Commit released Helm Chart and docs for TrueCharts
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="koel-0.0.3"></a>
|
||||
### [koel-0.0.3](https://github.com/truecharts/apps/compare/koel-0.0.1...koel-0.0.3) (2022-03-16)
|
||||
|
||||
#### Fix
|
||||
|
||||
* use installContainer to init app and run as www-data ([#2189](https://github.com/truecharts/apps/issues/2189))
|
||||
|
||||
|
||||
|
||||
<a name="koel-0.0.1"></a>
|
||||
### koel-0.0.1 (2022-03-15)
|
||||
|
||||
|
||||
@@ -19,7 +19,7 @@ Kubernetes: `>=1.16.0-0`
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://truecharts.org/ | postgresql | 7.0.2 |
|
||||
| https://truecharts.org/ | mariadb | 2.0.4 |
|
||||
| https://truecharts.org | common | 9.1.2 |
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
@@ -11,22 +11,53 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| env.DB_CONNECTION | string | `"pgsql"` | |
|
||||
| env.DB_DATABASE | string | `"{{ .Values.postgresql.postgresqlDatabase }}"` | |
|
||||
| env.DB_USERNAME | string | `"{{ .Values.postgresql.postgresqlUsername }}"` | |
|
||||
| env.DB_CONNECTION | string | `"mysql"` | |
|
||||
| env.DB_DATABASE | string | `"{{ .Values.mariadb.mariadbDatabase }}"` | |
|
||||
| env.DB_USERNAME | string | `"{{ .Values.mariadb.mariadbUsername }}"` | |
|
||||
| env.FORCE_HTTPS | bool | `false` | |
|
||||
| env.LASTFM_API_KEY | string | `""` | |
|
||||
| env.LASTFM_API_SECRET | string | `""` | |
|
||||
| env.MEMORY_LIMIT | int | `2048` | |
|
||||
| env.YOUTUBE_API_KEY | string | `""` | |
|
||||
| envValueFrom.APP_KEY.secretKeyRef.key | string | `"APP_KEY"` | |
|
||||
| envValueFrom.APP_KEY.secretKeyRef.name | string | `"koel-secrets"` | |
|
||||
| envValueFrom.DB_HOST.secretKeyRef.key | string | `"plainhost"` | |
|
||||
| envValueFrom.DB_HOST.secretKeyRef.name | string | `"dbcreds"` | |
|
||||
| envValueFrom.DB_PASSWORD.secretKeyRef.key | string | `"postgresql-password"` | |
|
||||
| envValueFrom.DB_PASSWORD.secretKeyRef.name | string | `"dbcreds"` | |
|
||||
| envValueFrom.DB_HOST.secretKeyRef.name | string | `"mariadbcreds"` | |
|
||||
| envValueFrom.DB_PASSWORD.secretKeyRef.key | string | `"mariadb-password"` | |
|
||||
| envValueFrom.DB_PASSWORD.secretKeyRef.name | string | `"mariadbcreds"` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"hyzual/koel"` | |
|
||||
| image.tag | string | `"latest@sha256:fa4bafbe3ae869f153bdc3bc87db739f300bef6cc94e398d7efa587a443f86fa"` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/koel"` | |
|
||||
| image.tag | string | `"latest@sha256:4fdc640e5b7d3fd6dd32e61f70bd9d9ac9f59b43d553064a19453b04de0251f1"` | |
|
||||
| installContainers.initdb.command[0] | string | `"php"` | |
|
||||
| installContainers.initdb.command[1] | string | `"artisan"` | |
|
||||
| installContainers.initdb.command[2] | string | `"koel:init"` | |
|
||||
| installContainers.initdb.command[3] | string | `"--no-assets"` | |
|
||||
| installContainers.initdb.env[0].name | string | `"DB_CONNECTION"` | |
|
||||
| installContainers.initdb.env[0].value | string | `"mysql"` | |
|
||||
| installContainers.initdb.env[1].name | string | `"DB_USERNAME"` | |
|
||||
| installContainers.initdb.env[1].value | string | `"{{ .Values.mariadb.mariadbUsername }}"` | |
|
||||
| installContainers.initdb.env[2].name | string | `"DB_DATABASE"` | |
|
||||
| installContainers.initdb.env[2].value | string | `"{{ .Values.mariadb.mariadbDatabase }}"` | |
|
||||
| installContainers.initdb.env[3].name | string | `"DB_HOST"` | |
|
||||
| installContainers.initdb.env[3].valueFrom.secretKeyRef.key | string | `"plainhost"` | |
|
||||
| installContainers.initdb.env[3].valueFrom.secretKeyRef.name | string | `"mariadbcreds"` | |
|
||||
| installContainers.initdb.env[4].name | string | `"DB_PASSWORD"` | |
|
||||
| installContainers.initdb.env[4].valueFrom.secretKeyRef.key | string | `"mariadb-password"` | |
|
||||
