103
https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8
https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41103
https://ubuntu.com/security/notices/USN-5100-1
https://www.debian.org/security/2021/dsa-5002
|
| github.com/prometheus/prometheus | CVE-2019-3826 | MEDIUM | v1.8.2-0.20211011171444-354d8d2ecfac | v2.7.1 | Click to expand!
https://access.redhat.com/errata/RHBA-2019:0327
https://advisory.checkmarx.net/advisory/CX-2019-4297
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3826
https://github.com/prometheus/prometheus/commit/62e591f9
https://github.com/prometheus/prometheus/pull/5163
https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3Ccommits.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
-
diff --git a/docs/apps/stable/lychee/security.md b/docs/apps/stable/lychee/security.md
index 1eecb0353be..89033d060d5 100644
--- a/docs/apps/stable/lychee/security.md
+++ b/docs/apps/stable/lychee/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:41:25.342Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:41:25.342Z [34mINFO[0m Detected config files: 1
#### lychee/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:26.619Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:26.619Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:26.626Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:26.619Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:26.619Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:26.626Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/lychee-laravel:v4.3.6@sha256:4bed7b11de627f40477b8865869cd757610969dcecbafaa1a1aac4ea1e8ae1bf**
-2021-12-04T19:41:39.790Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:41:39.790Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:41:39.889Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:41:39.889Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:41:39.790Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:41:39.790Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:41:39.889Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:41:39.889Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/lychee-laravel:v4.3.6@sha256:4bed7b11de627f40477b8865869cd757610969dcecbafaa1a1aac4ea1e8ae1bf (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -342,8 +342,7 @@
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| symfony/http-kernel | CVE-2021-41267 | MEDIUM | v5.2.9 | 5.3.0, 5.3.12 | Click to expand!
https://github.com/advisories/GHSA-q3j3-w37x-hq2q
https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487
https://github.com/symfony/symfony/pull/44243
https://github.com/symfony/symfony/releases/tag/v5.3.12
https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q
https://nvd.nist.gov/vuln/detail/CVE-2021-41267
https://symfony.com/cve-2021-41267
|
-
diff --git a/docs/apps/stable/mealie/security.md b/docs/apps/stable/mealie/security.md
index 01d46f74146..1f4f39dadc3 100644
--- a/docs/apps/stable/mealie/security.md
+++ b/docs/apps/stable/mealie/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:41:41.205Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:41:41.205Z [34mINFO[0m Detected config files: 1
#### mealie/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:42.520Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:42.520Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:42.534Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:42.520Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:42.520Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:42.534Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/mealie:v0.5.4@sha256:52a05feaf3cac813c0540e8c59b0f99900662558254c657e9d0335f0d9c8b4a9**
-2021-12-04T19:41:51.738Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:41:51.738Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:41:51.755Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:41:51.755Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:41:51.755Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:41:51.738Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:41:51.738Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:41:51.755Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:41:51.755Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:41:51.755Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/mealie:v0.5.4@sha256:52a05feaf3cac813c0540e8c59b0f99900662558254c657e9d0335f0d9c8b4a9 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -159,7 +159,7 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apprise | CVE-2021-39229 | HIGH | 0.9.3 | 0.9.5.1 | Click to expand!
https://github.com/advisories/GHSA-qhmp-h54x-38qr
https://github.com/caronc/apprise/blob/0007eade20934ddef0aba38b8f1aad980cfff253/apprise/plugins/NotifyIFTTT.py#L356-L359
https://github.com/caronc/apprise/commit/e20fce630d55e4ca9b0a1e325a5fea6997489831
https://github.com/caronc/apprise/pull/436
https://github.com/caronc/apprise/releases/tag/v0.9.5.1
https://github.com/caronc/apprise/security/advisories/GHSA-qhmp-h54x-38qr
https://nvd.nist.gov/vuln/detail/CVE-2021-39229
|
@@ -170,9 +170,6 @@
| websockets | CVE-2021-33880 | MEDIUM | 8.1 | 9.1 | Click to expand!
https://github.com/aaugustin/websockets/commit/547a26b685d08cac0aa64e5e65f7867ac0ea9bc0
https://github.com/advisories/GHSA-8ch4-58qp-g3mp
https://nvd.nist.gov/vuln/detail/CVE-2021-33880
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/medusa/security.md b/docs/apps/stable/medusa/security.md
index ec1b3f91101..73816139d2a 100644
--- a/docs/apps/stable/medusa/security.md
+++ b/docs/apps/stable/medusa/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:41:53.361Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:41:53.361Z [34mINFO[0m Detected config files: 1
#### medusa/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:41:59.388Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:41:59.388Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:41:59.398Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:41:59.388Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:41:59.388Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:41:59.398Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/medusa:v0.5.20@sha256:5de16df497fc0800e47cbd5761c04966403d38445ba54f076f336e70437d3cd9**
-2021-12-04T19:42:07.267Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:42:07.267Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:42:07.267Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:42:07.267Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/miniflux/security.md b/docs/apps/stable/miniflux/security.md
index 999dd3becab..a34c1e50244 100644
--- a/docs/apps/stable/miniflux/security.md
+++ b/docs/apps/stable/miniflux/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:42:28.048Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:42:28.048Z [34mINFO[0m Detected config files: 2
#### miniflux/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:42:28.842Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:28.842Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:28.855Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:42:28.842Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:28.842Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:28.855Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:42:29.701Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:42:29.701Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:42:29.743Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:42:29.743Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:42:29.743Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:42:29.701Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:42:29.701Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:42:29.743Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:42:29.743Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:42:29.743Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/miniflux:v2.0.33@sha256:1fcc67ba8a5e9f06c6b67bc654b3276d51c304cb3a2ac4985114b6785c149cb2**
-2021-12-04T19:42:31.561Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:31.561Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:31.561Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:42:31.561Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:42:31.561Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:31.561Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:31.561Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:42:31.561Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/miniflux:v2.0.33@sha256:1fcc67ba8a5e9f06c6b67bc654b3276d51c304cb3a2ac4985114b6785c149cb2 (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -325,21 +325,21 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:42:32.314Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:32.314Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:32.320Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:42:32.314Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:32.314Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:32.320Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -367,16 +367,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:42:33.524Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:42:33.524Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:42:33.565Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:42:33.565Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:42:33.565Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:42:33.524Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:42:33.524Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:42:33.565Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:42:33.565Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:42:33.565Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -571,16 +571,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/minio-console/security.md b/docs/apps/stable/minio-console/security.md
index dc1f68d9ea2..4c17237ffcd 100644
--- a/docs/apps/stable/minio-console/security.md
+++ b/docs/apps/stable/minio-console/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:42:35.148Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:42:35.148Z [34mINFO[0m Detected config files: 1
#### minio-console/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:42:36.143Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:36.143Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:36.149Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:42:36.143Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:36.143Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:36.149Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -60,5 +60,3 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**Container: tccr.io/truecharts/minio-console:v0.12.5@sha256:95b3c2b2e67b8f61f5d3e09c37875a37b9f4aeaa47f392c02dba191b041517d1**
-
-
diff --git a/docs/apps/stable/minio/security.md b/docs/apps/stable/minio/security.md
index 2e1bb7c658c..15094e7c2f2 100644
--- a/docs/apps/stable/minio/security.md
+++ b/docs/apps/stable/minio/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:42:49.584Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:42:49.584Z [34mINFO[0m Detected config files: 1
#### minio/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:42:51.014Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:51.014Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:51.021Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:42:51.014Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:51.014Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:51.021Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/minio:latest@sha256:8129f69c85b84e13f085a1ce127f108cee0ea84a1f496e8065796c7a15a08442**
-2021-12-04T19:42:57.834Z [34mINFO[0m Detected OS: redhat
-2021-12-04T19:42:57.834Z [34mINFO[0m Detecting RHEL/CentOS vulnerabilities...
-2021-12-04T19:42:57.837Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:42:57.834Z [34mINFO[0m Detected OS: redhat
+2021-12-04T19:42:57.834Z [34mINFO[0m Detecting RHEL/CentOS vulnerabilities...
+2021-12-04T19:42:57.837Z [34mINFO[0m Number of language-specific files: 1
#### tccr.io/truecharts/minio:latest@sha256:8129f69c85b84e13f085a1ce127f108cee0ea84a1f496e8065796c7a15a08442 (redhat 8.4)
-
+
**redhat**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bzip2-libs | CVE-2019-12900 | LOW | 1.0.6-26.el8 | | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html
http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900
https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774@%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html
https://seclists.org/bugtraq/2019/Aug/4
https://seclists.org/bugtraq/2019/Jul/22
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc
https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-4038-1
https://ubuntu.com/security/notices/USN-4038-2
https://ubuntu.com/security/notices/USN-4038-3
https://ubuntu.com/security/notices/USN-4038-4
https://ubuntu.com/security/notices/USN-4146-1
https://ubuntu.com/security/notices/USN-4146-2
https://usn.ubuntu.com/4038-1/
https://usn.ubuntu.com/4038-2/
https://usn.ubuntu.com/4146-1/
https://usn.ubuntu.com/4146-2/
https://www.oracle.com/security-alerts/cpuoct2020.html
|
@@ -173,4 +173,3 @@
| sqlite-libs | CVE-2019-9936 | LOW | 3.26.0-13.el8 | | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html
http://www.securityfocus.com/bid/107562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9936
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/
https://security.gentoo.org/glsa/201908-09
https://security.netapp.com/advisory/ntap-20190416-0005/
https://sqlite.org/src/info/b3fa58dd7403dbd4
https://ubuntu.com/security/notices/USN-4019-1
https://usn.ubuntu.com/4019-1/
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114382.html
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114394.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
|
| sqlite-libs | CVE-2019-9937 | LOW | 3.26.0-13.el8 | | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html
http://www.securityfocus.com/bid/107562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9937
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/
https://security.gentoo.org/glsa/201908-09
https://security.netapp.com/advisory/ntap-20190416-0005/
https://sqlite.org/src/info/45c73deb440496e8
https://ubuntu.com/security/notices/USN-4019-1
https://usn.ubuntu.com/4019-1/
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114383.html
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114393.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
|
| systemd-libs | CVE-2018-20839 | MEDIUM | 239-45.el8_4.3 | | Click to expand!
http://www.securityfocus.com/bid/108389
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993
https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f
https://github.com/systemd/systemd/pull/12378
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.netapp.com/advisory/ntap-20190530-0002/
|
-
diff --git a/docs/apps/stable/mosquitto/security.md b/docs/apps/stable/mosquitto/security.md
index 11da3aa2ba5..a9b3603ff6e 100644
--- a/docs/apps/stable/mosquitto/security.md
+++ b/docs/apps/stable/mosquitto/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:42:58.623Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:42:58.623Z [34mINFO[0m Detected config files: 1
#### mosquitto/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:42:59.848Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:42:59.848Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:42:59.852Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:42:59.848Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:42:59.848Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:42:59.852Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,13 @@
**Container: tccr.io/truecharts/eclipse-mosquitto:v2.0.14@sha256:047eb800158878c1bea9e6281e2dc3081b53b61ca10fdca5a17816c6fbe15216**
-2021-12-04T19:43:01.308Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:01.308Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:01.309Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:01.308Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:01.308Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:01.309Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/eclipse-mosquitto:v2.0.14@sha256:047eb800158878c1bea9e6281e2dc3081b53b61ca10fdca5a17816c6fbe15216 (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/mstream/security.md b/docs/apps/stable/mstream/security.md
index c6102b79f70..66010431f95 100644
--- a/docs/apps/stable/mstream/security.md
+++ b/docs/apps/stable/mstream/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:43:21.772Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:43:21.772Z [34mINFO[0m Detected config files: 1
#### mstream/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:43:23.265Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:23.265Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:23.272Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:23.265Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:23.265Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:23.272Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/mstream:version-v5.2.5@sha256:1ac2f1c3177e09428cf5be1f33c7110863b69a748f691f8385dc96a313d84e7b**
-2021-12-04T19:43:34.582Z [34mINFO[0m Number of language-specific files: 6
-2021-12-04T19:43:34.582Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:43:34.583Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:43:34.582Z [34mINFO[0m Number of language-specific files: 6
+2021-12-04T19:43:34.582Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:43:34.583Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 4.1.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -77,37 +77,34 @@
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | Click to expand!
https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://nvd.nist.gov/vuln/detail/CVE-2021-3918
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/muximux/security.md b/docs/apps/stable/muximux/security.md
index d443fedd394..304c14406ff 100644
--- a/docs/apps/stable/muximux/security.md
+++ b/docs/apps/stable/muximux/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:43:23.815Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:43:23.815Z [34mINFO[0m Detected config files: 1
#### muximux/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:43:36.042Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:36.042Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:36.048Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:36.042Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:36.042Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:36.048Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/muximux:version-057352e8@sha256:5942aa00a99c51a0d0fc9afda2f875450515a27a312572c0fcc62471131184e9**
-2021-12-04T19:43:37.391Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:37.391Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/mylar/security.md b/docs/apps/stable/mylar/security.md
index 077592dc0ea..7b6fd07377c 100644
--- a/docs/apps/stable/mylar/security.md
+++ b/docs/apps/stable/mylar/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:43:39.197Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:43:39.197Z [34mINFO[0m Detected config files: 1
#### mylar/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:43:40.381Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:40.381Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:40.388Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:40.381Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:40.381Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:40.388Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,13 +61,13 @@
**Container: tccr.io/truecharts/mylar3:version-v0.5.3@sha256:97892fdbd4aaa622ea5b77d1c9c467985545094a13f4acd1ab3f5d4b0bb094ea**
-2021-12-04T19:43:46.626Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:43:46.626Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:43:46.626Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:43:46.626Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-25287 | CRITICAL | 6.2.2 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25287
https://github.com/advisories/GHSA-77gc-v2xv-rvvh
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://github.com/python-pillow/Pillow/pull/5377/commits/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25287
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
@@ -96,4 +96,3 @@
| Pillow | CVE-2021-28675 | MEDIUM | 6.2.2 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28675
https://github.com/advisories/GHSA-g6rj-rv7j-xwp4
https://github.com/python-pillow/Pillow/pull/5377/commits/22e9bee4ef225c0edbb9323f94c26cee0c623497
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28675
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28675-fix-dos-in-psdimageplugin
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
| Pillow | CVE-2021-28678 | MEDIUM | 6.2.2 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28678
https://github.com/advisories/GHSA-hjfx-8p6c-g7gx
https://github.com/python-pillow/Pillow/pull/5377
https://github.com/python-pillow/Pillow/pull/5377/commits/496245aa4365d0827390bd0b6fbd11287453b3a1
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28678
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28678-fix-blp-dos
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
| Pillow | GHSA-jgpv-4h4c-xhw3 | MEDIUM | 6.2.2 | 8.1.2 | Click to expand!
https://github.com/advisories/GHSA-jgpv-4h4c-xhw3
https://github.com/calix2/pyVulApp/security/advisories/GHSA-jgpv-4h4c-xhw3
|
-
diff --git a/docs/apps/stable/navidrome/security.md b/docs/apps/stable/navidrome/security.md
index 749c1341078..afd8f776020 100644
--- a/docs/apps/stable/navidrome/security.md
+++ b/docs/apps/stable/navidrome/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:43:47.237Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:43:47.237Z [34mINFO[0m Detected config files: 1
#### navidrome/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:43:48.670Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:48.670Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:48.678Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:43:48.670Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:48.670Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:48.678Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,24 +61,21 @@
**Container: tccr.io/truecharts/navidrome:v0.47.0@sha256:0ca8781ecf33f961d9e1157b8f0aa0ad8d69cde3dac99e8084bd34aa73094128**
-2021-12-04T19:43:54.304Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:43:54.304Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:43:54.312Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:43:54.312Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:43:54.304Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:43:54.304Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:43:54.312Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:43:54.312Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/navidrome:v0.47.0@sha256:0ca8781ecf33f961d9e1157b8f0aa0ad8d69cde3dac99e8084bd34aa73094128 (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/nextcloud/security.md b/docs/apps/stable/nextcloud/security.md
index 4630541a79e..e24879021eb 100644
--- a/docs/apps/stable/nextcloud/security.md
+++ b/docs/apps/stable/nextcloud/security.md
@@ -4,30 +4,30 @@
##### Scan Results
-2021-12-04T19:44:40.066Z [34mINFO[0m Detected config files: 3
+2021-12-04T19:44:40.066Z [34mINFO[0m Detected config files: 3
#### nextcloud/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -46,14 +46,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:44:42.515Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:44:42.515Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:44:42.526Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:44:42.515Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:44:42.515Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:44:42.526Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -81,16 +81,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:44:46.503Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:44:46.503Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:44:46.539Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:44:46.540Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:44:46.540Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:44:46.503Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:44:46.503Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:44:46.539Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:44:46.540Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:44:46.540Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -285,30 +285,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e**
-2021-12-04T19:45:14.960Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:45:14.960Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:45:15.089Z [34mINFO[0m Number of language-specific files: 5
-2021-12-04T19:45:15.089Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:45:14.960Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:45:14.960Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:45:15.089Z [34mINFO[0m Number of language-specific files: 5
+2021-12-04T19:45:15.089Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2001-1534 | LOW | 2.4.51-1~deb11u1 | | Click to expand!
http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html
http://www.iss.net/security_center/static/7494.php
http://www.securityfocus.com/bid/3521
|
@@ -766,51 +766,51 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e**
-2021-12-04T19:45:16.403Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:45:16.403Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:45:16.590Z [34mINFO[0m Number of language-specific files: 5
-2021-12-04T19:45:16.590Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:45:16.403Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:45:16.403Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:45:16.590Z [34mINFO[0m Number of language-specific files: 5
+2021-12-04T19:45:16.590Z [34mINFO[0m Detecting composer vulnerabilities...
#### tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2001-1534 | LOW | 2.4.51-1~deb11u1 | | Click to expand!
http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html
http://www.iss.net/security_center/static/7494.php
http://www.securityfocus.com/bid/3521
|
@@ -1268,50 +1268,50 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:45:17.969Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:45:17.970Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:45:17.975Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:45:17.969Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:45:17.970Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:45:17.975Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1339,15 +1339,15 @@
**Container: tccr.io/truecharts/redis:v6.2.6@sha256:741dc63de7fed6f7f4fff41ac4b23a40f6850e9fb361e35e2959c71d8f10aeae**
-2021-12-04T19:45:19.229Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:45:19.229Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:45:19.278Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:45:19.278Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:45:19.229Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:45:19.229Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:45:19.278Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:45:19.278Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/redis:v6.2.6@sha256:741dc63de7fed6f7f4fff41ac4b23a40f6850e9fb361e35e2959c71d8f10aeae (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1494,29 +1494,29 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:45:20.755Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:45:20.755Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:45:20.765Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:45:20.755Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:45:20.755Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:45:20.765Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1544,16 +1544,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:45:24.701Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:45:24.701Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:45:24.761Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:45:24.761Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:45:24.764Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:45:24.701Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:45:24.701Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:45:24.761Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:45:24.761Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:45:24.764Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1748,16 +1748,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/node-red/security.md b/docs/apps/stable/node-red/security.md
index ca0185c11d9..a4084e2a39c 100644
--- a/docs/apps/stable/node-red/security.md
+++ b/docs/apps/stable/node-red/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:44:24.039Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:44:24.039Z [34mINFO[0m Detected config files: 1
#### node-red/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:44:24.889Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:44:24.890Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:44:24.905Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:44:24.889Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:44:24.890Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:44:24.905Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,25 +61,24 @@
**Container: tccr.io/truecharts/node-red:v2.1.4@sha256:ede5c67753313e35ea6e0317573a74c77212822c33444b4b00ab562d2bdce97e**
-2021-12-04T19:44:38.052Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:44:38.052Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:44:38.055Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:44:38.055Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:44:38.052Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:44:38.052Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:44:38.055Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:44:38.055Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/node-red:v2.1.4@sha256:ede5c67753313e35ea6e0317573a74c77212822c33444b4b00ab562d2bdce97e (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| ansi-regex | CVE-2021-3807 | HIGH | 4.1.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | Click to expand!
https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://nvd.nist.gov/vuln/detail/CVE-2021-3918
|
-
diff --git a/docs/apps/stable/novnc/security.md b/docs/apps/stable/novnc/security.md
index 07df1d41f3c..c85665beb34 100644
--- a/docs/apps/stable/novnc/security.md
+++ b/docs/apps/stable/novnc/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:44:38.541Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:44:38.541Z [34mINFO[0m Detected config files: 1
#### novnc/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:44:41.889Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:44:41.889Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:44:41.892Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:44:41.889Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:44:41.889Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:44:41.892Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/novnc:version-1.2.0@sha256:aac782a823a7c34efce17d635a706cf967c6690784f0da9bd8efd4bb0bb598c1**
-2021-12-04T19:44:45.918Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:44:45.918Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:44:45.918Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:44:45.918Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/nullserv/security.md b/docs/apps/stable/nullserv/security.md
index d20774f7ad7..7233f83582b 100644
--- a/docs/apps/stable/nullserv/security.md
+++ b/docs/apps/stable/nullserv/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:44:38.997Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:44:38.997Z [34mINFO[0m Detected config files: 1
#### nullserv/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:44:41.267Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:44:41.267Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:44:41.273Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:44:41.267Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:44:41.267Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:44:41.273Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/nullserv:v1.3.0@sha256:67aa9d50ba0c9547b4b0f7fc68c023a34b5e2b027f7bc9233120d5fbd6bcf3cd**
-2021-12-04T19:44:48.390Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:44:48.390Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/nzbget/security.md b/docs/apps/stable/nzbget/security.md
index bec1092277f..467321a8762 100644
--- a/docs/apps/stable/nzbget/security.md
+++ b/docs/apps/stable/nzbget/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:45:18.567Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:45:18.567Z [34mINFO[0m Detected config files: 1
#### nzbget/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:45:19.970Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:45:19.971Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:45:19.979Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:45:19.970Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:45:19.971Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:45:19.979Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/nzbget:v21.1@sha256:381d4e760ee2de5b2f3a83d1f2885b3bffe891f6b961db0df94986b03868333a**
-2021-12-04T19:45:23.988Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:45:23.988Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:45:24.000Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:45:24.000Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:45:24.000Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:45:23.988Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:45:23.988Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:45:24.000Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:45:24.000Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:45:24.000Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/nzbget:v21.1@sha256:381d4e760ee2de5b2f3a83d1f2885b3bffe891f6b961db0df94986b03868333a (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -150,15 +150,14 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.3-1ubuntu1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/nzbhydra/security.md b/docs/apps/stable/nzbhydra/security.md
index cd4d3c1decf..f03ceb5f0de 100644
--- a/docs/apps/stable/nzbhydra/security.md
+++ b/docs/apps/stable/nzbhydra/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:45:31.207Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:45:31.207Z [34mINFO[0m Detected config files: 1
#### nzbhydra/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:45:32.082Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:45:32.082Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:45:32.092Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:45:32.082Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:45:32.082Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:45:32.092Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/nzbhydra2:v3.18.1@sha256:49f70e9135edc8afcc3343569f7d6dbc4b693012f502ed70783241b975990ef6**
-2021-12-04T19:45:42.742Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:45:42.742Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:45:42.746Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:45:42.746Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:45:42.742Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:45:42.742Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:45:42.746Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:45:42.746Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/nzbhydra2:v3.18.1@sha256:49f70e9135edc8afcc3343569f7d6dbc4b693012f502ed70783241b975990ef6 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -159,8 +159,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/octoprint/security.md b/docs/apps/stable/octoprint/security.md
index e2ee9b3e49e..c43f5179f1d 100644
--- a/docs/apps/stable/octoprint/security.md
+++ b/docs/apps/stable/octoprint/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:45:43.427Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:45:43.427Z [34mINFO[0m Detected config files: 1
#### octoprint/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:45:44.310Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:45:44.310Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:45:44.317Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:45:44.310Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:45:44.310Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:45:44.317Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/octoprint:v1.7.2@sha256:80d677488365ad240b0cef90fa381ba849dcd82dfc62b11689d88da9867956c6**
-2021-12-04T19:46:11.144Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:46:11.144Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:46:11.377Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:46:11.379Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:46:11.382Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:46:11.144Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:46:11.144Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:46:11.377Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:46:11.379Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:46:11.382Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/octoprint:v1.7.2@sha256:80d677488365ad240b0cef90fa381ba849dcd82dfc62b11689d88da9867956c6 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1477,15 +1477,14 @@
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Werkzeug | pyup.io-42050 | UNKNOWN | 1.0.1 | 2.0.2 | Click to expand!
|
-
diff --git a/docs/apps/stable/odoo/security.md b/docs/apps/stable/odoo/security.md
index da57d5ee192..55c82744b5f 100644
--- a/docs/apps/stable/odoo/security.md
+++ b/docs/apps/stable/odoo/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:46:19.308Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:46:19.308Z [34mINFO[0m Detected config files: 2
#### odoo/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:46:24.427Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:46:24.427Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:46:24.438Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:46:24.427Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:46:24.427Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:46:24.438Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:46:26.755Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:46:26.755Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:46:26.782Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:46:26.782Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:46:26.782Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:46:26.755Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:46:26.755Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:46:26.782Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:46:26.782Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:46:26.782Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/odoo:version-14.0@sha256:dec23986ced979e029a78512272e2be18bab60d811bccb3d7ddc4b3241b210e2**
-2021-12-04T19:46:54.798Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:46:54.798Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:46:54.842Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:46:54.843Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:46:54.798Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:46:54.798Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:46:54.842Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:46:54.843Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/odoo:version-14.0@sha256:dec23986ced979e029a78512272e2be18bab60d811bccb3d7ddc4b3241b210e2 (debian 10.10)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -686,22 +686,22 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:46:56.073Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:46:56.073Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:46:56.078Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:46:56.073Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:46:56.073Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:46:56.078Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -729,16 +729,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:46:57.394Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:46:57.394Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:46:57.421Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:46:57.421Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:46:57.421Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:46:57.394Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:46:57.394Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:46:57.421Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:46:57.421Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:46:57.421Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -933,16 +933,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/ombi/security.md b/docs/apps/stable/ombi/security.md
index 4ee99a3ac67..22a7092ca2a 100644
--- a/docs/apps/stable/ombi/security.md
+++ b/docs/apps/stable/ombi/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:46:20.029Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:46:20.029Z [34mINFO[0m Detected config files: 1
#### ombi/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:46:25.004Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:46:25.004Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:46:25.012Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:46:25.004Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:46:25.004Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:46:25.012Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/ombi:v4.0.1482@sha256:0fa4e81029d9adef9d773ce99db13ff3039fd087d58d7266cbcfd7462e7afc56**
-2021-12-04T19:46:33.364Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:46:33.364Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:46:33.367Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:46:33.367Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:46:33.364Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:46:33.364Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:46:33.367Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:46:33.367Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/ombi:v4.0.1482@sha256:0fa4e81029d9adef9d773ce99db13ff3039fd087d58d7266cbcfd7462e7afc56 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -157,8 +157,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/onlyoffice-document-server/security.md b/docs/apps/stable/onlyoffice-document-server/security.md
index d0fd89484ba..590130214d0 100644
--- a/docs/apps/stable/onlyoffice-document-server/security.md
+++ b/docs/apps/stable/onlyoffice-document-server/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:46:27.249Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:46:27.249Z [34mINFO[0m Detected config files: 1
#### onlyoffice-document-server/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:46:56.675Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:46:56.675Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:46:56.679Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:46:56.675Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:46:56.675Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:46:56.679Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/documentserver:v6.4.2.6@sha256:c298cbb59a2d7f73a5a9bc5cc11f9e0e299ef2ab966e64f3e8d8382921a6341c**
-2021-12-04T19:47:36.848Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:47:36.848Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:47:36.860Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:47:36.848Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:47:36.848Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:47:36.860Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/documentserver:v6.4.2.6@sha256:c298cbb59a2d7f73a5a9bc5cc11f9e0e299ef2ab966e64f3e8d8382921a6341c (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -440,4 +440,3 @@
| wget | CVE-2021-31879 | MEDIUM | 1.20.3-1ubuntu1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu14 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2ubuntu1 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
-
diff --git a/docs/apps/stable/openkm/security.md b/docs/apps/stable/openkm/security.md
index eb80875ab12..1a4ef288953 100644
--- a/docs/apps/stable/openkm/security.md
+++ b/docs/apps/stable/openkm/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:46:55.490Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:46:55.490Z [34mINFO[0m Detected config files: 2
#### openkm/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -37,14 +37,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:46:58.372Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:46:58.372Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:46:58.383Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:46:58.372Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:46:58.372Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:46:58.383Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -72,16 +72,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:47:39.208Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:47:39.208Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:47:39.238Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:47:39.238Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:47:39.238Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:47:39.208Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:47:39.208Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:47:39.238Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:47:39.238Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:47:39.238Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -276,33 +276,33 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: 'tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c'**
**Container: tccr.io/truecharts/openkm-ce:v6.3.11@sha256:941156f70c16350fb92d66f60007ac68abaee11265448eaacc40e821a46afc4d**
-2021-12-04T19:48:32.457Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:48:32.457Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:48:32.479Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:48:32.479Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:48:32.457Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:48:32.457Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:48:32.479Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:48:32.479Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/openkm-ce:v6.3.11@sha256:941156f70c16350fb92d66f60007ac68abaee11265448eaacc40e821a46afc4d (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -726,7 +726,7 @@
| xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-1ubuntu1 | | Click to expand!
http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ch.qos.logback:logback-classic | CVE-2017-5929 | CRITICAL | 1.1.3 | 1.2.0 | Click to expand!
http://www.cvedetails.com/cve/CVE-2017-5929/
https://access.redhat.com/errata/RHSA-2017:1675
https://access.redhat.com/errata/RHSA-2017:1676
https://access.redhat.com/errata/RHSA-2017:1832
https://access.redhat.com/errata/RHSA-2018:2927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929
https://github.com/advisories/GHSA-vmfg-rjjm-rjrj
https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8
https://lists.apache.org/thread.html/18d509024d9aeb07f0e9579066f80bf5d4dcf20467b0c240043890d1@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/a6db61616180d73711d6db25703085940026e2dbc40f153f9d22b203@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/fa4eaaa6ff41ac6f79811e053c152ee89b7c5da8a6ac848ae97df67f@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r0bb19330e48d5ad784fa20dacba9e5538d8d60f5cd9142e0f1432b4b@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2a08573ddee4a86dc96d469485a5843a01710ee0dc2078dfca410c79@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2c2d57ca180e8173c90fe313ddf8eabbdcf8e3ae196f8b9f42599790@%3Ccommits.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/r397bf63783240fbb5713389d3f889d287ae0c11509006700ac720037@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r4673642893562c58cbee60c151ded6c077e8a2d02296e862224a9161@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r632ec30791b441e2eb5a3129532bf1b689bf181d0ef7daf50bcf0fd6@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r718f27bed898008a8e037d9cc848cfc1df4d18abcbaee0cb0c142cfb@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r967953a14e05016bc4bcae9ef3dd92e770181158b4246976ed8295c9@%3Cdev.brooklyn.apache.org%3E
https://lists.apache.org/thread.html/ra007cec726a3927c918ec94c4316d05d1829c49eae8dc3648adc35e2@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rbb4dfca2f7e3e8f3570eec21c79832d33a51dfde6762725660b60169@%3Cdev.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/rc5f0cc2f3b153bdf15ee7389d78585829abc9c7af4d322ba1085dd3e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rd2227af3c9ada2a72dc72ed05517f5857a34d487580e1f2803922ff9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/re9b787727291786dfe088e3cd078c7d195c0b5781e15d3cd24a3b2fc@%3Cdev.mnemonic.apache.org%3E
https://logback.qos.ch/news.html
https://nvd.nist.gov/vuln/detail/CVE-2017-5929
|
@@ -870,14 +870,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:48:34.780Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:34.780Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:34.783Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:48:34.780Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:34.780Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:34.783Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -905,16 +905,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:48:38.094Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:48:38.094Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:48:38.112Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:48:38.112Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:48:38.112Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:48:38.094Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:48:38.094Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:48:38.112Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:48:38.112Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:48:38.112Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1109,16 +1109,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/openldap/security.md b/docs/apps/stable/openldap/security.md
index 9755ee7f319..f001ddc7f17 100644
--- a/docs/apps/stable/openldap/security.md
+++ b/docs/apps/stable/openldap/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:47:37.294Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:47:37.294Z [34mINFO[0m Detected config files: 1
#### openldap/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:47:38.590Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:47:38.590Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:47:38.601Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:47:38.590Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:47:38.590Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:47:38.601Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/openldap:v1.5.0@sha256:d7e4f9279595ea1772efac4063876b29a96ff54c214f2c3ba52d2c3bfca8928c**
-2021-12-04T19:47:44.128Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:47:44.128Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:47:44.171Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:47:44.171Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:47:44.128Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:47:44.128Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:47:44.171Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:47:44.171Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/openldap:v1.5.0@sha256:d7e4f9279595ea1772efac4063876b29a96ff54c214f2c3ba52d2c3bfca8928c (debian 10.8)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.2 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -434,14 +434,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20201012173705-84dcc777aaee | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20201012173705-84dcc777aaee | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
-
diff --git a/docs/apps/stable/organizr/security.md b/docs/apps/stable/organizr/security.md
index 133b0145e2f..87bc7f1b9a4 100644
--- a/docs/apps/stable/organizr/security.md
+++ b/docs/apps/stable/organizr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:47:37.746Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:47:37.746Z [34mINFO[0m Detected config files: 1
#### organizr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:47:47.295Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:47:47.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:47:47.302Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:47:47.295Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:47:47.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:47:47.302Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/organizr:latest@sha256:ca1794e822f705b63c5753d56c7eecfd23e1ae77ddffb5a66b13c2ec7f587ad3**
-2021-12-04T19:47:51.140Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:47:51.140Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:47:51.157Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:47:51.140Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:47:51.140Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:47:51.157Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/organizr:latest@sha256:ca1794e822f705b63c5753d56c7eecfd23e1ae77ddffb5a66b13c2ec7f587ad3 (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -114,4 +114,3 @@
| ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
-
diff --git a/docs/apps/stable/oscam/security.md b/docs/apps/stable/oscam/security.md
index 7677d728a0e..1df8e0b28b0 100644
--- a/docs/apps/stable/oscam/security.md
+++ b/docs/apps/stable/oscam/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:48:33.326Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:48:33.326Z [34mINFO[0m Detected config files: 1
#### oscam/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:48:43.241Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:43.241Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:43.251Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:48:43.241Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:43.241Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:43.251Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/oscam:version-11693@sha256:dcaa24c5076e020243aa0bcf2b5e2edbd1fcf6f9066c50e3f5c2f32937c68cb9**
-2021-12-04T19:49:00.993Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:00.993Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/overseerr/security.md b/docs/apps/stable/overseerr/security.md
index e3831eae476..0ecc00df157 100644
--- a/docs/apps/stable/overseerr/security.md
+++ b/docs/apps/stable/overseerr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:48:35.093Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:48:35.093Z [34mINFO[0m Detected config files: 1
#### overseerr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:48:36.515Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:36.516Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:36.519Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:48:36.515Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:36.516Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:36.519Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,17 +61,17 @@
**Container: tccr.io/truecharts/overseerr:v1.27.0@sha256:cf3d0ae6c0df50e397a567e49d2ba891c2dc46cb1145f11acf0a12b82a3bfcd9**
-2021-12-04T19:48:58.965Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:58.965Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:58.966Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:48:58.966Z [34mINFO[0m Detecting node-pkg vulnerabilities...
