Commit released Helm Chart and docs for TrueCharts
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="prometheus-1.1.19"></a>
|
||||
### [prometheus-1.1.19](https://github.com/truecharts/apps/compare/prometheus-1.1.18...prometheus-1.1.19) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="prometheus-1.1.18"></a>
|
||||
### [prometheus-1.1.18](https://github.com/truecharts/apps/compare/prometheus-1.1.17...prometheus-1.1.18) (2021-12-13)
|
||||
|
||||
|
||||
@@ -88,7 +88,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| alertmanager.volumeMounts | list | `[]` | |
|
||||
| alertmanager.volumes | list | `[]` | |
|
||||
| alertmanagerImage.repository | string | `"tccr.io/truecharts/alertmanager"` | |
|
||||
| alertmanagerImage.tag | string | `"v0.23.0@sha256:4018c88a4130dd6ae5cf9c9491235e543fc1d9db7c94ad8645a0da9fcf521ddc"` | |
|
||||
| alertmanagerImage.tag | string | `"v0.23.0@sha256:877bc5c10f5731fdae61cb31581761b242fd611c89e881750e7d0b005c6626c4"` | |
|
||||
| coreDns.enabled | bool | `true` | |
|
||||
| coreDns.namespace | string | `"kube-system"` | |
|
||||
| coreDns.service.enabled | bool | `true` | |
|
||||
@@ -104,7 +104,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| exporters.node-exporter.enabled | bool | `true` | |
|
||||
| global.labels | object | `{}` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/prometheus-operator"` | |
|
||||
| image.tag | string | `"v0.52.1@sha256:29f264a4beaee7efe4ca18718802b8bf4ae3acb6beb10cd69ce6b1fcc508987b"` | |
|
||||
| image.tag | string | `"v0.52.1@sha256:663d16f7c764281b94a057af70b46ec83eb12d2bdd57a06025cfe383918a4f2d"` | |
|
||||
| ingress.alertmanager.enabled | bool | `false` | |
|
||||
| ingress.main.enabled | bool | `false` | |
|
||||
| ingress.thanos.enabled | bool | `false` | |
|
||||
@@ -317,7 +317,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| prometheus.volumes | list | `[]` | |
|
||||
| prometheus.walCompression | bool | `false` | |
|
||||
| prometheusImage.repository | string | `"tccr.io/truecharts/prometheus"` | |
|
||||
| prometheusImage.tag | string | `"v2.31.1@sha256:5982fbaa92bf8825f4b6b917ab2a495b5cd1e02f128cd76c154f8b0ead5a27fb"` | |
|
||||
| prometheusImage.tag | string | `"v2.31.1@sha256:33a2977a1e10f26f4638e380ea1abfcad4f87e52a691eff9798d063dff004fda"` | |
|
||||
| rbac | object | `{"enabled":true,"rules":[{"apiGroups":["apiextensions.k8s.io"],"resources":["customresourcedefinitions"],"verbs":["create"]},{"apiGroups":["apiextensions.k8s.io"],"resourceNames":["alertmanagers.monitoring.coreos.com","podmonitors.monitoring.coreos.com","prometheuses.monitoring.coreos.com","prometheusrules.monitoring.coreos.com","servicemonitors.monitoring.coreos.com","thanosrulers.monitoring.coreos.com","probes.monitoring.coreos.com"],"resources":["customresourcedefinitions"],"verbs":["get","update"]},{"apiGroups":["monitoring.coreos.com"],"resources":["alertmanagers","alertmanagers/finalizers","alertmanagerconfigs","prometheuses","prometheuses/finalizers","thanosrulers","thanosrulers/finalizers","servicemonitors","podmonitors","probes","prometheusrules"],"verbs":["*"]},{"apiGroups":["apps"],"resources":["statefulsets"],"verbs":["*"]},{"apiGroups":[""],"resources":["configmaps","secrets"],"verbs":["*"]},{"apiGroups":[""],"resources":["pods"],"verbs":["list","delete"]},{"apiGroups":[""],"resources":["services","services/finalizers","endpoints"],"verbs":["get","create","update","delete"]},{"apiGroups":[""],"resources":["nodes"],"verbs":["list","watch"]},{"apiGroups":[""],"resources":["namespaces"],"verbs":["get","list","watch"]},{"apiGroups":["networking.k8s.io"],"resources":["ingresses"],"verbs":["get","list","watch"]}]}` | Whether Role Based Access Control objects like roles and rolebindings should be created |
|
||||
| securityContext.readOnlyRootFilesystem | bool | `false` | |
|
||||
| service.alertmanager.enabled | bool | `true` | |
|
||||
|
||||
@@ -176,7 +176,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:29f264a4beaee7efe4ca18718802b8bf4ae3acb6beb10cd69ce6b1fcc508987b
|
||||
tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:663d16f7c764281b94a057af70b46ec83eb12d2bdd57a06025cfe383918a4f2d
|
||||
bitnami/node-exporter:1.3.1-debian-10-r0
|
||||
bitnami/kube-state-metrics:2.3.0-debian-10-r0
|
||||
|
||||
@@ -215,7 +215,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:29f264a4beaee7efe4ca18718802b8bf4ae3acb6beb10cd69ce6b1fcc508987b (debian 10.11)
|
||||
#### Container: tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:663d16f7c764281b94a057af70b46ec83eb12d2bdd57a06025cfe383918a4f2d (debian 10.11)
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="mariadb-1.0.33"></a>
|
||||
### [mariadb-1.0.33](https://github.com/truecharts/apps/compare/mariadb-1.0.32...mariadb-1.0.33) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="mariadb-1.0.32"></a>
|
||||
### [mariadb-1.0.32](https://github.com/truecharts/apps/compare/mariadb-1.0.31...mariadb-1.0.32) (2021-12-13)
|
||||
|
||||
|
||||
@@ -27,7 +27,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| existingSecret | string | `""` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"ghcr.io/truecharts/mariadb"` | |