| installContainers.initdb.env[4].valueFrom.secretKeyRef.name | string | `"mariadbcreds"` | |
|
||||
| installContainers.initdb.env[5].name | string | `"APP_KEY"` | |
|
||||
| installContainers.initdb.env[5].valueFrom.secretKeyRef.key | string | `"APP_KEY"` | |
|
||||
| installContainers.initdb.env[5].valueFrom.secretKeyRef.name | string | `"koel-secrets"` | |
|
||||
| installContainers.initdb.image | string | `"{{ .Values.image.repository }}:{{ .Values.image.tag }}"` | |
|
||||
| installContainers.initdb.volumeMounts[0].mountPath | string | `"/music"` | |
|
||||
| installContainers.initdb.volumeMounts[0].name | string | `"music"` | |
|
||||
| installContainers.initdb.volumeMounts[1].mountPath | string | `"/var/www/html/public/img/covers"` | |
|
||||
| installContainers.initdb.volumeMounts[1].name | string | `"covers"` | |
|
||||
| installContainers.initdb.volumeMounts[2].mountPath | string | `"/var/www/html/storage/search-indexes"` | |
|
||||
| installContainers.initdb.volumeMounts[2].name | string | `"searchindex"` | |
|
||||
| mariadb.enabled | bool | `true` | |
|
||||
| mariadb.existingSecret | string | `"mariadbcreds"` | |
|
||||
| mariadb.mariadbDatabase | string | `"koel"` | |
|
||||
| mariadb.mariadbUsername | string | `"koel"` | |
|
||||
| persistence.covers.enabled | bool | `true` | |
|
||||
| persistence.covers.mountPath | string | `"/var/www/html/public/img/covers"` | |
|
||||
| persistence.music.enabled | bool | `true` | |
|
||||
@@ -35,10 +66,6 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| persistence.searchindex.mountPath | string | `"/var/www/html/storage/search-indexes"` | |
|
||||
| podSecurityContext.runAsGroup | int | `0` | |
|
||||
| podSecurityContext.runAsUser | int | `0` | |
|
||||
| postgresql.enabled | bool | `true` | |
|
||||
| postgresql.existingSecret | string | `"dbcreds"` | |
|
||||
| postgresql.postgresqlDatabase | string | `"koel"` | |
|
||||
| postgresql.postgresqlUsername | string | `"koel"` | |
|
||||
| securityContext.readOnlyRootFilesystem | bool | `false` | |
|
||||
| securityContext.runAsNonRoot | bool | `false` | |
|
||||
| service.main.ports.main.port | int | `10185` | |
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="koel-0.0.3"></a>
|
||||
### [koel-0.0.3](https://github.com/truecharts/apps/compare/koel-0.0.1...koel-0.0.3) (2022-03-16)
|
||||
|
||||
#### Fix
|
||||
|
||||
* use installContainer to init app and run as www-data ([#2189](https://github.com/truecharts/apps/issues/2189))
|
||||
|
||||
|
||||
|
||||
<a name="koel-0.0.1"></a>
|
||||
### koel-0.0.1 (2022-03-15)
|
||||
|
||||
|
||||
@@ -11,22 +11,53 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| env.DB_CONNECTION | string | `"pgsql"` | |
|
||||
| env.DB_DATABASE | string | `"{{ .Values.postgresql.postgresqlDatabase }}"` | |
|
||||
| env.DB_USERNAME | string | `"{{ .Values.postgresql.postgresqlUsername }}"` | |
|
||||
| env.DB_CONNECTION | string | `"mysql"` | |
|
||||
| env.DB_DATABASE | string | `"{{ .Values.mariadb.mariadbDatabase }}"` | |
|
||||
| env.DB_USERNAME | string | `"{{ .Values.mariadb.mariadbUsername }}"` | |
|
||||
| env.FORCE_HTTPS | bool | `false` | |
|
||||
| env.LASTFM_API_KEY | string | `""` | |
|
||||
| env.LASTFM_API_SECRET | string | `""` | |
|
||||
| env.MEMORY_LIMIT | int | `2048` | |
|
||||
| env.YOUTUBE_API_KEY | string | `""` | |
|
||||
| envValueFrom.APP_KEY.secretKeyRef.key | string | `"APP_KEY"` | |
|
||||
| envValueFrom.APP_KEY.secretKeyRef.name | string | `"koel-secrets"` | |
|
||||
| envValueFrom.DB_HOST.secretKeyRef.key | string | `"plainhost"` | |
|
||||
| envValueFrom.DB_HOST.secretKeyRef.name | string | `"dbcreds"` | |
|
||||
| envValueFrom.DB_PASSWORD.secretKeyRef.key | string | `"postgresql-password"` | |
|
||||
| envValueFrom.DB_PASSWORD.secretKeyRef.name | string | `"dbcreds"` | |
|
||||
| envValueFrom.DB_HOST.secretKeyRef.name | string | `"mariadbcreds"` | |
|
||||