-2021-12-04T19:48:58.990Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.11.12
-2021-12-04T19:48:58.990Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:48:58.965Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:58.965Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:58.966Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:48:58.966Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:48:58.990Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.11.12
+2021-12-04T19:48:58.990Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/overseerr:v1.27.0@sha256:cf3d0ae6c0df50e397a567e49d2ba891c2dc46cb1145f11acf0a12b82a3bfcd9 (alpine 3.11.12)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.31.1-r10 | 1.31.1-r11 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -96,7 +96,7 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r10 | 1.31.1-r11 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -118,4 +118,3 @@
| tar | CVE-2021-37701 | HIGH | 6.1.0 | 6.1.7, 5.0.8, 4.4.16 | Click to expand!
https://github.com/advisories/GHSA-9r2w-394v-53qc
https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
https://nvd.nist.gov/vuln/detail/CVE-2021-37701
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1779
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37712 | HIGH | 6.1.0 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-qq89-hq3f-393p
https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
https://nvd.nist.gov/vuln/detail/CVE-2021-37712
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1780
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37713 | HIGH | 6.1.0 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/docs/apps/stable/owncast/security.md b/docs/apps/stable/owncast/security.md
index 8a9ace4fa1c..e2d27558a45 100644
--- a/docs/apps/stable/owncast/security.md
+++ b/docs/apps/stable/owncast/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:48:33.033Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:48:33.033Z [34mINFO[0m Detected config files: 1
#### owncast/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:48:35.660Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:35.660Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:35.666Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:48:35.660Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:35.660Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:35.666Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/owncast:v0.0.10@sha256:59e455798cacf118a74184755b060f48bcc05dc56bb9d4f696bcc77f411f1ad0**
-2021-12-04T19:48:41.846Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:48:41.846Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:48:41.849Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:48:41.849Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:48:41.846Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:48:41.846Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:48:41.849Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:48:41.849Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/owncast:v0.0.10@sha256:59e455798cacf118a74184755b060f48bcc05dc56bb9d4f696bcc77f411f1ad0 (alpine 3.12.0)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -117,9 +117,6 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r16 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/owncloud-ocis/security.md b/docs/apps/stable/owncloud-ocis/security.md
index 814276e668d..8b45e287d68 100644
--- a/docs/apps/stable/owncloud-ocis/security.md
+++ b/docs/apps/stable/owncloud-ocis/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:49:22.457Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:49:22.457Z [34mINFO[0m Detected config files: 1
#### owncloud-ocis/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:49:23.264Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:23.264Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:23.275Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:23.264Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:23.264Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:23.275Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,24 +61,23 @@
**Container: tccr.io/truecharts/ocis:v1.15.0@sha256:513bf715f330afcd06918be63f47b8ad7bf80515d3ed2b29afdb7da00ed66eb4**
-2021-12-04T19:49:26.300Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:26.300Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:26.300Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:49:26.301Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:49:26.300Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:26.300Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:26.300Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:49:26.301Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/ocis:v1.15.0@sha256:513bf715f330afcd06918be63f47b8ad7bf80515d3ed2b29afdb7da00ed66eb4 (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/dgrijalva/jwt-go | CVE-2020-26160 | HIGH | v3.2.0+incompatible | | Click to expand!
https://github.com/dgrijalva/jwt-go/pull/426
https://nvd.nist.gov/vuln/detail/CVE-2020-26160
https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515
|
| github.com/satori/go.uuid | GO-2020-0018 | UNKNOWN | v1.2.0 | v1.2.1-0.20181016170032-d91630c85102 | Click to expand!
|
-
diff --git a/docs/apps/stable/pgadmin/security.md b/docs/apps/stable/pgadmin/security.md
index a655638ccfa..b42525e23f4 100644
--- a/docs/apps/stable/pgadmin/security.md
+++ b/docs/apps/stable/pgadmin/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:49:26.951Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:49:26.951Z [34mINFO[0m Detected config files: 1
#### pgadmin/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:49:27.762Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:27.762Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:27.781Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:27.762Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:27.762Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:27.781Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,25 +61,24 @@
**Container: tccr.io/truecharts/pgadmin4:v6.2@sha256:56a1cc09742301c5cca10f75f9766a85f7b8c9a256ee88cdf04ad1038db2f2cd**
-2021-12-04T19:49:35.161Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:35.161Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:35.162Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:49:35.162Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:49:35.161Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:35.161Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:35.162Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:49:35.162Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/pgadmin4:v6.2@sha256:56a1cc09742301c5cca10f75f9766a85f7b8c9a256ee88cdf04ad1038db2f2cd (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Flask-Security-Too | CVE-2021-32618 | MEDIUM | 4.1.2 | | Click to expand!
https://github.com/Flask-Middleware/flask-security/issues/486
https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-6qmf-fj6m-686c
https://github.com/advisories/GHSA-6qmf-fj6m-686c
https://nvd.nist.gov/vuln/detail/CVE-2021-32618
|
| WTForms | pyup.io-42852 | UNKNOWN | 2.3.3 | 3.0.0a1 | Click to expand!
|
| Werkzeug | pyup.io-42050 | UNKNOWN | 1.0.1 | 2.0.2 | Click to expand!
|
-
diff --git a/docs/apps/stable/photoprism/security.md b/docs/apps/stable/photoprism/security.md
index c4456535361..00d20a13a83 100644
--- a/docs/apps/stable/photoprism/security.md
+++ b/docs/apps/stable/photoprism/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:49:56.482Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:49:56.482Z [34mINFO[0m Detected config files: 2
#### photoprism/charts/mariadb/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -35,14 +35,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:49:57.995Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:57.995Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:58.003Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:57.995Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:57.995Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:58.003Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -70,15 +70,15 @@
**Container: tccr.io/truecharts/photoprism:v20211130@sha256:97fa3752e28cd26282f06b87f299c63f5b8413b84de09acd8b71375a2b77540f**
-2021-12-04T19:50:32.255Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:50:32.255Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:50:32.258Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:50:32.258Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:50:32.255Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:50:32.255Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:50:32.258Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:50:32.258Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/photoprism:v20211130@sha256:97fa3752e28cd26282f06b87f299c63f5b8413b84de09acd8b71375a2b77540f (ubuntu 21.10)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| coreutils | CVE-2016-2781 | LOW | 8.32-4ubuntu2 | | Click to expand!
http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
|
@@ -251,28 +251,28 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+22ubuntu2 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/satori/go.uuid | GO-2020-0018 | UNKNOWN | v1.2.0 | v1.2.1-0.20181016170032-d91630c85102 | Click to expand!
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:50:33.452Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:50:33.452Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:50:33.456Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:50:33.452Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:50:33.452Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:50:33.456Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -300,15 +300,15 @@
**Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0**
-2021-12-04T19:51:01.039Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:51:01.039Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:51:01.074Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:51:01.074Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:51:01.039Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:51:01.039Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:51:01.074Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:51:01.074Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/mariadb:v10.6.5@sha256:ca5dcc0667f4ee5accc91f159f13a2bf764678d4dfeab3d1421fce1d2095f2a0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -457,16 +457,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/photoshow/security.md b/docs/apps/stable/photoshow/security.md
index cc95e05c6e1..76b81a1df5c 100644
--- a/docs/apps/stable/photoshow/security.md
+++ b/docs/apps/stable/photoshow/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:49:49.158Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:49:49.158Z [34mINFO[0m Detected config files: 1
#### photoshow/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:49:49.954Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:49:49.954Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:49:49.961Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:49.954Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:49:49.954Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:49:49.961Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/photoshow:version-48aabb98@sha256:03c034b9ffc3db42e8255c502665ddb352f0219404494bceba8e7c1263f53dfc**
-2021-12-04T19:49:55.464Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:49:55.464Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/phpldapadmin/security.md b/docs/apps/stable/phpldapadmin/security.md
index 9311b1dfe5b..8beb7957f3c 100644
--- a/docs/apps/stable/phpldapadmin/security.md
+++ b/docs/apps/stable/phpldapadmin/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:50:33.848Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:50:33.848Z [34mINFO[0m Detected config files: 1
#### phpldapadmin/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:50:47.244Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:50:47.244Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:50:47.251Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:50:47.244Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:50:47.244Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:50:47.251Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/phpldapadmin:v0.9.0@sha256:5e68d251665b187cc920985f74f57f8ba2ce44cb8d7efaaa100cc19493974807**
-2021-12-04T19:50:59.904Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:50:59.904Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:50:59.958Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:50:59.904Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:50:59.904Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:50:59.958Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/phpldapadmin:v0.9.0@sha256:5e68d251665b187cc920985f74f57f8ba2ce44cb8d7efaaa100cc19493974807 (debian 10.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apache2 | CVE-2020-11984 | CRITICAL | 2.4.38-3+deb10u3 | 2.4.38-3+deb10u4 | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html
http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html
http://www.openwall.com/lists/oss-security/2020/08/08/1
http://www.openwall.com/lists/oss-security/2020/08/08/10
http://www.openwall.com/lists/oss-security/2020/08/08/8
http://www.openwall.com/lists/oss-security/2020/08/08/9
http://www.openwall.com/lists/oss-security/2020/08/10/5
http://www.openwall.com/lists/oss-security/2020/08/17/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984
https://linux.oracle.com/cve/CVE-2020-11984.html
https://linux.oracle.com/errata/ELSA-2021-1809.html
https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r34753590ae8e3f2b6af689af4fe84269b592f5fda9f3244fd9abbce8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1@%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9@%3Ccvs.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/
https://security.gentoo.org/glsa/202008-04
https://security.netapp.com/advisory/ntap-20200814-0005/
https://ubuntu.com/security/notices/USN-4458-1
https://ubuntu.com/security/notices/USN-5054-1
https://usn.ubuntu.com/4458-1/
https://www.debian.org/security/2020/dsa-4757
https://www.openwall.com/lists/oss-security/2020/08/07/1
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
|
@@ -816,4 +816,3 @@
| tar | CVE-2019-9923 | LOW | 1.30+dfsg-6 | | Click to expand!
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://ubuntu.com/security/notices/USN-4692-1
|
| tar | CVE-2021-20193 | LOW | 1.30+dfsg-6 | | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
|
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
-
diff --git a/docs/apps/stable/piaware/security.md b/docs/apps/stable/piaware/security.md
index 6df9d72df11..aaffe96d436 100644
--- a/docs/apps/stable/piaware/security.md
+++ b/docs/apps/stable/piaware/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:50:32.785Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:50:32.785Z [34mINFO[0m Detected config files: 1
#### piaware/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:50:35.144Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:50:35.144Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:50:35.149Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:50:35.144Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:50:35.144Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:50:35.149Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/piaware:v6.1@sha256:89938418a62cd3b4bed5e556fb64443f9e0cb9f14bbf41777c09b04f2f1e4f8a**
-2021-12-04T19:50:42.077Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:50:42.077Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:50:42.098Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:50:42.098Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:50:42.077Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:50:42.077Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:50:42.098Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:50:42.098Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/piaware:v6.1@sha256:89938418a62cd3b4bed5e556fb64443f9e0cb9f14bbf41777c09b04f2f1e4f8a (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -240,9 +240,6 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/pihole/security.md b/docs/apps/stable/pihole/security.md
index ae95b2fbe18..36e2bd5fcf2 100644
--- a/docs/apps/stable/pihole/security.md
+++ b/docs/apps/stable/pihole/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:50:35.610Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:50:35.610Z [34mINFO[0m Detected config files: 1
#### pihole/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:50:43.031Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:50:43.031Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:50:43.039Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:50:43.031Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:50:43.031Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:50:43.039Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/pihole:v2021.10.1@sha256:406a7368955ed3248a924bcb9c578d8554793048e025deb59f03caf6fd3f17c4**
-2021-12-04T19:50:52.356Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:50:52.356Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:50:52.423Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:50:52.424Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:50:52.424Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:50:52.356Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:50:52.356Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:50:52.423Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:50:52.424Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:50:52.424Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/pihole:v2021.10.1@sha256:406a7368955ed3248a924bcb9c578d8554793048e025deb59f03caf6fd3f17c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -310,16 +310,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/pixapop/security.md b/docs/apps/stable/pixapop/security.md
index 244619a0717..83825173a9e 100644
--- a/docs/apps/stable/pixapop/security.md
+++ b/docs/apps/stable/pixapop/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:51:16.882Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:51:16.882Z [34mINFO[0m Detected config files: 1
#### pixapop/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:51:18.169Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:51:18.169Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:51:18.172Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:51:18.169Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:51:18.169Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:51:18.172Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/pixapop:v1.2-ls15@sha256:6a05383524fcd51b0b692d508dd16ed6948337aa272677e01baa6d8ba119c070**
-2021-12-04T19:51:32.200Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:51:32.200Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T19:51:32.211Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:51:32.200Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:51:32.200Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T19:51:32.211Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### Node.js
-
+
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| acorn | GHSA-6chw-6frg-f759 | HIGH | 6.1.1 | 5.7.4, 7.1.1, 6.4.1 | Click to expand!
https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802
https://github.com/acornjs/acorn/issues/929
https://github.com/advisories/GHSA-6chw-6frg-f759
https://snyk.io/vuln/SNYK-JS-ACORN-559469
https://www.npmjs.com/advisories/1488
|
@@ -126,7 +126,7 @@
| yargs-parser | CVE-2020-7608 | MEDIUM | 7.0.0 | 5.0.1, 13.1.2, 18.1.2, 15.0.1 | Click to expand!
https://github.com/advisories/GHSA-p9pc-299p-vxgp
https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2
https://linux.oracle.com/cve/CVE-2020-7608.html
https://linux.oracle.com/errata/ELSA-2021-0548.html
https://nvd.nist.gov/vuln/detail/CVE-2020-7608
https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
https://www.npmjs.com/advisories/1500
|
**composer**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| symfony/cache | CVE-2019-18889 | CRITICAL | v4.2.3 | 3.4.35, 4.1.0, 4.2.0, 4.2.12, 4.3.8, 3.2.0, 3.3.0, 3.4.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18889
https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-18889.yaml
https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18889.yaml
https://github.com/advisories/GHSA-79gr-58r3-pwm3
https://github.com/symfony/symfony/commit/8817d28fcaacb31fe01d267f6e19b44d8179395a
https://github.com/symfony/symfony/releases/tag/v4.3.8
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
https://nvd.nist.gov/vuln/detail/CVE-2019-18889
https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances
https://symfony.com/blog/symfony-4-3-8-released
https://symfony.com/cve-2019-18889
|
@@ -138,4 +138,3 @@
| symfony/http-kernel | CVE-2019-18887 | HIGH | v4.2.4 | 2.8.0, 3.4.35, 4.3.8, 2.7.0, 2.6.0, 3.1.0, 4.1.0, 4.2.0, 4.2.12, 2.5.0, 3.2.0, 3.3.0, 3.4.0, 2.4.0, 2.8.52, 2.3.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18887
https://github.com/symfony/symfony/commit/cccefe6a7f12e776df0665aeb77fe9294c285fbb
https://github.com/symfony/symfony/releases/tag/v4.3.8
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner
https://symfony.com/blog/symfony-4-3-8-released
https://symfony.com/cve-2019-18887
|
| symfony/var-exporter | CVE-2019-11325 | CRITICAL | v4.2.3 | 4.2.12, 4.3.8 | Click to expand!
https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-11325.yaml
https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/var-exporter/CVE-2019-11325.yaml
https://github.com/advisories/GHSA-w4rc-rx25-8m86
https://github.com/symfony/symfony/releases/tag/v4.3.8
https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3
https://nvd.nist.gov/vuln/detail/CVE-2019-11325
https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter
https://symfony.com/blog/symfony-4-3-8-released
https://symfony.com/cve-2019-11325
|
| twig/twig | CVE-2019-9942 | LOW | v2.6.2 | 1.38.0, 2.7.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9942
https://github.com/twigphp/Twig/commit/eac5422956e1dcca89a3669a03a3ff32f0502077
https://seclists.org/bugtraq/2019/Mar/60
https://symfony.com/blog/twig-sandbox-information-disclosure
https://www.debian.org/security/2019/dsa-4419
|
-
diff --git a/docs/apps/stable/plex/security.md b/docs/apps/stable/plex/security.md
index 212ba810d8b..b34a5a968db 100644
--- a/docs/apps/stable/plex/security.md
+++ b/docs/apps/stable/plex/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:51:39.489Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:51:39.489Z [34mINFO[0m Detected config files: 1
#### plex/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:51:40.295Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:51:40.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:51:40.304Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:51:40.295Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:51:40.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:51:40.304Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/plex:v1.24.5.5173-8dcc73a59@sha256:48eeac73915041bd70aba28814e8b8f453dbf9948410c578e25d234089286437**
-2021-12-04T19:51:54.555Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:51:54.555Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:51:54.557Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:51:54.557Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:51:54.555Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:51:54.555Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:51:54.557Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:51:54.557Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/plex:v1.24.5.5173-8dcc73a59@sha256:48eeac73915041bd70aba28814e8b8f453dbf9948410c578e25d234089286437 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -153,8 +153,7 @@
| unrar | CVE-2018-25018 | MEDIUM | 1:5.6.6-2build1 | | Click to expand!
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25018
https://github.com/aawc/unrar/releases
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2018-204.yaml
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/podgrab/security.md b/docs/apps/stable/podgrab/security.md
index 3dfe243c1bf..d20d4de1b31 100644
--- a/docs/apps/stable/podgrab/security.md
+++ b/docs/apps/stable/podgrab/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:51:55.158Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:51:55.158Z [34mINFO[0m Detected config files: 1
#### podgrab/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:51:56.895Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:51:56.895Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:51:56.901Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:51:56.895Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:51:56.895Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:51:56.901Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,27 +61,26 @@
**Container: tccr.io/truecharts/podgrab:v1.0.0@sha256:069fb1ef81d47a37137da2cfd249423c8dc330086c2a2e1271c5895f9f8cae9f**
-2021-12-04T19:52:00.409Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:52:00.409Z [33mWARN[0m This OS version is not on the EOL list: alpine 3.15
-2021-12-04T19:52:00.409Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:52:00.410Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:52:00.410Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:52:00.411Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.15.0
-2021-12-04T19:52:00.411Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:52:00.409Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:52:00.409Z [33mWARN[0m This OS version is not on the EOL list: alpine 3.15
+2021-12-04T19:52:00.409Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:52:00.410Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:52:00.410Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:52:00.411Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.15.0
+2021-12-04T19:52:00.411Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/podgrab:v1.0.0@sha256:069fb1ef81d47a37137da2cfd249423c8dc330086c2a2e1271c5895f9f8cae9f (alpine 3.15.0)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/satori/go.uuid | GO-2020-0018 | UNKNOWN | v1.2.0 | v1.2.1-0.20181016170032-d91630c85102 | Click to expand!
|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200820211705-5c72a883971a | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
-
diff --git a/docs/apps/stable/pretend-youre-xyzzy/security.md b/docs/apps/stable/pretend-youre-xyzzy/security.md
index f59811ce4b8..986046c1306 100644
--- a/docs/apps/stable/pretend-youre-xyzzy/security.md
+++ b/docs/apps/stable/pretend-youre-xyzzy/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:51:55.621Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:51:55.621Z [34mINFO[0m Detected config files: 1
#### pretend-youre-xyzzy/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:51:57.630Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:51:57.630Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:51:57.637Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:51:57.630Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:51:57.630Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:51:57.637Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,17 +61,17 @@
**Container: tccr.io/truecharts/pretend-youre-xyzzy:v4@sha256:d2b339819975c546a5360e160c793a615e86ab04e5aed91427ff1dd850205ace**
-2021-12-04T19:52:11.214Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:52:11.214Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:52:11.217Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:52:11.217Z [34mINFO[0m Detecting jar vulnerabilities...
-2021-12-04T19:52:11.219Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.4.0
-2021-12-04T19:52:11.219Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T19:52:11.214Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:52:11.214Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:52:11.217Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:52:11.217Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:52:11.219Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.4.0
+2021-12-04T19:52:11.219Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/pretend-youre-xyzzy:v4@sha256:d2b339819975c546a5360e160c793a615e86ab04e5aed91427ff1dd850205ace (alpine 3.4.0)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| libcrypto1.0 | CVE-2018-0732 | HIGH | 1.0.2n-r0 | 1.0.2o-r1 | Click to expand!
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/104442
http://www.securitytracker.com/id/1041090
https://access.redhat.com/errata/RHSA-2018:2552
https://access.redhat.com/errata/RHSA-2018:2553
https://access.redhat.com/errata/RHSA-2018:3221
https://access.redhat.com/errata/RHSA-2018:3505
https://access.redhat.com/errata/RHSA-2019:1296
https://access.redhat.com/errata/RHSA-2019:1297
https://access.redhat.com/errata/RHSA-2019:1543
https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3984ef0b72831da8b3ece4745cac4f8575b19098
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ea7abeeabf92b7aca160bdd0208636d4da69f4f4
https://linux.oracle.com/cve/CVE-2018-0732.html
https://linux.oracle.com/errata/ELSA-2018-4249.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
https://security.gentoo.org/glsa/201811-03
https://security.netapp.com/advisory/ntap-20181105-0001/
https://security.netapp.com/advisory/ntap-20190118-0002/
https://securityadvisories.paloaltonetworks.com/Home/Detail/133
https://ubuntu.com/security/notices/USN-3692-1
https://ubuntu.com/security/notices/USN-3692-2
https://usn.ubuntu.com/3692-1/
https://usn.ubuntu.com/3692-2/
https://www.debian.org/security/2018/dsa-4348
https://www.debian.org/security/2018/dsa-4355
https://www.openssl.org/news/secadv/20180612.txt
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.tenable.com/security/tns-2018-12
https://www.tenable.com/security/tns-2018-13
https://www.tenable.com/security/tns-2018-14
https://www.tenable.com/security/tns-2018-17
|
@@ -88,7 +88,7 @@
| libssl1.0 | CVE-2018-5407 | MEDIUM | 1.0.2n-r0 | 1.0.2q-r0 | Click to expand!
http://www.securityfocus.com/bid/105897
https://access.redhat.com/errata/RHSA-2019:0483
https://access.redhat.com/errata/RHSA-2019:0651
https://access.redhat.com/errata/RHSA-2019:0652
https://access.redhat.com/errata/RHSA-2019:2125
https://access.redhat.com/errata/RHSA-2019:3929
https://access.redhat.com/errata/RHSA-2019:3931
https://access.redhat.com/errata/RHSA-2019:3932
https://access.redhat.com/errata/RHSA-2019:3933
https://access.redhat.com/errata/RHSA-2019:3935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407
https://eprint.iacr.org/2018/1060.pdf
https://github.com/bbbrumley/portsmash
https://linux.oracle.com/cve/CVE-2018-5407.html
https://linux.oracle.com/errata/ELSA-2019-2125.html
https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
https://security.gentoo.org/glsa/201903-10
https://security.netapp.com/advisory/ntap-20181126-0001/
https://support.f5.com/csp/article/K49711130?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-3840-1
https://usn.ubuntu.com/3840-1/
https://www.debian.org/security/2018/dsa-4348
https://www.debian.org/security/2018/dsa-4355
https://www.exploit-db.com/exploits/45785/
https://www.openssl.org/news/secadv/20181112.txt
https://www.openwall.com/lists/oss-security/2018/11/01/4
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.tenable.com/security/tns-2018-16
https://www.tenable.com/security/tns-2018-17
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.google.guava:guava | CVE-2018-10237 | MEDIUM | 20.0 | 24.1.1-jre, 24.1.1-android | Click to expand!
http://www.securitytracker.com/id/1041707
https://access.redhat.com/errata/RHSA-2018:2423
https://access.redhat.com/errata/RHSA-2018:2424
https://access.redhat.com/errata/RHSA-2018:2425
https://access.redhat.com/errata/RHSA-2018:2428
https://access.redhat.com/errata/RHSA-2018:2598
https://access.redhat.com/errata/RHSA-2018:2643
https://access.redhat.com/errata/RHSA-2018:2740
https://access.redhat.com/errata/RHSA-2018:2741
https://access.redhat.com/errata/RHSA-2018:2742
https://access.redhat.com/errata/RHSA-2018:2743
https://access.redhat.com/errata/RHSA-2018:2927
https://access.redhat.com/errata/RHSA-2019:2858
https://access.redhat.com/errata/RHSA-2019:3149
https://github.com/advisories/GHSA-mvr2-9pj6-7w5j
https://github.com/google/guava/wiki/CVE-2018-10237
https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion
https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion
https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084@%3Cgitbox.activemq.apache.org%3E
https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc@%3Chdfs-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94@%3Cissues.storm.apache.org%3E
https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E
https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540@%3Cdev.syncope.apache.org%3E
https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E
https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45@%3Cissues.flink.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2018-10237
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -97,4 +97,3 @@
| commons-io:commons-io | CVE-2021-29425 | MEDIUM | 2.6 | 2.7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425
https://github.com/advisories/GHSA-gwrp-pvrq-jmwv
https://issues.apache.org/jira/browse/IO-556
https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E
https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa@%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E
https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a@%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00016.html
https://nvd.nist.gov/vuln/detail/CVE-2021-29425
https://ubuntu.com/security/notices/USN-5095-1
https://www.openwall.com/lists/oss-security/2021/04/12/1
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.apache.httpcomponents:httpclient | CVE-2020-13956 | MEDIUM | 4.5.5 | 4.5.13 | Click to expand!
https://github.com/advisories/GHSA-7r82-7xv7-xcpj
https://lists.apache.org/thread.html/r03bbc318c81be21f5c8a9b85e34f2ecc741aa804a8e43b0ef2c37749@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r043a75acdeb52b15dd5e9524cdadef4202e6a5228644206acf9363f9@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/r06cf3ca5c8ceb94b39cd24a73d4e96153b485a7dac88444dd876accb@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/r0a75b8f0f72f3e18442dc56d33f3827b905f2fe5b7ba48997436f5d1@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/r0bebe6f9808ac7bdf572873b4fa96a29c6398c90dab29f131f3ebffe@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/r12cb62751b35bdcda0ae2a08b67877d665a1f4d41eee0fa7367169e0@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r132e4c6a560cfc519caa1aaee63bdd4036327610eadbd89f76dd5457@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2835543ef0f91adcc47da72389b816e36936f584c7be584d2314fac3@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/r2a03dc210231d7e852ef73015f71792ac0fcaca6cccc024c522ef17d@%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2dc7930b43eadc78220d269b79e13ecd387e4bee52db67b2f47d4303@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/r34178ab6ef106bc940665fd3f4ba5026fac3603b3fa2aefafa0b619d@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r34efec51cb817397ccf9f86e25a75676d435ba5f83ee7b2eabdad707@%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/r3cecd59fba74404cbf4eb430135e1080897fb376f111406a78bed13a@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/r3f740e4c38bba1face49078aa5cbeeb558c27be601cc9712ad2dcd1e@%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/r4850b3fbaea02fde2886e461005e4af8d37c80a48b3ce2a6edca0e30@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/r549ac8c159bf0c568c19670bedeb8d7c0074beded951d34b1c1d0d05@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r55b2a1d1e9b1ec9db792b93da8f0f99a4fd5a5310b02673359d9b4d1@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r5b55f65c123a7481104d663a915ec45a0d103e6aaa03f42ed1c07a89@%3Cdev.jackrabbit.apache.org%3E
https://lists.apache.org/thread.html/r5de3d3808e7b5028df966e45115e006456c4e8931dc1e29036f17927@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/r5fec9c1d67f928179adf484b01e7becd7c0a6fdfe3a08f92ea743b90@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r63296c45d5d84447babaf39bd1487329d8a80d8d563e67a4b6f3d8a7@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r69a94e2f302d1b778bdfefe90fcb4b8c50b226438c3c8c1d0de85a19@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r6a3cda38d050ebe13c1bc9a28d0a8ec38945095d07eca49046bcb89f@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/r6d672b46622842e565e00f6ef6bef83eb55d8792aac2bee75bff9a2a@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/r6dab7da30f8bf075f79ee189e33b45a197502e2676481bb8787fc0d7%40%3Cdev.hc.apache.org%3E
https://lists.apache.org/thread.html/r6eb2dae157dbc9af1f30d1f64e9c60d4ebef618f3dce4a0e32d6ea4d@%3Ccommits.drill.apache.org%3E
https://lists.apache.org/thread.html/r70c429923100c5a4fae8e5bc71c8a2d39af3de4888f50a0ac3755e6f@%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/r87ddc09295c27f25471269ad0a79433a91224045988b88f0413a97ec@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r8aa1e5c343b89aec5b69961471950e862f15246cb6392910161c389b@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r9e52a6c72c8365000ecd035e48cc9fee5a677a150350d4420c46443d@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/ra539f20ef0fb0c27ee39945b5f56bf162e5c13d1c60f7344dab8de3b@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/ra8bc6b61c5df301a6fe5a716315528ecd17ccb8a7f907e24a47a1a5e@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/rad6222134183046f3928f733bf680919e0c390739bfbfe6c90049673@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/rae14ae25ff4a60251e3ba2629c082c5ba3851dfd4d21218b99b56652@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/rb33212dab7beccaf1ffef9b88610047c644f644c7a0ebdc44d77e381@%3Ccommits.turbine.apache.org%3E
https://lists.apache.org/thread.html/rb4ba262d6f08ab9cf8b1ebbcd9b00b0368ffe90dad7ad7918b4b56fc@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/rb725052404fabffbe093c83b2c46f3f87e12c3193a82379afbc529f8@%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/rc0863892ccfd9fd0d0ae10091f24ee769fb39b8957fe4ebabfc11f17@%3Cdev.jackrabbit.apache.org%3E
https://lists.apache.org/thread.html/rc3739e0ad4bcf1888c6925233bfc37dd71156bbc8416604833095c42@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/rc505fee574fe8d18f9b0c655a4d120b0ae21bb6a73b96003e1d9be35@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/rc5c6ccb86d2afe46bbd4b71573f0448dc1f87bbcd5a0d8c7f8f904b2@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/rc990e2462ec32b09523deafb2c73606208599e196fa2d7f50bdbc587@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/rcced7ed3237c29cd19c1e9bf465d0038b8b2e967b99fc283db7ca553@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/rcd9ad5dda60c82ab0d0c9bd3e9cb1dc740804451fc20c7f451ef5cc4@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rd5ab56beb2ac6879f6ab427bc4e5f7691aed8362d17b713f61779858@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/re504acd4d63b8df2a7353658f45c9a3137e5f80e41cf7de50058b2c1@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/rea3dbf633dde5008d38bf6600a3738b9216e733e03f9ff7becf79625@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/ree942561f4620313c75982a4e5f3b74fe6f7062b073210779648eec2@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/reef569c2419705754a3acf42b5f19b2a158153cef0e448158bc54917@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/rf03228972e56cb4a03e6d9558188c2938078cf3ceb23a3fead87c9ca@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf43d17ed0d1fb4fb79036b582810ef60b18b1ef3add0d5dea825af1e@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/rf4db88c22e1be9eb60c7dc623d0528642c045fb196a24774ac2fa3a3@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/rf7ca60f78f05b772cc07d27e31bcd112f9910a05caf9095e38ee150f@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/rfb35f6db9ba1f1e061b63769a4eff5abadcc254ebfefc280e5a0dcf1@%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/rfbedcb586a1e7dfce87ee03c720e583fc2ceeafa05f35c542cecc624@%3Cissues.solr.apache.org%3E
https://lists.apache.org/thread.html/rfc00884c7b7ca878297bffe45fcb742c362b00b26ba37070706d44c3@%3Cissues.hive.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-13956
https://www.openwall.com/lists/oss-security/2020/10/08/4
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.jsoup:jsoup | CVE-2021-37714 | HIGH | 1.11.2 | 1.14.2 | Click to expand!
https://github.com/advisories/GHSA-m72m-mhq2-9p6c
https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c
https://jsoup.org/news/release-1.14.1
https://jsoup.org/news/release-1.14.2
https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E
https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E
https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-37714
|
-
diff --git a/docs/apps/stable/promcord/security.md b/docs/apps/stable/promcord/security.md
index 95165f1156a..23e23f43906 100644
--- a/docs/apps/stable/promcord/security.md
+++ b/docs/apps/stable/promcord/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:52:12.453Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:52:12.453Z [34mINFO[0m Detected config files: 1
#### promcord/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:52:13.353Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:52:13.353Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:52:13.360Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:52:13.353Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:52:13.353Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:52:13.360Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/promcord:latest@sha256:ba9bee8d89b3ce86ca55d1bd29e13deb31f73a004991b17d8d80c73f2cc1c03c**
-2021-12-04T19:52:27.089Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:52:27.089Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:52:27.123Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:52:27.123Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:52:27.089Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:52:27.089Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:52:27.123Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:52:27.123Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/promcord:latest@sha256:ba9bee8d89b3ce86ca55d1bd29e13deb31f73a004991b17d8d80c73f2cc1c03c (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -137,8 +137,7 @@
| tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | | Click to expand!
http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-25649 | HIGH | 2.10.1 | 2.6.7.4, 2.9.10.7, 2.10.5.1 | Click to expand!
https://bugzilla.redhat.com/show_bug.cgi?id=1887664
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25649
https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59 (jackson-databind-2.11.0.rc1)
https://github.com/FasterXML/jackson-databind/issues/2589
https://github.com/advisories/GHSA-288c-cq4h-88gq
https://lists.apache.org/thread.html/r011d1430e8f40dff9550c3bc5d0f48b14c01ba8aecabd91d5e495386@%3Ccommits.turbine.apache.org%3E
https://lists.apache.org/thread.html/r024b7bda9c43c5560d81238748775c5ecfe01b57280f90df1f773949@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r04529cedaca40c2ff90af4880493f9c88a8ebf4d1d6c861d23108a5a@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0881e23bd9034c8f51fdccdc8f4d085ba985dcd738f8520569ca5c3d@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r0b8dc3acd4503e4ecb6fbd6ea7d95f59941168d8452ac0ab1d1d96bb@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r1b7ed0c4b6c4301d4dfd6fdbc5581b0a789d3240cab55d766f33c6c6@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2882fc1f3032cd7be66e28787f04ec6f1874ac68d47e310e30ff7eb1@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2b6ddb3a4f4cd11d8f6305011e1b7438ba813511f2e3ab3180c7ffda@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r2eb66c182853c69ecfb52f63d3dec09495e9b65be829fd889a081ae1@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/r2f5c5479f99398ef344b7ebd4d90bc3316236c45d0f3bc42090efcd7@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r31f4ee7d561d56a0c2c2c6eb1d6ce3e05917ff9654fdbfec05dc2b83@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r3e6ae311842de4e64c5d560a475b7f9cc7e0a9a8649363c6cf7537eb@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r407538adec3185dd35a05c9a26ae2f74425b15132470cf540f41d85b@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r45e7350dfc92bb192f3f88e9971c11ab2be0953cc375be3dda5170bd@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r5b130fe668503c4b7e2caf1b16f86b7f2070fd1b7ef8f26195a2ffbd@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r5f8a1608d758936bd6bbc5eed980777437b611537bf6fff40663fc71@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r605764e05e201db33b3e9c2e66ff620658f07ad74f296abe483f7042@%3Creviews.iotdb.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r63c87aab97155f3f3cbe11d030c4a184ea0de440ee714977db02e956@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r68d029ee74ab0f3b0569d0c05f5688cb45dd3abe96a6534735252805@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r6a4f3ef6edfed2e0884269d84798f766779bbbc1005f7884e0800d61@%3Cdev.knox.apache.org%3E
https://lists.apache.org/thread.html/r6a6df5647583541e3cb71c75141008802f7025cee1c430d4ed78f4cc@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r6cbd599b80e787f02ff7a1391d9278a03f37d6a6f4f943f0f01a62fb@%3Creviews.iotdb.apache.org%3E
https://lists.apache.org/thread.html/r6e3d4f7991542119a4ca6330271d7fbf7b9fb3abab24ada82ddf1ee4@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r73bef1bb601a9f093f915f8075eb49fcca51efade57b817afd5def07@%3Ccommits.iotdb.apache.org%3E
https://lists.apache.org/thread.html/r765283e145049df9b8998f14dcd444345555aae02b1610cfb3188bf8@%3Cnotifications.iotdb.apache.org%3E
https://lists.apache.org/thread.html/r78d53a0a269c18394daf5940105dc8c7f9a2399503c2e78be20abe7e@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r7cb5b4b3e4bd41a8042e5725b7285877a17bcbf07f4eb3f7b316af60@%3Creviews.iotdb.apache.org%3E
https://lists.apache.org/thread.html/r86c78bf7656fdb2dab69cbf17f3d7492300f771025f1a3a65d5e5ce5@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8764bb835bcb8e311c882ff91dd3949c9824e905e880930be56f6ba3@%3Cuser.spark.apache.org%3E
https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r8ae961c80930e2717c75025414ce48a432cea1137c02f648b1fb9524@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r900d4408c4189b376d1ec580ea7740ea6f8710dc2f0b7e9c9eeb5ae0@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r90d1e97b0a743cf697d89a792a9b669909cc5a1692d1e0083a22e66c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r91722ecfba688b0c565675f8bf380269fde8ec62b54d6161db544c22@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/r94c7e86e546120f157264ba5ba61fd29b3a8d530ed325a9b4fa334d7@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r95a297eb5fd1f2d3a2281f15340e2413f952e9d5503296c3adc7201a@%3Ccommits.tomee.apache.org%3E
https://lists.apache.org/thread.html/r98bfe3b90ea9408f12c4b447edcb5638703d80bc782430aa0c210a54@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra1157e57a01d25e36b0dc17959ace758fc21ba36746de29ba1d8b130@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/ra409f798a1e5a6652b7097429b388650ccd65fd958cee0b6f69bba00@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/ra95faf968f3463acb3f31a6fbec31453fc5045325f99f396961886d3@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/raf13235de6df1d47a717199e1ecd700dff3236632f5c9a1488d9845b@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rb674520b9f6c808c1bf263b1369e14048ec3243615f35cfd24e33604@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rc15e90bbef196a5c6c01659e015249d6c9a73581ca9afb8aeecf00d2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rc82ff47853289e9cd17f5cfbb053c04cafc75ee32e3d7223963f83bb@%3Cdev.knox.apache.org%3E
https://lists.apache.org/thread.html/rc88f2fa2b7bd6443921727aeee7704a1fb02433e722e2abf677e0d3d@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc959cdb57c4fe198316130ff4a5ecbf9d680e356032ff2e9f4f05d54@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rd317f15a675d114dbf5b488d27eeb2467b4424356b16116eb18a652d@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rd57c7582adc90e233f23f3727db3df9115b27a823b92374f11453f34@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rd6f6bf848c2d47fa4a85c27d011d948778b8f7e58ba495968435a0b3@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdca8711bb7aa5d47a44682606cd0ea3497e2e922f22b7ee83e81e6c1@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rdf9a34726482222c90d50ae1b9847881de67dde8cfde4999633d2cdc@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re16f81d3ad49a93dd2f0cba9f8fc88e5fb89f30bf9a2ad7b6f3e69c1@%3Ccommits.karaf.apache.org%3E
https://lists.apache.org/thread.html/re96dc7a13e13e56190a5d80f9e5440a0d0c83aeec6467b562fbf2dca@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rf1809a1374041a969d77afab21fc38925de066bc97e86157d3ac3402@%3Ccommits.karaf.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6X2UT4X6M7DLQYBOOHMXBWGYJ65RL2CT/
https://nvd.nist.gov/vuln/detail/CVE-2020-25649
https://security.netapp.com/advisory/ntap-20210108-0007/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/docs/apps/stable/protonmail-bridge/security.md b/docs/apps/stable/protonmail-bridge/security.md
index 30a6ec54afc..d04efe49963 100644
--- a/docs/apps/stable/protonmail-bridge/security.md
+++ b/docs/apps/stable/protonmail-bridge/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:52:39.475Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:52:39.475Z [34mINFO[0m Detected config files: 1
#### protonmail-bridge/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:52:40.282Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:52:40.282Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:52:40.289Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:52:40.282Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:52:40.282Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:52:40.289Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/protonmail-bridge:v1.8.10-1@sha256:58a54002123cc9a83cfb3170deb0a1dbf4cedabdced09a9c6bcafc19ee4b5631**
-2021-12-04T19:52:50.299Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:52:50.299Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:52:50.309Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:52:50.299Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:52:50.299Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:52:50.309Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/protonmail-bridge:v1.8.10-1@sha256:58a54002123cc9a83cfb3170deb0a1dbf4cedabdced09a9c6bcafc19ee4b5631 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -164,4 +164,3 @@
| passwd | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
|
| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
|
| perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
-
diff --git a/docs/apps/stable/prowlarr/security.md b/docs/apps/stable/prowlarr/security.md
index 2c6de50696f..ccfedee3c35 100644
--- a/docs/apps/stable/prowlarr/security.md
+++ b/docs/apps/stable/prowlarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:52:51.030Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:52:51.030Z [34mINFO[0m Detected config files: 1
#### prowlarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:52:51.717Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:52:51.717Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:52:51.727Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:52:51.717Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:52:51.717Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:52:51.727Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/prowlarr:v0.1.6.1184@sha256:44938a94880e98d0636612cbb3a92b0dc0688c060f7415265c44372e272f4deb**
-2021-12-04T19:53:00.578Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:53:00.578Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:53:00.580Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:53:00.580Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:53:00.578Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:53:00.578Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:53:00.580Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:53:00.580Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/prowlarr:v0.1.6.1184@sha256:44938a94880e98d0636612cbb3a92b0dc0688c060f7415265c44372e272f4deb (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -150,8 +150,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/pyload/security.md b/docs/apps/stable/pyload/security.md
index 4e0c5f734dd..51795e3e5d2 100644
--- a/docs/apps/stable/pyload/security.md
+++ b/docs/apps/stable/pyload/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:53:01.277Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:53:01.277Z [34mINFO[0m Detected config files: 1
#### pyload/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:53:02.112Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:53:02.112Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:53:02.117Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:53:02.112Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:53:02.112Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:53:02.117Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,13 +61,13 @@
**Container: tccr.io/truecharts/pyload:version-5de90278@sha256:c33489498cb4541bbf936b1ebd1eaebfb0cae279f738aa0e6184969089e94081**
-2021-12-04T19:53:13.623Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:53:13.623Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:53:13.623Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:53:13.623Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2021-25287 | CRITICAL | 6.2.2 | 8.2.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25287
https://github.com/advisories/GHSA-77gc-v2xv-rvvh
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://github.com/python-pillow/Pillow/pull/5377/commits/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25287
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
|
@@ -98,4 +98,3 @@
| Pillow | GHSA-jgpv-4h4c-xhw3 | MEDIUM | 6.2.2 | 8.1.2 | Click to expand!