|
||||
| image.tag | string | `"v10.6.5@sha256:cec660e9154a97b4f66ef325754d50ea6e417af58909768d2e0845e989083e36"` | |
|
||||
| image.tag | string | `"v10.6.5@sha256:6ff872ad4fe34b8d322daec2cfa66ed18b8561b8ccb134ebf225e001032ae2f3"` | |
|
||||
| mariadbDatabase | string | `"test"` | |
|
||||
| mariadbPassword | string | `"testpass"` | |
|
||||
| mariadbRootPassword | string | `"testroot"` | |
|
||||
|
||||
@@ -36,7 +36,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/mariadb:v10.6.5@sha256:cec660e9154a97b4f66ef325754d50ea6e417af58909768d2e0845e989083e36
|
||||
tccr.io/truecharts/mariadb:v10.6.5@sha256:6ff872ad4fe34b8d322daec2cfa66ed18b8561b8ccb134ebf225e001032ae2f3
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -73,7 +73,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:cec660e9154a97b4f66ef325754d50ea6e417af58909768d2e0845e989083e36 (debian 10.11)
|
||||
#### Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:6ff872ad4fe34b8d322daec2cfa66ed18b8561b8ccb134ebf225e001032ae2f3 (debian 10.11)
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="memcached-1.0.33"></a>
|
||||
### [memcached-1.0.33](https://github.com/truecharts/apps/compare/memcached-1.0.32...memcached-1.0.33) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="memcached-1.0.32"></a>
|
||||
### [memcached-1.0.32](https://github.com/truecharts/apps/compare/memcached-1.0.31...memcached-1.0.32) (2021-12-13)
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
|-----|------|---------|-------------|
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"ghcr.io/truecharts/memcached"` | |
|
||||
| image.tag | string | `"v1.6.12@sha256:3887a722b71d004c54ecf41a9f937edf5cd6a85c5e7c70935964b7aedf61b856"` | |
|
||||
| image.tag | string | `"v1.6.12@sha256:935bda79a5a0c850c008d523dfc0a1750ca905d88522824feb867e0817bfb5aa"` | |
|
||||
| service.main.ports.main.port | int | `11211` | |
|
||||
| service.main.ports.main.targetPort | int | `11211` | |
|
||||
|
||||
|
||||
@@ -34,7 +34,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/memcached:v1.6.12@sha256:3887a722b71d004c54ecf41a9f937edf5cd6a85c5e7c70935964b7aedf61b856
|
||||
tccr.io/truecharts/memcached:v1.6.12@sha256:935bda79a5a0c850c008d523dfc0a1750ca905d88522824feb867e0817bfb5aa
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -71,7 +71,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/memcached:v1.6.12@sha256:3887a722b71d004c54ecf41a9f937edf5cd6a85c5e7c70935964b7aedf61b856 (debian 10.11)
|
||||
#### Container: tccr.io/truecharts/memcached:v1.6.12@sha256:935bda79a5a0c850c008d523dfc0a1750ca905d88522824feb867e0817bfb5aa (debian 10.11)
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="postgresql-6.0.30"></a>
|
||||
### [postgresql-6.0.30](https://github.com/truecharts/apps/compare/postgresql-6.0.29...postgresql-6.0.30) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="postgresql-6.0.29"></a>
|
||||
### [postgresql-6.0.29](https://github.com/truecharts/apps/compare/postgresql-6.0.28...postgresql-6.0.29) (2021-12-13)
|
||||
|
||||
|
||||
@@ -28,7 +28,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| existingSecret | string | `""` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"ghcr.io/truecharts/postgresql"` | |
|
||||
| image.tag | string | `"v14.1.0@sha256:5180bdcd6e5a3370a39e39d62f7b17e49eb788729a5bbbb115cddac4134e2ba9"` | |
|
||||
| image.tag | string | `"v14.1.0@sha256:017e4d5af2d17c98b8c779a943d8152f75a824535aca43381663c365895add33"` | |
|
||||
| podSecurityContext.runAsGroup | int | `0` | |
|
||||
| postgrespassword | string | `"testroot"` | |
|
||||
| postgresqlDatabase | string | `"test"` | |
|
||||
|
||||
@@ -36,7 +36,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/postgresql:v14.1.0@sha256:5180bdcd6e5a3370a39e39d62f7b17e49eb788729a5bbbb115cddac4134e2ba9
|
||||
tccr.io/truecharts/postgresql:v14.1.0@sha256:017e4d5af2d17c98b8c779a943d8152f75a824535aca43381663c365895add33
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -73,7 +73,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:5180bdcd6e5a3370a39e39d62f7b17e49eb788729a5bbbb115cddac4134e2ba9 (debian 10.11)
|
||||
#### Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:017e4d5af2d17c98b8c779a943d8152f75a824535aca43381663c365895add33 (debian 10.11)
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="redis-1.0.35"></a>
|
||||
### [redis-1.0.35](https://github.com/truecharts/apps/compare/redis-1.0.34...redis-1.0.35) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="redis-1.0.34"></a>
|
||||
### [redis-1.0.34](https://github.com/truecharts/apps/compare/redis-1.0.33...redis-1.0.34) (2021-12-13)
|
||||
|
||||
|
||||
@@ -28,7 +28,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| existingSecret | string | `""` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"ghcr.io/truecharts/redis"` | |
|
||||
| image.tag | string | `"v6.2.6@sha256:471f2da7f69404488e217181aa5514007c9b2ea24e97defcba4791f2d14fb8ab"` | |
|
||||
| image.tag | string | `"v6.2.6@sha256:100253084d6dc4a542a19e77c7c181e9013042788c83673e9f40a24b629a5147"` | |