| envValueFrom.DB_PASSWORD.secretKeyRef.key | string | `"mariadb-password"` | |
|
||||
| envValueFrom.DB_PASSWORD.secretKeyRef.name | string | `"mariadbcreds"` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"hyzual/koel"` | |
|
||||
| image.tag | string | `"latest@sha256:fa4bafbe3ae869f153bdc3bc87db739f300bef6cc94e398d7efa587a443f86fa"` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/koel"` | |
|
||||
| image.tag | string | `"latest@sha256:4fdc640e5b7d3fd6dd32e61f70bd9d9ac9f59b43d553064a19453b04de0251f1"` | |
|
||||
| installContainers.initdb.command[0] | string | `"php"` | |
|
||||
| installContainers.initdb.command[1] | string | `"artisan"` | |
|
||||
| installContainers.initdb.command[2] | string | `"koel:init"` | |
|
||||
| installContainers.initdb.command[3] | string | `"--no-assets"` | |
|
||||
| installContainers.initdb.env[0].name | string | `"DB_CONNECTION"` | |
|
||||
| installContainers.initdb.env[0].value | string | `"mysql"` | |
|
||||
| installContainers.initdb.env[1].name | string | `"DB_USERNAME"` | |
|
||||
| installContainers.initdb.env[1].value | string | `"{{ .Values.mariadb.mariadbUsername }}"` | |
|
||||
| installContainers.initdb.env[2].name | string | `"DB_DATABASE"` | |
|
||||
| installContainers.initdb.env[2].value | string | `"{{ .Values.mariadb.mariadbDatabase }}"` | |
|
||||
| installContainers.initdb.env[3].name | string | `"DB_HOST"` | |
|
||||
| installContainers.initdb.env[3].valueFrom.secretKeyRef.key | string | `"plainhost"` | |
|
||||
| installContainers.initdb.env[3].valueFrom.secretKeyRef.name | string | `"mariadbcreds"` | |
|
||||
| installContainers.initdb.env[4].name | string | `"DB_PASSWORD"` | |
|
||||
| installContainers.initdb.env[4].valueFrom.secretKeyRef.key | string | `"mariadb-password"` | |
|
||||
| installContainers.initdb.env[4].valueFrom.secretKeyRef.name | string | `"mariadbcreds"` | |
|
||||
| installContainers.initdb.env[5].name | string | `"APP_KEY"` | |
|
||||
| installContainers.initdb.env[5].valueFrom.secretKeyRef.key | string | `"APP_KEY"` | |
|
||||
| installContainers.initdb.env[5].valueFrom.secretKeyRef.name | string | `"koel-secrets"` | |
|
||||
| installContainers.initdb.image | string | `"{{ .Values.image.repository }}:{{ .Values.image.tag }}"` | |
|
||||
| installContainers.initdb.volumeMounts[0].mountPath | string | `"/music"` | |
|
||||
| installContainers.initdb.volumeMounts[0].name | string | `"music"` | |
|
||||
| installContainers.initdb.volumeMounts[1].mountPath | string | `"/var/www/html/public/img/covers"` | |
|
||||
| installContainers.initdb.volumeMounts[1].name | string | `"covers"` | |
|
||||
| installContainers.initdb.volumeMounts[2].mountPath | string | `"/var/www/html/storage/search-indexes"` | |
|
||||
| installContainers.initdb.volumeMounts[2].name | string | `"searchindex"` | |
|
||||
| mariadb.enabled | bool | `true` | |
|
||||
| mariadb.existingSecret | string | `"mariadbcreds"` | |
|
||||
| mariadb.mariadbDatabase | string | `"koel"` | |
|
||||
| mariadb.mariadbUsername | string | `"koel"` | |
|
||||
| persistence.covers.enabled | bool | `true` | |
|
||||
| persistence.covers.mountPath | string | `"/var/www/html/public/img/covers"` | |
|
||||
| persistence.music.enabled | bool | `true` | |
|
||||
@@ -35,10 +66,6 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| persistence.searchindex.mountPath | string | `"/var/www/html/storage/search-indexes"` | |
|
||||
| podSecurityContext.runAsGroup | int | `0` | |
|
||||
| podSecurityContext.runAsUser | int | `0` | |
|
||||
| postgresql.enabled | bool | `true` | |
|
||||
| postgresql.existingSecret | string | `"dbcreds"` | |
|
||||
| postgresql.postgresqlDatabase | string | `"koel"` | |
|
||||
| postgresql.postgresqlUsername | string | `"koel"` | |
|
||||
| securityContext.readOnlyRootFilesystem | bool | `false` | |
|
||||
| securityContext.runAsNonRoot | bool | `false` | |
|
||||