https://github.com/advisories/GHSA-jgpv-4h4c-xhw3
https://github.com/calix2/pyVulApp/security/advisories/GHSA-jgpv-4h4c-xhw3
|
| pycrypto | CVE-2013-7459 | CRITICAL | 2.6.1 | | Click to expand!
http://www.openwall.com/lists/oss-security/2016/12/27/8
http://www.securityfocus.com/bid/95122
https://bugzilla.redhat.com/show_bug.cgi?id=1409754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7459
https://github.com/advisories/GHSA-cq27-v7xp-c356
https://github.com/dlitz/pycrypto/commit/8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4
https://github.com/dlitz/pycrypto/issues/176
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C6BWNADPLKDBBQBUT3P75W7HAJCE7M3B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RJ37R2YLX56YZABFNAOWV4VTHTGYREAE/
https://nvd.nist.gov/vuln/detail/CVE-2013-7459
https://pony7.fr/ctf:public:32c3:cryptmsg
https://security.gentoo.org/glsa/201702-14
https://ubuntu.com/security/notices/USN-3199-1
https://ubuntu.com/security/notices/USN-3199-2
https://ubuntu.com/security/notices/USN-3199-3
|
| pycrypto | CVE-2018-6594 | HIGH | 2.6.1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6594
https://github.com/Legrandin/pycryptodome/issues/90
https://github.com/TElgamal/attack-on-pycrypto-elgamal
https://github.com/advisories/GHSA-6528-wvf6-f6qg
https://github.com/dlitz/pycrypto/issues/253
https://lists.debian.org/debian-lts-announce/2018/02/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2018-6594
https://security.gentoo.org/glsa/202007-62
https://ubuntu.com/security/notices/USN-3616-1
https://ubuntu.com/security/notices/USN-3616-2
https://usn.ubuntu.com/3616-1/
https://usn.ubuntu.com/3616-2/
|
-
diff --git a/docs/apps/stable/qbittorrent/security.md b/docs/apps/stable/qbittorrent/security.md
index fce32d16feb..36edb139675 100644
--- a/docs/apps/stable/qbittorrent/security.md
+++ b/docs/apps/stable/qbittorrent/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:53:14.440Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:53:14.440Z [34mINFO[0m Detected config files: 1
#### qbittorrent/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:53:15.325Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:53:15.325Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:53:15.330Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:53:15.325Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:53:15.325Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:53:15.330Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/qbittorrent:v4.3.9@sha256:6508ca6bd05d003d92852d5bd8deaae3176d776a5789ad68199ba1807d43cf8c**
-2021-12-04T19:53:19.253Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:53:19.253Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:53:19.263Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:53:19.263Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:53:19.253Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:53:19.253Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:53:19.263Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:53:19.263Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/qbittorrent:v4.3.9@sha256:6508ca6bd05d003d92852d5bd8deaae3176d776a5789ad68199ba1807d43cf8c (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -164,8 +164,7 @@
| unrar | CVE-2018-25018 | MEDIUM | 1:5.6.6-2build1 | | Click to expand!
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25018
https://github.com/aawc/unrar/releases
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2018-204.yaml
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/radarr/security.md b/docs/apps/stable/radarr/security.md
index 59856c3446c..0549b92d84f 100644
--- a/docs/apps/stable/radarr/security.md
+++ b/docs/apps/stable/radarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:53:35.250Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:53:35.250Z [34mINFO[0m Detected config files: 1
#### radarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:53:36.742Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:53:36.742Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:53:36.748Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:53:36.742Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:53:36.742Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:53:36.748Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/radarr:v3.2.2.5080@sha256:6013953bf2b8c6546fed1b2265f5978b30403fa26b990aab7a5ed6e86088866e**
-2021-12-04T19:53:42.459Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:53:42.459Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:53:42.461Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:53:42.461Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:53:42.459Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:53:42.459Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:53:42.461Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:53:42.461Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/radarr:v3.2.2.5080@sha256:6013953bf2b8c6546fed1b2265f5978b30403fa26b990aab7a5ed6e86088866e (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -154,8 +154,7 @@
| perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/readarr/security.md b/docs/apps/stable/readarr/security.md
index 0657e7081b4..f86cfe5d71a 100644
--- a/docs/apps/stable/readarr/security.md
+++ b/docs/apps/stable/readarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:53:46.659Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:53:46.659Z [34mINFO[0m Detected config files: 1
#### readarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:53:49.441Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:53:49.441Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:53:49.448Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:53:49.441Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:53:49.441Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:53:49.448Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/readarr:v0.1.0.1081@sha256:0750f1d772a4e9915f0241bff4e7aee030d53186ec83a0bad4630b3bf6926880**
-2021-12-04T19:54:00.112Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:54:00.112Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:54:00.131Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:54:00.131Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:54:00.112Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:54:00.112Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:54:00.131Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:54:00.131Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/readarr:v0.1.0.1081@sha256:0750f1d772a4e9915f0241bff4e7aee030d53186ec83a0bad4630b3bf6926880 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -150,8 +150,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/recipes/security.md b/docs/apps/stable/recipes/security.md
index 1f63080cf91..b5ce651bafc 100644
--- a/docs/apps/stable/recipes/security.md
+++ b/docs/apps/stable/recipes/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:54:11.231Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:54:11.231Z [34mINFO[0m Detected config files: 2
#### recipes/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -37,14 +37,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:12.167Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:12.168Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:12.172Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:12.167Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:12.168Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:12.172Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -72,16 +72,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:54:13.238Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:54:13.238Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:54:13.279Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:54:13.279Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:54:13.279Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:54:13.238Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:54:13.238Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:54:13.279Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:54:13.279Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:54:13.279Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -276,31 +276,31 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/recipes:v1.0.2@sha256:d61f230769c64948f1b2c56ec189666bb08821b02f383f4e0c299c35d2542cbc**
-2021-12-04T19:54:42.983Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:42.983Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:42.985Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:54:42.985Z [34mINFO[0m Detecting python-pkg vulnerabilities...
-2021-12-04T19:54:42.998Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:54:42.983Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:42.983Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:42.985Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:54:42.985Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:54:42.998Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/recipes:v1.0.2@sha256:d61f230769c64948f1b2c56ec189666bb08821b02f383f4e0c299c35d2542cbc (alpine 3.12.7)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.6-r0 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -331,7 +331,7 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| @actions/core | CVE-2020-15228 | MEDIUM | 1.2.0 | 1.2.6 | Click to expand!
http://packetstormsecurity.com/files/159794/GitHub-Widespread-Injection.html
https://github.com/actions/toolkit/security/advisories/GHSA-mfwh-5m23-j46w
https://github.com/advisories/GHSA-mfwh-5m23-j46w
https://nvd.nist.gov/vuln/detail/CVE-2020-15228
|
@@ -343,7 +343,7 @@
| nth-check | CVE-2021-3803 | HIGH | 1.0.2 | 2.0.1 | Click to expand!
https://github.com/advisories/GHSA-rp65-9cf3-cjxr
https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726
https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0
https://nvd.nist.gov/vuln/detail/CVE-2021-3803
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| python-ldap | GHSA-r8wq-qrxc-hmcm | MEDIUM | 3.3.1 | 3.4.0 | Click to expand!
https://github.com/advisories/GHSA-r8wq-qrxc-hmcm
https://github.com/python-ldap/python-ldap/issues/424
https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm
|
@@ -356,14 +356,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:48.281Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:48.281Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:48.288Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:48.281Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:48.281Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:48.288Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -391,16 +391,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:54:53.455Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:54:53.455Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:54:53.518Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:54:53.518Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:54:53.518Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:54:53.455Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:54:53.455Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:54:53.518Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:54:53.518Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:54:53.518Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -595,16 +595,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/reg/security.md b/docs/apps/stable/reg/security.md
index 4a060692c17..740348d0f26 100644
--- a/docs/apps/stable/reg/security.md
+++ b/docs/apps/stable/reg/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:54:04.941Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:54:04.941Z [34mINFO[0m Detected config files: 1
#### reg/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:05.759Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:05.759Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:05.767Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:05.759Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:05.759Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:05.767Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/reg:v0.16.1@sha256:ae581387764a23c62c1386389e27358bac5088790904938264cb0bcd4e8c946c**
-2021-12-04T19:54:10.068Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:54:10.068Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:54:10.072Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:54:10.072Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:54:10.068Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:54:10.068Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:54:10.072Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:54:10.072Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/reg:v0.16.1@sha256:ae581387764a23c62c1386389e27358bac5088790904938264cb0bcd4e8c946c (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -171,7 +171,7 @@
| perl-modules-5.30 | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/containerd/containerd | CVE-2021-41103 | HIGH | v1.2.9 | v1.4.11, v1.5.7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103
https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8
https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41103
https://ubuntu.com/security/notices/USN-5100-1
https://www.debian.org/security/2021/dsa-5002
|
@@ -185,8 +185,7 @@
| github.com/opencontainers/runc | CVE-2019-19921 | HIGH | v0.1.1 | v1.0.0-rc9.0.20200122160610-2fc03cc11c77 | Click to expand!
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00018.html
https://access.redhat.com/errata/RHSA-2020:0688
https://access.redhat.com/errata/RHSA-2020:0695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19921
https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9
https://github.com/opencontainers/runc/issues/2197
https://github.com/opencontainers/runc/pull/2190
https://github.com/opencontainers/runc/pull/2207
https://github.com/opencontainers/runc/releases
https://linux.oracle.com/cve/CVE-2019-19921.html
https://linux.oracle.com/errata/ELSA-2020-1650.html
https://security-tracker.debian.org/tracker/CVE-2019-19921
https://security.gentoo.org/glsa/202003-21
https://ubuntu.com/security/notices/USN-4297-1
https://usn.ubuntu.com/4297-1/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/remmina/security.md b/docs/apps/stable/remmina/security.md
index f999f515639..0e06e0a1cd0 100644
--- a/docs/apps/stable/remmina/security.md
+++ b/docs/apps/stable/remmina/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:54:43.607Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:54:43.607Z [34mINFO[0m Detected config files: 1
#### remmina/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:44.408Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:44.408Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:44.417Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:44.408Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:44.408Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:44.417Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/remmina:version-1.2.0-rcgit.29dfsg-1ubuntu1@sha256:c7795b9222063e436c77a94436da5e1bcdc1b13891f936673369588830a5ae8d**
-2021-12-04T19:54:46.555Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:54:46.555Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:54:46.566Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:54:46.566Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:54:46.555Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:54:46.555Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:54:46.566Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:54:46.566Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/remmina:version-1.2.0-rcgit.29dfsg-1ubuntu1@sha256:c7795b9222063e436c77a94436da5e1bcdc1b13891f936673369588830a5ae8d (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -298,9 +298,8 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/docs/apps/stable/resilio-sync/security.md b/docs/apps/stable/resilio-sync/security.md
index 5b060d68200..8fe5ecb25ca 100644
--- a/docs/apps/stable/resilio-sync/security.md
+++ b/docs/apps/stable/resilio-sync/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:54:45.053Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:54:45.053Z [34mINFO[0m Detected config files: 1
#### resilio-sync/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:47.633Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:47.633Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:47.643Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:47.633Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:47.633Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:47.643Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/resilio-sync:version-2.7.2.1375@sha256:54f42485d39a7773ff2e13c27ebfc32fc448eaf13f8972f38e14eedadb0b3a2e**
-2021-12-04T19:54:52.339Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:54:52.339Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:54:52.342Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:52.339Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:54:52.339Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:54:52.342Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/resilio-sync:version-2.7.2.1375@sha256:54f42485d39a7773ff2e13c27ebfc32fc448eaf13f8972f38e14eedadb0b3a2e (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -183,4 +183,3 @@
| passwd | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
|
| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
|
| perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
-
diff --git a/docs/apps/stable/sabnzbd/security.md b/docs/apps/stable/sabnzbd/security.md
index f32eb00b4ab..f36e918568a 100644
--- a/docs/apps/stable/sabnzbd/security.md
+++ b/docs/apps/stable/sabnzbd/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:54:54.455Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:54:54.455Z [34mINFO[0m Detected config files: 1
#### sabnzbd/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:54:55.570Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:54:55.570Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:54:55.583Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:54:55.570Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:54:55.570Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:54:55.583Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/sabnzbd:v3.4.2@sha256:23f1fd8ff6709a1f11b08134f5463887efcfaa5aa1beadf32984d56b9b93c35d**
-2021-12-04T19:55:00.638Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:55:00.638Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:55:00.641Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:55:00.641Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:55:00.641Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:55:00.638Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:55:00.638Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:55:00.641Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:55:00.641Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:55:00.641Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/sabnzbd:v3.4.2@sha256:23f1fd8ff6709a1f11b08134f5463887efcfaa5aa1beadf32984d56b9b93c35d (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -149,15 +149,14 @@
| unrar | CVE-2018-25018 | MEDIUM | 1:5.6.6-2build1 | | Click to expand!
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25018
https://github.com/aawc/unrar/releases
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2018-204.yaml
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/ser2sock/security.md b/docs/apps/stable/ser2sock/security.md
index 8976e57fa25..4bec5c0ecb2 100644
--- a/docs/apps/stable/ser2sock/security.md
+++ b/docs/apps/stable/ser2sock/security.md
@@ -4,7 +4,7 @@
##### Scan Results
-2021-12-04T19:55:29.375Z [34mINFO[0m Detected config files: 0
+2021-12-04T19:55:29.375Z [34mINFO[0m Detected config files: 0
| No Vulnerabilities found |
|:---------------------------------|
@@ -15,4 +15,3 @@
##### Scan Results
-
diff --git a/docs/apps/stable/shiori/security.md b/docs/apps/stable/shiori/security.md
index b8f5d978bfb..9c2a93f43c8 100644
--- a/docs/apps/stable/shiori/security.md
+++ b/docs/apps/stable/shiori/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:55:50.174Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:55:50.174Z [34mINFO[0m Detected config files: 2
#### shiori/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:55:53.657Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:55:53.657Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:55:53.665Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:55:53.657Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:55:53.657Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:55:53.665Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:55:55.004Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:55:55.005Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:55:55.041Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:55:55.041Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:55:55.042Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:55:55.004Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:55:55.005Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:55:55.041Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:55:55.041Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:55:55.042Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,28 +275,28 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/shiori:version-v1.5.0@sha256:6c6331888c9a5162def49b6212327242f7f5c96e2d5a1bb031f79321cc1c0549**
-2021-12-04T19:56:03.324Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:56:03.324Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:56:03.324Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:56:03.324Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### go/bin/shiori
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20190701094942-4def268fd1a4 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
@@ -304,14 +304,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:56:04.946Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:56:04.946Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:56:04.960Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:04.946Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:56:04.946Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:56:04.960Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -339,16 +339,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:56:06.183Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:56:06.183Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:56:06.236Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:56:06.236Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:56:06.236Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:56:06.183Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:56:06.183Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:56:06.236Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:56:06.236Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:56:06.236Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -543,16 +543,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/shorturl/security.md b/docs/apps/stable/shorturl/security.md
index 5b7c2366542..1c8b3b5232e 100644
--- a/docs/apps/stable/shorturl/security.md
+++ b/docs/apps/stable/shorturl/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:55:45.195Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:55:45.195Z [34mINFO[0m Detected config files: 1
#### shorturl/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:55:49.512Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:55:49.512Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:55:49.521Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:55:49.512Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:55:49.512Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:55:49.521Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/shorturl:version-v0.1.0@sha256:3893eab50b4d790958b31cbb7fd5d545369e7f91ee2d77551352a6510c86ba03**
-2021-12-04T19:55:52.102Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:55:52.102Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/sickchill/security.md b/docs/apps/stable/sickchill/security.md
index 531b954abb5..4780e01c8b1 100644
--- a/docs/apps/stable/sickchill/security.md
+++ b/docs/apps/stable/sickchill/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:55:52.602Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:55:52.602Z [34mINFO[0m Detected config files: 1
#### sickchill/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:55:54.295Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:55:54.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:55:54.301Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:55:54.295Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:55:54.295Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:55:54.301Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/sickchill:v2021.5.10-1-ls63@sha256:f9fd82d8c6d12bc85dcc7813b7216087efb006dc05104ce67386ec989be25dc4**
-2021-12-04T19:56:01.534Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:56:01.534Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:56:01.534Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:56:01.534Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### Python
-
+
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/sickgear/security.md b/docs/apps/stable/sickgear/security.md
index be19d0d7441..6464eebf7e7 100644
--- a/docs/apps/stable/sickgear/security.md
+++ b/docs/apps/stable/sickgear/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:56:04.011Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:56:04.011Z [34mINFO[0m Detected config files: 1
#### sickgear/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:56:05.604Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:56:05.605Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:56:05.620Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:05.604Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:56:05.605Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:56:05.620Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/sickgear:version-release_0.25.4@sha256:6a78e9f784cf298552402143bee239858956f4783c7619e9a2b960c0d0d15d73**
-2021-12-04T19:56:10.897Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:10.897Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/smokeping/security.md b/docs/apps/stable/smokeping/security.md
index 325ef7d9953..976bf057228 100644
--- a/docs/apps/stable/smokeping/security.md
+++ b/docs/apps/stable/smokeping/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:56:31.963Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:56:31.963Z [34mINFO[0m Detected config files: 1
#### smokeping/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:56:33.193Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:56:33.193Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:56:33.202Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:33.193Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:56:33.193Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:56:33.202Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/smokeping:version-2.7.3-r5@sha256:e56ba2420901250afb865a7e03e43956dcff17503ce44c48b20064980a42f5a4**
-2021-12-04T19:56:42.773Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:42.773Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/sonarr/security.md b/docs/apps/stable/sonarr/security.md
index aa44f5c7bb4..38625eae526 100644
--- a/docs/apps/stable/sonarr/security.md
+++ b/docs/apps/stable/sonarr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:56:44.447Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:56:44.447Z [34mINFO[0m Detected config files: 1
#### sonarr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:56:45.218Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:56:45.218Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:56:45.231Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:56:45.218Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:56:45.218Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:56:45.231Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/sonarr:v3.0.6.1342@sha256:245800dc1c4304f8121bf0d3e5dda4251eb613b0dfe20e5975ceb9f88eaba8e6**
-2021-12-04T19:57:01.803Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:57:01.803Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:57:01.806Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:57:01.806Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:57:01.803Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:57:01.803Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:57:01.806Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:57:01.806Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/sonarr:v3.0.6.1342@sha256:245800dc1c4304f8121bf0d3e5dda4251eb613b0dfe20e5975ceb9f88eaba8e6 (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -181,8 +181,7 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/speedtest-exporter/security.md b/docs/apps/stable/speedtest-exporter/security.md
index dd52f59a0e2..5d5e5b3c487 100644
--- a/docs/apps/stable/speedtest-exporter/security.md
+++ b/docs/apps/stable/speedtest-exporter/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:57:02.665Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:57:02.665Z [34mINFO[0m Detected config files: 1
#### speedtest-exporter/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:57:03.873Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:03.873Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:03.882Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:57:03.873Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:03.873Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:03.882Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/speedtest-exporter:v3.3.4**
-2021-12-04T19:57:09.310Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:09.310Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:09.318Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:57:09.318Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:57:09.310Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:09.310Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:09.318Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:57:09.318Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/speedtest-exporter:v3.3.4 (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -97,9 +97,6 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/sqlitebrowser/security.md b/docs/apps/stable/sqlitebrowser/security.md
index da5a8ae5dd4..83edd6fd0c2 100644
--- a/docs/apps/stable/sqlitebrowser/security.md
+++ b/docs/apps/stable/sqlitebrowser/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:57:02.264Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:57:02.264Z [34mINFO[0m Detected config files: 1
#### sqlitebrowser/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:57:03.304Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:03.304Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:03.310Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:57:03.304Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:03.304Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:03.310Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/sqlitebrowser:version-3.12.2-02876202105241947ubuntu18.04.1@sha256:fc18746d4b3c37355ef0015b34c9bdd1d023c528d05097bf6dc839d54234fc48**
-2021-12-04T19:57:06.495Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:57:06.495Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:57:06.506Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:57:06.506Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:57:06.495Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:57:06.495Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:57:06.506Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:57:06.506Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/sqlitebrowser:version-3.12.2-02876202105241947ubuntu18.04.1@sha256:fc18746d4b3c37355ef0015b34c9bdd1d023c528d05097bf6dc839d54234fc48 (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -284,9 +284,8 @@
| xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | Click to expand!
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612
|
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | Click to expand!
https://hackerone.com/reports/311333
|
-
diff --git a/docs/apps/stable/stash/security.md b/docs/apps/stable/stash/security.md
index 7857f219385..994b1cc347f 100644
--- a/docs/apps/stable/stash/security.md
+++ b/docs/apps/stable/stash/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:57:23.328Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:57:23.328Z [34mINFO[0m Detected config files: 1
#### stash/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:57:24.345Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:24.345Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:24.360Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:57:24.345Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:24.345Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:24.360Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,32 +61,29 @@
**Container: tccr.io/truecharts/stash:v0.11.0@sha256:8ce5c582a35c7ad8db0ef9e0bcfeb03bccfa1bc7e8432f36ec572f8e5a2fc97d**
-2021-12-04T19:57:32.061Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:32.061Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:32.084Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:57:32.084Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:57:32.085Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:57:32.061Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:32.061Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:32.084Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:57:32.084Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:57:32.085Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/stash:v0.11.0@sha256:8ce5c582a35c7ad8db0ef9e0bcfeb03bccfa1bc7e8432f36ec572f8e5a2fc97d (alpine 3.14.3)
-
+
**alpine**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/static/security.md b/docs/apps/stable/static/security.md
index 7fa02b82fec..455e99b1249 100644
--- a/docs/apps/stable/static/security.md
+++ b/docs/apps/stable/static/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:57:48.240Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:57:48.240Z [34mINFO[0m Detected config files: 1
#### static/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:57:49.600Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:49.600Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:49.606Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:57:49.600Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:49.600Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:49.606Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,12 @@
**Container: tccr.io/truecharts/static:version-ee8a20c@sha256:5644e67d64d9c23330ffd83e62a99f268a801b6d76b67d07a998952de131e00b**
-2021-12-04T19:57:52.038Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:57:52.038Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:57:52.038Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:57:52.038Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### go/bin/static
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/statping/security.md b/docs/apps/stable/statping/security.md
index 554100818d9..a67e153a8be 100644
--- a/docs/apps/stable/statping/security.md
+++ b/docs/apps/stable/statping/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:58:03.642Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:58:03.642Z [34mINFO[0m Detected config files: 2
#### statping/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:58:04.723Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:04.723Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:04.728Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:04.723Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:04.723Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:04.728Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:58:05.556Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:58:05.557Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:58:05.594Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:58:05.594Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:58:05.603Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:58:05.556Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:58:05.557Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:58:05.594Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:58:05.594Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:05.603Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/statping:v0.90.74@sha256:1c7e6cf35253668dd55ab20dde3c3e10d2fefd31416963b81d63846b672f38ce**
-2021-12-04T19:58:09.072Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:09.072Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:09.073Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:58:09.073Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:09.072Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:09.072Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:09.073Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:58:09.073Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/statping:v0.90.74@sha256:1c7e6cf35253668dd55ab20dde3c3e10d2fefd31416963b81d63846b672f38ce (alpine 3.12.3)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -365,7 +365,7 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r19 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/dgrijalva/jwt-go | CVE-2020-26160 | HIGH | v3.2.0+incompatible | | Click to expand!
https://github.com/dgrijalva/jwt-go/pull/426
https://nvd.nist.gov/vuln/detail/CVE-2020-26160
https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515
|
@@ -373,14 +373,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:58:09.949Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:09.949Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:09.959Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:09.949Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:09.949Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:09.959Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -408,16 +408,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:58:10.725Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:58:10.725Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:58:10.770Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:58:10.770Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:58:10.770Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:58:10.725Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:58:10.725Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:58:10.770Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:58:10.770Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:10.770Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -612,16 +612,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/syncthing/security.md b/docs/apps/stable/syncthing/security.md
index 2385d47c974..b3cf4505aed 100644
--- a/docs/apps/stable/syncthing/security.md
+++ b/docs/apps/stable/syncthing/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:57:57.764Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:57:57.764Z [34mINFO[0m Detected config files: 1
#### syncthing/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:57:58.598Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:57:58.598Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:57:58.605Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:57:58.598Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:57:58.598Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:57:58.605Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/syncthing:v1.18.4@sha256:cc2bd691927ec19b9aac2d4a3e2330cb0ce9458dda761ead7dddd5f2d8338221**
-2021-12-04T19:58:00.666Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:00.666Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:00.668Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:58:00.668Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:00.666Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:00.666Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:00.668Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:58:00.668Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/syncthing:v1.18.4@sha256:cc2bd691927ec19b9aac2d4a3e2330cb0ce9458dda761ead7dddd5f2d8338221 (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -96,9 +96,6 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/tautulli/security.md b/docs/apps/stable/tautulli/security.md
index 79d324706f8..c3c814653df 100644
--- a/docs/apps/stable/tautulli/security.md
+++ b/docs/apps/stable/tautulli/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:58:17.750Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:58:17.750Z [34mINFO[0m Detected config files: 1
#### tautulli/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:58:18.899Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:18.899Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:18.908Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:18.899Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:18.899Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:18.908Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/tautulli:v2.7.7@sha256:c63a409b9d44b5018dfe72955609f6b25b70945976739cd28f1f0af6e73484df**
-2021-12-04T19:58:22.626Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:58:22.626Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:58:22.630Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:58:22.630Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:58:22.631Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T19:58:22.626Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:58:22.626Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:58:22.630Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:58:22.630Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:22.631Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/tautulli:v2.7.7@sha256:c63a409b9d44b5018dfe72955609f6b25b70945976739cd28f1f0af6e73484df (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -148,15 +148,14 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04.1 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/teamspeak3/security.md b/docs/apps/stable/teamspeak3/security.md
index dc1f2356d3f..5afbd026d36 100644
--- a/docs/apps/stable/teamspeak3/security.md
+++ b/docs/apps/stable/teamspeak3/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:58:38.915Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:58:38.915Z [34mINFO[0m Detected config files: 1
#### teamspeak3/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:58:43.063Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:43.063Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:43.071Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:43.063Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:43.063Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:43.071Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,15 @@
**Container: tccr.io/truecharts/teamspeak:v3.13.6@sha256:24acbeffda16a22105e06d60286e1c93d148c8467177feaf760bbe1ef3b9654c**
-2021-12-04T19:58:47.002Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:47.002Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:47.004Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:47.002Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:47.002Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:47.004Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/teamspeak:v3.13.6@sha256:24acbeffda16a22105e06d60286e1c93d148c8467177feaf760bbe1ef3b9654c (alpine 3.13.7)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| libpq | CVE-2021-23214 | HIGH | 13.4-r0 | 13.5-r0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23214
https://ubuntu.com/security/notices/USN-5145-1
https://www.postgresql.org/about/news/postgresql-141-135-129-1114-1019-and-9624-released-2349/
|
| libpq | CVE-2021-23222 | LOW | 13.4-r0 | 13.5-r0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23222
https://ubuntu.com/security/notices/USN-5145-1
https://www.postgresql.org/about/news/postgresql-141-135-129-1114-1019-and-9624-released-2349/
|
-
diff --git a/docs/apps/stable/teedy/security.md b/docs/apps/stable/teedy/security.md
index 7b9f7b5aafa..bda77fe291b 100644
--- a/docs/apps/stable/teedy/security.md
+++ b/docs/apps/stable/teedy/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:58:52.691Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:58:52.691Z [34mINFO[0m Detected config files: 2
#### teedy/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:58:53.599Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:58:53.599Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:58:53.606Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:58:53.599Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:58:53.599Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:58:53.606Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:58:54.448Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:58:54.448Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:58:54.506Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:58:54.506Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:58:54.506Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:58:54.448Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:58:54.448Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:58:54.506Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:58:54.506Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:58:54.506Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/docs:v1.9@sha256:23e9053e5eb837b31ae08bc770865827c7a2dc49dfc46fa2eba55f18fe8b21da**
-2021-12-04T19:59:18.424Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:59:18.424Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:59:18.436Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:59:18.436Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:59:18.424Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:59:18.424Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:59:18.436Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:59:18.436Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/docs:v1.9@sha256:23e9053e5eb837b31ae08bc770865827c7a2dc49dfc46fa2eba55f18fe8b21da (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2018-0501 | HIGH | 1.6~alpha7ubuntu2 | 1.6.3ubuntu0.1 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0501
https://mirror.fail
https://mirror.fail/
https://salsa.debian.org/apt-team/apt/commit/29658a3a74af49e2a24e17bdebb20e1612aac3ec
https://salsa.debian.org/apt-team/apt/commit/aebd4278bacc728ab00ebe31556983e140f60e47
https://ubuntu.com/security/notices/USN-3746-1
https://usn.ubuntu.com/3746-1/
|
@@ -1508,7 +1508,7 @@
| xxd | CVE-2021-3903 | LOW | 2:8.0.1453-1ubuntu1 | 2:8.0.1453-1ubuntu1.7 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3903
https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43
https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/
https://ubuntu.com/security/notices/USN-5147-1
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.google.guava:guava | CVE-2020-8908 | LOW | 28.2-jre | 30.0 | Click to expand!
https://github.com/advisories/GHSA-5mg8-w23w-74h3
https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40
https://github.com/google/guava/issues/4011
https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r037fed1d0ebde50c9caf8d99815db3093c344c3f651c5a49a09824ce@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E
https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E
https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-8908
https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -1566,14 +1566,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:59:19.875Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:19.875Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:19.881Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:59:19.875Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:19.875Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:19.881Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -1601,16 +1601,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:59:36.837Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:59:36.837Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:59:36.891Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:59:36.891Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:59:36.891Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:59:36.837Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:59:36.837Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:59:36.891Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:59:36.891Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:59:36.891Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -1805,16 +1805,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/thelounge/security.md b/docs/apps/stable/thelounge/security.md
index 49105887670..22cac9698da 100644
--- a/docs/apps/stable/thelounge/security.md
+++ b/docs/apps/stable/thelounge/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:59:19.289Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:59:19.289Z [34mINFO[0m Detected config files: 1
#### thelounge/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:59:21.037Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:21.037Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:21.050Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:59:21.037Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:21.037Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:21.050Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/thelounge:v4.3.0@sha256:642d2b46f679b666e7b7458e761de135b7fb6761e986a8bcb620d81803195051**
-2021-12-04T19:59:34.722Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:59:34.722Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:59:34.863Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:59:34.863Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T19:59:34.722Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:59:34.722Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:59:34.863Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:59:34.863Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/thelounge:v4.3.0@sha256:642d2b46f679b666e7b7458e761de135b7fb6761e986a8bcb620d81803195051 (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -822,7 +822,7 @@
| wget | CVE-2021-31879 | MEDIUM | 1.21-1 | | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -833,4 +833,3 @@
| tar | CVE-2021-37701 | HIGH | 2.2.2 | 6.1.7, 5.0.8, 4.4.16 | Click to expand!
https://github.com/advisories/GHSA-9r2w-394v-53qc
https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
https://nvd.nist.gov/vuln/detail/CVE-2021-37701
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1779
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37712 | HIGH | 2.2.2 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-qq89-hq3f-393p
https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
https://nvd.nist.gov/vuln/detail/CVE-2021-37712
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1780
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| tar | CVE-2021-37713 | HIGH | 2.2.2 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/docs/apps/stable/traccar/security.md b/docs/apps/stable/traccar/security.md
index a22dd1e1002..7a6ca47112f 100644
--- a/docs/apps/stable/traccar/security.md
+++ b/docs/apps/stable/traccar/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T19:59:20.429Z [34mINFO[0m Detected config files: 2
+2021-12-04T19:59:20.429Z [34mINFO[0m Detected config files: 2
#### traccar/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:59:24.066Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:24.066Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:24.071Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:59:24.066Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:24.066Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:24.071Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:59:36.029Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:59:36.029Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:59:36.071Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:59:36.071Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:59:36.071Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:59:36.029Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:59:36.029Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:59:36.071Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:59:36.071Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:59:36.071Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,30 +275,30 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/traccar:v4.14@sha256:39fe3c8c65caef00ab79591c98b383432fe2d21bf745c925df6fd7891ce6fe78**
-2021-12-04T19:59:47.923Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:47.923Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:47.927Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:59:47.927Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:59:47.923Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:47.923Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:47.927Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:59:47.927Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/traccar:v4.14@sha256:39fe3c8c65caef00ab79591c98b383432fe2d21bf745c925df6fd7891ce6fe78 (alpine 3.14.1)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -329,7 +329,7 @@
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | Click to expand!