|
||||
| persistence.redis-health | object | See below | redis-health configmap mount |
|
||||
| persistence.redis-health.mountPath | string | `"/health"` | Where to mount the volume in the main container. Defaults to `/<name_of_the_volume>`, setting to '-' creates the volume but disables the volumeMount. |
|
||||
| persistence.redis-health.readOnly | bool | `false` | Specify if the volume should be mounted read-only. |
|
||||
|
||||
@@ -36,7 +36,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/redis:v6.2.6@sha256:471f2da7f69404488e217181aa5514007c9b2ea24e97defcba4791f2d14fb8ab
|
||||
tccr.io/truecharts/redis:v6.2.6@sha256:100253084d6dc4a542a19e77c7c181e9013042788c83673e9f40a24b629a5147
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -73,7 +73,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/redis:v6.2.6@sha256:471f2da7f69404488e217181aa5514007c9b2ea24e97defcba4791f2d14fb8ab (debian 10.11)
|
||||
#### Container: tccr.io/truecharts/redis:v6.2.6@sha256:100253084d6dc4a542a19e77c7c181e9013042788c83673e9f40a24b629a5147 (debian 10.11)
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="omada-controller-4.0.30"></a>
|
||||
### [omada-controller-4.0.30](https://github.com/truecharts/apps/compare/omada-controller-4.0.29...omada-controller-4.0.30) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="omada-controller-4.0.29"></a>
|
||||
### [omada-controller-4.0.29](https://github.com/truecharts/apps/compare/omada-controller-4.0.28...omada-controller-4.0.29) (2021-12-13)
|
||||
|
||||
|
||||
@@ -15,7 +15,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| env.TZ | string | `"UTC"` | Set the container timezone |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
|
||||
| image.repository | string | `"tccr.io/truecharts/omada-controller"` | image repository |
|
||||
| image.tag | string | `"v4.4@sha256:1e6e8726cc6644a1f06e6547af955c5953e9cc38dc516fc79127a19da3dc2b86"` | image tag |
|
||||
| image.tag | string | `"v4.4@sha256:fdd33637d119a3596b7bdf7d09ddcbefbdc81502b253a50b4ac06b854cfb31da"` | image tag |
|
||||
| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
|
||||
| podSecurityContext.runAsGroup | int | `0` | |
|
||||
| podSecurityContext.runAsUser | int | `0` | |
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="tdarr-node-1.0.24"></a>
|
||||
### [tdarr-node-1.0.24](https://github.com/truecharts/apps/compare/tdarr-node-1.0.23...tdarr-node-1.0.24) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="tdarr-node-1.0.23"></a>
|
||||
### [tdarr-node-1.0.23](https://github.com/truecharts/apps/compare/tdarr-node-1.0.22...tdarr-node-1.0.23) (2021-12-13)
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
apiVersion: v2
|
||||
appVersion: "2.00.11"
|
||||
appVersion: "2.00.12"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
|
||||
@@ -19,7 +19,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| env.serverPort | int | `8266` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/tdarr_node"` | |
|
||||
| image.tag | string | `"v2.00.11@sha256:f4ff41e5a09ea97bb468bb584e44c0f7d869a989404aa6a7618db1e040ccb31e"` | |
|
||||
| image.tag | string | `"v2.00.12@sha256:79b1211a1eefc564724935d532b6b90904d67efc9d8a238873e7156aa70f2f4a"` | |
|
||||
| persistence.configs.enabled | bool | `true` | |
|
||||
| persistence.configs.mountPath | string | `"/app/configs"` | |
|
||||
| persistence.logs.enabled | bool | `true` | |
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="tdarr-1.0.24"></a>
|
||||
### [tdarr-1.0.24](https://github.com/truecharts/apps/compare/tdarr-1.0.23...tdarr-1.0.24) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="tdarr-1.0.23"></a>
|
||||
### [tdarr-1.0.23](https://github.com/truecharts/apps/compare/tdarr-node-1.0.22...tdarr-1.0.23) (2021-12-13)
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
apiVersion: v2
|
||||
appVersion: "2.00.11"
|
||||
appVersion: "2.00.12"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
|
||||
@@ -17,7 +17,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| env.webUIPort | int | `8265` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/tdarr"` | |
|
||||
| image.tag | string | `"v2.00.11@sha256:6fdd803b7a48519691ae1b18bf0700cf287fd8773557a0d6d0d16c782528ae18"` | |
|
||||
| image.tag | string | `"v2.00.12@sha256:5c3f4b038b5a59614ab1dca605894e85fe809f9fc08ffb478ab8bcc1a8cdf057"` | |
|
||||
| persistence.configs.enabled | bool | `true` | |
|
||||
| persistence.configs.mountPath | string | `"/app/configs"` | |
|
||||
| persistence.logs.enabled | bool | `true` | |
|
||||
|
||||
+751
-208
File diff suppressed because one or more lines are too long
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="common-8.9.21"></a>
|
||||
### [common-8.9.21](https://github.com/truecharts/apps/compare/common-8.9.20...common-8.9.21) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="common-8.9.20"></a>
|
||||
### [common-8.9.20](https://github.com/truecharts/apps/compare/common-8.9.19...common-8.9.20) (2021-12-12)
|
||||
|
||||
|
||||
@@ -182,7 +182,7 @@ This chart is used by a lot of our Apps to provide sane defaults and logic.