| service.main.ports.main.port | int | `10185` | |
|
||||
|
||||
@@ -19,7 +19,7 @@ Kubernetes: `>=1.16.0-0`
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://truecharts.org/ | postgresql | 7.0.2 |
|
||||
| https://truecharts.org/ | mariadb | 2.0.4 |
|
||||
| https://truecharts.org | common | 9.1.2 |
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: filebrowser/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-filebrowser' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
@@ -50,11 +50,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -84,11 +84,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -118,11 +118,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/filebrowser:v2.21.1@sha256:cc3a61d4ce3dc9be992c2d05044f6a55aa9d6e38c84871314dda77712630a10c (alpine 3.15.0)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| libcrypto1.1 | CVE-2022-0778 | HIGH | 1.1.1l-r7 | 1.1.1n-r0 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246</a><br><a href="https://ubuntu.com/security/notices/USN-5328-1">https://ubuntu.com/security/notices/USN-5328-1</a><br><a href="https://ubuntu.com/security/notices/USN-5328-2">https://ubuntu.com/security/notices/USN-5328-2</a><br><a href="https://www.debian.org/security/2022/dsa-5103">https://www.debian.org/security/2022/dsa-5103</a><br><a href="https://www.openssl.org/news/secadv/20220315.txt">https://www.openssl.org/news/secadv/20220315.txt</a><br></details> |
|
||||
@@ -130,10 +130,9 @@ hide:
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| github.com/miekg/dns | CVE-2019-19794 | MEDIUM | v1.1.3 | 1.1.25-0.20191211073109-8ebf2e419df7 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-44r7-7p62-q3fr">https://github.com/advisories/GHSA-44r7-7p62-q3fr</a><br><a href="https://github.com/coredns/coredns/issues/3519">https://github.com/coredns/coredns/issues/3519</a><br><a href="https://github.com/coredns/coredns/issues/3547">https://github.com/coredns/coredns/issues/3547</a><br><a href="https://github.com/miekg/dns/commit/8ebf2e419df7857ac8919baa05248789a8ffbf33">https://github.com/miekg/dns/commit/8ebf2e419df7857ac8919baa05248789a8ffbf33</a><br><a href="https://github.com/miekg/dns/compare/v1.1.24...v1.1.25">https://github.com/miekg/dns/compare/v1.1.24...v1.1.25</a><br><a href="https://github.com/miekg/dns/issues/1043">https://github.com/miekg/dns/issues/1043</a><br><a href="https://github.com/miekg/dns/pull/1044">https://github.com/miekg/dns/pull/1044</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-19794">https://nvd.nist.gov/vuln/detail/CVE-2019-19794</a><br></details> |
|
||||
| golang.org/x/text | CVE-2020-14040 | HIGH | v0.3.2 | 0.3.3 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040</a><br><a href="https://github.com/advisories/GHSA-5rcv-m4m3-hfh7">https://github.com/advisories/GHSA-5rcv-m4m3-hfh7</a><br><a href="https://github.com/golang/go/issues/39491">https://github.com/golang/go/issues/39491</a><br><a href="https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e">https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e</a><br><a href="https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0">https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0</a><br><a href="https://linux.oracle.com/cve/CVE-2020-14040.html">https://linux.oracle.com/cve/CVE-2020-14040.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-4694.html">https://linux.oracle.com/errata/ELSA-2020-4694.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-14040">https://nvd.nist.gov/vuln/detail/CVE-2020-14040</a><br></details> |
|
||||
| golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.2 | 0.3.7 | <details><summary>Expand...</summary></details> |
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: hammond/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-hammond' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