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**jar**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ch.qos.logback:logback-core | CVE-2017-5929 | CRITICAL | 1.1.3 | 1.2.0 | Click to expand!
http://www.cvedetails.com/cve/CVE-2017-5929/
https://access.redhat.com/errata/RHSA-2017:1675
https://access.redhat.com/errata/RHSA-2017:1676
https://access.redhat.com/errata/RHSA-2017:1832
https://access.redhat.com/errata/RHSA-2018:2927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929
https://github.com/advisories/GHSA-vmfg-rjjm-rjrj
https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8
https://lists.apache.org/thread.html/18d509024d9aeb07f0e9579066f80bf5d4dcf20467b0c240043890d1@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/a6db61616180d73711d6db25703085940026e2dbc40f153f9d22b203@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/fa4eaaa6ff41ac6f79811e053c152ee89b7c5da8a6ac848ae97df67f@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r0bb19330e48d5ad784fa20dacba9e5538d8d60f5cd9142e0f1432b4b@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2a08573ddee4a86dc96d469485a5843a01710ee0dc2078dfca410c79@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r2c2d57ca180e8173c90fe313ddf8eabbdcf8e3ae196f8b9f42599790@%3Ccommits.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/r397bf63783240fbb5713389d3f889d287ae0c11509006700ac720037@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r4673642893562c58cbee60c151ded6c077e8a2d02296e862224a9161@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r632ec30791b441e2eb5a3129532bf1b689bf181d0ef7daf50bcf0fd6@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r718f27bed898008a8e037d9cc848cfc1df4d18abcbaee0cb0c142cfb@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r967953a14e05016bc4bcae9ef3dd92e770181158b4246976ed8295c9@%3Cdev.brooklyn.apache.org%3E
https://lists.apache.org/thread.html/ra007cec726a3927c918ec94c4316d05d1829c49eae8dc3648adc35e2@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rbb4dfca2f7e3e8f3570eec21c79832d33a51dfde6762725660b60169@%3Cdev.mnemonic.apache.org%3E
https://lists.apache.org/thread.html/rc5f0cc2f3b153bdf15ee7389d78585829abc9c7af4d322ba1085dd3e@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rd2227af3c9ada2a72dc72ed05517f5857a34d487580e1f2803922ff9@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/re9b787727291786dfe088e3cd078c7d195c0b5781e15d3cd24a3b2fc@%3Cdev.mnemonic.apache.org%3E
https://logback.qos.ch/news.html
https://nvd.nist.gov/vuln/detail/CVE-2017-5929
|
@@ -357,14 +357,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:59:49.454Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:49.454Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:49.460Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:59:49.454Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:49.454Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:49.460Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -392,16 +392,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T19:59:56.847Z [34mINFO[0m Detected OS: debian
-2021-12-04T19:59:56.847Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T19:59:56.892Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T19:59:56.892Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T19:59:56.892Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T19:59:56.847Z [34mINFO[0m Detected OS: debian
+2021-12-04T19:59:56.847Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T19:59:56.892Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T19:59:56.892Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:59:56.892Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -596,16 +596,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/transmission/security.md b/docs/apps/stable/transmission/security.md
index 340175d3b1f..0f5bf45f808 100644
--- a/docs/apps/stable/transmission/security.md
+++ b/docs/apps/stable/transmission/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T19:59:35.444Z [34mINFO[0m Detected config files: 1
+2021-12-04T19:59:35.444Z [34mINFO[0m Detected config files: 1
#### transmission/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T19:59:48.678Z [34mINFO[0m Detected OS: alpine
-2021-12-04T19:59:48.678Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T19:59:48.685Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T19:59:48.678Z [34mINFO[0m Detected OS: alpine
+2021-12-04T19:59:48.678Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T19:59:48.685Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/transmission:v3.00@sha256:9a4f48483b93f74394b69555c9324c746414836de247fbeafec5f53c0b077b9f**
-2021-12-04T19:59:56.219Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T19:59:56.219Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T19:59:56.222Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T19:59:56.222Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T19:59:56.219Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T19:59:56.219Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T19:59:56.222Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T19:59:56.222Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/transmission:v3.00@sha256:9a4f48483b93f74394b69555c9324c746414836de247fbeafec5f53c0b077b9f (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -161,8 +161,7 @@
| unrar | CVE-2018-25018 | MEDIUM | 1:5.6.6-2build1 | | Click to expand!
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25018
https://github.com/aawc/unrar/releases
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2018-204.yaml
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/truecommand/security.md b/docs/apps/stable/truecommand/security.md
index 95b6ebd4271..25bf5867e47 100644
--- a/docs/apps/stable/truecommand/security.md
+++ b/docs/apps/stable/truecommand/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:00:11.664Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:00:11.664Z [34mINFO[0m Detected config files: 1
#### truecommand/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:00:13.087Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:00:13.087Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:00:13.106Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:13.087Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:00:13.087Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:00:13.106Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/truecommand:v2.0.2@sha256:adee76b6a9149ea15dc56e8e6692f6cc60355cfb83c55a7a94a117923dc67ad0**
-2021-12-04T20:00:33.910Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:00:33.910Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:00:33.962Z [34mINFO[0m Number of language-specific files: 5
-2021-12-04T20:00:33.962Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:00:33.964Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:00:33.910Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:00:33.910Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:00:33.962Z [34mINFO[0m Number of language-specific files: 5
+2021-12-04T20:00:33.962Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:00:33.964Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/truecommand:v2.0.2@sha256:adee76b6a9149ea15dc56e8e6692f6cc60355cfb83c55a7a94a117923dc67ad0 (debian 10.4)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2020-27350 | MEDIUM | 1.8.2.1 | 1.8.2.2 | Click to expand!
https://bugs.launchpad.net/bugs/1899193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350
https://security.netapp.com/advisory/ntap-20210108-0005/
https://ubuntu.com/security/notices/USN-4667-1
https://ubuntu.com/security/notices/USN-4667-2
https://usn.ubuntu.com/usn/usn-4667-1
https://www.debian.org/security/2020/dsa-4808
|
@@ -379,14 +379,14 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/buger/jsonparser | CVE-2020-10675 | HIGH | v0.0.0-20191004114745-ee4c978eae7e | v0.0.0-20200321185410-91ac96899e49 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10675
https://github.com/buger/jsonparser/issues/188
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4C7PV6KEUUM76V4B2J5IFN2U6LEOWB67/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6KUHKDQSEYJNROA66OMN6AAQMGAAN6WI/
https://nvd.nist.gov/vuln/detail/CVE-2020-10675
|
@@ -396,7 +396,7 @@
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/buger/jsonparser | CVE-2020-10675 | HIGH | v0.0.0-20191004114745-ee4c978eae7e | v0.0.0-20200321185410-91ac96899e49 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10675
https://github.com/buger/jsonparser/issues/188
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4C7PV6KEUUM76V4B2J5IFN2U6LEOWB67/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6KUHKDQSEYJNROA66OMN6AAQMGAAN6WI/
https://nvd.nist.gov/vuln/detail/CVE-2020-10675
|
@@ -406,15 +406,12 @@
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/tt-rss/security.md b/docs/apps/stable/tt-rss/security.md
index e9cd4976ab5..fb2206b7364 100644
--- a/docs/apps/stable/tt-rss/security.md
+++ b/docs/apps/stable/tt-rss/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T20:00:34.938Z [34mINFO[0m Detected config files: 2
+2021-12-04T20:00:34.938Z [34mINFO[0m Detected config files: 2
#### tt-rss/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:00:37.814Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:00:37.814Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:00:37.827Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:37.814Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:00:37.814Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:00:37.827Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:00:39.013Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:00:39.013Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:00:39.060Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:00:39.060Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:00:39.061Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:00:39.013Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:00:39.013Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:00:39.060Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:00:39.060Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:00:39.061Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,32 +275,32 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/tt-rss:v1.9075.0@sha256:9779b47027627c16b3f6c0e69b9a5c7964a7b701ff8ccc6b1f0a7d5d371c7c6b**
-2021-12-04T20:00:47.176Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T20:00:47.176Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T20:00:47.181Z [34mINFO[0m Number of language-specific files: 4
-2021-12-04T20:00:47.181Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:00:47.181Z [34mINFO[0m Detecting composer vulnerabilities...
-2021-12-04T20:00:47.181Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:00:47.176Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T20:00:47.176Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T20:00:47.181Z [34mINFO[0m Number of language-specific files: 4
+2021-12-04T20:00:47.181Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:00:47.181Z [34mINFO[0m Detecting composer vulnerabilities...
+2021-12-04T20:00:47.181Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/tt-rss:v1.9075.0@sha256:9779b47027627c16b3f6c0e69b9a5c7964a7b701ff8ccc6b1f0a7d5d371c7c6b (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -414,42 +414,42 @@
| python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | | Click to expand!
http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-1633.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
**node-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**composer**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:00:48.308Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:00:48.308Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:00:48.317Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:48.308Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:00:48.308Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:00:48.317Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -477,16 +477,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:00:59.789Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:00:59.789Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:00:59.824Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:00:59.824Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:00:59.824Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:00:59.789Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:00:59.789Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:00:59.824Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:00:59.824Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:00:59.824Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -681,16 +681,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/tvheadend/security.md b/docs/apps/stable/tvheadend/security.md
index a56aa676b80..8b88580a1de 100644
--- a/docs/apps/stable/tvheadend/security.md
+++ b/docs/apps/stable/tvheadend/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:00:47.706Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:00:47.706Z [34mINFO[0m Detected config files: 1
#### tvheadend/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:00:49.278Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:00:49.278Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:00:49.287Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:49.278Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:00:49.278Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:00:49.287Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/tvheadend:version-63784405@sha256:55617b2f0e1a9d9cefb853c5d52f3729da88c9662ad18813e688201dbe3aee9a**
-2021-12-04T20:00:58.606Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:58.606Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/twtxt/security.md b/docs/apps/stable/twtxt/security.md
index bbbf074281a..04f5a290525 100644
--- a/docs/apps/stable/twtxt/security.md
+++ b/docs/apps/stable/twtxt/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:00:49.795Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:00:49.795Z [34mINFO[0m Detected config files: 1
#### twtxt/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:00:59.162Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:00:59.162Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:00:59.175Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:00:59.162Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:00:59.162Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:00:59.175Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,14 @@
**Container: tccr.io/truecharts/twtxt:version-0.1.1@sha256:9f34f0557d2a46aa7952c55f5a368c130659fafa0780785a647721edd001cdaa**
-2021-12-04T20:01:04.681Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:01:04.681Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:01:04.681Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:01:04.681Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### app/twtd
-
+
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| github.com/dgrijalva/jwt-go | CVE-2020-26160 | HIGH | v3.2.0+incompatible | | Click to expand!
https://github.com/dgrijalva/jwt-go/pull/426
https://nvd.nist.gov/vuln/detail/CVE-2020-26160
https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515
|
| golang.org/x/crypto | CVE-2020-29652 | HIGH | v0.0.0-20200709230013-948cd5f35899 | v0.0.0-20201216223049-8b5274cf687f | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
https://linux.oracle.com/cve/CVE-2020-29652.html
https://linux.oracle.com/errata/ELSA-2021-1796.html
https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-29652
|
-
diff --git a/docs/apps/stable/unifi/security.md b/docs/apps/stable/unifi/security.md
index 06eca42d2b4..d6de5e30155 100644
--- a/docs/apps/stable/unifi/security.md
+++ b/docs/apps/stable/unifi/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:01:06.079Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:01:06.079Z [34mINFO[0m Detected config files: 1
#### unifi/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:01:07.015Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:01:07.015Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:01:07.047Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:07.015Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:01:07.015Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:01:07.047Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,14 +61,14 @@
**Container: tccr.io/truecharts/unifi:v6.5.53@sha256:c6cf26dcd8e73e95503a9a8fb5ab36458c05c724b33add8dc1a6152648f33d3d**
-2021-12-04T20:01:36.779Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T20:01:36.780Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T20:01:36.786Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:36.779Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T20:01:36.780Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T20:01:36.786Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/unifi:v6.5.53@sha256:c6cf26dcd8e73e95503a9a8fb5ab36458c05c724b33add8dc1a6152648f33d3d (ubuntu 18.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -214,4 +214,3 @@
| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | | Click to expand!
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
|
| perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | Click to expand!
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
|
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
-
diff --git a/docs/apps/stable/unpackerr/security.md b/docs/apps/stable/unpackerr/security.md
index 535a387968a..37ceef7439a 100644
--- a/docs/apps/stable/unpackerr/security.md
+++ b/docs/apps/stable/unpackerr/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:01:46.149Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:01:46.149Z [34mINFO[0m Detected config files: 1
#### unpackerr/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:01:46.934Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:01:46.934Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:01:46.946Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:46.934Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:01:46.934Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:01:46.946Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/unpackerr:v0.9.8@sha256:a76546d014ad85dac797bbb3d7753d1c0b5778ea907a7f2b21dad908a1c7712c**
-2021-12-04T20:01:49.496Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:49.496Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/unpoller/security.md b/docs/apps/stable/unpoller/security.md
index 7e37743a380..e0760419368 100644
--- a/docs/apps/stable/unpoller/security.md
+++ b/docs/apps/stable/unpoller/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:01:52.263Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:01:52.263Z [34mINFO[0m Detected config files: 1
#### unpoller/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:01:53.858Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:01:53.858Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:01:53.864Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:53.858Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:01:53.858Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:01:53.864Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,8 +61,7 @@
**Container: tccr.io/truecharts/unifi-poller:v2.1.3@sha256:2d6cd1f4cdc3d8522d697830f69ca12aa2fe24fda4e5476610af6e0b5c0597e9**
-2021-12-04T20:01:57.370Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:57.370Z [34mINFO[0m Number of language-specific files: 0
| No Vulnerabilities found |
|:---------------------------------|
-
diff --git a/docs/apps/stable/uptime-kuma/security.md b/docs/apps/stable/uptime-kuma/security.md
index 93bce54bf4d..3c43870623d 100644
--- a/docs/apps/stable/uptime-kuma/security.md
+++ b/docs/apps/stable/uptime-kuma/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:01:52.960Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:01:52.960Z [34mINFO[0m Detected config files: 1
#### uptime-kuma/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:01:54.994Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:01:54.994Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:01:55.002Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:01:54.994Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:01:54.994Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:01:55.002Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,16 +61,16 @@
**Container: tccr.io/truecharts/uptime-kuma:v1.10.2-debian@sha256:002dbdff764a1d26278efadeecacc62602e3aba7714317afd83ec501a2b71769**
-2021-12-04T20:02:07.954Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:02:07.954Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:02:07.977Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:02:07.977Z [34mINFO[0m Detecting node-pkg vulnerabilities...
-2021-12-04T20:02:08.009Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T20:02:07.954Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:02:07.954Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:02:07.977Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:02:07.977Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:02:08.009Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/uptime-kuma:v1.10.2-debian@sha256:002dbdff764a1d26278efadeecacc62602e3aba7714317afd83ec501a2b71769 (debian 10.10)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -246,7 +246,7 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -254,9 +254,6 @@
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | Click to expand!
https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://nvd.nist.gov/vuln/detail/CVE-2021-3918
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/uptimerobot-prometheus/security.md b/docs/apps/stable/uptimerobot-prometheus/security.md
index 06fc0c57414..5efc0f968ee 100644
--- a/docs/apps/stable/uptimerobot-prometheus/security.md
+++ b/docs/apps/stable/uptimerobot-prometheus/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:02:22.608Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:02:22.608Z [34mINFO[0m Detected config files: 1
#### uptimerobot-prometheus/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:02:23.308Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:02:23.309Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:02:23.316Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:02:23.308Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:02:23.309Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:02:23.316Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/prometheus-uptimerobot-exporter:v0.0.1@sha256:c73a86e73ab47e0974eb3d6bd6ce5834befe8363979a9da2b53922b630ec084a**
-2021-12-04T20:02:26.416Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:02:26.416Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:02:26.424Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:02:26.424Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T20:02:26.416Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:02:26.416Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:02:26.424Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:02:26.424Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/prometheus-uptimerobot-exporter:v0.0.1@sha256:c73a86e73ab47e0974eb3d6bd6ce5834befe8363979a9da2b53922b630ec084a (alpine 3.12.0)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -154,11 +154,10 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r16 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| pip | CVE-2021-28363 | MEDIUM | 20.1.1 | 21.1 | Click to expand!
https://github.com/advisories/GHSA-5phf-pp7p-vc2r
https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#1264-2021-03-15
https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0
https://github.com/urllib3/urllib3/commits/main
https://github.com/urllib3/urllib3/releases/tag/1.26.4
https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28363
https://pypi.org/project/urllib3/1.26.4/
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| pip | CVE-2021-3572 | MEDIUM | 20.1.1 | 21.1 | Click to expand!
https://access.redhat.com/errata/RHSA-2021:3254
https://bugzilla.redhat.com/show_bug.cgi?id=1962856
https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
https://github.com/pypa/pip/pull/9827
https://linux.oracle.com/cve/CVE-2021-3572.html
https://linux.oracle.com/errata/ELSA-2021-4455.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3572
https://packetstormsecurity.com/files/162712/USN-4961-1.txt
|
| pip | pyup.io-42218 | UNKNOWN | 20.1.1 | 21.1 | Click to expand!
|
| urllib3 | CVE-2021-33503 | HIGH | 1.25.9 | 1.26.5 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
https://nvd.nist.gov/vuln/detail/CVE-2021-33503
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
|
-
diff --git a/docs/apps/stable/valheim/security.md b/docs/apps/stable/valheim/security.md
index b168b5c9887..914d8531d3b 100644
--- a/docs/apps/stable/valheim/security.md
+++ b/docs/apps/stable/valheim/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:02:35.141Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:02:35.141Z [34mINFO[0m Detected config files: 1
#### valheim/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:02:36.782Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:02:36.782Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:02:36.790Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:02:36.782Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:02:36.782Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:02:36.790Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/valheim-server:latest@sha256:12a0e638db1b54e93af61d8a94c275224ec8524e65304f058eff34dfdbaafef0**
-2021-12-04T20:02:52.094Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:02:52.094Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:02:52.177Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:02:52.177Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T20:02:52.094Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:02:52.094Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:02:52.177Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:02:52.177Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/valheim-server:latest@sha256:12a0e638db1b54e93af61d8a94c275224ec8524e65304f058eff34dfdbaafef0 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -491,9 +491,6 @@
| zip | CVE-2018-13410 | LOW | 3.0-11 | | Click to expand!
http://seclists.org/fulldisclosure/2018/Jul/24
|
**python-pkg**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/vaultwarden/security.md b/docs/apps/stable/vaultwarden/security.md
index 6bbd18ea17f..bd38f2ddf3e 100644
--- a/docs/apps/stable/vaultwarden/security.md
+++ b/docs/apps/stable/vaultwarden/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T20:02:54.062Z [34mINFO[0m Detected config files: 2
+2021-12-04T20:02:54.062Z [34mINFO[0m Detected config files: 2
#### vaultwarden/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:02:56.947Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:02:56.947Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:02:56.955Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:02:56.947Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:02:56.947Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:02:56.955Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:02:58.241Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:02:58.241Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:02:58.303Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:02:58.303Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:02:58.303Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:02:58.241Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:02:58.241Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:02:58.303Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:02:58.303Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:02:58.303Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,29 +275,29 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/vaultwarden:v1.23.0@sha256:1e65dd23569e566576c3c80de76f711e0b9fc5e29a39d45f49f0a44d1282d869**
-2021-12-04T20:03:07.218Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:03:07.218Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:03:07.308Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:07.218Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:03:07.218Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:03:07.308Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/vaultwarden:v1.23.0@sha256:1e65dd23569e566576c3c80de76f711e0b9fc5e29a39d45f49f0a44d1282d869 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -608,14 +608,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:03:08.318Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:08.318Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:08.324Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:08.318Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:08.318Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:08.324Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -643,16 +643,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:03:09.114Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:03:09.114Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:03:09.161Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:03:09.161Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:03:09.161Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:03:09.114Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:03:09.114Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:03:09.161Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:03:09.161Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:03:09.161Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -847,16 +847,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/whoogle/security.md b/docs/apps/stable/whoogle/security.md
index bf0293241fc..a5aef80eff6 100644
--- a/docs/apps/stable/whoogle/security.md
+++ b/docs/apps/stable/whoogle/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:02:54.735Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:02:54.735Z [34mINFO[0m Detected config files: 1
#### whoogle/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:02:57.621Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:02:57.621Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:02:57.628Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:02:57.621Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:02:57.621Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:02:57.628Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/whoogle-search:v0.6.0@sha256:3eeb08a974169f6f1abd884d0923a86d594f9d41c881c7558cb1cbe8dfeb454f**
-2021-12-04T20:03:02.134Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:03:02.134Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:03:02.167Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:03:02.167Z [34mINFO[0m Detecting python-pkg vulnerabilities...
+2021-12-04T20:03:02.134Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:03:02.134Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:03:02.167Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:03:02.167Z [34mINFO[0m Detecting python-pkg vulnerabilities...
#### tccr.io/truecharts/whoogle-search:v0.6.0@sha256:3eeb08a974169f6f1abd884d0923a86d594f9d41c881c7558cb1cbe8dfeb454f (debian 11.1)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 2.2.4 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -199,8 +199,7 @@
| tor-geoipdb | CVE-2020-8516 | LOW | 0.4.5.10-1~deb11u1 | | Click to expand!
https://lists.torproject.org/pipermail/tor-dev/2020-February/014146.html
https://lists.torproject.org/pipermail/tor-dev/2020-February/014147.html
https://security-tracker.debian.org/tracker/CVE-2020-8516
https://trac.torproject.org/projects/tor/ticket/33129
https://www.hackerfactor.com/blog/index.php?/archives/868-Deanonymizing-Tor-Circuits.html
|
**python-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Werkzeug | pyup.io-42050 | UNKNOWN | 0.16.0 | 2.0.2 | Click to expand!
|
-
diff --git a/docs/apps/stable/wiki/security.md b/docs/apps/stable/wiki/security.md
index f18b9faba7b..ac437d701b3 100644
--- a/docs/apps/stable/wiki/security.md
+++ b/docs/apps/stable/wiki/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:03:10.131Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:03:10.131Z [34mINFO[0m Detected config files: 1
#### wiki/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:03:10.955Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:10.955Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:10.960Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:10.955Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:10.955Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:10.960Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,17 +61,17 @@
**Container: tccr.io/truecharts/wiki:version-900b76a@sha256:26548fe894831ba1fbd7b68da370583363be3f992bd99e71c8b678c2583df951**
-2021-12-04T20:03:28.136Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:28.136Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:28.141Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:03:28.141Z [34mINFO[0m Detecting node-pkg vulnerabilities...
-2021-12-04T20:03:28.180Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.11.12
-2021-12-04T20:03:28.180Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
+2021-12-04T20:03:28.136Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:28.136Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:28.141Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:03:28.141Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:03:28.180Z [33mWARN[0m This OS version is no longer supported by the distribution: alpine 3.11.12
+2021-12-04T20:03:28.180Z [33mWARN[0m The vulnerability detection may be insufficient because security updates are not provided
#### tccr.io/truecharts/wiki:version-900b76a@sha256:26548fe894831ba1fbd7b68da370583363be3f992bd99e71c8b678c2583df951 (alpine 3.11.12)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.31.1-r10 | 1.31.1-r11 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -102,7 +102,7 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r10 | 1.31.1-r11 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
@@ -133,4 +133,3 @@
| ws | CVE-2021-32640 | MEDIUM | 7.4.5 | 5.2.3, 6.2.2, 7.4.6 | Click to expand!
https://github.com/advisories/GHSA-6fc8-4gx4-v693
https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff
https://github.com/websockets/ws/issues/1895
https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693
https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-32640
|
| xmldom | CVE-2021-21366 | MEDIUM | 0.1.31 | 0.5.0 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21366
https://github.com/advisories/GHSA-h6q6-9hqw-rwfv
https://github.com/xmldom/xmldom/commit/d4201b9dfbf760049f457f9f08a3888d48835135
https://github.com/xmldom/xmldom/releases/tag/0.5.0
https://github.com/xmldom/xmldom/security/advisories/GHSA-h6q6-9hqw-rwfv
https://nvd.nist.gov/vuln/detail/CVE-2021-21366
https://www.npmjs.com/package/xmldom
|
| xmldom | CVE-2021-32796 | MEDIUM | 0.1.31 | | Click to expand!
https://github.com/advisories/GHSA-5fg8-2547-mr8q
https://github.com/xmldom/xmldom/commit/7b4b743917a892d407356e055b296dcd6d107e8b
https://github.com/xmldom/xmldom/security/advisories/GHSA-5fg8-2547-mr8q
https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/
https://mattermost.com/blog/securing-xml-implementations-across-the-web/
https://nvd.nist.gov/vuln/detail/CVE-2021-32796
https://www.npmjs.com/package/@xmldom/xmldom
|
-
diff --git a/docs/apps/stable/wikijs/security.md b/docs/apps/stable/wikijs/security.md
index 17323c60314..6d71237951a 100644
--- a/docs/apps/stable/wikijs/security.md
+++ b/docs/apps/stable/wikijs/security.md
@@ -4,23 +4,23 @@
##### Scan Results
-2021-12-04T20:03:46.199Z [34mINFO[0m Detected config files: 2
+2021-12-04T20:03:46.199Z [34mINFO[0m Detected config files: 2
#### wikijs/charts/postgresql/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -36,14 +36,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:03:47.000Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:47.000Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:47.007Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:47.000Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:47.000Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:47.007Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -71,16 +71,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:03:47.991Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:03:47.991Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:03:48.056Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:03:48.056Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:03:48.056Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:03:47.991Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:03:47.991Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:03:48.056Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:03:48.056Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:03:48.056Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -275,32 +275,32 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**Container: tccr.io/truecharts/wiki:v2.5@sha256:4241796c343106f89fdc585229993df05c0ae81bdbbfc13a6f6a5be9b23d662e**
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:03:49.393Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:49.393Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:49.402Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:49.393Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:49.393Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:49.402Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -328,16 +328,16 @@
**Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4**
-2021-12-04T20:03:50.207Z [34mINFO[0m Detected OS: debian
-2021-12-04T20:03:50.207Z [34mINFO[0m Detecting Debian vulnerabilities...
-2021-12-04T20:03:50.255Z [34mINFO[0m Number of language-specific files: 2
-2021-12-04T20:03:50.255Z [34mINFO[0m Detecting gobinary vulnerabilities...
-2021-12-04T20:03:50.255Z [34mINFO[0m Detecting jar vulnerabilities...
+2021-12-04T20:03:50.207Z [34mINFO[0m Detected OS: debian
+2021-12-04T20:03:50.207Z [34mINFO[0m Detecting Debian vulnerabilities...
+2021-12-04T20:03:50.255Z [34mINFO[0m Number of language-specific files: 2
+2021-12-04T20:03:50.255Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:03:50.255Z [34mINFO[0m Detecting jar vulnerabilities...
#### tccr.io/truecharts/postgresql:v14.1.0@sha256:3b1df1487f9bd1bb3ee6a2b5e90e655b2ea5d9cdc3148826dc813bbcea3969c4 (debian 10.11)
-
+
**debian**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | Click to expand!
https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
|
@@ -532,16 +532,13 @@
| util-linux | CVE-2021-37600 | LOW | 2.33.1-0.1 | | Click to expand!
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
|
**jar**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
**gobinary**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
-
-
diff --git a/docs/apps/stable/xteve/security.md b/docs/apps/stable/xteve/security.md
index acac804d5b2..01f672ff93c 100644
--- a/docs/apps/stable/xteve/security.md
+++ b/docs/apps/stable/xteve/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:03:50.970Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:03:50.970Z [34mINFO[0m Detected config files: 1
#### xteve/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:03:51.700Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:03:51.701Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:03:51.707Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:03:51.700Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:03:51.701Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:03:51.707Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/xteve:v2.2.0.200@sha256:77a1e4d934da1361c349fc3b9548e4e01b421df078759e5d11b4cc552c50bd7e**
-2021-12-04T20:04:05.108Z [34mINFO[0m Detected OS: ubuntu
-2021-12-04T20:04:05.108Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
-2021-12-04T20:04:05.112Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:04:05.112Z [34mINFO[0m Detecting gobinary vulnerabilities...
+2021-12-04T20:04:05.108Z [34mINFO[0m Detected OS: ubuntu
+2021-12-04T20:04:05.108Z [34mINFO[0m Detecting Ubuntu vulnerabilities...
+2021-12-04T20:04:05.112Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:04:05.112Z [34mINFO[0m Detecting gobinary vulnerabilities...
#### tccr.io/truecharts/xteve:v2.2.0.200@sha256:77a1e4d934da1361c349fc3b9548e4e01b421df078759e5d11b4cc552c50bd7e (ubuntu 20.04)
-
+
**ubuntu**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | Click to expand!
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
|
@@ -768,8 +768,7 @@
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu14 | | Click to expand!
http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
|
**gobinary**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | v2.2.8 | Click to expand!
https://github.com/kubernetes/kubernetes/issues/89535
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://security.netapp.com/advisory/ntap-20200413-0003/
|
-
diff --git a/docs/apps/stable/zigbee2mqtt/security.md b/docs/apps/stable/zigbee2mqtt/security.md
index 02dd2280a19..5eb31322fd9 100644
--- a/docs/apps/stable/zigbee2mqtt/security.md
+++ b/docs/apps/stable/zigbee2mqtt/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:04:06.124Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:04:06.124Z [34mINFO[0m Detected config files: 1
#### zigbee2mqtt/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:04:07.156Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:04:07.156Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:04:07.166Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:04:07.156Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:04:07.156Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:04:07.166Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,25 +61,24 @@
**Container: tccr.io/truecharts/zigbee2mqtt:v1.22.1@sha256:ee52cfe959f3e5a05dc4ca4fee50a4d7572522664cf1b275749a4c85da6f4736**
-2021-12-04T20:04:13.326Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:04:13.326Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:04:13.327Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:04:13.327Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:04:13.326Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:04:13.326Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:04:13.327Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:04:13.327Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/zigbee2mqtt:v1.22.1@sha256:ee52cfe959f3e5a05dc4ca4fee50a4d7572522664cf1b275749a4c85da6f4736 (alpine 3.12.9)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-28831 | HIGH | 1.31.1-r21 | 1.32.1-r4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd
https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/
https://security.gentoo.org/glsa/202105-09
|
| ssl_client | CVE-2021-28831 | HIGH | 1.31.1-r21 | 1.32.1-r4 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd
https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/
https://security.gentoo.org/glsa/202105-09
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| ansi-regex | CVE-2021-3807 | HIGH | 4.1.0 | 5.0.1, 6.0.1 | Click to expand!
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
|
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | Click to expand!
https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://nvd.nist.gov/vuln/detail/CVE-2021-3918
|
-
diff --git a/docs/apps/stable/zwavejs2mqtt/security.md b/docs/apps/stable/zwavejs2mqtt/security.md
index 7580582ba8a..db883928594 100644
--- a/docs/apps/stable/zwavejs2mqtt/security.md
+++ b/docs/apps/stable/zwavejs2mqtt/security.md
@@ -4,16 +4,16 @@
##### Scan Results
-2021-12-04T20:04:14.153Z [34mINFO[0m Detected config files: 1
+2021-12-04T20:04:14.153Z [34mINFO[0m Detected config files: 1
#### zwavejs2mqtt/templates/common.yaml
-
+
**kubernetes**
-
+
| No Vulnerabilities found |
|:---------------------------------|
-
+
## Containers
@@ -26,14 +26,14 @@
**Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c**
-2021-12-04T20:04:15.268Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:04:15.268Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:04:15.275Z [34mINFO[0m Number of language-specific files: 0
+2021-12-04T20:04:15.268Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:04:15.268Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:04:15.275Z [34mINFO[0m Number of language-specific files: 0
#### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
@@ -61,15 +61,15 @@
**Container: tccr.io/truecharts/zwavejs2mqtt:v6.0.3@sha256:8fdac2ebee3443d0c1e62a3d52e14959e4717b1c33e4a7ed76f0c45b74d09fcd**
-2021-12-04T20:04:26.031Z [34mINFO[0m Detected OS: alpine
-2021-12-04T20:04:26.031Z [34mINFO[0m Detecting Alpine vulnerabilities...
-2021-12-04T20:04:26.033Z [34mINFO[0m Number of language-specific files: 1
-2021-12-04T20:04:26.033Z [34mINFO[0m Detecting node-pkg vulnerabilities...
+2021-12-04T20:04:26.031Z [34mINFO[0m Detected OS: alpine
+2021-12-04T20:04:26.031Z [34mINFO[0m Detecting Alpine vulnerabilities...
+2021-12-04T20:04:26.033Z [34mINFO[0m Number of language-specific files: 1
+2021-12-04T20:04:26.033Z [34mINFO[0m Detecting node-pkg vulnerabilities...
#### tccr.io/truecharts/zwavejs2mqtt:v6.0.3@sha256:8fdac2ebee3443d0c1e62a3d52e14959e4717b1c33e4a7ed76f0c45b74d09fcd (alpine 3.12.7)
-
+
**alpine**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| apk-tools | CVE-2021-36159 | CRITICAL | 2.10.6-r0 | 2.10.7-r0 | Click to expand!
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
|
@@ -101,7 +101,7 @@
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 | Click to expand!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
|
**node-pkg**
-
+
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| @npmcli/arborist | CVE-2021-39134 | HIGH | 2.6.1 | 2.8.2 | Click to expand!
https://github.com/advisories/GHSA-2h3h-q99f-3fhc
https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc
https://nvd.nist.gov/vuln/detail/CVE-2021-39134
https://www.npmjs.com/package/@npmcli/arborist
https://www.oracle.com/security-alerts/cpuoct2021.html
|
@@ -125,4 +125,3 @@
| tar | CVE-2021-37713 | HIGH | 6.1.0 | 6.1.9, 5.0.10, 4.4.18 | Click to expand!
https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| trim-newlines | CVE-2021-33623 | HIGH | 1.0.0 | 4.0.1, 3.0.1 | Click to expand!
https://github.com/advisories/GHSA-7p7h-4mm5-852v
https://github.com/sindresorhus/trim-newlines/commit/25246c6ce5eea1c82d448998733a6302a4350d91
https://github.com/sindresorhus/trim-newlines/releases/tag/v4.0.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33623
https://security.netapp.com/advisory/ntap-20210702-0007/
https://www.npmjs.com/package/trim-newlines
|
| trim-off-newlines | CVE-2021-23425 | MEDIUM | 1.0.1 | | Click to expand!
https://github.com/advisories/GHSA-38fc-wpqx-33j7
https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6
https://github.com/stevemao/trim-off-newlines/pull/3
https://nvd.nist.gov/vuln/detail/CVE-2021-23425
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197
https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850
|
-
diff --git a/docs/index.yaml b/docs/index.yaml
index 0352141c21e..c3b6de95ba1 100644
--- a/docs/index.yaml
+++ b/docs/index.yaml
@@ -1,37 +1,6 @@
apiVersion: v1
entries:
airsonic:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 10.6.2
- created: "2021-12-04T20:11:04.857879879Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Airsonic is a Free and Open Source community driven media server
- digest: eeb87505ed6bc3b5548ebf6fd70d8b42b216fad1a17503ec60489b4a85e0f173
- home: https://github.com/truecharts/apps/tree/master/charts/stable/airsonic
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/airsonic-logo.png
- keywords:
- - airsonic
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: airsonic
- sources:
- - https://github.com/airsonic/airsonic
- - https://github.com/linuxserver/docker-airsonic
- - https://github.com/k8s-at-home/charts/tree/master/charts/airsonic
- urls:
- - https://github.com/truecharts/apps/releases/download/airsonic-4.0.17/airsonic-4.0.17.tgz
- version: 4.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -2169,35 +2138,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/airsonic-1.0.0/airsonic-1.0.0.tgz
version: 1.0.0
amcrest2mqtt:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.0.11
- created: "2021-12-04T20:11:05.05635955Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Expose all events from an Amcrest device to an MQTT broker
- digest: 06fcde58729fa5ce9826e43a9a6ca8bf996e68b69651ec4b300b7c1d4c97cef1
- home: https://github.com/truecharts/apps/tree/master/charts/stable/amcrest2mqtt
- icon: https://raw.githubusercontent.com/k8s-at-home/organization/main/logo/k8s-at-home-400.png
- keywords:
- - amcrest2mqtt
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: amcrest2mqtt
- sources:
- - https://github.com/dchesterton/amcrest2mqtt
- urls:
- - https://github.com/truecharts/apps/releases/download/amcrest2mqtt-2.0.17/amcrest2mqtt-2.0.17.tgz
- version: 2.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -2469,39 +2409,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/amcrest2mqtt-0.0.2/amcrest2mqtt-0.0.2.tgz
version: 0.0.2
anonaddy:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - email
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.8.7
- created: "2021-12-04T20:11:05.287722797Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: mariadb.enabled
- name: mariadb
- repository: https://truecharts.org/
- version: 1.0.20
- description: Protect your email from spam using disposable addresses.