|
||||
| postgresqlImage | object | See below | postgresql specific configuration |
|
||||
| postgresqlImage.pullPolicy | string | `"IfNotPresent"` | Specify the postgresql image pull policy |
|
||||
| postgresqlImage.repository | string | `"ghcr.io/truecharts/postgresql"` | Specify the postgresql image |
|
||||
| postgresqlImage.tag | string | `"v14.1.0@sha256:5180bdcd6e5a3370a39e39d62f7b17e49eb788729a5bbbb115cddac4134e2ba9"` | Specify the postgresql image tag |
|
||||
| postgresqlImage.tag | string | `"v14.1.0@sha256:017e4d5af2d17c98b8c779a943d8152f75a824535aca43381663c365895add33"` | Specify the postgresql image tag |
|
||||
| priorityClassName | string | `nil` | |
|
||||
| probes | object | See below | Probe configuration -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) |
|
||||
| probes.liveness | object | See below | Liveness probe configuration |
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="custom-app-3.0.38"></a>
|
||||
### [custom-app-3.0.38](https://github.com/truecharts/apps/compare/custom-app-3.0.37...custom-app-3.0.38) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="custom-app-3.0.37"></a>
|
||||
### [custom-app-3.0.37](https://github.com/truecharts/apps/compare/custom-app-3.0.36...custom-app-3.0.37) (2021-12-13)
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
apiVersion: v2
|
||||
appVersion: "0.20.159"
|
||||
appVersion: "0.20.162"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
|
||||
@@ -13,6 +13,6 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
|-----|------|---------|-------------|
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/jackett"` | |
|
||||
| image.tag | string | `"v0.20.159@sha256:c1992f06be549184f5405e55333189f67c20f0d2cdacb94b7dfbd493b5ce62c2"` | |
|
||||
| image.tag | string | `"v0.20.162@sha256:aadc89b3fb38def8614dc44a3359fbf40b90486810bf0c3682a82d68d24ca3da"` | |
|
||||
|
||||
All Rights Reserved - The TrueCharts Project
|
||||
|
||||
@@ -34,7 +34,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/jackett:v0.20.159@sha256:c1992f06be549184f5405e55333189f67c20f0d2cdacb94b7dfbd493b5ce62c2
|
||||
tccr.io/truecharts/jackett:v0.20.162@sha256:aadc89b3fb38def8614dc44a3359fbf40b90486810bf0c3682a82d68d24ca3da
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -71,7 +71,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/jackett:v0.20.159@sha256:c1992f06be549184f5405e55333189f67c20f0d2cdacb94b7dfbd493b5ce62c2 (ubuntu 20.04)
|
||||
#### Container: tccr.io/truecharts/jackett:v0.20.162@sha256:aadc89b3fb38def8614dc44a3359fbf40b90486810bf0c3682a82d68d24ca3da (ubuntu 20.04)
|
||||
|
||||
|
||||
**ubuntu**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="jackett-9.0.47"></a>
|
||||
### [jackett-9.0.47](https://github.com/truecharts/apps/compare/jackett-9.0.46...jackett-9.0.47) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="jackett-9.0.46"></a>
|
||||
### [jackett-9.0.46](https://github.com/truecharts/apps/compare/jackett-9.0.45...jackett-9.0.46) (2021-12-13)
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
apiVersion: v2
|
||||
appVersion: "0.20.159"
|
||||
appVersion: "0.20.162"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
|
||||
@@ -14,7 +14,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| env | object | `{}` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/jackett"` | |
|
||||
| image.tag | string | `"v0.20.159@sha256:c1992f06be549184f5405e55333189f67c20f0d2cdacb94b7dfbd493b5ce62c2"` | |
|
||||
| image.tag | string | `"v0.20.162@sha256:aadc89b3fb38def8614dc44a3359fbf40b90486810bf0c3682a82d68d24ca3da"` | |
|
||||
| persistence.config.enabled | bool | `true` | |
|
||||
| persistence.config.mountPath | string | `"/config"` | |
|
||||
| probes.liveness.path | string | `"/UI/Login"` | |
|
||||
|
||||
@@ -35,7 +35,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/jackett:v0.20.159@sha256:c1992f06be549184f5405e55333189f67c20f0d2cdacb94b7dfbd493b5ce62c2
|
||||
tccr.io/truecharts/jackett:v0.20.162@sha256:aadc89b3fb38def8614dc44a3359fbf40b90486810bf0c3682a82d68d24ca3da
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -72,7 +72,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/jackett:v0.20.159@sha256:c1992f06be549184f5405e55333189f67c20f0d2cdacb94b7dfbd493b5ce62c2 (ubuntu 20.04)
|
||||
#### Container: tccr.io/truecharts/jackett:v0.20.162@sha256:aadc89b3fb38def8614dc44a3359fbf40b90486810bf0c3682a82d68d24ca3da (ubuntu 20.04)
|