@@ -50,11 +50,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -84,11 +84,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -118,11 +118,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/hammond:1.0.0@sha256:a38f0455634f15a38535b6f067f0cd6b62770df51d0c40c5f09ad19cbe066702 (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -152,9 +152,8 @@ hide:
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| github.com/dgrijalva/jwt-go | CVE-2020-26160 | HIGH | v3.2.0+incompatible | | <details><summary>Expand...</summary><a href="https://github.com/dgrijalva/jwt-go/pull/426">https://github.com/dgrijalva/jwt-go/pull/426</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-26160">https://nvd.nist.gov/vuln/detail/CVE-2020-26160</a><br><a href="https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515">https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515</a><br></details> |
|
||||
| github.com/satori/go.uuid | CVE-2021-3538 | CRITICAL | v1.2.0 | 1.2.1-0.20181016170032-d91630c85102 | <details><summary>Expand...</summary><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1954376">https://bugzilla.redhat.com/show_bug.cgi?id=1954376</a><br><a href="https://github.com/satori/go.uuid/issues/73">https://github.com/satori/go.uuid/issues/73</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3538">https://nvd.nist.gov/vuln/detail/CVE-2021-3538</a><br><a href="https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSATORIGOUUID-72488">https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSATORIGOUUID-72488</a><br></details> |
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: ispy-agent-dvr/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-ispy-agent-dvr' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
@@ -51,11 +51,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -85,11 +85,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -119,11 +119,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/ispy-agent-dvr:3.8.8.0@sha256:800c7a6f5892ad70b6174f524c0211efcb88cfe41d818a3fca9f0d5bc7d24585 (ubuntu 18.04)
|
||||
|
||||
|
||||
|
||||
**ubuntu**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2020-27350 | MEDIUM | 1.6.12ubuntu0.1 | 1.6.12ubuntu0.2 | <details><summary>Expand...</summary><a href="https://bugs.launchpad.net/bugs/1899193">https://bugs.launchpad.net/bugs/1899193</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350</a><br><a href="https://security.netapp.com/advisory/ntap-20210108-0005/">https://security.netapp.com/advisory/ntap-20210108-0005/</a><br><a href="https://ubuntu.com/security/notices/USN-4667-1">https://ubuntu.com/security/notices/USN-4667-1</a><br><a href="https://ubuntu.com/security/notices/USN-4667-2">https://ubuntu.com/security/notices/USN-4667-2</a><br><a href="https://usn.ubuntu.com/usn/usn-4667-1">https://usn.ubuntu.com/usn/usn-4667-1</a><br><a href="https://www.debian.org/security/2020/dsa-4808">https://www.debian.org/security/2020/dsa-4808</a><br></details> |
|
||||
@@ -894,4 +894,3 @@ hide:
|
||||
| tar | CVE-2019-9923 | LOW | 1.29b-2ubuntu0.1 | 1.29b-2ubuntu0.2 | <details><summary>Expand...</summary><a href="http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120">http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html">http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html</a><br><a href="http://savannah.gnu.org/bugs/?55369">http://savannah.gnu.org/bugs/?55369</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241">https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923</a><br><a href="https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://ubuntu.com/security/notices/USN-4692-1">https://ubuntu.com/security/notices/USN-4692-1</a><br></details> |
|
||||