- digest: 786bb68eddebb452cc4e8f788f08659cf6d8a86f44f85225a07d1d64b7a84bb8
- home: https://github.com/truechartsapps/tree/master/charts/stable/anonaddy
- icon: https://avatars.githubusercontent.com/u/51450862?s=200&v=4?sanitize=true
- keywords:
- - anonaddy
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: anonaddy
- sources:
- - https://github.com/anonaddy/docker
- urls:
- - https://github.com/truecharts/apps/releases/download/anonaddy-6.0.4/anonaddy-6.0.4.tgz
- version: 6.0.4
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -2602,38 +2509,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/anonaddy-6.0.0/anonaddy-6.0.0.tgz
version: 6.0.0
apache-musicindex:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.4.1
- created: "2021-12-04T20:11:05.505204228Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Index and stream music using apache-musicindex and m3u playlists
- digest: 5ec45766dbc42ce93575793aeb14b9fdf8df6016c8d34cc0f1c7e2fd7187e2e1
- home: https://github.com/truecharts/apps/tree/master/charts/stable/apache-musicindex
- icon: https://en.wikipedia.org/wiki/Apache_HTTP_Server#/media/File:Apache_HTTP_server_logo_(2019-present).svg
- keywords:
- - apache-musicindex
- - streaming
- - m3u
- - playlist
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: apache-musicindex
- sources:
- - http://hacks.slashdirt.org/sw/musicindex/
- urls:
- - https://github.com/truecharts/apps/releases/download/apache-musicindex-2.0.15/apache-musicindex-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -2871,43 +2746,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/apache-musicindex-0.0.2/apache-musicindex-0.0.2.tgz
version: 0.0.2
appdaemon:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - utilities
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 4.1.0
- created: "2021-12-04T20:11:05.714204487Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: AppDaemon is a loosely coupled, multithreaded, sandboxed python execution
- environment for writing automation apps for Home Assistant home automation software.
- It also provides a configurable dashboard (HADashboard) suitable for wall mounted
- tablets.
- digest: 8f2171cdac2564dedf8889b591cd3d6f1cf28e45f2e49a829e8653438b223326
- home: https://github.com/truecharts/apps/tree/master/charts/stable/appdaemon
- icon: https://github.com/hassio-addons/addon-appdaemon/blob/main/appdaemon/icon.png?raw=true
- keywords:
- - appdaemon
- - homeautomation
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- - email: 20650065+warllo54@users.noreply.github.com
- name: warllo54
- url: truecharts.org
- name: appdaemon
- sources:
- - https://github.com/AppDaemon/appdaemon
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/appdaemon-6.0.15/appdaemon-6.0.15.tgz
- version: 6.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -5937,35 +5775,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/appdaemon-0.1.3/appdaemon-0.1.3.tgz
version: 0.1.3
aria2:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: latest
- created: "2021-12-04T20:11:05.915902185Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: aria server for downloading web content
- digest: ef2ba25b0365364768e9eb1e19b4aef189b3f948346838a0c93a9869865387b0
- home: https://github.com/truecharts/apps/tree/master/charts/stable/aira2
- icon: https://avatars.githubusercontent.com/u/13545224?s=200&v=4
- keywords:
- - aria2
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: aria2
- sources:
- - https://github.com/P3TERX/Aria2-Pro-Docker
- urls:
- - https://github.com/truecharts/apps/releases/download/aria2-2.0.15/aria2-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -6208,41 +6017,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/aria2-0.0.2/aria2-0.0.2.tgz
version: 0.0.2
audacity:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.0.2
- created: "2021-12-04T20:11:06.130628292Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: An easy-to-use, multi-track audio editor and recorder
- digest: c55d2e6aa4ba64741ea0b87b953746410541729a6bb6820c31b6566a0c541c78
- home: https://github.com/truecharts/apps/tree/master/charts/stable/audacity
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/audacity-logo.png
- keywords:
- - audacity
- - music
- - recorder
- - editor
- - audio
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: audacity
- sources:
- - https://github.com/linuxserver/docker-audacity
- - https://www.audacityteam.org/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/audacity-2.0.15/audacity-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -6504,55 +6278,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/audacity-0.0.2/audacity-0.0.2.tgz
version: 0.0.2
authelia:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - security
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 4.33.0
- created: "2021-12-04T20:11:06.358833113Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- - condition: redis.enabled
- name: redis
- repository: https://truecharts.org/
- version: 1.0.22
- description: Authelia is a Single Sign-On Multi-Factor portal for web apps
- digest: 7694ae2e11477ec75ed9e8435141de481fe8970d7927f3b234559cd0b4615e89
- home: https://github.com/truecharts/apps/tree/master/charts/stable/authelia
- icon: https://avatars2.githubusercontent.com/u/59122411?s=200&v=4
- keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: authelia
- sources:
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/authelia-8.0.8/authelia-8.0.8.tgz
- version: 8.0.8
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -10589,46 +10314,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/authelia-0.0.1/authelia-0.0.1.tgz
version: 0.0.1
babybuddy:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.9.1
- created: "2021-12-04T20:11:06.581322286Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: Helps caregivers track sleep, feedings, diaper changes, tummy time
- and more to learn about and predict baby's needs without (as much) guess work.
- digest: 8536d3a76287da864f7e607cad97c07577c5b27608c67e575c37831a1c4d2f77
- home: https://github.com/truecharts/apps/tree/main/charts/babybuddy
- icon: https://github.com/babybuddy/babybuddy/raw/master/babybuddy/static_src/logo/icon.png
- keywords:
- - baby
- - buddy
- - tracker
- - parents
- - parenting
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: babybuddy
- sources:
- - https://github.com/babybuddy/babybuddy
- - https://github.com/nicholaswilde/docker-babybuddy
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/babybuddy-5.0.9/babybuddy-5.0.9.tgz
- version: 5.0.9
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -11180,43 +10865,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/babybuddy-0.0.1/babybuddy-0.0.1.tgz
version: 0.0.1
bazarr:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.0.1
- created: "2021-12-04T20:11:06.79089805Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Bazarr is a companion application to Sonarr and Radarr. It manages
- and downloads subtitles based on your requirements
- digest: 3030b798a33076f29cb9da9a22db49ee51ae048bfca5a07f9486303863b6f305
- home: https://github.com/truecharts/apps/tree/master/charts/stable/bazarr
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/bazarr.png
- keywords:
- - bazarr
- - radarr
- - sonarr
- - subtitles
- - usenet
- - torrent
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: bazarr
- sources:
- - https://github.com/morpheus65535/bazarr
- - https://hub.docker.com/r/linuxserver/bazarr
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/bazarr-9.0.17/bazarr-9.0.17.tgz
- version: 9.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -14627,41 +14275,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/bazarr-3.1.5/bazarr-3.1.5.tgz
version: 3.1.5
beets:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.5.0
- created: "2021-12-04T20:11:06.999721108Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A music library manager and not, for the most part, a music player.
- digest: 4893269d2453fc05acef3ad4c0eb0678da983338efcf885a49b596dc647bf8bc
- home: https://github.com/truecharts/apps/tree/master/charts/stable/beets
- icon: https://github.com/truecharts/apps/raw/main/images/beets.png
- keywords:
- - music
- - library
- - manager
- - player
- - beets
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: beets
- sources:
- - https://github.com/linuxserver/docker-beets
- - https://beets.io/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/beets-2.0.17/beets-2.0.17.tgz
- version: 2.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -15262,44 +14875,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/bitwarden-1.2.5/bitwarden-1.2.5.tgz
version: 1.2.5
blog:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - hosting
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: latest
- created: "2021-12-04T20:11:07.216004429Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: Lightweight self-hosted facebook-styled PHP blog.
- digest: 432dd4ce008c7d9d5fe3d43283b0bc7a7886504c0874af2425d6dee7f360f996
- home: https://github.com/truechartsapps/tree/master/charts/stable/blog
- icon: https://demo.photoprism.org/static/img/logo-avatar.svg
- keywords:
- - blog
- - php
- - self
- - hosted
- - facebook
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: blog
- sources:
- - https://github.com/m1k1o/blog
- - https://github.com/nicholaswilde/docker-blog
- urls:
- - https://github.com/truecharts/apps/releases/download/blog-0.0.4/blog-0.0.4.tgz
- version: 0.0.4
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -15377,38 +14952,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/blog-0.0.1/blog-0.0.1.tgz
version: 0.0.1
booksonic-air:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2009.1.0
- created: "2021-12-04T20:11:07.404310114Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Booksonic is a platform for accessing the audibooks you own wherever
- you are
- digest: 13a6d30c034e53c6f72f4b7608867f458d2a84cb785c72ffd3f363d78fc294e3
- home: https://github.com/truechartsapps/tree/master/charts/stable/booksonic-air
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/booksonic-air.png
- keywords:
- - booksonic
- - audiobook
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: booksonic-air
- sources:
- - https://github.com/popeen/Booksonic-Air
- - https://hub.docker.com/r/linuxserver/booksonic-air
- urls:
- - https://github.com/truecharts/apps/releases/download/booksonic-air-4.0.16/booksonic-air-4.0.16.tgz
- version: 4.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -17055,46 +16598,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/booksonic-air-1.0.1/booksonic-air-1.0.1.tgz
version: 1.0.1
bookstack:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 21.11.2021
- created: "2021-12-04T20:11:07.597412339Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: mariadb.enabled
- name: mariadb
- repository: https://truecharts.org/
- version: 1.0.20
- description: A simple, self-hosted, easy-to-use platform for organising and storing
- information.
- digest: 0c7898ea8eb5be829a15fdfa5286218f37f29ba62c76b7975b7ca2c53f4e868c
- home: https://github.com/truechartsapps/tree/master/charts/stable/bookstack
- icon: https://avatars3.githubusercontent.com/u/20912696?s=400&v=4?sanitize=true
- keywords:
- - bookstack
- - book
- - stack
- - organizer
- - server
- - hosted
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: bookstack
- sources:
- - https://www.bookstackapp.com/
- - https://hub.docker.com/r/linuxserver/bookstack
- urls:
- - https://github.com/truecharts/apps/releases/download/bookstack-0.0.5/bookstack-0.0.5.tgz
- version: 0.0.5
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -17216,36 +16719,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/bookstack-0.0.1/bookstack-0.0.1.tgz
version: 0.0.1
calibre:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 5.32.0
- created: "2021-12-04T20:11:07.804489383Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Calibre is a powerful and easy to use e-book manager.
- digest: 934c71c575959b9029ac9d5a36644d2c8b2a7955c1f3203429c56d755ee547ad
- home: https://github.com/truechartsapps/tree/master/charts/stable/calibre
- icon: https://github.com/kovidgoyal/calibre/raw/master/resources/images/lt.png
- keywords:
- - calibre
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: calibre
- sources:
- - https://hub.docker.com/r/linuxserver/calibre/
- - https://github.com/kovidgoyal/calibre/
- urls:
- - https://github.com/truecharts/apps/releases/download/calibre-4.0.18/calibre-4.0.18.tgz
- version: 4.0.18
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -18902,40 +18375,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/calibre-1.0.1/calibre-1.0.1.tgz
version: 1.0.1
calibre-web:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.6.12
- created: "2021-12-04T20:11:08.000419532Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Calibre-Web is a web app providing a clean interface for browsing,
- reading and downloading eBooks using an existing Calibre database.
- digest: 237d07f5e5855164d7e3c3008359883060ef19f1ad1c081359e562ce6b2d0e1a
- home: https://github.com/truecharts/apps/tree/master/charts/stable/calibre-web
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/calibre-web-icon.png
- keywords:
- - calibre-web
- - calibre
- - ebook
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: calibre-web
- sources:
- - https://hub.docker.com/r/linuxserver/calibre-web/
- - https://github.com/janeczku/calibre-web
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/calibre-web-9.0.15/calibre-web-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -21624,45 +21063,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/calibre-web-3.1.5/calibre-web-3.1.5.tgz
version: 3.1.5
clarkson:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - vehicle
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.1.2
- created: "2021-12-04T20:11:08.255480379Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: mariadb.enabled
- name: mariadb
- repository: https://truecharts.org/
- version: 1.0.20
- description: A web-based dashboard application that gives you a neat and clean
- interface for logging your fuel fill-ups for all of your vehicles.
- digest: 1b8be334bd1100cb869f162d92882d1b1222e38feecd01f9ae0f09d9e11e5778
- home: https://github.com/truechartsapps/tree/master/charts/stable/clarkson
- icon: https://github.com/linuxserver/Clarkson/raw/master/src/mstile-150x150.png
- keywords:
- - fuel
- - car
- - log
- - fill-up
- - vehicle
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: clarkson
- sources:
- - https://github.com/linuxserver/Clarkson
- - https://hub.docker.com/r/linuxserver/clarkson
- urls:
- - https://github.com/truecharts/apps/releases/download/clarkson-0.0.5/clarkson-0.0.5.tgz
- version: 0.0.5
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -21781,41 +21181,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/clarkson-0.0.1/clarkson-0.0.1.tgz
version: 0.0.1
cloud9:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.29.2
- created: "2021-12-04T20:11:08.442210751Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A complete web based IDE with terminal access
- digest: 0020a68b204d2c72ed9e7d1ca55006050fcfb565148ad83a165a4f8de72619d5
- home: https://github.com/truecharts/apps/tree/master/charts/stable/cloud9
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/cloud9.png
- keywords:
- - cloud9
- - ide
- - terminal
- - web
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: cloud9
- sources:
- - https://aws.amazon.com/cloud9/
- - https://github.com/c9/core
- - https://hub.docker.com/r/linuxserver/cloud9
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/cloud9-2.0.18/cloud9-2.0.18.tgz
- version: 2.0.18
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -22182,40 +21547,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/cloud9-0.0.2/cloud9-0.0.2.tgz
version: 0.0.2
code-server:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.12.0
- created: "2021-12-04T20:11:08.640033716Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Run VS Code on any machine anywhere and access it in the browser.
- digest: c6cae0e9687879386c039f31ea9c3334f0a72c915d12a53655b9f58536d6255a
- home: https://github.com/truecharts/apps/tree/master/charts/stable/code-server
- icon: https://github.com/truecharts/apps/raw/main/images/code-server.jpg
- keywords:
- - code
- - vs
- - visual studio
- - vscode
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: code-server
- sources:
- - https://github.com/cdr/code-server
- - https://hub.docker.com/r/linuxserver/code-server
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/code-server-2.0.15/code-server-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -22469,41 +21800,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/code-server-0.0.2/code-server-0.0.2.tgz
version: 0.0.2
collabora-online:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - office
- - documents
- - productivity
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 6.4.14.3
- created: "2021-12-04T20:11:08.82702149Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Collabora Online Development Edition – an awesome, Online Office
- suite image suitable for home use.
- digest: 1db6c95b2709fe6e496f2df00f42d36e47a2a273ef305127383c169b10c860bd
- home: https://github.com/truecharts/apps/tree/master/charts/stable/collabora-online
- icon: https://truecharts.org/_static/img/collabora-icon.png
- keywords:
- - collabora-online
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: collabora-online
- sources:
- - https://hub.docker.com/r/collabora/code
- - https://sdk.collaboraonline.com/contents.html
- - https://github.com/CollaboraOnline/online/tree/master/kubernetes/helm
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/collabora-online-9.0.15/collabora-online-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -30362,35 +29658,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/common-test-2.0.0/common-test-2.0.0.tgz
version: 2.0.0
cryptofolio:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.2.0
- created: "2021-12-04T20:11:09.025734363Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Track your cryptocurrency holdings/portfolio
- digest: 436d3f766b223ede3853354faf1084db0e7ed3599c13451d14cb6689c64d0490
- home: https://github.com/truecharts/apps/tree/master/charts/stable/cryptofolio
- icon: https://raw.githubusercontent.com/Xtrendence/Cryptofolio/main/website/assets/img/Logo.png
- keywords:
- - cryptofolio
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: cryptofolio
- sources:
- - https://github.com/Xtrendence/cryptofolio
- urls:
- - https://github.com/truecharts/apps/releases/download/cryptofolio-2.0.15/cryptofolio-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -30604,36 +29871,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/cryptofolio-0.0.2/cryptofolio-0.0.2.tgz
version: 0.0.2
custom-app:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - custom
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.20.83
- created: "2021-12-04T20:11:09.227649562Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Advanced tool to create your own TrueCharts-based App
- digest: 241def281f0a1104553bb3b6e17a6714c69a59520ede37ff1ff63ae7fc98f363
- home: https://github.com/truecharts/apps/tree/master/charts/stable/custom-app
- icon: https://truecharts.org/_static/img/custom-app-icon.png
- keywords:
- - custom
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: custom-app
- sources:
- - https://github.com/truecharts/apps/tree/master/charts/stable/custom-app
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/custom-app-3.0.25/custom-app-3.0.25.tgz
- version: 3.0.25
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -31905,40 +31142,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/custom-app-0.0.1/custom-app-0.0.1.tgz
version: 0.0.1
davos:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.2.1
- created: "2021-12-04T20:11:09.487215947Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: An FTP automation tool that periodically scans given host locations
- for new files.
- digest: fdf7ac9413aba46136c93da95e42251896ad93305b6920a638a2e0e558916c7e
- home: https://github.com/truecharts/apps/tree/master/charts/stable/davos
- icon: https://github.com/linuxserver/davos/raw/master/src/main/resources/static/android-chrome-192x192.png
- keywords:
- - davos
- - ftp
- - automation
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: davos
- sources:
- - https://github.com/linuxserver/docker-davos
- - https://github.com/linuxserver/davos/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/davos-2.0.15/davos-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -32192,40 +31395,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/davos-0.0.2/davos-0.0.2.tgz
version: 0.0.2
deconz:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.13.01
- created: "2021-12-04T20:11:09.676893344Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: deCONZ is an easy to use control software, with which you can set
- up and control Zigbee networks of any size without further programming effort.
- digest: 17ca31d5391080c4eabd1a3714703fcdce171eba734832dd17c270c6c4cd5b65
- home: https://github.com/truechartsapps/tree/master/charts/stable/deconz
- icon: https://avatars1.githubusercontent.com/u/4217524?s=400&v=4
- keywords:
- - deconz
- - home-automation
- - zigbee
- - conbee
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: deconz
- sources:
- - https://github.com/dresden-elektronik/deconz-rest-plugin
- - https://github.com/marthoc/docker-deconz
- urls:
- - https://github.com/truecharts/apps/releases/download/deconz-5.0.2/deconz-5.0.2.tgz
- version: 5.0.2
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -34055,39 +33224,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/deconz-1.0.1/deconz-1.0.1.tgz
version: 1.0.1
deepstack-cpu:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - AI
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2021.09.1
- created: "2021-12-04T20:11:09.883651684Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: DeepStack AI provides AI features including Face Recognition, Object
- Detection, Scene Recognition and custom AI Models
- digest: 9691d546f611bc31d724ed3cb247778b77bec23244bf95d21183481c72d0b812
- home: https://github.com/truecharts/apps/tree/master/charts/stable/deepstack-cpu
- icon: https://deepquest.sfo2.digitaloceanspaces.com/deepstackcc/static/img/deepstacklogo.png
- keywords:
- - AI
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: deepstack-cpu
- sources:
- - https://github.com/johnolafenwa/DeepStack
- - https://hub.docker.com/r/deepquestai/deepstack
- - https://www.deepstack.cc/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/deepstack-cpu-7.0.15/deepstack-cpu-7.0.15.tgz
- version: 7.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -36909,39 +36045,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/deepstack-cpu-1.0.3/deepstack-cpu-1.0.3.tgz
version: 1.0.3
deepstack-gpu:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - AI
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2021.09.1
- created: "2021-12-04T20:11:10.105728261Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: DeepStack AI provides AI features including Face Recognition, Object
- Detection, Scene Recognition and custom AI Models
- digest: a0e673cf26df61950ba50aad1136a072ebff33794d564aa8546fd62ac3423f8e
- home: https://github.com/truecharts/apps/tree/master/charts/stable/deepstack-gpu
- icon: https://deepquest.sfo2.digitaloceanspaces.com/deepstackcc/static/img/deepstacklogo.png
- keywords:
- - AI
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: deepstack-gpu
- sources:
- - https://github.com/johnolafenwa/DeepStack
- - https://hub.docker.com/r/deepquestai/deepstack
- - https://www.deepstack.cc/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/deepstack-gpu-2.0.15/deepstack-gpu-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -37177,38 +36280,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/deepstack-gpu-1.0.0/deepstack-gpu-1.0.0.tgz
version: 1.0.0
deluge:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.0.3
- created: "2021-12-04T20:11:10.294552399Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Deluge App for TrueNAS SCALE
- digest: 92f870382fe054c84a3f9e9fd7fab202160b12e767759ea043cd765b7c843d42
- home: https://github.com/truecharts/apps/tree/master/charts/stable/deluge
- icon: https://avatars2.githubusercontent.com/u/6733935?v=3&s=200
- keywords:
- - transmission
- - torrent
- - usenet
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: deluge
- sources:
- - https://github.com/deluge-torrent/deluge
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/deluge-9.0.16/deluge-9.0.16.tgz
- version: 9.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -39786,41 +38857,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/deluge-3.1.5/deluge-3.1.5.tgz
version: 3.1.5
digikam:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 7.3.0
- created: "2021-12-04T20:11:10.487196269Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Professional Photo Management with the Power of Open Source
- digest: 7896d3266f6e521f540aca698d491ca4a1f431f21a9a408975f427bbcbb61afe
- home: https://github.com/truecharts/apps/tree/master/charts/stable/digikam
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/digikam.png
- keywords:
- - digikam
- - photo
- - management
- - image
- - gallery
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: digikam
- sources:
- - https://github.com/linuxserver/docker-digikam
- - https://www.digikam.org/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/digikam-2.0.17/digikam-2.0.17.tgz
- version: 2.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -40152,37 +39188,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/digikam-0.0.2/digikam-0.0.2.tgz
version: 0.0.2
dizquetv:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.5.0
- created: "2021-12-04T20:11:10.684347579Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Create live TV channel streams from media on your Plex servers.
- digest: d6bf93b14a01bfb0297274f03046b78e5d1d45bfdca169e228d69665a4b9778f
- home: https://github.com/truechartsapps/tree/master/charts/stable/dizquetv
- icon: https://github.com/vexorian/dizquetv/raw/main/resources/dizquetv.png?raw=true
- keywords:
- - dizqueTV
- - dizquetv
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: dizquetv
- sources:
- - https://github.com/vexorian/dizquetv
- - https://hub.docker.com/r/vexorian/dizquetv
- urls:
- - https://github.com/truecharts/apps/releases/download/dizquetv-4.0.14/dizquetv-4.0.14.tgz
- version: 4.0.14
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -41712,40 +40717,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/dizquetv-1.0.1/dizquetv-1.0.1.tgz
version: 1.0.1
doublecommander:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.8.2
- created: "2021-12-04T20:11:10.872002106Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A free cross platform open source file manager with two panels side
- by side.
- digest: ad017408df299c8d193b4e1611960abba0b5d313ee12ce8f3e15d76a019afd6e
- home: https://github.com/truecharts/apps/tree/master/charts/stable/doublecommander
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/doublecommander-icon.png
- keywords:
- - doublecommander
- - file
- - manager
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: doublecommander
- sources:
- - https://github.com/linuxserver/docker-doublecommander
- - https://doublecmd.sourceforge.io/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/doublecommander-2.0.18/doublecommander-2.0.18.tgz
- version: 2.0.18
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -42101,42 +41072,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/doublecommander-0.0.2/doublecommander-0.0.2.tgz
version: 0.0.2
dsmr-reader:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2021.09.02
- created: "2021-12-04T20:11:11.090297999Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: DSMR-protocol reader, telegram data storage and energy consumption
- visualizer.
- digest: 403097c68f1c0a79133d5264caca57981aa9588c2a645126f9ca4b5407b5474a
- home: https://github.com/truecharts/apps/tree/master/charts/stable/dsmr-reader
- icon: https://avatars2.githubusercontent.com/u/57727360?s=400&v=4
- keywords:
- - dsmr-reader
- - energy
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: dsmr-reader
- sources:
- - https://github.com/dsmrreader/dsmr-reader
- - https://github.com/xirixiz/dsmr-reader-docker
- urls:
- - https://github.com/truecharts/apps/releases/download/dsmr-reader-5.0.5/dsmr-reader-5.0.5.tgz
- version: 5.0.5
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -42488,36 +41423,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/dsmr-reader-0.0.1/dsmr-reader-0.0.1.tgz
version: 0.0.1
duplicati:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: beta
- created: "2021-12-04T20:11:11.275883809Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Store securely encrypted backups on cloud storage services!
- digest: 56892b844b6ba5cadba590c06e32b7f126cb67d1ec1bef2068e28901db86100e
- home: https://github.com/truechartsapps/tree/master/charts/stable/duplicati
- icon: https://avatars.githubusercontent.com/u/8270231?s=200&v=4
- keywords:
- - duplicati
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: duplicati
- sources:
- - https://hub.docker.com/r/linuxserver/duplicati/
- - https://github.com/duplicati/duplicati
- urls:
- - https://github.com/truecharts/apps/releases/download/duplicati-4.0.15/duplicati-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -44069,39 +42974,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/duplicati-1.0.1/duplicati-1.0.1.tgz
version: 1.0.1
emby:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 4.6.7.0
- created: "2021-12-04T20:11:11.460277708Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Emby Server is a home media server
- digest: 969c55adaa0da81f8bd1ecdb1ef5809201c466971715aca9261cc4012ce79721
- home: https://github.com/truecharts/apps/master/stable/emby
- icon: https://truecharts.org/_static/img/emby-icon.png
- keywords:
- - jellyfin
- - plex
- - emby
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: emby
- sources:
- - https://hub.docker.com/r/linuxserver/emby
- - https://github.com/linuxserver/docker-emby.git
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/emby-9.0.17/emby-9.0.17.tgz
- version: 9.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -47019,38 +45891,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/emby-3.1.5/emby-3.1.5.tgz
version: 3.1.5
esphome:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - tools
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2021.11.4
- created: "2021-12-04T20:11:11.656475209Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: ESPHome is a system to control your ESP8266/ESP32 by simple yet powerful
- configuration files and control them remotely through Home Automation systems.
- digest: a16d369da202023d6b885cff95bc0dba8bf72d3cc4c6fe2a9adf90ea7c8e212b
- home: https://github.com/truecharts/apps/tree/master/charts/stable/esphome
- icon: https://esphome.io/_images/logo.svg
- keywords:
- - esphome
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: esphome
- sources:
- - https://github.com/esphome/esphome
- - https://hub.docker.com/u/esphome
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/esphome-9.0.18/esphome-9.0.18.tgz
- version: 9.0.18
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -50166,46 +49006,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/esphome-3.1.5/esphome-3.1.5.tgz
version: 3.1.5
etherpad:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.8.14
- created: "2021-12-04T20:11:11.867187637Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: A real-time collaborative editor scalable to thousands of simultaneous
- real time users.
- digest: f66732054078e3cd8afbff1053874c6aa31dfd235a062aa46fd490227fade38f
- home: https://github.com/truecharts/apps/tree/main/charts/etherpad
- icon: https://github.com/truecharts/apps/raw/main/images/etherpad.jpg
- keywords:
- - etherpad
- - editor
- - notepad
- - pad
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: etherpad
- sources:
- - https://etherpad.org/
- - https://github.com/ether/etherpad-lite
- - https://hub.docker.com/r/nicholaswilde/etherpad
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/etherpad-5.0.6/etherpad-5.0.6.tgz
- version: 5.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -50597,37 +49397,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/etherpad-0.0.1/etherpad-0.0.1.tgz
version: 0.0.1
external-service:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - networking
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.66.6
- created: "2021-12-04T20:11:12.067936678Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Allow external services to be used like Apps.
- digest: c447afe814e3a115d5fcc6300f7237a290520dba63f40d164fb769ace2843db9
- home: https://github.com/truecharts/apps/tree/master/charts/stable/external-service
- icon: https://truecharts.org/_static/img/external-service-icon.png
- keywords:
- - external-service
- - reverse-proxy
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: external-service
- sources:
- - https://github.com/truecharts/apps/tree/master/charts/stable/external-service
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/external-service-4.0.14/external-service-4.0.14.tgz
- version: 4.0.14
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -51893,41 +50662,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/external-service-0.0.1/external-service-0.0.1.tgz
version: 0.0.1
filezilla:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.51.0
- created: "2021-12-04T20:11:12.246328525Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A Helm chart for Kubernetes
- digest: 0b9e63eda69fe7d332b3df6278bfbf55c0cd751129dee92bc2383cea198b3666
- home: https://github.com/truecharts/apps/tree/master/charts/stable/filezilla
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/filezilla-logo.png
- keywords:
- - filezilla
- - ftp
- - sftp
- - ftps
- - client
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: filezilla
- sources:
- - https://filezilla-project.org/
- - https://github.com/linuxserver/docker-filezilla
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/filezilla-2.0.15/filezilla-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -52189,41 +50923,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/filezilla-0.0.2/filezilla-0.0.2.tgz
version: 0.0.2
fireflyiii:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - finacial
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 5.5.12
- created: "2021-12-04T20:11:12.45916397Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: A free and open source personal finance manager
- digest: 1340057ca669bb0b3f4404753ad292e7968905ca198b9f5e9fa5b0729be6a915
- home: https://github.com/firefly-iii/firefly-iii/
- icon: https://www.firefly-iii.org/assets/logo/color.png
- keywords:
- - fireflyiii
- - finacial
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: fireflyiii
- sources:
- - https://github.com/firefly-iii/firefly-iii/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/fireflyiii-13.0.6/fireflyiii-13.0.6.tgz
- version: 13.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -57044,45 +55743,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/fireflyiii-1.0.1/fireflyiii-1.0.1.tgz
version: 1.0.1
firefox-syncserver:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.8.0
- created: "2021-12-04T20:11:12.667706779Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: This is an all-in-one package for running a self-hosted Firefox Sync
- server.
- digest: 83d0b45144c582b729812b2c4e701bd263a8c7fbc8648f8cad9ed667b96cd2b8
- home: https://github.com/truecharts/apps/tree/main/charts/firefox-syncserver
- icon: https://upload.wikimedia.org/wikipedia/en/0/01/Firefox_Sync_logo.png
- keywords:
- - server
- - sync
- - syncserver
- - firefox
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: firefox-syncserver
- sources:
- - https://moz-services-docs.readthedocs.io/en/latest/howtos/run-sync-1.5.html
- - https://hub.docker.com/r/crazymax/firefox-syncserver
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/firefox-syncserver-5.0.6/firefox-syncserver-5.0.6.tgz
- version: 5.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -57464,37 +56124,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/firefox-syncserver-0.0.1/firefox-syncserver-0.0.1.tgz
version: 0.0.1
flaresolverr:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.0.2
- created: "2021-12-04T20:11:12.843676605Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: FlareSolverr is a proxy server to bypass Cloudflare protection
- digest: e0bb5db8c7f66e817d7dbedaa65a9abfa46b2068d34c9874d6e5f511ea202a7f
- home: https://github.com/truechartsapps/tree/master/charts/stable/flaresolverr
- icon: https://raw.githubusercontent.com/FlareSolverr/FlareSolverr/master/resources/flaresolverr_logo.svg
- keywords:
- - flaresolverr
- - jackett
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: flaresolverr
- sources:
- - https://github.com/FlareSolverr/FlareSolverr
- - https://hub.docker.com/r/flaresolverr/flaresolverr
- urls:
- - https://github.com/truecharts/apps/releases/download/flaresolverr-4.0.16/flaresolverr-4.0.16.tgz
- version: 4.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -59029,39 +57658,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/flaresolverr-1.0.1/flaresolverr-1.0.1.tgz
version: 1.0.1
flood:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 4.7.0
- created: "2021-12-04T20:11:13.032287241Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Flood is a monitoring service for various torrent clients
- digest: e21c380f985435f6064fc5b01ad1070c65a5a0a9806fcfb6157adf6c8cc44d49
- home: https://github.com/truechartsapps/tree/master/charts/stable/flood
- icon: https://raw.githubusercontent.com/jesec/flood/master/flood.svg
- keywords:
- - flood
- - rtorrent
- - qbittorrent
- - transmission
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: flood
- sources:
- - https://github.com/jesec/flood
- - https://hub.docker.com/r/jesec/flood
- urls:
- - https://github.com/truecharts/apps/releases/download/flood-4.0.14/flood-4.0.14.tgz
- version: 4.0.14
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -60707,40 +59303,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/flood-1.0.1/flood-1.0.1.tgz
version: 1.0.1
focalboard:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.8.0
- created: "2021-12-04T20:11:13.225847319Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Focalboard is an open source, self-hosted alternative to Trello,
- Notion, and Asana.
- digest: 1bdff71fed263b94bfed5d237a055b49f7f7ba6ed03825027fb377c362810aea
- home: https://github.com/truechartsapps/tree/master/charts/stable/focalboard
- icon: https://github.com/mattermost/focalboard/raw/main/webapp/static/favicon.svg
- keywords:
- - focalboard
- - kanban
- - project management
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: focalboard
- sources:
- - https://www.focalboard.com/
- - https://github.com/mattermost/focalboard
- - https://github.com/FlipEnergy/container-images/blob/main/focalboard
- urls:
- - https://github.com/truecharts/apps/releases/download/focalboard-4.0.15/focalboard-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -62444,38 +61006,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/focalboard-1.0.1/focalboard-1.0.1.tgz
version: 1.0.1
fossil:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.15.1
- created: "2021-12-04T20:11:13.409161309Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A simple, high-reliability, distributed software configuration management
- system
- digest: 1d599d3ecaeaf4f32e277c980a1c60ac27cdef008fcee932a404cf11f2333752
- home: https://github.com/truecharts/apps/tree/master/charts/stable/fossil
- icon: https://fossil-scm.org/home/doc/trunk/www/fossil3.gif
- keywords:
- - fossil
- - scm
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: fossil
- sources:
- - https://fossil-scm.org/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/fossil-2.0.15/fossil-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -62713,38 +61243,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/fossil-0.0.2/fossil-0.0.2.tgz
version: 0.0.2
freeradius:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - auth
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.0.23
- created: "2021-12-04T20:11:13.610802658Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: OpenSource Radius implementation
- digest: 12f95bf0fd97f677e4254b1936e94273d3cab511f33cbf15c30d65c147613ad8
- home: https://www.openldap.org
- icon: https://networkradius.com/assets/img/FR-NR.svg
- keywords:
- - radius
- - auth
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: freeradius
- sources:
- - https://hub.docker.com/r/freeradius/freeradius-server/
- - https://freeradius.org/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/freeradius-4.0.16/freeradius-4.0.16.tgz
- version: 4.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -64387,38 +62885,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/freeradius-1.0.0/freeradius-1.0.0.tgz
version: 1.0.0
freshrss:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.18.1
- created: "2021-12-04T20:11:13.798777188Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: FreshRSS is a self-hosted RSS feed aggregator
- digest: c4f43e4e4b77f8bfb3ed92a55ebf187cb65abf804cef65864c35b0a5eaf29bb0
- home: https://github.com/truecharts/apps/tree/master/charts/stable/freshrss
- icon: https://github.com/FreshRSS/FreshRSS/blob/master/docs/img/FreshRSS-logo.png?raw=true
- keywords:
- - freshrss
- - rss
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: freshrss
- sources:
- - https://github.com/FreshRSS/FreshRSS
- - https://hub.docker.com/r/linuxserver/freshrss
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/freshrss-9.0.19/freshrss-9.0.19.tgz
- version: 9.0.19
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -67100,41 +65566,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/freshrss-3.1.5/freshrss-3.1.5.tgz
version: 3.1.5
friendica:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - social
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "2021.09"
- created: "2021-12-04T20:11:14.014267257Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: mariadb.enabled
- name: mariadb
- repository: https://truecharts.org/
- version: 1.0.20
- description: Welcome to the free social web
- digest: e7d8026de357ea1220c477b510e277435e98302213cecfc08b5338c3760a2464
- home: https://github.com/truechartsapps/tree/master/charts/stable/friendica
- icon: https://d1q6f0aelx0por.cloudfront.net/product-logos/library-friendica-logo.png
- keywords:
- - friend
- - social
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: friendica
- sources:
- - https://friendi.ca/
- - https://hub.docker.com/_/friendica
- urls:
- - https://github.com/truecharts/apps/releases/download/friendica-0.0.5/friendica-0.0.5.tgz
- version: 0.0.5
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -67241,39 +65672,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/friendica-0.0.1/friendica-0.0.1.tgz
version: 0.0.1
gaps:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.8.8
- created: "2021-12-04T20:11:14.207903436Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Gaps searches through your Plex Server or local folders for all movies,
- then queries for known movies in the same collection.