||||
|
||||
|
||||
**ubuntu**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="komga-4.0.29"></a>
|
||||
### [komga-4.0.29](https://github.com/truecharts/apps/compare/komga-4.0.28...komga-4.0.29) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="komga-4.0.28"></a>
|
||||
### [komga-4.0.28](https://github.com/truecharts/apps/compare/komga-4.0.27...komga-4.0.28) (2021-12-13)
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
apiVersion: v2
|
||||
appVersion: "0.135.0"
|
||||
appVersion: "0.135.1"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
|
||||
@@ -14,7 +14,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| env | object | See below | environment variables. See more environment variables in the [komga documentation](https://komga.org/installation/configuration.html#optional-configuration). |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
|
||||
| image.repository | string | `"tccr.io/truecharts/komga"` | image repository |
|
||||
| image.tag | string | `"v0.135.0@sha256:6d5dcf093464493c4490b8b809f45b908302b0143af60d30e4322e2aa8654851"` | image tag |
|
||||
| image.tag | string | `"v0.135.1@sha256:c98144e6b8000a2991b0d8026c6e7f208e168b57e5c0fea98bc0503048b5de63"` | image tag |
|
||||
| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
|
||||
| service | object | See values.yaml | Configures service settings for the chart. |
|
||||
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="littlelink-4.0.34"></a>
|
||||
### [littlelink-4.0.34](https://github.com/truecharts/apps/compare/littlelink-4.0.33...littlelink-4.0.34) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="littlelink-4.0.33"></a>
|
||||
### [littlelink-4.0.33](https://github.com/truecharts/apps/compare/littlelink-4.0.32...littlelink-4.0.33) (2021-12-13)
|
||||
|
||||
|
||||
@@ -14,7 +14,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| envFrom[0].configMapRef.name | string | `"littlelinkconfig"` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/littlelink-server"` | |
|
||||
| image.tag | string | `"latest@sha256:2c6166643027bea6f7c37feee6247d1536f37cda339114099fc46960b7dd6f07"` | |
|
||||
| image.tag | string | `"latest@sha256:a6f4cd22ce958d21e6b0ccc7f840bb9433f863f8bee5c14325a9750343523ba1"` | |
|
||||
| littlelink.avatar_2x_url | string | `"https://pbs.twimg.com/profile_images/1286144221217316864/qiaskopb_400x400.jpg"` | |
|
||||
| littlelink.avatar_alt | string | `"techno tim profile pic"` | |
|
||||
| littlelink.avatar_url | string | `"https://pbs.twimg.com/profile_images/1286144221217316864/qiaskopb_200x200.jpg"` | |
|
||||
|
||||
@@ -34,7 +34,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/littlelink-server:latest@sha256:2c6166643027bea6f7c37feee6247d1536f37cda339114099fc46960b7dd6f07
|
||||
tccr.io/truecharts/littlelink-server:latest@sha256:a6f4cd22ce958d21e6b0ccc7f840bb9433f863f8bee5c14325a9750343523ba1
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -71,7 +71,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/littlelink-server:latest@sha256:2c6166643027bea6f7c37feee6247d1536f37cda339114099fc46960b7dd6f07 (alpine 3.14.3)
|
||||
#### Container: tccr.io/truecharts/littlelink-server:latest@sha256:a6f4cd22ce958d21e6b0ccc7f840bb9433f863f8bee5c14325a9750343523ba1 (alpine 3.14.3)
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="piaware-4.0.24"></a>
|
||||
### [piaware-4.0.24](https://github.com/truecharts/apps/compare/piaware-4.0.23...piaware-4.0.24) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="piaware-4.0.23"></a>
|
||||
### [piaware-4.0.23](https://github.com/truecharts/apps/compare/piaware-4.0.22...piaware-4.0.23) (2021-12-13)
|
||||
|
||||
|
||||
@@ -16,7 +16,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| env.TZ | string | `"UTC"` | Set the container timezone |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
|
||||
| image.repository | string | `"tccr.io/truecharts/piaware"` | image repository |
|
||||
| image.tag | string | `"v6.1@sha256:8e95ecd6c2993b46b29290b075e4846c9ec03d58fb3f4cc8f6b027ec0540489a"` | image tag |
|
||||
| image.tag | string | `"v6.1@sha256:3100c6bdf50eaed0d642a416cc956ad803362b4f638491073eb113636a77b6e2"` | image tag |
|
||||
| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
|
||||
| podSecurityContext.runAsGroup | int | `0` | |
|
||||
| podSecurityContext.runAsUser | int | `0` | |
|
||||
|
||||