| tar | CVE-2021-20193 | LOW | 1.29b-2ubuntu0.1 | 1.29b-2ubuntu0.3 | <details><summary>Expand...</summary><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1917565">https://bugzilla.redhat.com/show_bug.cgi?id=1917565</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193</a><br><a href="https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777">https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777</a><br><a href="https://savannah.gnu.org/bugs/?59897">https://savannah.gnu.org/bugs/?59897</a><br><a href="https://security.gentoo.org/glsa/202105-29">https://security.gentoo.org/glsa/202105-29</a><br><a href="https://ubuntu.com/security/notices/USN-5329-1">https://ubuntu.com/security/notices/USN-5329-1</a><br></details> |
|
||||
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | <details><summary>Expand...</summary><a href="http://vladz.devzero.fr/012_x11-common-vuln.html">http://vladz.devzero.fr/012_x11-common-vuln.html</a><br><a href="http://www.openwall.com/lists/oss-security/2012/02/29/1">http://www.openwall.com/lists/oss-security/2012/02/29/1</a><br><a href="http://www.openwall.com/lists/oss-security/2012/03/01/1">http://www.openwall.com/lists/oss-security/2012/03/01/1</a><br><a href="https://access.redhat.com/security/cve/cve-2012-1093">https://access.redhat.com/security/cve/cve-2012-1093</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2012-1093">https://security-tracker.debian.org/tracker/CVE-2012-1093</a><br></details> |
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: lanraragi/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-lanraragi' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
@@ -52,11 +52,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -86,11 +86,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -120,11 +120,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/lanraragi:v0.8.4@sha256:e41603c23afbb27544cdef8cf30f4e568eb499bd3221f81953e6cd60c469ab25 (alpine 3.12.9)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| expat | CVE-2022-22822 | CRITICAL | 2.2.9-r1 | 2.2.10-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||||
@@ -158,9 +158,6 @@ hide:
|
||||
|
||||
**node-pkg**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: makemkv/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-makemkv' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
@@ -52,11 +52,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -86,11 +86,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -120,11 +120,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/makemkv:v1.21.3@sha256:f118ce074c75f8544913c1ed1f2354613e3a8838061aa7d44c323a52a811f23d (alpine 3.15.0)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| expat | CVE-2022-22822 | CRITICAL | 2.4.1-r0 | 2.4.3-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||||
@@ -159,4 +159,3 @@ hide:
|
||||
| mcookie | CVE-2021-3996 | MEDIUM | 2.37.2-r1 | 2.37.3-r0 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996</a><br><a href="https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes">https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes</a><br><a href="https://ubuntu.com/security/notices/USN-5279-1">https://ubuntu.com/security/notices/USN-5279-1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/01/24/2">https://www.openwall.com/lists/oss-security/2022/01/24/2</a><br></details> |
|
||||
| mcookie | CVE-2022-0563 | MEDIUM | 2.37.2-r1 | 2.37.4-r0 | <details><summary>Expand...</summary><a href="https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u">https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u</a><br></details> |
|
||||
| openssl | CVE-2022-0778 | HIGH | 1.1.1l-r8 | 1.1.1n-r0 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246</a><br><a href="https://ubuntu.com/security/notices/USN-5328-1">https://ubuntu.com/security/notices/USN-5328-1</a><br><a href="https://ubuntu.com/security/notices/USN-5328-2">https://ubuntu.com/security/notices/USN-5328-2</a><br><a href="https://www.debian.org/security/2022/dsa-5103">https://www.debian.org/security/2022/dsa-5103</a><br><a href="https://www.openssl.org/news/secadv/20220315.txt">https://www.openssl.org/news/secadv/20220315.txt</a><br></details> |