- digest: da14ee4a6555c7d996e379ea6edcc14fc973b5181105fb9c8fed28c56034c004
- home: https://github.com/truecharts/apps/tree/master/charts/stable/gaps
- icon: https://raw.githubusercontent.com/JasonHHouse/gaps/master/images/Final-Black.png
- keywords:
- - gaps
- - plex
- - plex-media-server
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: gaps
- sources:
- - https://github.com/JasonHHouse/gaps
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/gaps-9.0.15/gaps-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -69813,51 +68211,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/gaps-3.1.5/gaps-3.1.5.tgz
version: 3.1.5
gitea:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - GIT
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.15.7
- created: "2021-12-04T20:11:14.433436092Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- - condition: memcached.enabled
- name: memcached
- repository: https://truecharts.org/
- version: 1.0.20
- description: Self hosted GIT repositories
- digest: 38ddafa875d79038af5d85d994c724d8be60cd5020146cb06ed6924c84227b6c
- home: https://github.com/truecharts/apps/tree/master/charts/stable/gitea
- icon: https://docs.gitea.io/images/gitea.png
- keywords:
- - git
- - issue tracker
- - code review
- - wiki
- - gitea
- - gogs
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: gitea
- sources:
- - https://gitea.com/gitea/helm-chart
- - https://github.com/go-gitea/gitea
- - https://hub.docker.com/r/gitea/gitea/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/gitea-5.0.7/gitea-5.0.7.tgz
- version: 5.0.7
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -71219,41 +69572,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/gitea-0.0.1/gitea-0.0.1.tgz
version: 0.0.1
golinks:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 154c581
- created: "2021-12-04T20:11:14.609116015Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A web app that allows you to create smart bookmarks, commands and
- aliases by pointing your web browser's default search engine at a running instance.
- digest: 690b3ab7942198d084cb67fbaa2fe363854daa873aaf3367fc386727fb38ab42
- home: https://github.com/truecharts/apps/tree/master/charts/stable/golinks
- keywords:
- - search
- - browser
- - bookmarks
- - smart-bookmarks
- - golinks
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: golinks
- sources:
- - https://github.com/prologic/golinks
- - https://github.com/nicholaswilde/docker-golinks
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/golinks-2.0.15/golinks-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -71515,37 +69833,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/golinks-0.0.2/golinks-0.0.2.tgz
version: 0.0.2
gonic:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.14.0
- created: "2021-12-04T20:11:14.813034484Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Music streaming server / subsonic server API implementation
- digest: 2d5770e65eadb0eb6b918befeb713fa19b48200c88d6be3319beadb469201491
- home: https://github.com/truechartsapps/tree/master/charts/stable/gonic
- icon: https://raw.githubusercontent.com/sentriz/gonic/master/.github/logo.png
- keywords:
- - music
- - subsonic
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: gonic
- sources:
- - https://github.com/sentriz/gonic
- - https://hub.docker.com/r/sentriz/gonic
- urls:
- - https://github.com/truecharts/apps/releases/download/gonic-4.0.14/gonic-4.0.14.tgz
- version: 4.0.14
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -73049,44 +71336,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/gonic-1.0.1/gonic-1.0.1.tgz
version: 1.0.1
gotify:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.1.0
- created: "2021-12-04T20:11:14.9994015Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: a simple server for sending and receiving messages
- digest: 304eb930b14614c72a9acc9d8ca1e5b29b529acfe19fc6b0f612a5e2a19b8aae
- home: https://github.com/truecharts/apps/tree/main/charts/gotify
- icon: https://gotify.net/img/logo.png
- keywords:
- - server
- - gotify
- - messages
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: gotify
- sources:
- - https://gotify.net/
- - https://github.com/gotify/server
- - https://hub.docker.com/r/gotify/server
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/gotify-5.0.6/gotify-5.0.6.tgz
- version: 5.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -73458,41 +71707,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/gotify-0.0.1/gotify-0.0.1.tgz
version: 0.0.1
grafana:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - metrics
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 8.3.0
- created: "2021-12-04T20:11:15.18044927Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Grafana is an open source, feature rich metrics dashboard and graph
- editor for Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB.
- digest: d31245034c350f82c4b77c5aa41294ebe4f29f238c73659d87ef834c43d3414c
- home: https://github.com/truecharts/apps/tree/master/charts/stable/grafana
- icon: https://bitnami.com/assets/stacks/grafana/img/grafana-stack-220x234.png
- keywords:
- - analytics
- - monitoring
- - metrics
- - logs
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: grafana
- sources:
- - https://github.com/bitnami/bitnami-docker-grafana
- - https://grafana.com/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/grafana-1.0.5/grafana-1.0.5.tgz
- version: 1.0.5
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -73635,40 +71849,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/grafana-0.0.1/grafana-0.0.1.tgz
version: 0.0.1
grav:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.7.18
- created: "2021-12-04T20:11:15.377690581Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A Fast, Simple, and Flexible, file-based Web-platform.
- digest: 260688ffc6aee7d85dd0dac18bd9f60090226b52a3dd327a21c38db081c90511
- home: https://github.com/truecharts/apps/tree/master/charts/stable/grav
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/grav-logo.png
- keywords:
- - grav
- - web
- - platform
- - file
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: grav
- sources:
- - https://github.com/linuxserver/docker-grav
- - https://github.com/getgrav/grav/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/grav-2.0.15/grav-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -73922,37 +72102,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/grav-0.0.2/grav-0.0.2.tgz
version: 0.0.2
grocy:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - Home-Automation
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.1.1
- created: "2021-12-04T20:11:15.561154072Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: ERP beyond your fridge - grocy is a web-based self-hosted groceries
- & household management solution for your home
- digest: 24a2c354a16578ed08871bbd6150d2b33275de384e0ff06ae64a14fad9d7d2c5
- home: https://github.com/truecharts/apps/tree/master/charts/stable/grocy
- icon: https://github.com/grocy/grocy/raw/master/public/img/appicons/mstile-150x150.png
- keywords:
- - grocy
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: grocy
- sources:
- - https://github.com/grocy/grocy
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/grocy-9.0.15/grocy-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -76420,41 +74569,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/grocy-3.1.5/grocy-3.1.5.tgz
version: 3.1.5
handbrake:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.24.2
- created: "2021-12-04T20:11:15.75010101Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: HandBrake is a tool for converting video from nearly any format to
- a selection of modern, widely supported codecs.
- digest: ddd48e98c40aea60ce6db987c80b42a8c6793dfe68a611d59a57248bb6fe8619
- home: https://github.com/truecharts/apps/tree/master/charts/stable/handbrake
- icon: https://handbrake.fr/img/logo.png
- keywords:
- - handbrake
- - encode
- - media
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: handbrake
- sources:
- - https://github.com/jlesage/docker-handbrake
- - https://hub.docker.com/r/jlesage/handbrake/
- - https://handbrake.fr/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/handbrake-9.0.14/handbrake-9.0.14.tgz
- version: 9.0.14
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -79619,39 +77733,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/handbrake-3.1.5/handbrake-3.1.5.tgz
version: 3.1.5
haste-server:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - utilities
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: latest
- created: "2021-12-04T20:11:15.937002331Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Simple text sharing
- digest: 2ccd233f1dc3bae5c6bf7be7128d1e66583f9fb26c531ca0efb6c5e690b39415
- home: https://github.com/truecharts/apps/tree/master/charts/stable/haste
- icon: https://raw.githubusercontent.com/nicholaswilde/helm-charts/main/images/haste.png
- keywords:
- - haste
- - hastebin
- - haste-server
- - pastebin
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: haste-server
- sources:
- - https://github.com/seejohnrun/haste-server
- - https://github.com/k8s-at-home/container-images
- urls:
- - https://github.com/truecharts/apps/releases/download/haste-server-4.0.15/haste-server-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -81773,40 +79854,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/haste-server-1.0.0/haste-server-1.0.0.tgz
version: 1.0.0
headphones:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 58edc604
- created: "2021-12-04T20:11:16.119513214Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: An automated music downloader for NZB and Torrent, written in Python.
- It supports SABnzbd, NZBget, Transmission, µTorrent and Blackhole.
- digest: b7174260d7214aa121805eaf87bf19489aa2c92fd3dca102802096fb44677a6f
- home: https://github.com/truecharts/apps/tree/master/charts/stable/headphones
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/headphones-banner.png
- keywords:
- - headphones
- - music
- - downloader
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: headphones
- sources:
- - https://github.com/linuxserver/docker-headphones
- - https://github.com/rembo10/headphones
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/headphones-2.0.15/headphones-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -82060,40 +80107,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/headphones-0.0.2/headphones-0.0.2.tgz
version: 0.0.2
healthchecks:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.22.0
- created: "2021-12-04T20:11:16.297922361Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Healthchecks is a cron job monitoring service. It listens for HTTP
- requests and email messages ("pings") from your cron jobs and scheduled tasks
- ("checks"). When a ping does not arrive on time, Healthchecks sends out alerts.
- digest: 3b77aa3301fe2b0b266646db94b24db01f54decfffe88d92b00439827425b7b0
- home: https://github.com/truechartsapps/tree/master/charts/stable/healthchecks
- icon: https://avatars.githubusercontent.com/u/13053880?s=200&v=4
- keywords:
- - cron
- - monitoring
- - alert
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: healthchecks
- sources:
- - https://github.com/healthchecks/healthchecks
- - https://hub.docker.com/r/linuxserver/healthchecks
- urls:
- - https://github.com/truecharts/apps/releases/download/healthchecks-4.0.15/healthchecks-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -83971,36 +81984,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/healthchecks-1.0.1/healthchecks-1.0.1.tgz
version: 1.0.1
heimdall:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - organizers
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.2.2
- created: "2021-12-04T20:11:16.488136611Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: An Application dashboard and launcher
- digest: 06ea6cb491621da318befb7babeee3bcf7039a20930bb3fd7c5e53b5bd40dfd9
- home: https://github.com/truecharts/apps/tree/master/charts/stable/heimdall
- icon: https://i.imgur.com/mM4tcO5.png
- keywords:
- - heimdall
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: heimdall
- sources:
- - https://github.com/linuxserver/Heimdall/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/heimdall-9.0.20/heimdall-9.0.20.tgz
- version: 9.0.20
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -86318,43 +84301,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/heimdall-3.1.5/heimdall-3.1.5.tgz
version: 3.1.5
home-assistant:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - home-automation
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2021.11.5
- created: "2021-12-04T20:11:16.688881851Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: home-assistant App for TrueNAS SCALE
- digest: 5ae17bdfaf60a63b63f434f1f1ee685283584bc5dd085d769a18a92733263484
- home: https://github.com/truecharts/apps/tree/master/charts/stable/home-assistant
- icon: https://upload.wikimedia.org/wikipedia/commons/thumb/6/6e/Home_Assistant_Logo.svg/519px-Home_Assistant_Logo.svg.png
- keywords:
- - home-assistant
- - hass
- - homeassistant
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: home-assistant
- sources:
- - https://github.com/home-assistant/home-assistant
- - https://github.com/cdr/code-server
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/home-assistant-12.0.7/home-assistant-12.0.7.tgz
- version: 12.0.7
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -90284,37 +88230,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/home-assistant-3.1.5/home-assistant-3.1.5.tgz
version: 3.1.5
hyperion-ng:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.0.12
- created: "2021-12-04T20:11:16.877960091Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Hyperion is an opensource Bias or Ambient Lighting implementation
- digest: d911b81e6af3c379cc1909267170f5aa885c4799245b96b4e68607edd0002b4f
- home: https://github.com/truechartsapps/tree/master/charts/stable/hyperion-ng
- icon: https://avatars.githubusercontent.com/u/17778452?s=200&v=4
- keywords:
- - hyperion-ng
- - hyperion
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: hyperion-ng
- sources:
- - https://github.com/hyperion-project/hyperion.ng
- - https://hub.docker.com/r/sirfragalot/hyperion.ng
- urls:
- - https://github.com/truecharts/apps/releases/download/hyperion-ng-4.0.17/hyperion-ng-4.0.17.tgz
- version: 4.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -91875,39 +89790,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/hyperion-ng-1.0.1/hyperion-ng-1.0.1.tgz
version: 1.0.1
icantbelieveitsnotvaletudo:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2021.2.1
- created: "2021-12-04T20:11:17.061687784Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Create live map data from Valetudo powered robots
- digest: 59870d959e807c133508cc6177799a2e14d65bf6ae79b699aadd19c3f250e174
- home: https://github.com/truecharts/apps/tree/master/charts/stable/icantbelieveitsnotvaletudo
- icon: https://raw.githubusercontent.com/Hypfer/Valetudo/master/assets/logo/valetudo_logo_small.svg
- keywords:
- - icantbelieveitsnotvaletudo
- - MQTT
- - valetudo
- - iot
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: icantbelieveitsnotvaletudo
- sources:
- - https://github.com/Hypfer/ICantBelieveItsNotValetudo
- - https://github.com/truecharts/apps/tree/master/charts/icantbelieveitsnotvaletudo
- urls:
- - https://github.com/truecharts/apps/releases/download/icantbelieveitsnotvaletudo-2.0.15/icantbelieveitsnotvaletudo-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -92153,42 +90035,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/icantbelieveitsnotvaletudo-0.0.2/icantbelieveitsnotvaletudo-0.0.2.tgz
version: 0.0.2
icinga2:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - monitoring
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.13.1
- created: "2021-12-04T20:11:17.286817837Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: mariadb.enabled
- name: mariadb
- repository: https://truecharts.org/
- version: 1.0.20
- description: A monitoring system which checks the availability of your network
- resources, notifies users of outages, and generates performance data for reporting.
- digest: 0fa003dc3a938a31d4fd07fcb7de1e6a23facc74c39bdeaa2a8c2bdd2543e8ec
- home: https://github.com/truechartsapps/tree/master/charts/stable/icinga2
- icon: https://avatars.githubusercontent.com/u/835441?s=200&v=4
- keywords:
- - icinga2
- - monitoring
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: icinga2
- sources:
- - https://github.com/jjethwa/icinga2
- - https://icinga.com/
- urls:
- - https://github.com/truecharts/apps/releases/download/icinga2-0.0.4/icinga2-0.0.4.tgz
- version: 0.0.4
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -92270,13 +90116,13 @@ entries:
truecharts.org/grade: U
apiVersion: v2
appVersion: 0.20.83
- created: "2021-12-04T20:11:17.487579278Z"
+ created: "2021-12-04T20:34:31.747466639Z"
dependencies:
- name: common
repository: https://truecharts.org
version: 8.9.10
description: API Support for your favorite torrent trackers.
- digest: 5f380a0119fd2bbce0b66afa57d98ebfcc2a382e83bfd24f7c115b21b67ed11e
+ digest: a989a7f16e8ee5636b59217dfb275624f0df09624aedb634e3819cc3f05e563c
home: https://github.com/truecharts/apps/tree/master/charts/stable/jackett
icon: https://truecharts.org/_static/img/jackett-icon.png
keywords:
@@ -92293,8 +90139,8 @@ entries:
- https://github.com/Jackett/Jackett
type: application
urls:
- - https://github.com/truecharts/apps/releases/download/jackett-9.0.30/jackett-9.0.30.tgz
- version: 9.0.30
+ - https://github.com/truecharts/apps/releases/download/jackett-9.0.31/jackett-9.0.31.tgz
+ version: 9.0.31
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -96562,41 +94408,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/jackett-3.1.5/jackett-3.1.5.tgz
version: 3.1.5
jdownloader2:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - downloads
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.7.1
- created: "2021-12-04T20:11:17.671687475Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: JDownloader is a free, open-source download management tool with
- a huge community of developers that makes downloading as easy and fast as it
- should be.
- digest: b911a5a2ff965964df98f96cdf550378e9e2785cab430e5e7c885db48273e24a
- home: https://github.com/truecharts/apps/tree/master/charts/stable/jackett
- icon: https://jdownloader.org/_media/knowledge/wiki/jdownloader.png?w=150
- keywords:
- - jdownloader
- - download
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: jdownloader2
- sources:
- - https://github.com/jlesage/docker-jdownloader-2
- - https://hub.docker.com/r/jlesage/jdownloader-2
- - https://jdownloader.org/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/jdownloader2-4.0.16/jdownloader2-4.0.16.tgz
- version: 4.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -97786,38 +95597,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/jdownloader2-0.0.1/jdownloader2-0.0.1.tgz
version: 0.0.1
jellyfin:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 10.7.7
- created: "2021-12-04T20:11:17.862274627Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Jellyfin is a Free Software Media System
- digest: 4c5127c001b6ecd44bd827d3edc2e5deee66ade6a3dd3c1c1a5d3058840bd4f1
- home: https://github.com/truecharts/apps/tree/master/charts/stable/jellyfin
- icon: https://truecharts.org/_static/img/jellyfin-icon.png
- keywords:
- - jellyfin
- - plex
- - emby
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: jellyfin
- sources:
- - https://github.com/jellyfin/jellyfin
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/jellyfin-9.0.15/jellyfin-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -100638,42 +98417,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/jellyfin-3.1.5/jellyfin-3.1.5.tgz
version: 3.1.5
joplin-server:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.5.1
- created: "2021-12-04T20:11:18.067483207Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: This server allows you to sync any Joplin client
- digest: e55e542dfefdf5a1f2c6d15e4fab929e897b1bd893971c8e964f7aa17c12594a
- home: https://github.com/truecharts/apps/tree/master/charts/stable/jopplin-server
- icon: https://raw.githubusercontent.com/laurent22/joplin/master/Assets/LinuxIcons/256x256.png?raw=true
- keywords:
- - joplin
- - notes
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: joplin-server
- sources:
- - https://github.com/laurent22/joplin/tree/dev/packages/server
- - https://github.com/laurent22/joplin
- - https://hub.docker.com/r/joplin/server
- urls:
- - https://github.com/truecharts/apps/releases/download/joplin-server-5.0.6/joplin-server-5.0.6.tgz
- version: 5.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -101025,37 +98768,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/joplin-server-0.0.1/joplin-server-0.0.1.tgz
version: 0.0.1
k8s-gateway:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - networking
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.1.8
- created: "2021-12-04T20:11:18.275288834Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A Helm chart for the k8s_gateway CoreDNS plugin
- digest: b6250372343fea70ed5355f826980ae3eaef1c072436a4af4a35a659183e161f
- home: https://github.com/truecharts/apps/tree/master/charts/stable/k8s-gateway
- icon: https://cncf-branding.netlify.app/img/projects/coredns/icon/black/coredns-icon-black.png
- keywords:
- - DNS
- - networking
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: k8s-gateway
- sources:
- - https://github.com/ori-edge/k8s_gateway
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/k8s-gateway-4.0.16/k8s-gateway-4.0.16.tgz
- version: 4.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -101758,40 +99470,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/k8s-gateway-0.0.1/k8s-gateway-0.0.1.tgz
version: 0.0.1
kanboard:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.2.20
- created: "2021-12-04T20:11:18.472926969Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: Kanboard is a free and open source Kanban project management software.
- digest: 04dc075d4d0589d6e30e9324e6975d3f62d716c10413c509cb3697846b3843c6
- home: https://github.com/truecharts/apps/tree/master/charts/stable/kanboard
- icon: https://raw.githubusercontent.com/kanboard/website/master/assets/img/icon.svg
- keywords:
- - kanboard
- - kanban
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: kanboard
- sources:
- - https://github.com/kanboard/kanboard
- urls:
- - https://github.com/truecharts/apps/releases/download/kanboard-5.0.6/kanboard-5.0.6.tgz
- version: 5.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -102123,36 +99801,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/kanboard-0.0.1/kanboard-0.0.1.tgz
version: 0.0.1
kms:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - graywares
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: minimal
- created: "2021-12-04T20:11:18.666388569Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Private Windows Activation Server for development and testing
- digest: 9ddcb6e17f8388119903a229084438ec15125a89e70d51c0c4696b39a5292504
- home: https://github.com/truecharts/apps/tree/master/charts/stable/kms
- icon: https://truecharts.org/_static/img/kms-icon.jpg
- keywords:
- - kms
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: kms
- sources:
- - https://github.com/SystemRage/py-kms
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/kms-9.0.17/kms-9.0.17.tgz
- version: 9.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -104798,39 +102446,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/kms-3.1.5/kms-3.1.5.tgz
version: 3.1.5
komga:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.134.0
- created: "2021-12-04T20:11:18.848211373Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A comics/mangas server to serve/stream pages via API
- digest: 9a675a2c7dfe1894f72e03938888a013575c47782a6918939c388f5d08f9af31
- home: https://github.com/truechartsapps/tree/master/charts/stable/komga
- icon: https://komga.org/assets/media/logo.svg
- keywords:
- - komga
- - comics
- - mangas
- - server
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: komga
- sources:
- - https://komga.org/
- - https://github.com/gotson/komga
- urls:
- - https://github.com/truecharts/apps/releases/download/komga-4.0.20/komga-4.0.20.tgz
- version: 4.0.20
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -107112,38 +104727,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/komga-1.0.1/komga-1.0.1.tgz
version: 1.0.1
lazylibrarian:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: latest
- created: "2021-12-04T20:11:19.045831707Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Get all your books, like series with Sonarr...
- digest: 66763dd77dd84d4cccbafd0c180597b32b199d55cf2d1c29b7613ba5abf17568
- home: https://github.com/truecharts/apps/tree/master/charts/stable/lazylibrarian
- icon: https://lazylibrarian.gitlab.io/logo.svg
- keywords:
- - lazylibrarian
- - ebooks
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: lazylibrarian
- sources:
- - https://gitlab.com/LazyLibrarian/LazyLibrarian.git
- - https://lazylibrarian.gitlab.io
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/lazylibrarian-9.0.20/lazylibrarian-9.0.20.tgz
- version: 9.0.20
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -110142,40 +107725,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/lazylibrarian-3.1.5/lazylibrarian-3.1.5.tgz
version: 3.1.5
leaf2mqtt:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "0.5"
- created: "2021-12-04T20:11:19.223195974Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Nissan Leaf connected services to MQTT adapter
- digest: c0cd2081eecdaa4bdbcca0e2cf6654ac6d8359c4c8d93b371aacaae0978b4071
- home: https://github.com/truecharts/apps/tree/master/charts/stable/leaf2mqtt
- icon: https://www.nissanusa.com/content/dam/Nissan/us/Navigation/nissan-logo-black.svg
- keywords:
- - leaf2mqtt
- - leaf
- - nissan
- - kamereon
- - carwings
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: leaf2mqtt
- sources:
- - https://github.com/mitsumaui/leaf2mqtt
- - https://github.com/k8s-at-home/container-images
- urls:
- - https://github.com/truecharts/apps/releases/download/leaf2mqtt-2.0.15/leaf2mqtt-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -110429,43 +107978,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/leaf2mqtt-0.0.2/leaf2mqtt-0.0.2.tgz
version: 0.0.2
leantime:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - management
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.1.7
- created: "2021-12-04T20:11:19.425300446Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: mariadb.enabled
- name: mariadb
- repository: https://truecharts.org/
- version: 1.0.20
- description: Straightforward open source project management system to make your
- ideas reality.
- digest: 47f3ede60ee793cb7afa9573bd4d74a43a3ca1c8e9134395ad9840e3acc634b5
- home: https://github.com/truechartsapps/tree/master/charts/stable/leantime
- icon: https://github.com/nicholaswilde/helm-charts/raw/main/images/leantime.jpg
- keywords:
- - leantime
- - project
- - management
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: leantime
- sources:
- - https://leantime.io/
- - https://hub.docker.com/r/nicholaswilde/leantime
- urls:
- - https://github.com/truecharts/apps/releases/download/leantime-0.0.4/leantime-0.0.4.tgz
- version: 0.0.4
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -110541,38 +108053,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/leantime-0.0.1/leantime-0.0.1.tgz
version: 0.0.1
librespeed:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 5.2.4
- created: "2021-12-04T20:11:19.605253735Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Librespeed is a HTML5 webpage to test upload and download speeds
- digest: f4d5394cdb725044ad396cfc3c03270609a8c4fea43af65db0fba3a59a7ee5fa
- home: https://github.com/truechartsapps/tree/master/charts/stable/librespeed
- icon: https://github.com/librespeed/speedtest/blob/master/.logo/icon_huge.png?raw=true
- keywords:
- - librespeed
- - speedtest
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: librespeed
- sources:
- - https://github.com/librespeed/speedtest
- - https://hub.docker.com/r/linuxserver/librespeed
- - https://github.com/truechartsapps/tree/master/charts/librespeed
- urls:
- - https://github.com/truecharts/apps/releases/download/librespeed-4.0.19/librespeed-4.0.19.tgz
- version: 4.0.19
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -112530,38 +110010,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/librespeed-0.0.1/librespeed-0.0.1.tgz
version: 0.0.1
lidarr:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.0.0.2255
- created: "2021-12-04T20:11:19.812122046Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Looks and smells like Sonarr but made for music
- digest: d5edccfb15b4c841bd4e95d7498a2ad2c8fea379054bf4fb010cf4f43860eab7
- home: https://github.com/truecharts/apps/tree/master/charts/stable/lidarr
- icon: https://avatars3.githubusercontent.com/u/28475832?s=400&v=4
- keywords:
- - lidarr
- - torrent
- - usenet
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: lidarr
- sources:
- - https://github.com/Lidarr/Lidarr
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/lidarr-9.0.15/lidarr-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -115352,37 +112800,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/lidarr-3.1.5/lidarr-3.1.5.tgz
version: 3.1.5
littlelink:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - social
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: latest
- created: "2021-12-04T20:11:19.994311953Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Easy platform to combine all your social links
- digest: d904100ea18250003867b7cc5275f86c3c5740aa64504c3ef8bd16916a84db13
- home: https://github.com/truecharts/apps/tree/master/charts/stable/littlelink
- icon: https://littlelink.io/images/avatar@2x.png
- keywords:
- - littlelink
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: littlelink
- sources:
- - https://github.com/techno-tim/littlelink-server
- - https://github.com/sethcottle/littlelink
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/littlelink-4.0.23/littlelink-4.0.23.tgz
- version: 4.0.23
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -117106,41 +114523,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/littlelink-1.0.0/littlelink-1.0.0.tgz
version: 1.0.0
logitech-media-server:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- - audio
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 8.3.0
- created: "2021-12-04T20:11:20.173372834Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Logitech Media Server is a platform for home/office audio streaming.
- digest: 8a57135fb33134dfadc674a58d128d2de4eacebdd05e38c567c6df09ff4fc8ba
- home: https://github.com/truecharts/apps/master/charts/incubator/logitech-media-server
- icon: https://www.mysqueezebox.com/static/images/logitech_mediaserver.png
- keywords:
- - logitech-media-server
- - squeezebox
- - audio
- - streaming
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: logitech-media-server
- sources:
- - https://github.com/Logitech/slimserver
- - https://hub.docker.com/r/lmscommunity/logitechmediaserver
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/logitech-media-server-2.0.23/logitech-media-server-2.0.23.tgz
- version: 2.0.23
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -117708,40 +115090,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/logitech-media-server-1.0.0/logitech-media-server-1.0.0.tgz
version: 1.0.0
loki:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - logs
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.4.1
- created: "2021-12-04T20:11:20.380449347Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: promtail.enabled
- name: promtail
- repository: https://truecharts.org
- version: 1.0.6
- description: 'Loki: like Prometheus, but for logs.'
- digest: 7a56f4a7a2b6a7a79cd843c4ea3e4055d48eeed87b6d2dac9b3640d9a833bcfc
- home: https://github.com/truecharts/apps/tree/master/charts/stable/loki
- icon: https://raw.githubusercontent.com/grafana/loki/master/docs/sources/logo.png
- keywords:
- - logs
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: loki
- sources:
- - https://github.com/grafana/loki
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/loki-2.0.3/loki-2.0.3.tgz
- version: 2.0.3
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -118049,40 +115397,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/loki-0.0.1/loki-0.0.1.tgz
version: 0.0.1
lychee:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 4.3.6
- created: "2021-12-04T20:11:20.568986406Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Lychee is a free photo-management tool, which runs on your server
- or web-space
- digest: f433bb96467ea9ef9859fb405c9748dbd13cc307f7b260fd5d596d75ba5abad0
- home: https://github.com/truecharts/apps/tree/master/charts/stable/lychee
- icon: https://github.com/LycheeOrg/Lychee/blob/master/Banner.png?raw=true
- keywords:
- - lychee
- - photo
- - pictures
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: lychee
- sources:
- - https://github.com/LycheeOrg/Lychee
- - https://hub.docker.com/r/lycheeorg/lychee
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/lychee-9.0.15/lychee-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -121423,36 +118737,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/mariadb-0.0.1/mariadb-0.0.1.tgz
version: 0.0.1
mealie:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - utilities
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.5.4
- created: "2021-12-04T20:11:20.760852193Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Mealie is a self hosted recipe manager and meal planner with a RestAPI
- backend
- digest: 755da3f7ea348cd5c03f1e42444f586d2543a55c016e929cd7c55b9b6e3f6d0c
- home: https://github.com/truecharts/apps/tree/master/charts/stable/mealie
- icon: https://raw.githubusercontent.com/hay-kot/mealie/gh-pages/assets/img/favicon.png
- keywords:
- - grocy
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: mealie
- sources:
- - https://github.com/hay-kot/mealie
- urls:
- - https://github.com/truecharts/apps/releases/download/mealie-4.0.16/mealie-4.0.16.tgz
- version: 4.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -123528,42 +120812,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/mealie-1.0.0/mealie-1.0.0.tgz
version: 1.0.0
medusa:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.5.20
- created: "2021-12-04T20:11:20.945677522Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: An automatic Video Library Manager for TV Shows
- digest: 86a5be9dd4dc8f978e33a3e1f0053fdad3b29f91e45fa18b076a23e6224a8468
- home: https://github.com/truecharts/apps/tree/master/charts/stable/medusa
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/medusa-icon.png
- keywords:
- - medusa
- - video
- - library
- - manager
- - tv
- - shows
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: medusa
- sources:
- - https://github.com/linuxserver/docker-medusa
- - https://pymedusa.com/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/medusa-1.0.17/medusa-1.0.17.tgz
- version: 1.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -124651,41 +121899,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/metallb-0.0.1/metallb-0.0.1.tgz
version: 0.0.1
miniflux:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.0.33
- created: "2021-12-04T20:11:21.190563948Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: Miniflux is a minimalist and opinionated feed reader.
- digest: 6b5d6c84f450403e013c6cf22b484b82cc22f02923c7fdddf52b10f456fbdbd6
- home: https://github.com/truecharts/apps/tree/master/charts/miniflux
- icon: https://raw.githubusercontent.com/miniflux/logo/master/icon.svg
- keywords:
- - miniflux
- - rss
- - news
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: miniflux
- sources:
- - https://github.com/miniflux/v2
- urls:
- - https://github.com/truecharts/apps/releases/download/miniflux-4.0.6/miniflux-4.0.6.tgz
- version: 4.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -125027,37 +122240,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/miniflux-0.0.1/miniflux-0.0.1.tgz
version: 0.0.1
minio:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: latest
- created: "2021-12-04T20:11:21.388990689Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Minio is a self-hosted S3 storage server
- digest: d089eb3e87098b08998a34e0e294a276c2270cc804791e5065daa95b1cbbb9c1
- home: https://github.com/truecharts/apps/tree/master/charts/incubator/minio
- icon: https://min.io/resources/img/logo/MINIO_wordmark.png
- keywords:
- - minio
- - s3
- - storage
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: minio
- sources:
- - https://github.com/minio/minio
- urls:
- - https://github.com/truecharts/apps/releases/download/minio-1.0.3/minio-1.0.3.tgz
- version: 1.0.3
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -125152,37 +122334,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/minio-0.0.1/minio-0.0.1.tgz
version: 0.0.1
minio-console:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.12.5
- created: "2021-12-04T20:11:21.575403431Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A management console for minio server and operator
- digest: f5b42a357eb0e2d3ed571f13ee9bfc75eb24d2bac7b10c86cde7e6a9c36c7710
- home: https://github.com/truecharts/apps/tree/master/charts/stable/minio-console
- icon: https://min.io/resources/img/logo/MINIO_wordmark.png
- keywords:
- - minio-console
- - minio
- - s3
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: minio-console
- sources:
- - https://github.com/minio/console
- urls:
- - https://github.com/truecharts/apps/releases/download/minio-console-1.0.18/minio-console-1.0.18.tgz
- version: 1.0.18
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -125505,41 +122656,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/minio-console-0.0.2/minio-console-0.0.2.tgz
version: 0.0.2
monica:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - crm
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.5.0
- created: "2021-12-04T20:11:21.778561411Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: mariadb.enabled
- name: mariadb
- repository: https://truecharts.org/
- version: 1.0.20
- description: Straightforward open source project management system to make your
- ideas reality.