@@ -37,7 +37,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/piaware:v6.1@sha256:8e95ecd6c2993b46b29290b075e4846c9ec03d58fb3f4cc8f6b027ec0540489a
|
||||
tccr.io/truecharts/piaware:v6.1@sha256:3100c6bdf50eaed0d642a416cc956ad803362b4f638491073eb113636a77b6e2
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -74,7 +74,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/piaware:v6.1@sha256:8e95ecd6c2993b46b29290b075e4846c9ec03d58fb3f4cc8f6b027ec0540489a (debian 10.11)
|
||||
#### Container: tccr.io/truecharts/piaware:v6.1@sha256:3100c6bdf50eaed0d642a416cc956ad803362b4f638491073eb113636a77b6e2 (debian 10.11)
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="prowlarr-4.0.39"></a>
|
||||
### [prowlarr-4.0.39](https://github.com/truecharts/apps/compare/prowlarr-4.0.38...prowlarr-4.0.39) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="prowlarr-4.0.38"></a>
|
||||
### [prowlarr-4.0.38](https://github.com/truecharts/apps/compare/prowlarr-4.0.37...prowlarr-4.0.38) (2021-12-13)
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
apiVersion: v2
|
||||
appVersion: "0.1.8.1238"
|
||||
appVersion: "0.1.8.1253"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
|
||||
@@ -15,7 +15,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| env.TZ | string | `"UTC"` | Set the container timezone |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
|
||||
| image.repository | string | `"tccr.io/truecharts/prowlarr"` | image repository |
|
||||
| image.tag | string | `"v0.1.8.1238@sha256:c92dbb1b7051eece0bc9c8990a6617c0b8a7e5edbd5043002722f51bd20cc640"` | image tag |
|
||||
| image.tag | string | `"v0.1.8.1253@sha256:278fd1ddcac1b28d9443d21907576e01a39015ed384f04e192b719565b7826e8"` | image tag |
|
||||
| ingress.main | object | See values.yaml | Enable and configure ingress settings for the chart under this key. |
|
||||
| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
|
||||
| securityContext.readOnlyRootFilesystem | bool | `false` | |
|
||||
|
||||
@@ -35,7 +35,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/prowlarr:v0.1.8.1238@sha256:c92dbb1b7051eece0bc9c8990a6617c0b8a7e5edbd5043002722f51bd20cc640
|
||||
tccr.io/truecharts/prowlarr:v0.1.8.1253@sha256:278fd1ddcac1b28d9443d21907576e01a39015ed384f04e192b719565b7826e8
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -72,7 +72,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/prowlarr:v0.1.8.1238@sha256:c92dbb1b7051eece0bc9c8990a6617c0b8a7e5edbd5043002722f51bd20cc640 (ubuntu 20.04)
|
||||
#### Container: tccr.io/truecharts/prowlarr:v0.1.8.1253@sha256:278fd1ddcac1b28d9443d21907576e01a39015ed384f04e192b719565b7826e8 (ubuntu 20.04)
|
||||
|
||||
|
||||
**ubuntu**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="snipe-it-0.0.12"></a>
|
||||
### [snipe-it-0.0.12](https://github.com/truecharts/apps/compare/snipe-it-0.0.11...snipe-it-0.0.12) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="snipe-it-0.0.11"></a>
|
||||
### [snipe-it-0.0.11](https://github.com/truecharts/apps/compare/snipe-it-0.0.10...snipe-it-0.0.11) (2021-12-13)
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
apiVersion: v2
|
||||
appVersion: "5.3.3"
|
||||
appVersion: "5.3.4"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
|
||||
@@ -22,7 +22,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| envValueFrom.MYSQL_PORT_3306_TCP_ADDR.secretKeyRef.name | string | `"mariadbcreds"` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/snipe-it"` | |
|
||||
| image.tag | string | `"v5.3.3@sha256:e4e26d777996c34fba581dcb26f05843ece36797f032a01df7fed1f1e32898cb"` | |
|
||||
| image.tag | string | `"v5.3.4@sha256:e30e5cf4a024de4693f6d23c7097e1db671c4d00d3e5ad58ce1a8cc1ad41a7bd"` | |
|
||||
| mariadb.enabled | bool | `true` | |
|
||||
| mariadb.existingSecret | string | `"mariadbcreds"` | |
|
||||
| mariadb.mariadbDatabase | string | `"snipe-it"` | |
|
||||
|
||||
@@ -54,7 +54,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/snipe-it:v5.3.3@sha256:e4e26d777996c34fba581dcb26f05843ece36797f032a01df7fed1f1e32898cb
|
||||
tccr.io/truecharts/snipe-it:v5.3.4@sha256:e30e5cf4a024de4693f6d23c7097e1db671c4d00d3e5ad58ce1a8cc1ad41a7bd
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/mariadb:v10.6.5@sha256:393628e4fc0eb3f334c762c395477d85844294aedcdf5b0c88638a33a7ccb3f3
|
||||
|
||||
|
||||
@@ -182,7 +182,7 @@ This chart is used by a lot of our Apps to provide sane defaults and logic.