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: nextpvr/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-nextpvr' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
@@ -50,11 +50,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -84,11 +84,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -118,11 +118,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/nextpvr:latest@sha256:376eadecab56535b4e15e7b75278b1e5bc8040e33041c07b884d90021ed86b2b (ubuntu 18.04)
|
||||
|
||||
|
||||
|
||||
**ubuntu**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2020-27350 | MEDIUM | 1.6.12ubuntu0.1 | 1.6.12ubuntu0.2 | <details><summary>Expand...</summary><a href="https://bugs.launchpad.net/bugs/1899193">https://bugs.launchpad.net/bugs/1899193</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350</a><br><a href="https://security.netapp.com/advisory/ntap-20210108-0005/">https://security.netapp.com/advisory/ntap-20210108-0005/</a><br><a href="https://ubuntu.com/security/notices/USN-4667-1">https://ubuntu.com/security/notices/USN-4667-1</a><br><a href="https://ubuntu.com/security/notices/USN-4667-2">https://ubuntu.com/security/notices/USN-4667-2</a><br><a href="https://usn.ubuntu.com/usn/usn-4667-1">https://usn.ubuntu.com/usn/usn-4667-1</a><br><a href="https://www.debian.org/security/2020/dsa-4808">https://www.debian.org/security/2020/dsa-4808</a><br></details> |
|
||||
@@ -1155,4 +1155,3 @@ hide:
|
||||
| tar | CVE-2019-9923 | LOW | 1.29b-2ubuntu0.1 | 1.29b-2ubuntu0.2 | <details><summary>Expand...</summary><a href="http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120">http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html">http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html</a><br><a href="http://savannah.gnu.org/bugs/?55369">http://savannah.gnu.org/bugs/?55369</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241">https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923</a><br><a href="https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://ubuntu.com/security/notices/USN-4692-1">https://ubuntu.com/security/notices/USN-4692-1</a><br></details> |
|
||||
| tar | CVE-2021-20193 | LOW | 1.29b-2ubuntu0.1 | 1.29b-2ubuntu0.3 | <details><summary>Expand...</summary><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1917565">https://bugzilla.redhat.com/show_bug.cgi?id=1917565</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193</a><br><a href="https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777">https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777</a><br><a href="https://savannah.gnu.org/bugs/?59897">https://savannah.gnu.org/bugs/?59897</a><br><a href="https://security.gentoo.org/glsa/202105-29">https://security.gentoo.org/glsa/202105-29</a><br><a href="https://ubuntu.com/security/notices/USN-5329-1">https://ubuntu.com/security/notices/USN-5329-1</a><br></details> |
|
||||
| x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | | <details><summary>Expand...</summary><a href="http://vladz.devzero.fr/012_x11-common-vuln.html">http://vladz.devzero.fr/012_x11-common-vuln.html</a><br><a href="http://www.openwall.com/lists/oss-security/2012/02/29/1">http://www.openwall.com/lists/oss-security/2012/02/29/1</a><br><a href="http://www.openwall.com/lists/oss-security/2012/03/01/1">http://www.openwall.com/lists/oss-security/2012/03/01/1</a><br><a href="https://access.redhat.com/security/cve/cve-2012-1093">https://access.redhat.com/security/cve/cve-2012-1093</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2012-1093">https://security-tracker.debian.org/tracker/CVE-2012-1093</a><br></details> |
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: tinymediamanager/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-tinymediamanager' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