- digest: b80de0dfe5df2852778d3804eb4bfff7b4bb23624c1aa568afb50b702985ad9c
- home: https://github.com/truechartsapps/tree/master/charts/stable/monica
- icon: https://pbs.twimg.com/profile_images/951820722191720450/mtCNuIXX.jpg
- keywords:
- - crm
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: monica
- sources:
- - https://github.com/monicahq/monica
- - https://hub.docker.com/_/monica
- urls:
- - https://github.com/truecharts/apps/releases/download/monica-0.0.5/monica-0.0.5.tgz
- version: 0.0.5
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -125646,38 +122762,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/monica-0.0.1/monica-0.0.1.tgz
version: 0.0.1
mosquitto:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - homeautomation
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.0.14
- created: "2021-12-04T20:11:21.980757384Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Eclipse Mosquitto - An open source MQTT broker
- digest: e4149ff15cf5587798bf767969ac83ada8fdfa51642b71229815dab5ebcebee6
- home: https://github.com/truecharts/apps/tree/master/charts/stable/mosquitto
- icon: https://projects.eclipse.org/sites/default/files/mosquitto-200px.png
- keywords:
- - mosquitto
- - MQTT
- - eclipse-iot
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: mosquitto
- sources:
- - https://github.com/eclipse/mosquitto
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/mosquitto-4.0.17/mosquitto-4.0.17.tgz
- version: 4.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -127842,39 +124926,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/mosquitto-1.0.0/mosquitto-1.0.0.tgz
version: 1.0.0
mstream:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 5.2.5
- created: "2021-12-04T20:11:22.174045083Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A personal music streaming server
- digest: 00b297368e27dff39e98d8cee77d48f648325eb962240efaabd0709d3be468cb
- home: https://github.com/truecharts/apps/tree/master/charts/stable/mstream
- icon: https://raw.githubusercontent.com/nicholaswilde/helm-charts/main/images/mstream.png
- keywords:
- - mstream
- - server
- - music
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: mstream
- sources:
- - https://github.com/linuxserver/docker-mstream
- - https://mstream.io/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/mstream-1.0.15/mstream-1.0.15.tgz
- version: 1.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -128120,41 +125171,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/mstream-0.0.2/mstream-0.0.2.tgz
version: 0.0.2
muximux:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "057352e8"
- created: "2021-12-04T20:11:22.344400392Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A lightweight portal to view & manage your HTPC apps without having
- to run anything more than a PHP enabled webserver
- digest: 24a83e19fef6757132c09663f0256cb2bccc107d281439d99ec8bb1274d29855
- home: https://github.com/truecharts/apps/tree/master/charts/stable/muximux
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/muximux-icon.png
- keywords:
- - muximux
- - htpc
- - manage
- - portal
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: muximux
- sources:
- - https://github.com/linuxserver/docker-muximux
- - https://github.com/mescon/Muximux
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/muximux-1.0.19/muximux-1.0.19.tgz
- version: 1.0.19
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -128521,37 +125537,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/muximux-0.0.2/muximux-0.0.2.tgz
version: 0.0.2
mylar:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.5.3
- created: "2021-12-04T20:11:22.534804567Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Mylar is a automated Comic Book downloader
- digest: 2d3406197ef573b907a621fc820079364c4b3ae70bf4aee2111e862116af0e4f
- home: https://github.com/truechartsapps/tree/master/charts/stable/mylar
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/mylar-icon.png
- keywords:
- - mylar
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: mylar
- sources:
- - https://github.com/mylar3/mylar3
- - https://github.com/linuxserver/docker-mylar3
- - https://github.com/truechartsapps/tree/master/charts/mylar
- urls:
- - https://github.com/truecharts/apps/releases/download/mylar-4.0.15/mylar-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -130026,40 +127011,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/mylar-1.0.1/mylar-1.0.1.tgz
version: 1.0.1
navidrome:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.47.0
- created: "2021-12-04T20:11:22.709154209Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Navidrome is an open source web-based music collection server and
- streamer
- digest: bb7fa3ed8b2eb8497c888f2eb44a3fb80303b15eb37e6965ff94c9e27ad5c5b5
- home: https://github.com/truecharts/apps/tree/master/charts/stable/navidrome
- icon: https://raw.githubusercontent.com/navidrome/navidrome/v0.42.0/ui/src/icons/android-icon-192x192.png
- keywords:
- - navidrome
- - music
- - streaming
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: navidrome
- sources:
- - https://github.com/deluan/navidrome
- - https://hub.docker.com/r/deluan/navidrome
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/navidrome-9.0.15/navidrome-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -132869,50 +129820,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/navidrome-3.1.5/navidrome-3.1.5.tgz
version: 3.1.5
nextcloud:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - cloud
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 23.0.0
- created: "2021-12-04T20:11:22.966533538Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- - condition: redis.enabled
- name: redis
- repository: https://truecharts.org
- version: 1.0.22
- description: A private cloud server that puts the control and security of your
- own data back into your hands.
- digest: d90f47939de70952a6e8d88e7c90986f8470cb77853caa7832f8bd4aeb3903d6
- home: https://nextcloud.com/
- icon: https://upload.wikimedia.org/wikipedia/commons/thumb/6/60/Nextcloud_Logo.svg/1280px-Nextcloud_Logo.svg.png
- keywords:
- - nextcloud
- - storage
- - http
- - web
- - php
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: nextcloud
- sources:
- - https://github.com/nextcloud/docker
- - https://github.com/nextcloud/helm
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/nextcloud-10.0.11/nextcloud-10.0.11.tgz
- version: 10.0.11
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -139513,37 +136420,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/nextcloud-1.0.0/nextcloud-1.0.0.tgz
version: 1.0.0
node-red:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - tools
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.1.4
- created: "2021-12-04T20:11:23.13968997Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Node-RED is low-code programming for event-driven applications
- digest: 4a9b319cf617b8ff8c1a45ded1c4654d1adf73c1004f18f2019bbaf53b1b50a8
- home: https://github.com/truecharts/apps/tree/master/charts/stable/node-red
- icon: https://nodered.org/about/resources/media/node-red-icon-2.png
- keywords:
- - node-red
- - nodered
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: node-red
- sources:
- - https://github.com/node-red/node-red-docker
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/node-red-9.0.15/node-red-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -142315,39 +139191,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/notes-0.0.2/notes-0.0.2.tgz
version: 0.0.2
novnc:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.2.0
- created: "2021-12-04T20:11:23.33315067Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: The open source VNC client
- digest: 64441d0f71f9c1e084e7959466715b545194f2fd251fb222c3da17696fe02850
- home: https://github.com/truecharts/apps/tree/master/charts/stable/novnc
- icon: https://github.com/truecharts/apps/raw/main/images/novnc.png
- keywords:
- - novnc
- - vnc
- - remote
- - desktop
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: novnc
- sources:
- - https://novnc.com/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/novnc-1.0.15/novnc-1.0.15.tgz
- version: 1.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -142593,35 +139436,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/novnc-0.0.2/novnc-0.0.2.tgz
version: 0.0.2
nullserv:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.3.0
- created: "2021-12-04T20:11:23.519536612Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A simple null file http and https server
- digest: 32e22e47e87f754ab1be0ad584742933d2241fe8b8375cdd9a149924435d0751
- home: https://github.com/truechartsapps/tree/master/charts/stable/nullserv
- icon: https://miro.medium.com/max/800/1*UL9RWkTUtJlyHW7kGm20hQ.png
- keywords:
- - nullserv
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: nullserv
- sources:
- - https://github.com/bmrzycki/nullserv
- urls:
- - https://github.com/truecharts/apps/releases/download/nullserv-4.0.15/nullserv-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -143987,37 +140801,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/nullserv-1.0.1/nullserv-1.0.1.tgz
version: 1.0.1
nzbget:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "21.1"
- created: "2021-12-04T20:11:23.715591934Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: NZBGet is a Usenet downloader client
- digest: 5e2072c5e5884dd24711e47f1b5bb96842779c7ebbb28354c521c8bd103c17cf
- home: https://github.com/truecharts/apps/tree/master/charts/stable/nzbget
- icon: https://avatars1.githubusercontent.com/u/3368377?s=400&v=4
- keywords:
- - nzbget
- - usenet
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: nzbget
- sources:
- - https://nzbget.net/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/nzbget-9.0.16/nzbget-9.0.16.tgz
- version: 9.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -146449,34 +143232,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/nzbget-3.1.5/nzbget-3.1.5.tgz
version: 3.1.5
nzbhydra:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.18.1
- created: "2021-12-04T20:11:23.899225553Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- deprecated: true
- description: Usenet meta search
- digest: 82acee2e509df9369f237a9638f9d50558b81365f005139cf4accedb7205e897
- home: https://github.com/truecharts/apps/tree/master/charts/stable/nzbhydra
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/hydra-icon.png
- keywords:
- - nzbhydra
- - usenet
- kubeVersion: '>=1.16.0-0'
- name: nzbhydra
- sources:
- - https://github.com/theotherp/nzbhydra2
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/nzbhydra-9.0.17/nzbhydra-9.0.17.tgz
- version: 9.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -148776,38 +145531,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/nzbhydra-3.1.6/nzbhydra-3.1.6.tgz
version: 3.1.6
octoprint:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.7.2
- created: "2021-12-04T20:11:24.081082857Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: OctoPrint is the snappy web interface for your 3D printer
- digest: 122f5259111cbd1f3f5a37da525d07f56f62805ba0a758ae6df731b4b5eb15ff
- home: https://github.com/truechartsapps/tree/master/charts/stable/octoprint
- icon: https://avatars3.githubusercontent.com/u/5982294?s=400&v=4
- keywords:
- - octoprint
- - 3d
- - printer
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: octoprint
- sources:
- - https://github.com/OctoPrint/OctoPrint
- - https://hub.docker.com/r/octoprint/octoprint
- urls:
- - https://github.com/truecharts/apps/releases/download/octoprint-4.0.16/octoprint-4.0.16.tgz
- version: 4.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -150459,48 +147182,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/octoprint-1.0.1/octoprint-1.0.1.tgz
version: 1.0.1
odoo:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "14.0"
- created: "2021-12-04T20:11:24.284984643Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: All-in-one business software. Beautiful. Easy-to-use. CRM, Accounting,
- PM, HR, Procurement, Point of Sale, MRP, Marketing, etc.
- digest: d45b6945b59d475c3c17dc5aba143061ed37475ebb7ab3aabbd1bfd918c92c1a
- home: https://github.com/truecharts/apps/tree/main/charts/odoo
- icon: https://pbs.twimg.com/profile_images/970608340014419969/1bpCWJhS_400x400.jpg
- keywords:
- - odoo
- - crm
- - pm
- - hr
- - accounting
- - mrp
- - marketing
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: odoo
- sources:
- - https://www.odoo.com/
- - https://hub.docker.com/repository/docker/nicholaswilde/odoo
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/odoo-4.0.6/odoo-4.0.6.tgz
- version: 4.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -150912,36 +147593,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/odoo-0.0.1/odoo-0.0.1.tgz
version: 0.0.1
omada-controller:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "4.4"
- created: "2021-12-04T20:11:24.483969189Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Omada is a SDN tool for TP-Link Omada hardware
- digest: ca38e14c4a34d6150b9d30fa2b5622ecd7cc8992b287068e0a1a7bb233319996
- home: https://github.com/truechartsapps/tree/master/charts/stable/omada-controller
- icon: https://www.tp-link.com/assets/images/icon/logo-white.svg
- keywords:
- - omada-controller
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: omada-controller
- sources:
- - https://github.com/mbentley/docker-omada-controller
- - https://github.com/truechartsapps/tree/master/charts/omada-controller
- urls:
- - https://github.com/truecharts/apps/releases/download/omada-controller-4.0.22/omada-controller-4.0.22.tgz
- version: 4.0.22
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -152751,41 +149402,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/omada-controller-1.0.1/omada-controller-1.0.1.tgz
version: 1.0.1
ombi:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 4.0.1482
- created: "2021-12-04T20:11:24.671497541Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Want a Movie or TV Show on Plex or Emby? Use Ombi!
- digest: 0c9775f042c38b70a9758e990e1d72f7855a79ca9bc7f343c2ec7140fc58efb5
- home: https://github.com/truecharts/apps/tree/master/charts/stable/ombi
- icon: https://raw.githubusercontent.com/Ombi-app/Ombi/gh-pages/img/android-chrome-512x512.png
- keywords:
- - ombi
- - plex
- - emby
- - sonarr
- - radarr
- - couchpotato
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: ombi
- sources:
- - https://github.com/tidusjar/Ombi
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/ombi-9.0.14/ombi-9.0.14.tgz
- version: 9.0.14
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -156380,42 +152996,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/ombi-3.1.5/ombi-3.1.5.tgz
version: 3.1.5
onlyoffice-document-server:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - office
- - documents
- - productivity
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 6.4.2.6
- created: "2021-12-04T20:11:24.835923201Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: 'ONLYOFFICE Document Server is an online office suite comprising
- viewers and editors for texts, spreadsheets and presentations, fully compatible
- with Office Open XML formats: .docx, .xlsx, .pptx and enabling collaborative
- editing in real time.'
- digest: 791a8e6d41e510334103382d1c439fe2da225d251b9569eb67d5fd6cdc055664
- home: https://github.com/truecharts/apps/tree/master/charts/stable/onlyoffice-ds-ce
- icon: https://avatars.githubusercontent.com/u/1426033?s=200&v=4
- keywords:
- - onlyoffice
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: onlyoffice-document-server
- sources:
- - https://github.com/ONLYOFFICE/DocumentServer
- - https://github.com/ONLYOFFICE/Docker-DocumentServer
- - https://hub.docker.com/r/onlyoffice/documentserver/
- urls:
- - https://github.com/truecharts/apps/releases/download/onlyoffice-document-server-2.0.15/onlyoffice-document-server-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -156779,43 +153359,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/onlyoffice-document-server-0.0.1/onlyoffice-document-server-0.0.1.tgz
version: 0.0.1
openkm:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 6.3.11
- created: "2021-12-04T20:11:25.049225365Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: OpenKM integrates all essential documents management, collaboration
- and an advanced search functionality into one easy to use solution.
- digest: ddee10bb97225d147af9a64890df872e500dffa046acd54004dcfb0f5a223126
- home: https://github.com/truecharts/apps/tree/master/charts/stable/openkm
- icon: https://raw.githubusercontent.com/openkm/document-management-system/master/src/main/webapp/img/logo_favicon.ico
- keywords:
- - openkm
- - documentation management
- - docs
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: openkm
- sources:
- - https://www.openkm.com/
- - https://github.com/openkm/document-management-system
- urls:
- - https://github.com/truecharts/apps/releases/download/openkm-4.0.6/openkm-4.0.6.tgz
- version: 4.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -157177,40 +153720,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/openkm-0.0.1/openkm-0.0.1.tgz
version: 0.0.1
openldap:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - cloud
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.5.0
- created: "2021-12-04T20:11:25.236650315Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Community developed LDAP software
- digest: 55604b09af02896a433614ad154e999783a843789d547b8ee0dcc44c25be8260
- home: https://www.openldap.org
- icon: https://upload.wikimedia.org/wikipedia/commons/thumb/7/71/Database-openldap.svg/640px-Database-openldap.svg.png
- keywords:
- - ldap
- - openldap
- - iam-stack
- - high availability
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: openldap
- sources:
- - https://github.com/jp-gouin/helm-openldap
- - https://github.com/osixia/docker-openldap
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/openldap-4.0.20/openldap-4.0.20.tgz
- version: 4.0.20
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -159223,37 +155732,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/openldap-1.0.0/openldap-1.0.0.tgz
version: 1.0.0
organizr:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - organizers
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: latest
- created: "2021-12-04T20:11:25.418225817Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: HTPC/Homelab Services Organizer
- digest: ae8c73361b6fa0cc6383e05e58ad8afbf1afc50fdb3e3f19e681ea2b2b520a6e
- home: https://github.com/truecharts/apps/tree/master/charts/stable/organizr
- icon: https://github.com/causefx/Organizr/blob/v2-master/plugins/images/organizr/logo.png?raw=true
- keywords:
- - organizr
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: organizr
- sources:
- - https://github.com/causefx/Organizr
- - https://hub.docker.com/r/organizr/organizr
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/organizr-9.0.16/organizr-9.0.16.tgz
- version: 9.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -161698,36 +158176,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/organizr-3.1.5/organizr-3.1.5.tgz
version: 3.1.5
oscam:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - DIY
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "11693"
- created: "2021-12-04T20:11:25.612194322Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Open Source Conditional Access Module software
- digest: 78cceb750d586b17225a17ca8503e2d3e0902998134ba0dd6089828c9cc85881
- home: https://github.com/truecharts/apps/tree/master/charts/stable/oscam
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/oscam-logo.png
- keywords:
- - oscam
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: oscam
- sources:
- - https://trac.streamboard.tv/oscam/browser/trunk
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/oscam-4.0.15/oscam-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -162149,41 +158597,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/oscam-1.0.0/oscam-1.0.0.tgz
version: 1.0.0
overseerr:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.27.0
- created: "2021-12-04T20:11:25.800489479Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Overseerr is a free and open source software application for managing
- requests for your media library. It integrates with your existing services such
- as Sonarr, Radarr and Plex!
- digest: 4fa377d23cfd6e20ce0e1d33aedf762000c695be9053e97cb4544d308a8ddcdc
- home: https://github.com/truechartsapps/tree/master/charts/stable/overseerr
- icon: https://i.imgur.com/TMoEG7g.png
- keywords:
- - overseerr
- - plex
- - sonarr
- - radarr
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: overseerr
- sources:
- - https://github.com/sct/overseerr
- - https://hub.docker.com/r/sctx/overseerr
- urls:
- - https://github.com/truecharts/apps/releases/download/overseerr-4.0.15/overseerr-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -163915,40 +160328,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/overseerr-1.0.1/overseerr-1.0.1.tgz
version: 1.0.1
owncast:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.0.10
- created: "2021-12-04T20:11:25.987769128Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Take control over your live stream video by running it yourself.
- Streaming + chat out of the box.
- digest: 8129297633bb243a0b28feb722a2aa98db1f8ab07dd27d712ed4bae93b2da2e1
- home: https://github.com/truechartsapps/tree/master/charts/stable/owncast
- icon: https://owncast.online/images/owncast-logo-1000x1000.png
- keywords:
- - owncast
- - stream
- - open source
- - chat
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: owncast
- sources:
- - https://owncast.online/
- - https://github.com/owncast/owncast
- urls:
- - https://github.com/truecharts/apps/releases/download/owncast-4.0.14/owncast-4.0.14.tgz
- version: 4.0.14
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -165710,43 +162089,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/owncast-1.0.1/owncast-1.0.1.tgz
version: 1.0.1
owncloud-ocis:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.15.0
- created: "2021-12-04T20:11:26.195241637Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: ownCloud Infinite Scale is a self-hosted file sync and share server.
- digest: 79e0f17f48af5b36dee6659760a214589841054a780c744062e73ee5cd611d79
- home: https://github.com/truechartsapps/tree/master/charts/stable/owncloud-ocis
- icon: https://avatars.githubusercontent.com/u/1645051?s=200&v=4
- keywords:
- - owncloud
- - ocis
- - infinite
- - scale
- - self-hosted
- - sync
- - share
- - server
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: owncloud-ocis
- sources:
- - https://hub.docker.com/r/owncloud/ocis
- - https://owncloud.dev/ocis/
- urls:
- - https://github.com/truecharts/apps/releases/download/owncloud-ocis-4.0.16/owncloud-ocis-4.0.16.tgz
- version: 4.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -167826,38 +164168,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/owncloud-ocis-1.0.1/owncloud-ocis-1.0.1.tgz
version: 1.0.1
pgadmin:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - management
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "6.2"
- created: "2021-12-04T20:11:26.38735931Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Web-Based postgresql database management utility
- digest: 41a3689cefaae469443cf0a18d0f7fd88d3b2cef31e261569ccc1b069d9aede1
- home: https://github.com/truecharts/apps/tree/master/charts/stable/pgadmin
- icon: https://www.postgresql.org/message-id/attachment/1139/pgAdmin.svg
- keywords:
- - pgadmin
- - db
- - database
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: pgadmin
- sources:
- - https://www.pgadmin.org/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/pgadmin-4.0.16/pgadmin-4.0.16.tgz
- version: 4.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -169708,44 +166018,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/pgadmin-1.0.1/pgadmin-1.0.1.tgz
version: 1.0.1
photoprism:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "20211130"
- created: "2021-12-04T20:11:26.600252954Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: mariadb.enabled
- name: mariadb
- repository: https://truecharts.org/
- version: 1.0.20
- description: PhotoPrism® is a server-based application for browsing, organizing
- and sharing your personal photo collection
- digest: 4e3965dd1eafa0d8af2eeaa53a8fc304bb423bb704b8d0ab81bf414dcecae480
- home: https://github.com/truechartsapps/tree/master/charts/stable/photoprism
- icon: https://demo.photoprism.org/static/img/logo-avatar.svg
- keywords:
- - photos
- - photoprism
- - pictures
- - sharing
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: photoprism
- sources:
- - https://github.com/photoprism/photoprism
- - https://hub.docker.com/r/photoprism/photoprism
- urls:
- - https://github.com/truecharts/apps/releases/download/photoprism-6.0.5/photoprism-6.0.5.tgz
- version: 6.0.5
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -171683,41 +167955,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/photoprism-1.0.1/photoprism-1.0.1.tgz
version: 1.0.1
photoshow:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 48aabb98
- created: "2021-12-04T20:11:26.774616782Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A gallery software at its easiest, it doesn't even require a database.
- digest: 90fb3a66182175cfa8c7d7dc9ccb79d36cd0162809661e02c193305871b4004e
- home: https://github.com/truecharts/apps/tree/master/charts/stable/photoshow
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/photoshow-icon.png
- keywords:
- - photoshow
- - photo
- - show
- - gallary
- - image
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: photoshow
- sources:
- - https://github.com/thibaud-rohmer/PhotoShow
- - https://github.com/linuxserver/docker-photoshow
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/photoshow-1.0.19/photoshow-1.0.19.tgz
- version: 1.0.19
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -172084,38 +168321,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/photoshow-0.0.2/photoshow-0.0.2.tgz
version: 0.0.2
phpldapadmin:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - management
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.9.0
- created: "2021-12-04T20:11:26.987327525Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Web-based LDAP browser to manage your LDAP server
- digest: 0c9f9f2527dc04a8f77716045811b703c6c32f593401c3534497282bd6b8573f
- home: https://github.com/truecharts/apps/tree/master/charts/stable/phpldapadmin
- icon: https://repository-images.githubusercontent.com/3665191/dd213f80-766c-11e9-8117-6b639095ef99
- keywords:
- - phpldapadmin
- - openldap
- - userrights
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: phpldapadmin
- sources:
- - https://gitlab.v2.rancher.geohub.space/g3s/i3s/i3s-helm-catalog
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/phpldapadmin-4.0.15/phpldapadmin-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -173694,37 +169899,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/phpldapadmin-1.0.1/phpldapadmin-1.0.1.tgz
version: 1.0.1
piaware:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "6.1"
- created: "2021-12-04T20:11:27.238164879Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Program for forwarding ADS-B data to FlightAware
- digest: b153417c2163608be02ecdd823d65624d277647707f9d765ccb2dedc9925b764
- home: https://github.com/truechartsapps/tree/master/charts/stable/piaware
- icon: https://pbs.twimg.com/profile_images/964269455483088897/mr2UgvfG_400x400.jpg
- keywords:
- - piaware
- - flight-aware
- - flight-tracker
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: piaware
- sources:
- - https://github.com/flightaware/piaware
- urls:
- - https://github.com/truecharts/apps/releases/download/piaware-4.0.15/piaware-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -175228,38 +171402,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/piaware-1.0.1/piaware-1.0.1.tgz
version: 1.0.1
pihole:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - networking
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2021.10.1
- created: "2021-12-04T20:11:27.417229446Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: DNS and Ad-filtering for your network
- digest: 4556a82970c248e23d68ded461f16791739349e7bb1da02fbad3cc5901b5548a
- home: https://github.com/truecharts/apps/tree/master/charts/stable/pihole
- icon: https://upload.wikimedia.org/wikipedia/en/thumb/1/15/Pi-hole_vector_logo.svg/1200px-Pi-hole_vector_logo.svg.png
- keywords:
- - DNS
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: pihole
- sources:
- - https://pi-hole.net/
- - https://github.com/pi-hole
- - https://github.com/pi-hole/docker-pi-hole
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/pihole-4.0.17/pihole-4.0.17.tgz
- version: 4.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -176138,41 +172280,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/pihole-0.0.1/pihole-0.0.1.tgz
version: 0.0.1
piwigo:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 11.5.0
- created: "2021-12-04T20:11:27.623690737Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A is photo gallery software for the web, built by an active community
- of users and developers.
- digest: 99d6844ca23657a1c2ebdea08544ee3a7ea62136b34db9c8b9ebc5f815e61891
- home: https://github.com/truecharts/apps/tree/master/charts/stable/piwigo
- icon: https://avatars.githubusercontent.com/u/9326886?s=200&v=4
- keywords:
- - piwigo
- - gallery
- - photo
- - image
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: piwigo
- sources:
- - http://piwigo.org/
- - https://github.com/linuxserver/docker-piwigo
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/piwigo-1.0.16/piwigo-1.0.16.tgz
- version: 1.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -176469,41 +172576,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/piwigo-0.0.2/piwigo-0.0.2.tgz
version: 0.0.2
pixapop:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "1.2"
- created: "2021-12-04T20:11:27.812468384Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: An open-source single page application to view your photos in the
- easiest way possible.
- digest: 142456095992b7cedd510ea434a1dc2d06c5ae4f885a6d372487896856179709
- home: https://github.com/truecharts/apps/tree/master/charts/stable/pixapop
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/pixapop.png
- keywords:
- - pixapop
- - photo
- - gallery
- - image
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: pixapop
- sources:
- - https://github.com/linuxserver/docker-pixapop
- - https://github.com/bierdok/pixapop
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/pixapop-1.0.15/pixapop-1.0.15.tgz
- version: 1.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -176765,37 +172837,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/pixapop-0.0.2/pixapop-0.0.2.tgz
version: 0.0.2
plex:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.24.5.517
- created: "2021-12-04T20:11:28.007180679Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Plex Media Server
- digest: 3621099d5948bece8e19c49f5573e3d9cacb3f23f24521a6e008378f50f394e0
- home: https://github.com/truecharts/apps/tree/master/charts/stable/plex
- icon: https://www.plex.tv/wp-content/uploads/2018/01/pmp-icon-1.png
- keywords:
- - plex
- - plex-media-server
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: plex
- sources:
- - https://github.com/k8s-at-home/container-images/pkgs/container/plex
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/plex-8.0.16/plex-8.0.16.tgz
- version: 8.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -179659,38 +175700,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/plex-2.1.5/plex-2.1.5.tgz
version: 2.1.5
podgrab:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - mutlimedia
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.0.0
- created: "2021-12-04T20:11:28.194651114Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A self-hosted podcast manager to download episodes as soon as they
- become live.
- digest: c25e486798294036ad9ceca548fb462e8a11283e46e95252888c2a0150f111dd
- home: https://github.com/truecharts/apps/tree/master/charts/stable/podgrab
- icon: https://upload.wikimedia.org/wikipedia/commons/thumb/e/e7/Podcasts_%28iOS%29.svg/1024px-Podcasts_%28iOS%29.svg.png
- keywords:
- - podgrab
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: podgrab
- sources:
- - https://github.com/akhilrex/podgrab
- - https://hub.docker.com/r/akhilrex/podgrab
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/podgrab-7.0.15/podgrab-7.0.15.tgz
- version: 7.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -185896,39 +181905,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/postgresql-1.0.0/postgresql-1.0.0.tgz
version: 1.0.0
pretend-youre-xyzzy:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "4"
- created: "2021-12-04T20:11:28.3637551Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: pretend-youre-xyzzy, a cards against humanity clone
- digest: 8a3252695a8cfca4e3255d2e311d82b192b4d8aa3a108decaa82f413268ac5a7
- home: https://github.com/truechartsapps/tree/master/charts/stable/pretend-youre-xyzzy
- icon: https://apk-google.com/wp-content/uploads/2020/12/Client-for-Pretend-Youre-Xyzzy-open-source-5.0.1.png
- keywords:
- - pretend-youre-xyzzy
- - cards
- - against
- - humanity
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: pretend-youre-xyzzy
- sources:
- - https://github.com/ajanata/PretendYoureXyzzy
- - https://github.com/emcniece/DockerYourXyzzy
- urls:
- - https://github.com/truecharts/apps/releases/download/pretend-youre-xyzzy-4.0.15/pretend-youre-xyzzy-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -187518,38 +183494,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/pretend-youre-xyzzy-1.0.1/pretend-youre-xyzzy-1.0.1.tgz
version: 1.0.1
promcord:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - metrics
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: latest
- created: "2021-12-04T20:11:28.610602422Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Discord bot that provides metrics from a Discord server
- digest: 54dd64c1e67c7244624527f2560a970ac4163aea4c60331e740cc30f69bc2a09
- home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/promcord
- icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png
- keywords:
- - promcord
- - discord
- - metrics
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: promcord
- sources:
- - https://github.com/nimarion/promcord
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/promcord-1.0.3/promcord-1.0.3.tgz
- version: 1.0.3
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -187647,48 +183591,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/promcord-0.0.1/promcord-0.0.1.tgz
version: 0.0.1
prometheus:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - metrics
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.52.1
- created: "2021-12-04T20:11:28.821852152Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: exporters.enabled,exporters.node-exporter.enabled
- name: node-exporter
- repository: https://charts.bitnami.com/bitnami
- version: 2.3.16
- - condition: exporters.enabled,exporters.kube-state-metrics.enabled
- name: kube-state-metrics
- repository: https://charts.bitnami.com/bitnami
- version: 2.1.18
- description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards,
- and Prometheus rules combined with documentation and scripts to provide easy
- to operate end-to-end Kubernetes cluster monitoring with Prometheus using the
- Prometheus Operator.
- digest: 5bd9c8b121c5b92a0c73f030240549902c71bc89edbb6a451f4b27a6c1332dbb
- home: https://github.com/truecharts/apps/tree/master/charts/stable/prometheus
- icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png
- keywords:
- - metrics
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: prometheus
- sources:
- - https://github.com/prometheus-community/helm-charts
- - https://github.com/prometheus-operator/kube-prometheus
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/prometheus-1.1.5/prometheus-1.1.5.tgz
- version: 1.1.5
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -188404,37 +184306,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/promtail-0.0.1/promtail-0.0.1.tgz
version: 0.0.1
protonmail-bridge:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.8.10
- created: "2021-12-04T20:11:28.995355273Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Container for protonmail bridge to work on the network.
- digest: 743a03a17d5b4a94d9381067e4f2f6f01127c0efb3499fbc04da83ab061aff09
- home: https://github.com/truechartsapps/tree/master/charts/stable/protonmail-bridge
- icon: https://raw.githubusercontent.com/ProtonMail/proton-bridge/master/icon.iconset/icon_256x256.png
- keywords:
- - protonmail
- - protonmail-bridge
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: protonmail-bridge
- sources:
- - https://github.com/shenxn/protonmail-bridge-docker
- - https://hub.docker.com/r/shenxn/protonmail-bridge
- urls:
- - https://github.com/truecharts/apps/releases/download/protonmail-bridge-4.0.15/protonmail-bridge-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -191712,39 +187583,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/prototypegui-6.8.7/prototypegui-6.8.7.tgz
version: 6.8.7
prowlarr:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.1.6.1184
- created: "2021-12-04T20:11:29.17688976Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Indexer manager/proxy built on the popular arr net base stack to
- integrate with your various PVR apps.
- digest: 13c81083ec208e546003340260d9ae6745a439f7981ee121f70ce7dde0e933a1
- home: https://github.com/truecharts/apps/tree/master/charts/stable/prowlarr
- icon: https://raw.githubusercontent.com/Prowlarr/Prowlarr/develop/Logo/400.png
- keywords:
- - prowlarr
- - torrent
- - usenet
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: prowlarr
- sources:
- - https://github.com/Prowlarr/Prowlarr
- - https://github.com/k8s-at-home/container-images
- urls:
- - https://github.com/truecharts/apps/releases/download/prowlarr-4.0.25/prowlarr-4.0.25.tgz
- version: 4.0.25
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -194891,39 +190729,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/prowlarr-1.0.0/prowlarr-1.0.0.tgz
version: 1.0.0
pyload:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 5de90278
- created: "2021-12-04T20:11:29.366907117Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: pyLoad is a Free and Open Source download manager written in Python
- and designed to be extremely lightweight, easily extensible and fully manageable
- via web.
- digest: 1c8a1247085afa2827a8547e8af02dbae0904921cf6d4be4eb2171ffbcee8d39
- home: https://github.com/truechartsapps/tree/master/charts/stable/pyload
- icon: https://avatars.githubusercontent.com/u/3521496?s=200&v=4
- keywords:
- - pyload
- - download
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: pyload
- sources:
- - https://github.com/pyload/pyload
- - https://hub.docker.com/r/linuxserver/pyload
- urls:
- - https://github.com/truecharts/apps/releases/download/pyload-4.0.15/pyload-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -196513,37 +192318,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/pyload-1.0.1/pyload-1.0.1.tgz
version: 1.0.1
qbittorrent:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 4.3.9
- created: "2021-12-04T20:11:29.563270525Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: qBittorrent is a cross-platform free and open-source BitTorrent client
- digest: 57393ed5c9cd6db5935a0a3fc4183d3aa403cf5921218844563d02b383738ab6
- home: https://github.com/truecharts/apps/tree/master/charts/stable/qbittorrent
- icon: https://cloud.githubusercontent.com/assets/14862437/23586868/89ef2922-01c4-11e7-869c-52aafcece17f.png
- keywords:
- - qbittorrent
- - torrrent
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: qbittorrent
- sources:
- - https://github.com/qbittorrent/qBittorrent
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/qbittorrent-9.0.18/qbittorrent-9.0.18.tgz
- version: 9.0.18
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -198914,38 +194688,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/qbittorrent-3.1.5/qbittorrent-3.1.5.tgz
version: 3.1.5
radarr:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.2.2.5080
- created: "2021-12-04T20:11:29.760802243Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A fork of Sonarr to work with movies Ă la Couchpotato
- digest: 90cc7f436862bdce5a7829394865833d5d7ddbb48a74b1279379a86b829a312e
- home: https://github.com/truecharts/apps/tree/master/charts/stable/radarr
- icon: https://nzbusenet.com/wp-content/uploads/2017/10/radarr-logo.png
- keywords:
- - radarr
- - torrent
- - usenet
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: radarr
- sources:
- - https://github.com/Radarr/Radarr
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/radarr-9.0.15/radarr-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -201736,41 +197478,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/radarr-3.1.5/radarr-3.1.5.tgz
version: 3.1.5
readarr:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.1.0.1081
- created: "2021-12-04T20:11:29.936716784Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A fork of Radarr to work with Books & AudioBooks
- digest: c4a6a031aa9d9e40e5d2ac14699c0aa5f45933c4647ac0331625d6ec25639366
- home: https://github.com/truecharts/apps/tree/master/charts/stable/readarr
- icon: https://github.com/Readarr/Readarr/blob/develop/Logo/1024.png?raw=true
- keywords:
- - readarr
- - torrent
- - usenet
- - AudioBooks
- - ebooks
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: readarr
- sources:
- - https://github.com/Readarr/Readarr
- - https://readarr.com
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/readarr-9.0.24/readarr-9.0.24.tgz
- version: 9.0.24
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -205738,43 +201445,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/readarr-3.1.5/readarr-3.1.5.tgz
version: 3.1.5
recipes:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.0.2
- created: "2021-12-04T20:11:30.164750352Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: Recipes is a Django application to manage, tag and search recipes
- using either built in models or external storage providers hosting PDF's, Images
- or other files.
- digest: 5ac205c9a3c734375e6f1de33ee8f080d503a50b31c3844683c32090f07934b5
- home: https://github.com/truecharts/apps/tree/master/charts/stable/recipes
- icon: https://raw.githubusercontent.com/vabene1111/recipes/develop/docs/logo_color.svg
- keywords:
- - recipes
- - cooking
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: recipes
- sources:
- - https://github.com/vabene1111/recipes
- - https://hub.docker.com/r/vabene1111/recipes
- urls:
- - https://github.com/truecharts/apps/releases/download/recipes-4.0.10/recipes-4.0.10.tgz
- version: 4.0.10
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -207147,37 +202817,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/redis-0.0.1/redis-0.0.1.tgz
version: 0.0.1
reg:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - utilities
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.16.1
- created: "2021-12-04T20:11:30.357846434Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Docker registry v2 command line client and repo listing generator
- with security checks.