|
||||
| postgresqlImage | object | See below | postgresql specific configuration |
|
||||
| postgresqlImage.pullPolicy | string | `"IfNotPresent"` | Specify the postgresql image pull policy |
|
||||
| postgresqlImage.repository | string | `"ghcr.io/truecharts/postgresql"` | Specify the postgresql image |
|
||||
| postgresqlImage.tag | string | `"v14.1.0@sha256:5180bdcd6e5a3370a39e39d62f7b17e49eb788729a5bbbb115cddac4134e2ba9"` | Specify the postgresql image tag |
|
||||
| postgresqlImage.tag | string | `"v14.1.0@sha256:017e4d5af2d17c98b8c779a943d8152f75a824535aca43381663c365895add33"` | Specify the postgresql image tag |
|
||||
| priorityClassName | string | `nil` | |
|
||||
| probes | object | See below | Probe configuration -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) |
|
||||
| probes.liveness | object | See below | Liveness probe configuration |
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="prometheus-1.1.19"></a>
|
||||
### [prometheus-1.1.19](https://github.com/truecharts/apps/compare/prometheus-1.1.18...prometheus-1.1.19) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="prometheus-1.1.18"></a>
|
||||
### [prometheus-1.1.18](https://github.com/truecharts/apps/compare/prometheus-1.1.17...prometheus-1.1.18) (2021-12-13)
|
||||
|
||||
|
||||
@@ -88,7 +88,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| alertmanager.volumeMounts | list | `[]` | |
|
||||
| alertmanager.volumes | list | `[]` | |
|
||||
| alertmanagerImage.repository | string | `"tccr.io/truecharts/alertmanager"` | |
|
||||
| alertmanagerImage.tag | string | `"v0.23.0@sha256:4018c88a4130dd6ae5cf9c9491235e543fc1d9db7c94ad8645a0da9fcf521ddc"` | |
|
||||
| alertmanagerImage.tag | string | `"v0.23.0@sha256:877bc5c10f5731fdae61cb31581761b242fd611c89e881750e7d0b005c6626c4"` | |
|
||||
| coreDns.enabled | bool | `true` | |
|
||||
| coreDns.namespace | string | `"kube-system"` | |
|
||||
| coreDns.service.enabled | bool | `true` | |
|
||||
@@ -104,7 +104,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| exporters.node-exporter.enabled | bool | `true` | |
|
||||
| global.labels | object | `{}` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/prometheus-operator"` | |
|
||||
| image.tag | string | `"v0.52.1@sha256:29f264a4beaee7efe4ca18718802b8bf4ae3acb6beb10cd69ce6b1fcc508987b"` | |
|
||||
| image.tag | string | `"v0.52.1@sha256:663d16f7c764281b94a057af70b46ec83eb12d2bdd57a06025cfe383918a4f2d"` | |
|
||||
| ingress.alertmanager.enabled | bool | `false` | |
|
||||
| ingress.main.enabled | bool | `false` | |
|
||||
| ingress.thanos.enabled | bool | `false` | |
|
||||
@@ -317,7 +317,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| prometheus.volumes | list | `[]` | |
|
||||
| prometheus.walCompression | bool | `false` | |
|
||||
| prometheusImage.repository | string | `"tccr.io/truecharts/prometheus"` | |
|
||||
| prometheusImage.tag | string | `"v2.31.1@sha256:5982fbaa92bf8825f4b6b917ab2a495b5cd1e02f128cd76c154f8b0ead5a27fb"` | |
|
||||
| prometheusImage.tag | string | `"v2.31.1@sha256:33a2977a1e10f26f4638e380ea1abfcad4f87e52a691eff9798d063dff004fda"` | |
|
||||
| rbac | object | `{"enabled":true,"rules":[{"apiGroups":["apiextensions.k8s.io"],"resources":["customresourcedefinitions"],"verbs":["create"]},{"apiGroups":["apiextensions.k8s.io"],"resourceNames":["alertmanagers.monitoring.coreos.com","podmonitors.monitoring.coreos.com","prometheuses.monitoring.coreos.com","prometheusrules.monitoring.coreos.com","servicemonitors.monitoring.coreos.com","thanosrulers.monitoring.coreos.com","probes.monitoring.coreos.com"],"resources":["customresourcedefinitions"],"verbs":["get","update"]},{"apiGroups":["monitoring.coreos.com"],"resources":["alertmanagers","alertmanagers/finalizers","alertmanagerconfigs","prometheuses","prometheuses/finalizers","thanosrulers","thanosrulers/finalizers","servicemonitors","podmonitors","probes","prometheusrules"],"verbs":["*"]},{"apiGroups":["apps"],"resources":["statefulsets"],"verbs":["*"]},{"apiGroups":[""],"resources":["configmaps","secrets"],"verbs":["*"]},{"apiGroups":[""],"resources":["pods"],"verbs":["list","delete"]},{"apiGroups":[""],"resources":["services","services/finalizers","endpoints"],"verbs":["get","create","update","delete"]},{"apiGroups":[""],"resources":["nodes"],"verbs":["list","watch"]},{"apiGroups":[""],"resources":["namespaces"],"verbs":["get","list","watch"]},{"apiGroups":["networking.k8s.io"],"resources":["ingresses"],"verbs":["get","list","watch"]}]}` | Whether Role Based Access Control objects like roles and rolebindings should be created |
|
||||
| securityContext.readOnlyRootFilesystem | bool | `false` | |
|
||||
| service.alertmanager.enabled | bool | `true` | |
|
||||
|
||||
@@ -176,7 +176,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:29f264a4beaee7efe4ca18718802b8bf4ae3acb6beb10cd69ce6b1fcc508987b
|
||||
tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:663d16f7c764281b94a057af70b46ec83eb12d2bdd57a06025cfe383918a4f2d
|
||||
bitnami/node-exporter:1.3.1-debian-10-r0
|
||||
bitnami/kube-state-metrics:2.3.0-debian-10-r0
|
||||
|
||||
@@ -215,7 +215,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:29f264a4beaee7efe4ca18718802b8bf4ae3acb6beb10cd69ce6b1fcc508987b (debian 10.11)