@@ -52,11 +52,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -86,11 +86,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -120,11 +120,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/tinymediamanager:v4.2.7@sha256:ed1883ca3a17969f12810143bed84eb94998e8bf1e65bc9d4717d1605ee03ef5 (debian 10.10)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
@@ -826,7 +826,7 @@ hide:
|
||||
|
||||
**jar**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| ch.qos.logback:logback-core | CVE-2021-42550 | MEDIUM | 1.2.3 | | <details><summary>Expand...</summary><a href="http://logback.qos.ch/news.html">http://logback.qos.ch/news.html</a><br><a href="https://cve.report/CVE-2021-42550">https://cve.report/CVE-2021-42550</a><br><a href="https://github.com/advisories/GHSA-668q-qrv7-99fm">https://github.com/advisories/GHSA-668q-qrv7-99fm</a><br><a href="https://github.com/cn-panda/logbackRceDemo">https://github.com/cn-panda/logbackRceDemo</a><br><a href="https://github.com/qos-ch/logback/blob/1502cba4c1dfd135b2e715bc0cf80c0045d4d128/logback-site/src/site/pages/news.html">https://github.com/qos-ch/logback/blob/1502cba4c1dfd135b2e715bc0cf80c0045d4d128/logback-site/src/site/pages/news.html</a><br><a href="https://github.com/qos-ch/logback/commit/87291079a1de9369ac67e20dc70a8fdc7cc4359c">https://github.com/qos-ch/logback/commit/87291079a1de9369ac67e20dc70a8fdc7cc4359c</a><br><a href="https://github.com/qos-ch/logback/commit/ef4fc4186b74b45ce80d86833820106ff27edd42">https://github.com/qos-ch/logback/commit/ef4fc4186b74b45ce80d86833820106ff27edd42</a><br><a href="https://jira.qos.ch/browse/LOGBACK-1591">https://jira.qos.ch/browse/LOGBACK-1591</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42550">https://nvd.nist.gov/vuln/detail/CVE-2021-42550</a><br><a href="https://security.netapp.com/advisory/ntap-20211229-0001/">https://security.netapp.com/advisory/ntap-20211229-0001/</a><br></details> |
|
||||
@@ -840,9 +840,6 @@ hide:
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
+39
-1
@@ -27813,6 +27813,44 @@ entries:
|
||||
- https://github.com/truecharts/apps/releases/download/kodi-headless-0.0.1/kodi-headless-0.0.1.tgz
|
||||
version: 0.0.1
|
||||
koel:
|
||||
- annotations:
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/catagories: |
|
||||
- media
|
||||
truecharts.org/grade: U
|
||||
apiVersion: v2
|
||||
appVersion: latest
|
||||
created: "2022-03-16T20:26:11.938710299Z"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
version: 9.1.2
|
||||
- condition: mariadb.enabled
|
||||
name: mariadb
|
||||
repository: https://truecharts.org/
|
||||
version: 2.0.4
|
||||
description: Koel is a simple web-based personal audio streaming service written
|
||||
in Vue on the client side and Laravel on the server side.
|
||||
digest: dd45b1e0f7467adc8c559b8612f07003dbb54fb65c7d2e3cb27bced48c63420e
|
||||
home: https://github.com/truecharts/apps/tree/master/charts/stable/koel
|
||||
icon: https://truecharts.org/_static/img/appicons/koel.png
|
||||
keywords:
|
||||
- koel
|
||||
- music
|
||||
- stream
|
||||
kubeVersion: '>=1.16.0-0'
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
url: https://truecharts.org
|
||||
name: koel
|
||||
sources:
|
||||
- https://github.com/koel/docker
|
||||
- https://hub.docker.com/r/hyzual/koel
|
||||
- https://github.com/koel/koel
|
||||
urls:
|
||||
- https://github.com/truecharts/apps/releases/download/koel-0.0.3/koel-0.0.3.tgz
|
||||
version: 0.0.3
|
||||
- annotations:
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/catagories: |
|
||||
@@ -77224,4 +77262,4 @@ entries:
|
||||
urls:
|
||||
- https://github.com/truecharts/apps/releases/download/zwavejs2mqtt-9.0.24/zwavejs2mqtt-9.0.24.tgz
|
||||
version: 9.0.24
|
||||
generated: "2022-03-16T19:49:38.864419085Z"
|
||||
generated: "2022-03-16T20:26:11.946140179Z"
|
||||
|
||||
Reference in New Issue
Block a user