- digest: 01fdc2ba3e21b2e91575c1dc34bd4fa50692e270253fdc0bd8e2d28eb5bdaae2
- home: https://github.com/truecharts/apps/tree/master/charts/stable/reg
- icon: https://avatars.githubusercontent.com/u/37218338
- keywords:
- - reg
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: reg
- sources:
- - https://github.com/genuinetools/reg
- - https://github.com/k8s-at-home/container-images/
- urls:
- - https://github.com/truecharts/apps/releases/download/reg-4.0.14/reg-4.0.14.tgz
- version: 4.0.14
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -209175,40 +204814,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/reg-1.0.0/reg-1.0.0.tgz
version: 1.0.0
remmina:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.2.0-rcgi
- created: "2021-12-04T20:11:30.546840682Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A remote desktop client written in GTK
- digest: c85c48697bfb26d3227345071e219e61fcb4706ac789ff8baa2922399cb2babf
- home: https://github.com/truecharts/apps/tree/master/charts/stable/remmina
- icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/remmina-icon.png
- keywords:
- - remina
- - remote
- - desktop
- - client
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: remmina
- sources:
- - https://github.com/linuxserver/docker-remmina
- - https://remmina.org/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/remmina-1.0.19/remmina-1.0.19.tgz
- version: 1.0.19
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -209564,39 +205169,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/remmina-0.0.2/remmina-0.0.2.tgz
version: 0.0.2
resilio-sync:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.7.2.1375
- created: "2021-12-04T20:11:30.737936747Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Resilio Sync is a fast, reliable, and simple file sync and share
- solution, powered by P2P technology
- digest: 3c8b7bd9bff17d7dc47d3cff8c072f9c73e176bf7297d445311e09c5c39ae021
- home: https://github.com/truechartsapps/tree/master/charts/stable/resio-sync
- icon: https://blog.resilio.com/wp-content/uploads/2016/06/SyncSymbol-260x260px.png
- keywords:
- - resilio
- - sync
- - btsync
- - bittorrent
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: resilio-sync
- sources:
- - https://github.com/orgs/linuxserver/packages/container/package/resilio-sync
- urls:
- - https://github.com/truecharts/apps/releases/download/resilio-sync-4.0.15/resilio-sync-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -211214,37 +206786,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/resilio-sync-1.0.1/resilio-sync-1.0.1.tgz
version: 1.0.1
sabnzbd:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.4.2
- created: "2021-12-04T20:11:30.922265457Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Free and easy binary newsreader
- digest: 1a0ad4de36cf22672a61af7533dff66737800b614c9a64a90884eb07e0159199
- home: https://github.com/truecharts/apps/tree/master/charts/stable/sabnzbd
- icon: https://avatars1.githubusercontent.com/u/960698?s=400&v=4
- keywords:
- - sabnzbd
- - usenet
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: sabnzbd
- sources:
- - https://sabnzbd.org/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/sabnzbd-9.0.15/sabnzbd-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -213697,36 +209238,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/sabnzbd-3.1.5/sabnzbd-3.1.5.tgz
version: 3.1.5
ser2sock:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: latest
- created: "2021-12-04T20:11:31.102322732Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Serial to Socket Redirector
- digest: e7c1e288db0702dad380adfe9c2c916ccc515d7d65a6f00e36142ed39015c1f1
- home: https://github.com/truechartsapps/tree/master/charts/stable/ser2sock
- icon: https://i.imgur.com/GfZ7McO.png
- keywords:
- - ser2sock
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: ser2sock
- sources:
- - https://github.com/nutechsoftware/ser2sock
- - https://github.com/tenstartups/ser2sock
- urls:
- - https://github.com/truecharts/apps/releases/download/ser2sock-4.0.15/ser2sock-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -215148,44 +210659,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/ser2sock-1.0.1/ser2sock-1.0.1.tgz
version: 1.0.1
shiori:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.5.0
- created: "2021-12-04T20:11:31.320777021Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: A simple bookmark manager built with Go
- digest: a4f1770e141e5365788c849c2281377f80dd3d50a1a28777f9fc21898eb3b430
- home: https://github.com/truecharts/apps/tree/main/charts/shiori
- icon: https://github.com/go-shiori/shiori/raw/master/internal/view/res/apple-touch-icon-152x152.png
- keywords:
- - shiori
- - bookmark
- - bookmark-manager
- - web-interface
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: shiori
- sources:
- - https://github.com/go-shiori/shiori
- - https://github.com/nicholaswilde/docker-shiori
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/shiori-4.0.6/shiori-4.0.6.tgz
- version: 4.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -215557,39 +211030,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/shiori-0.0.1/shiori-0.0.1.tgz
version: 0.0.1
shorturl:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.1.0
- created: "2021-12-04T20:11:31.498271675Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Self hosted web app for shortening urls (URL shortener)
- digest: e1b530966a8f82c6f584eadf85ed14280f7b40c649de17f9e50a929ee0758cb6
- home: https://github.com/truecharts/apps/tree/master/charts/stable/shorturl
- keywords:
- - url
- - shortener
- - shorten
- - shorturl
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: shorturl
- sources:
- - https://github.com/prologic/shorturl
- - https://github.com/nicholaswilde/docker-shorturl
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/shorturl-1.0.15/shorturl-1.0.15.tgz
- version: 1.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -215835,40 +211275,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/shorturl-0.0.2/shorturl-0.0.2.tgz
version: 0.0.2
sickchill:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2021.5.10
- created: "2021-12-04T20:11:31.680437667Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: An Automatic Video Library Manager for TV Shows
- digest: 4b6b347c1db43d0d143bde07719a2c3735b3900d4760f5289b38032e9a0f824d
- home: https://github.com/truecharts/apps/tree/master/charts/stable/sickchill
- icon: https://github.com/SickChill/SickChill/raw/master/sickchill/gui/slick/images/ico/android-chrome-256x256.png
- keywords:
- - sickchill
- - video
- - library
- - manager
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: sickchill
- sources:
- - https://github.com/linuxserver/docker-sickchill
- - https://github.com/SickChill/SickChill
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/sickchill-1.0.15/sickchill-1.0.15.tgz
- version: 1.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -216122,41 +211528,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/sickchill-0.0.2/sickchill-0.0.2.tgz
version: 0.0.2
sickgear:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.25.4
- created: "2021-12-04T20:11:31.858545926Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Provides management of TV shows and/or Anime, it detects new episodes,
- links downloader apps, and more
- digest: 9c2ac49f1ace46612b8c2d656ed0f862a59420a836a3d93ba8fdb81d1d78c712
- home: https://github.com/truecharts/apps/tree/master/charts/stable/sickgear
- icon: https://avatars.githubusercontent.com/u/9690267?s=200&v=4
- keywords:
- - sickgear
- - manager
- - tv
- - shows
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: sickgear
- sources:
- - https://github.com/linuxserver/docker-sickgear
- - https://github.com/SickGear/SickGear
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/sickgear-1.0.15/sickgear-1.0.15.tgz
- version: 1.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -216418,39 +211789,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/sickgear-0.0.2/sickgear-0.0.2.tgz
version: 0.0.2
smokeping:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.7.3
- created: "2021-12-04T20:11:32.050749401Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Keep track of your network latency.
- digest: 1cef6224c1639fce1bcd0a2e037ca0552b3543fe542ff19dd1e4e6248c6f0165
- home: https://github.com/truecharts/apps/tree/master/charts/stable/smokeping
- icon: https://github.com/truecharts/apps/raw/main/images/smokeping.png
- keywords:
- - smokeping
- - network
- - latency
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: smokeping
- sources:
- - https://oss.oetiker.ch/smokeping/
- - https://hub.docker.com/r/linuxserver/smokeping
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/smokeping-1.0.17/smokeping-1.0.17.tgz
- version: 1.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -216762,43 +212100,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/smokeping-0.0.2/smokeping-0.0.2.tgz
version: 0.0.2
snipe-it:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - management
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 5.3.3
- created: "2021-12-04T20:11:32.268288483Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: mariadb.enabled
- name: mariadb
- repository: https://truecharts.org/
- version: 1.0.20
- description: Open source asset management
- digest: 7670b1a9fddbb58b33dd5cc758e11618c507b2f8fb5d764e6454c7ffb59a1a36
- home: https://github.com/truechartsapps/tree/master/charts/stable/snipe-it
- icon: https://github.com/nicholaswilde/helm-charts/raw/main/images/snipe-it.jpg
- keywords:
- - snipeit
- - snipe
- - asset
- - management
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: snipe-it
- sources:
- - https://snipeitapp.com/
- - https://hub.docker.com/r/linuxserver/
- urls:
- - https://github.com/truecharts/apps/releases/download/snipe-it-0.0.5/snipe-it-0.0.5.tgz
- version: 0.0.5
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -217836,38 +213137,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/sogo-0.0.1/sogo-0.0.1.tgz
version: 0.0.1
sonarr:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.0.6.1342
- created: "2021-12-04T20:11:32.473108561Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Smart PVR for newsgroup and bittorrent users
- digest: 5a80b44637bccceea15b384c75d8d6e700c604a816ae7fa27e6cafbbf06b20eb
- home: https://github.com/truecharts/apps/tree/master/charts/stable/sonarr
- icon: https://github.com/Sonarr/Sonarr/blob/phantom-develop/Logo/512.png?raw=true
- keywords:
- - sonarr
- - torrent
- - usenet
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: sonarr
- sources:
- - https://github.com/Sonarr/Sonarr
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/sonarr-9.0.16/sonarr-9.0.16.tgz
- version: 9.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -220720,38 +215989,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/sonarr-3.1.5/sonarr-3.1.5.tgz
version: 3.1.5
speedtest-exporter:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - metrics
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.3.4
- created: "2021-12-04T20:11:32.643824459Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Speedtest Exporter made in python using the official speedtest bin
- digest: 1d0456e32bfb9524811dd02327246e5cc14b9b6120523fc11f7e0c7e527a40cc
- home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/speedtest-exporter
- icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png
- keywords:
- - speedtest-exporter
- - speedtest
- - metrics
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: speedtest-exporter
- sources:
- - https://github.com/MiguelNdeCarvalho/speedtest-exporter/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/speedtest-exporter-1.0.2/speedtest-exporter-1.0.2.tgz
- version: 1.0.2
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -220881,41 +216118,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/speedtest-exporter-0.0.1/speedtest-exporter-0.0.1.tgz
version: 0.0.1
sqlitebrowser:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.12.2
- created: "2021-12-04T20:11:32.8320106Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A high quality, visual, open source tool to create, design, and edit
- database files compatible with SQLite
- digest: 7ffe30977b467bc8f23037ae51d0179626442cb13504ab8e56286432799d0f47
- home: https://github.com/truecharts/apps/tree/master/charts/stable/sqlitebrowser
- icon: https://sqlitebrowser.org/images/sqlitebrowser.svg
- keywords:
- - sqlite
- - browser
- - sqlitebrowser
- - database
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: sqlitebrowser
- sources:
- - https://github.com/linuxserver/docker-sqlitebrowser
- - https://sqlitebrowser.org/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/sqlitebrowser-1.0.19/sqlitebrowser-1.0.19.tgz
- version: 1.0.19
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -221282,36 +216484,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/sqlitebrowser-0.0.2/sqlitebrowser-0.0.2.tgz
version: 0.0.2
stash:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.11.0
- created: "2021-12-04T20:11:33.032468242Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: An organizer for your porn, written in Go
- digest: 4fbfedb7aa4cf379eb5bbeb8decb6a1e0259b594d457ff5c52eb34f66a92fa9e
- home: https://github.com/truechartsapps/tree/master/charts/stable/stash
- icon: https://raw.githubusercontent.com/stashapp/website/master/images/stash.svg
- keywords:
- - porn
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: stash
- sources:
- - https://github.com/stashapp/stash
- - https://hub.docker.com/r/stashapp/stash
- urls:
- - https://github.com/truecharts/apps/releases/download/stash-4.0.15/stash-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -222863,40 +218035,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/stash-1.0.2/stash-1.0.2.tgz
version: 1.0.2
static:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: ee8a20c
- created: "2021-12-04T20:11:33.217305856Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A self-hosted static file serving app which does nothing more than
- just serve up static files from a mounted volume.
- digest: 099739419082639bf758f66b3cdccaa0f6e4204871993b73829d7ced743948b7
- home: https://github.com/truecharts/apps/tree/master/charts/stable/static
- keywords:
- - app
- - web
- - filesystem
- - static
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: static
- sources:
- - https://github.com/prologic/static
- - https://github.com/nicholaswilde/docker-static
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/static-1.0.15/static-1.0.15.tgz
- version: 1.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -223150,41 +218288,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/static-0.0.2/static-0.0.2.tgz
version: 0.0.2
statping:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.90.74
- created: "2021-12-04T20:11:33.423326244Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: Status page for monitoring your websites and applications
- digest: 8c1a246b37d39bfc639aef74f1bee55e80f55fa9a409c82784f00e19655bdf04
- home: https://github.com/truecharts/apps/tree/master/charts/stable/statping
- icon: https://avatars.githubusercontent.com/u/61949049?s=200&v=4
- keywords:
- - statping
- - status
- - status-page
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: statping
- sources:
- - https://github.com/statping/statping
- urls:
- - https://github.com/truecharts/apps/releases/download/statping-4.0.6/statping-4.0.6.tgz
- version: 4.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -223526,38 +218629,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/statping-0.0.1/statping-0.0.1.tgz
version: 0.0.1
syncthing:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.18.4
- created: "2021-12-04T20:11:33.634625675Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: P2P file synchronization application
- digest: 5ba3e87136ed354bac90f13676d652bd3764cbbbf14b1bbadd120811fbb98883
- home: https://github.com/truecharts/apps/tree/master/charts/stable/syncthing
- icon: https://raw.githubusercontent.com/syncthing/syncthing/main/assets/logo-128.png
- keywords:
- - syncthing
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: syncthing
- sources:
- - https://syncthing.net/
- - https://github.com/syncthing/syncthing
- - https://hub.docker.com/r/syncthing/syncthing
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/syncthing-9.0.15/syncthing-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -226431,37 +221502,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/syncthing-3.1.5/syncthing-3.1.5.tgz
version: 3.1.5
tautulli:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.7.7
- created: "2021-12-04T20:11:33.820025194Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A Python based monitoring and tracking tool for Plex Media Server
- digest: d36122a7c77e41977f3343a71455d0a7fd08eda411d3394a920aee50b906dfa7
- home: https://github.com/truecharts/apps/tree/master/charts/stable/tautulli
- icon: https://github.com/Tautulli/Tautulli/blob/master/data/interfaces/default/images/logo.png?raw=true
- keywords:
- - tautulli
- - plex
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: tautulli
- sources:
- - https://github.com/Tautulli/Tautulli
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/tautulli-9.0.15/tautulli-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -229219,39 +224259,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/tautulli-3.1.5/tautulli-3.1.5.tgz
version: 3.1.5
tdarr:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.00.11
- created: "2021-12-04T20:11:34.007103026Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Audio/Video library transcoding automation
- digest: 574d6e3bdc628f68dd5706c49e3d03f37cb730af3df6e4849abaf8795041ce99
- home: https://github.com/truecharts/apps/tree/master/charts/stable/tdarr
- icon: https://avatars.githubusercontent.com/u/43864057?v=4
- keywords:
- - encode
- - media
- - tdarr
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: tdarr
- sources:
- - https://github.com/HaveAGitGat/Tdarr
- - https://hub.docker.com/r/haveagitgat/tdarr
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/tdarr-1.0.17/tdarr-1.0.17.tgz
- version: 1.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -229530,39 +224537,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/tdarr-0.0.1/tdarr-0.0.1.tgz
version: 0.0.1
tdarr-node:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.00.11
- created: "2021-12-04T20:11:34.253683244Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Audio/Video library transcoding automation
- digest: ba9f5a3196c59d7eae75ed3036084f0ab316ac3cce434692df3ab1f98cd02edb
- home: https://github.com/truecharts/apps/tree/master/charts/stable/tdarr-node
- icon: https://avatars.githubusercontent.com/u/43864057?v=4
- keywords:
- - encode
- - media
- - tdarr
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: tdarr-node
- sources:
- - https://github.com/HaveAGitGat/Tdarr
- - https://hub.docker.com/r/haveagitgat/tdarr_node
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/tdarr-node-1.0.17/tdarr-node-1.0.17.tgz
- version: 1.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -229841,40 +224815,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/tdarr-node-0.0.1/tdarr-node-0.0.1.tgz
version: 0.0.1
teamspeak3:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - voice
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.13.6
- created: "2021-12-04T20:11:34.433299712Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: TeamSpeak is software for quality voice communication via the Internet.
- digest: ef6cb9c673e29d3d81e1c1958fb3d9b8e4f9e726881993c1e216ccce479bc83f
- home: https://github.com/truecharts/apps/tree/master/charts/stable/teamspeak3
- icon: https://raw.githubusercontent.com/docker-library/docs/618191cf82de051ff6661c3c8b82cfca1b663972/teamspeak/logo.png
- keywords:
- - voice server
- - teamspeak
- - teamspeak3
- - teamspeak server
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: teamspeak3
- sources:
- - https://hub.docker.com/_/teamspeak
- - https://www.teamspeak.com/en/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/teamspeak3-2.0.15/teamspeak3-2.0.15.tgz
- version: 2.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -230331,43 +225271,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/teamspeak3-0.0.1/teamspeak3-0.0.1.tgz
version: 0.0.1
teedy:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "1.9"
- created: "2021-12-04T20:11:34.667022423Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: Teedy is an open source, lightweight document management system for
- individuals and businesses.
- digest: 1418e1b8f9d00dbaa93584c5a4aa0d407bf955bb826c57d698f3cea38b7f6338
- home: https://github.com/truecharts/apps/tree/master/charts/stable/teedy
- icon: https://raw.githubusercontent.com/sismics/docs/v1.9/docs-web/src/main/resources/image/logo.png
- keywords:
- - teedy
- - documents
- - management
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: teedy
- sources:
- - https://github.com/sismics/docs
- - https://github.com/truecharts/apps/tree/master/charts/teedy
- urls:
- - https://github.com/truecharts/apps/releases/download/teedy-4.0.6/teedy-4.0.6.tgz
- version: 4.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -231502,39 +226405,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/testrc2-0.0.1/testrc2-0.0.1.tgz
version: 0.0.1
thelounge:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - utilities
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 4.3.0
- created: "2021-12-04T20:11:34.857953885Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: The Lounge, modern web IRC client designed for self-hosting
- digest: c3ba860f50d4cbfac58f94db1130840af65bfd94c96ade2840a6d8d1272711b2
- home: https://github.com/truecharts/apps/tree/master/charts/stable/thelounge
- icon: https://avatars.githubusercontent.com/u/14336958?s=200&v=4
- keywords:
- - thelounge
- - IRC
- - The Lounge
- - docker
- - thelounge-docker
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: thelounge
- sources:
- - https://github.com/thelounge/thelounge
- urls:
- - https://github.com/truecharts/apps/releases/download/thelounge-4.0.16/thelounge-4.0.16.tgz
- version: 4.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -233717,41 +228587,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/thelounge-1.0.0/thelounge-1.0.0.tgz
version: 1.0.0
traccar:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "4.14"
- created: "2021-12-04T20:11:35.081417412Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: Traccar is an open source GPS tracking system.
- digest: d4e5f5e2be5132046899d8ce8f38be88e5a5144db62011a06ecc314cbd05b758
- home: https://github.com/truecharts/apps/tree/master/charts/stable/traccar
- icon: https://github.com/traccar/traccar-web/raw/master/web/icon.png
- keywords:
- - traccar
- - gps
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: traccar
- sources:
- - https://github.com/traccar/traccar
- - https://hub.docker.com/r/traccar/traccar
- urls:
- - https://github.com/truecharts/apps/releases/download/traccar-4.0.6/traccar-4.0.6.tgz
- version: 4.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -234093,39 +228928,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/traccar-0.0.1/traccar-0.0.1.tgz
version: 0.0.1
traefik:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - network
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.5.4
- created: "2021-12-04T20:11:35.276369406Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Test App for Traefik
- digest: f52b47a902ded63d9d6047da38b8baca323d188ffcbb3a872c67e8cc354cf94e
- home: https://github.com/truecharts/apps/tree/master/charts/stable/traefik
- icon: https://raw.githubusercontent.com/traefik/traefik/v2.3/docs/content/assets/img/traefik.logo.png
- keywords:
- - traefik
- - ingress
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: traefik
- sources:
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/traefik-10.0.18/traefik-10.0.18.tgz
- version: 10.0.18
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -238418,39 +233220,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/traefik-0.0.1/traefik-0.0.1.tgz
version: 0.0.1
transmission:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - download-tools
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "3.00"
- created: "2021-12-04T20:11:35.463615237Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: API Support for your favorite torrent trackers.
- digest: 1145beac52049fa56ce0f1df3a09d26202b0724af474ef4edd20605f3de42f8d
- home: https://github.com/truecharts/apps/tree/master/charts/stable/transmission
- icon: https://upload.wikimedia.org/wikipedia/commons/6/6d/Transmission_icon.png
- keywords:
- - transmission
- - torrent
- - usenet
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: transmission
- sources:
- - https://github.com/transmission/transmission
- - https://hub.docker.com/r/linuxserver/transmission
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/transmission-9.0.17/transmission-9.0.17.tgz
- version: 9.0.17
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -241372,36 +236141,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/transmission-3.1.5/transmission-3.1.5.tgz
version: 3.1.5
truecommand:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - Administration
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.0.2
- created: "2021-12-04T20:11:35.64870795Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Aggregated management of TrueNAS devices
- digest: 00450c28fc61ac569982a03ed938423c3e939f1ec82da31b02b19f721da114f1
- home: https://github.com/truecharts/apps/tree/master/charts/stable/truecommand
- icon: https://www.ixsystems.com/documentation/truecommand/1.2/_static/tv-logo.png
- keywords:
- - truecommand
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: truecommand
- sources:
- - https://hub.docker.com/r/ixsystems/truecommand
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/truecommand-9.0.15/truecommand-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -243953,40 +238692,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/truecommand-3.1.5/truecommand-3.1.5.tgz
version: 3.1.5
tt-rss:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.9075.0
- created: "2021-12-04T20:11:35.845480559Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: Tiny Tiny RSS is a free and open source web-based news feed (RSS/Atom)
- reader and aggregator
- digest: 698be08debc5c3e92aee3452d033f602b5a6d3c2cdd3c52ce87c5b788b1600de
- home: https://github.com/truecharts/apps/tree/master/charts/stable/tt-rss
- icon: https://git.tt-rss.org/fox/tt-rss/raw/branch/master/images/favicon-72px.png
- keywords:
- - tt-rss
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: tt-rss
- sources:
- - https://git.tt-rss.org/fox/tt-rss
- urls:
- - https://github.com/truecharts/apps/releases/download/tt-rss-4.0.11/tt-rss-4.0.11.tgz
- version: 4.0.11
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -244624,39 +239329,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/tt-rss-0.0.1/tt-rss-0.0.1.tgz
version: 0.0.1
tvheadend:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "63784405"
- created: "2021-12-04T20:11:36.024208321Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: TVheadend - a TV streaming server and digital video recorder
- digest: 0516f205cf6062ae10b6f68b9ae9c5aa689efb794b555d0e1e9a3e15bc4e66b4
- home: https://github.com/truecharts/apps/tree/master/charts/stable/tvheadend
- icon: https://avatars.githubusercontent.com/u/1908588?s=200&v=4
- keywords:
- - tvheadend
- - tv
- - streaming
- - dvb
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: tvheadend
- sources:
- - https://github.com/tvheadend/tvheadend
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/tvheadend-10.0.15/tvheadend-10.0.15.tgz
- version: 10.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -247226,41 +241898,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/tvheadend-4.1.5/tvheadend-4.1.5.tgz
version: 4.1.5
twtxt:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.1.1
- created: "2021-12-04T20:11:36.213554869Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A Self-Hosted, Twitter™-like Decentralised microBlogging platform.
- No ads, no tracking, your content, your data!
- digest: a61432e120c8c651a14ada15405fe9f509e138baaa31673254a4418b3266fa5a
- home: https://github.com/truecharts/apps/tree/master/charts/stable/twtxt
- icon: https://twtxt.net/media/XsLsDHuisnXcL6NuUkYguK.png
- keywords:
- - twtxt
- - blogging
- - blog
- - social-network
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: twtxt
- sources:
- - https://github.com/prologic/twtxt
- - https://github.com/nicholaswilde/docker-twtxt
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/twtxt-1.0.15/twtxt-1.0.15.tgz
- version: 1.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -247522,38 +242159,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/twtxt-0.0.2/twtxt-0.0.2.tgz
version: 0.0.2
unifi:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - Networking
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 6.5.53
- created: "2021-12-04T20:11:36.394256747Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Ubiquiti Network's Unifi Controller
- digest: 60a797e5d23e9353d278f2fe63aa4d7d850372aaec5fc24a9b380df1c1b99f25
- home: https://github.com/truecharts/apps/tree/master/charts/stable/unifi
- icon: https://dl.ubnt.com/press/logo-UniFi.png
- keywords:
- - ubiquiti
- - unifi
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: unifi
- sources:
- - https://github.com/jacobalberty/unifi-docker
- - https://unifi-network.ui.com
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/unifi-9.0.15/unifi-9.0.15.tgz
- version: 9.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -250255,43 +244860,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/unifi-poller-0.0.1/unifi-poller-0.0.1.tgz
version: 0.0.1
unpackerr:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.9.8
- created: "2021-12-04T20:11:36.553056945Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: This application runs as a daemon on your download host. It checks
- for completed downloads and extracts them so Radarr, Lidarr, Sonarr, and Readarr
- may import them
- digest: 11e77b1f51b13798b1eecb40c3bc0b27e3e9ecfe63c85e58f4949869386019ae
- home: https://github.com/truecharts/apps/tree/master/charts/stable/unpackrr
- icon: https://raw.githubusercontent.com/wiki/davidnewhall/unpackerr/images/unpackerr-logo-text.png
- keywords:
- - unpackerr
- - sonarr
- - radarr
- - lidarr
- - readarr
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: unpackerr
- sources:
- - https://github.com/davidnewhall/unpackerr
- - https://hub.docker.com/r/golift/unpackerr
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/unpackerr-4.0.15/unpackerr-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -252745,40 +247313,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/unpackerr-1.0.0/unpackerr-1.0.0.tgz
version: 1.0.0
unpoller:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - metrics
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.1.3
- created: "2021-12-04T20:11:36.74570382Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Collect ALL UniFi Controller, Site, Device & Client Data - Export
- to InfluxDB or Prometheus
- digest: ee6d835d683cc0d91088de4152974736682a0cd05e801f7fae07f37bc364a824
- home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/unifi-poller
- icon: https://raw.githubusercontent.com/wiki/unifi-poller/unifi-poller/images/unifi-poller-logo.png
- keywords:
- - unifi
- - unifi-poller
- - metrics
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: unpoller
- sources:
- - https://github.com/unifi-poller/unifi-poller
- - https://hub.docker.com/r/golift/unifi-poller
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/unpoller-1.0.6/unpoller-1.0.6.tgz
- version: 1.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -252882,37 +247416,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/unpoller-1.0.1/unpoller-1.0.1.tgz
version: 1.0.1
uptime-kuma:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - monitoring
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.10.2
- created: "2021-12-04T20:11:36.928820718Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A fancy self-hosted monitoring tool
- digest: e1c9589a7c900b9909364a26612bce901763f76c3fc924c7f788477ae8a66339
- home: https://github.com/louislam/uptime-kuma
- icon: https://raw.githubusercontent.com/louislam/uptime-kuma/master/public/icon.png
- keywords:
- - monitoring
- - uptime
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: uptime-kuma
- sources:
- - https://github.com/louislam/uptime-kuma
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/uptime-kuma-1.0.16/uptime-kuma-1.0.16.tgz
- version: 1.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -253168,40 +247671,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/uptime-kuma-0.0.1/uptime-kuma-0.0.1.tgz
version: 0.0.1
uptimerobot-prometheus:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - metrics
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.0.1
- created: "2021-12-04T20:11:37.109810597Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Prometheus Exporter for the official uptimerobot CLI
- digest: 068376aa9de96d9e86d0aa125718b6e939c30d638114f59f5b788e30e5780f51
- home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/uptimerobot-prometheus
- icon: https://cdn.foliovision.com/images/2019/03/icon-uptimerobot-1024.png
- keywords:
- - uptimerobot
- - prometheus
- - grafana
- - metrics
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: uptimerobot-prometheus
- sources:
- - https://github.com/lekpamartin/uptimerobot_exporter
- - https://github.com/k8s-at-home/charts/tree/master/charts/uptimerobot-prometheus
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/uptimerobot-prometheus-1.0.5/uptimerobot-prometheus-1.0.5.tgz
- version: 1.0.5
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -253339,37 +247808,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/uptimerobot-prometheus-0.0.1/uptimerobot-prometheus-0.0.1.tgz
version: 0.0.1
valheim:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: latest
- created: "2021-12-04T20:11:37.315903783Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Valheim dedicated gameserver with automatic update and world backup
- support
- digest: ad6a221849947d44815c27f8bf98617ab1c25fedb7b04cf836411a3a17a14c27
- home: https://github.com/truecharts/apps/tree/master/charts/stable/valheim
- icon: https://raw.githubusercontent.com/lloesche/valheim-server-docker/main/misc/Logo_valheim.png
- keywords:
- - valheim
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: valheim
- sources:
- - https://github.com/lloesche/valheim-server-docker
- - https://hub.docker.com/r/lloesche/valheim-server
- urls:
- - https://github.com/truecharts/apps/releases/download/valheim-1.0.15/valheim-1.0.15.tgz
- version: 1.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -253599,45 +248037,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/valheim-0.0.2/valheim-0.0.2.tgz
version: 0.0.2
vaultwarden:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - security
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.23.0
- created: "2021-12-04T20:11:37.539737613Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: Unofficial Bitwarden compatible server written in Rust
- digest: 3a81cd8776088cfdc842746869cb166b009e36c72c08eacf084a24408ace0422
- home: https://github.com/truecharts/apps/tree/master/charts/stable/vaultwarden
- icon: https://raw.githubusercontent.com/bitwarden/brand/master/icons/256x256.png
- keywords:
- - bitwarden
- - bitwardenrs
- - bitwarden_rs
- - vaultwarden
- - password
- - rust
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: vaultwarden
- sources:
- - https://github.com/dani-garcia/vaultwarden
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/vaultwarden-13.0.6/vaultwarden-13.0.6.tgz
- version: 13.0.6
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -259250,38 +253649,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/vaultwarden-1.0.0/vaultwarden-1.0.0.tgz
version: 1.0.0
whoogle:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 0.6.0
- created: "2021-12-04T20:11:37.725678633Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A self-hosted, ad-free, privacy-respecting metasearch engine
- digest: 4b19ae1edf21c830a9dc015f7185dff8c9ac1d29bd805d82acc5d3d91bf83c3e
- home: https://github.com/truecharts/apps/tree/master/charts/stable/whoogle
- icon: https://raw.githubusercontent.com/benbusby/whoogle-search/develop/docs/banner.png
- keywords:
- - whoogle
- - search
- - open source
- - privacy
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: whoogle
- sources:
- - https://github.com/benbusby/whoogle-search
- urls:
- - https://github.com/truecharts/apps/releases/download/whoogle-1.0.15/whoogle-1.0.15.tgz
- version: 1.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -259519,40 +253886,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/whoogle-0.0.2/whoogle-0.0.2.tgz
version: 0.0.2
wiki:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 900b76a
- created: "2021-12-04T20:11:37.902272177Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: A self-hosted well uh wiki engine or content management system.
- digest: f81ad7769a378fc892c5497f28fab9ab8de60d52d04876517fa95abceca0d9da
- home: https://github.com/truecharts/apps/tree/master/charts/stable/wiki
- keywords:
- - wiki
- - web
- - blog
- - cms
- - app
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: wiki
- sources:
- - https://github.com/prologic/wiki
- - https://github.com/nicholaswilde/docker-wiki
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/wiki-1.0.15/wiki-1.0.15.tgz
- version: 1.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -259806,42 +254139,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/wiki-0.0.2/wiki-0.0.2.tgz
version: 0.0.2
wikijs:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: "2.5"
- created: "2021-12-04T20:11:38.111635689Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: postgresql.enabled
- name: postgresql
- repository: https://truecharts.org/
- version: 6.0.18
- description: Make documentation a joy to write using Wiki.js's beautiful and intuitive
- interface!
- digest: 826194ec0da4dc630bbb82d76c99bedd16112387e92bbaa4f408f522b914b9ec
- home: https://github.com/truecharts/apps/tree/master/charts/stable/wikijs
- icon: https://static.requarks.io/logo/wikijs-butterfly.svg
- keywords:
- - wiki
- - wikijs
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: wikijs
- sources:
- - https://hub.docker.com/r/linuxserver/wikijs/
- - https://github.com/Requarks/wiki
- urls:
- - https://github.com/truecharts/apps/releases/download/wikijs-4.0.5/wikijs-4.0.5.tgz
- version: 4.0.5
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -260193,41 +254490,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/wikijs-0.0.1/wikijs-0.0.1.tgz
version: 0.0.1
xbackbone:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - files
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 3.3.3
- created: "2021-12-04T20:11:38.310759317Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- - condition: mariadb.enabled
- name: mariadb
- repository: https://truecharts.org/
- version: 1.0.20
- description: XBackBone is a simple, self-hosted, lightweight PHP file manager
- digest: 6a7cce11ea565d0fa86fd7c10734a38e0b8b8a78e3740770dd2f49387fc676f0
- home: https://github.com/truechartsapps/tree/master/charts/stable/xbackbone
- icon: https://github.com/SergiX44/XBackBone/raw/master/.github/xbackbone.png
- keywords:
- - xbackbone
- - xshare
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: xbackbone
- sources:
- - https://github.com/SergiX44/XBackBone
- - https://hub.docker.com/r/pe46dro/xbackbone-docker
- urls:
- - https://github.com/truecharts/apps/releases/download/xbackbone-0.0.4/xbackbone-0.0.4.tgz
- version: 0.0.4
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -260299,39 +254561,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/xbackbone-0.0.1/xbackbone-0.0.1.tgz
version: 0.0.1
xteve:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 2.2.0.200
- created: "2021-12-04T20:11:38.511725961Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: M3U Proxy for Plex DVR and Emby Live TV.
- digest: 4b679f2b77471af2b39f2beced8ed8f51ae2a25828a0ad07f1cc3b2731d16904
- home: https://github.com/truechartsapps/tree/master/charts/stable/xteve
- icon: https://raw.githubusercontent.com/xteve-project/xTeVe/master/html/img/logo_b_880x200.jpg
- keywords:
- - xteve
- - iptv
- - plex
- - emby
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: xteve
- sources:
- - https://github.com/xteve-project/xTeVe
- - https://github.com/k8s-at-home/container-images
- urls:
- - https://github.com/truecharts/apps/releases/download/xteve-4.0.15/xteve-4.0.15.tgz
- version: 4.0.15
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -261949,38 +256178,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/xteve-1.0.1/xteve-1.0.1.tgz
version: 1.0.1
zigbee2mqtt:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - media
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 1.22.1
- created: "2021-12-04T20:11:38.693806849Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Bridges events and allows you to control your Zigbee devices via
- MQTT
- digest: a97cc8875f67279c78b14d0913bc4f41957752b2f56166db52ad0083f4864bdd
- home: https://github.com/truecharts/apps/tree/master/charts/stable/zigbee2mqtt
- icon: https://www.zigbee2mqtt.io/images/logo.png
- keywords:
- - zigbee
- - mqtt
- - home-assistant
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: zigbee2mqtt
- sources:
- - https://github.com/Koenkk/zigbee2mqtt
- urls:
- - https://github.com/truecharts/apps/releases/download/zigbee2mqtt-1.0.16/zigbee2mqtt-1.0.16.tgz
- version: 1.0.16
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -262250,41 +256447,6 @@ entries:
- https://github.com/truecharts/apps/releases/download/zigbee2mqtt-0.0.2/zigbee2mqtt-0.0.2.tgz
version: 0.0.2
zwavejs2mqtt:
- - annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - tools
- truecharts.org/grade: U
- apiVersion: v2
- appVersion: 6.0.3
- created: "2021-12-04T20:11:38.883726102Z"
- dependencies:
- - name: common
- repository: https://truecharts.org
- version: 8.9.10
- description: Fully configurable Zwave to MQTT gateway and Control Panel using
- NodeJS and Vue
- digest: e853dabcf8d7c1012f1f5a1beca2ae3dc53829b19f3ef2a76325c292eac116e3
- home: https://github.com/truecharts/apps/tree/master/charts/stable/zwavejs2mqtt
- icon: https://raw.githubusercontent.com/zwave-js/zwavejs2mqtt/master/static/logo.png
- keywords:
- - zwavejs2mqtt
- - zwave-js
- - z-wave
- - zwave
- kubeVersion: '>=1.16.0-0'
- maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- name: zwavejs2mqtt
- sources:
- - https://github.com/zwave-js/zwavejs2mqtt
- - https://hub.docker.com/r/zwavejs/zwavejs2mqtt
- type: application
- urls:
- - https://github.com/truecharts/apps/releases/download/zwavejs2mqtt-9.0.19/zwavejs2mqtt-9.0.19.tgz
- version: 9.0.19
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@@ -266209,4 +260371,4 @@ entries:
urls:
- https://github.com/truecharts/apps/releases/download/zwavejs2mqtt-3.1.5/zwavejs2mqtt-3.1.5.tgz
version: 3.1.5
-generated: "2021-12-04T20:11:38.987556951Z"
+generated: "2021-12-04T20:34:31.821077178Z"