|
||||
#### Container: tccr.io/truecharts/prometheus-operator:v0.52.1@sha256:663d16f7c764281b94a057af70b46ec83eb12d2bdd57a06025cfe383918a4f2d (debian 10.11)
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="mariadb-1.0.33"></a>
|
||||
### [mariadb-1.0.33](https://github.com/truecharts/apps/compare/mariadb-1.0.32...mariadb-1.0.33) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="mariadb-1.0.32"></a>
|
||||
### [mariadb-1.0.32](https://github.com/truecharts/apps/compare/mariadb-1.0.31...mariadb-1.0.32) (2021-12-13)
|
||||
|
||||
|
||||
@@ -27,7 +27,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| existingSecret | string | `""` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"ghcr.io/truecharts/mariadb"` | |
|
||||
| image.tag | string | `"v10.6.5@sha256:cec660e9154a97b4f66ef325754d50ea6e417af58909768d2e0845e989083e36"` | |
|
||||
| image.tag | string | `"v10.6.5@sha256:6ff872ad4fe34b8d322daec2cfa66ed18b8561b8ccb134ebf225e001032ae2f3"` | |
|
||||
| mariadbDatabase | string | `"test"` | |
|
||||
| mariadbPassword | string | `"testpass"` | |
|
||||
| mariadbRootPassword | string | `"testroot"` | |
|
||||
|
||||
@@ -36,7 +36,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/mariadb:v10.6.5@sha256:cec660e9154a97b4f66ef325754d50ea6e417af58909768d2e0845e989083e36
|
||||
tccr.io/truecharts/mariadb:v10.6.5@sha256:6ff872ad4fe34b8d322daec2cfa66ed18b8561b8ccb134ebf225e001032ae2f3
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -73,7 +73,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:cec660e9154a97b4f66ef325754d50ea6e417af58909768d2e0845e989083e36 (debian 10.11)
|
||||
#### Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:6ff872ad4fe34b8d322daec2cfa66ed18b8561b8ccb134ebf225e001032ae2f3 (debian 10.11)
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="memcached-1.0.33"></a>
|
||||
### [memcached-1.0.33](https://github.com/truecharts/apps/compare/memcached-1.0.32...memcached-1.0.33) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="memcached-1.0.32"></a>
|
||||
### [memcached-1.0.32](https://github.com/truecharts/apps/compare/memcached-1.0.31...memcached-1.0.32) (2021-12-13)
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
|-----|------|---------|-------------|
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"ghcr.io/truecharts/memcached"` | |
|
||||
| image.tag | string | `"v1.6.12@sha256:3887a722b71d004c54ecf41a9f937edf5cd6a85c5e7c70935964b7aedf61b856"` | |
|
||||
| image.tag | string | `"v1.6.12@sha256:935bda79a5a0c850c008d523dfc0a1750ca905d88522824feb867e0817bfb5aa"` | |
|
||||
| service.main.ports.main.port | int | `11211` | |
|
||||
| service.main.ports.main.targetPort | int | `11211` | |
|
||||
|
||||
|
||||
@@ -34,7 +34,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/memcached:v1.6.12@sha256:3887a722b71d004c54ecf41a9f937edf5cd6a85c5e7c70935964b7aedf61b856
|
||||
tccr.io/truecharts/memcached:v1.6.12@sha256:935bda79a5a0c850c008d523dfc0a1750ca905d88522824feb867e0817bfb5aa
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -71,7 +71,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/memcached:v1.6.12@sha256:3887a722b71d004c54ecf41a9f937edf5cd6a85c5e7c70935964b7aedf61b856 (debian 10.11)
|
||||
#### Container: tccr.io/truecharts/memcached:v1.6.12@sha256:935bda79a5a0c850c008d523dfc0a1750ca905d88522824feb867e0817bfb5aa (debian 10.11)
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="postgresql-6.0.30"></a>
|
||||
### [postgresql-6.0.30](https://github.com/truecharts/apps/compare/postgresql-6.0.29...postgresql-6.0.30) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="postgresql-6.0.29"></a>
|
||||
### [postgresql-6.0.29](https://github.com/truecharts/apps/compare/postgresql-6.0.28...postgresql-6.0.29) (2021-12-13)
|
||||
|
||||
|
||||
@@ -28,7 +28,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| existingSecret | string | `""` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"ghcr.io/truecharts/postgresql"` | |
|
||||
| image.tag | string | `"v14.1.0@sha256:5180bdcd6e5a3370a39e39d62f7b17e49eb788729a5bbbb115cddac4134e2ba9"` | |
|
||||
| image.tag | string | `"v14.1.0@sha256:017e4d5af2d17c98b8c779a943d8152f75a824535aca43381663c365895add33"` | |
|
||||
| podSecurityContext.runAsGroup | int | `0` | |
|
||||
| postgrespassword | string | `"testroot"` | |
|
||||
| postgresqlDatabase | string | `"test"` | |
|
||||
|
||||
@@ -36,7 +36,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/postgresql:v14.1.0@sha256:5180bdcd6e5a3370a39e39d62f7b17e49eb788729a5bbbb115cddac4134e2ba9
|
||||
tccr.io/truecharts/postgresql:v14.1.0@sha256:017e4d5af2d17c98b8c779a943d8152f75a824535aca43381663c365895add33
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -73,7 +73,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:5180bdcd6e5a3370a39e39d62f7b17e49eb788729a5bbbb115cddac4134e2ba9 (debian 10.11)
|
||||
#### Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:017e4d5af2d17c98b8c779a943d8152f75a824535aca43381663c365895add33 (debian 10.11)
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="redis-1.0.35"></a>
|
||||
### [redis-1.0.35](https://github.com/truecharts/apps/compare/redis-1.0.34...redis-1.0.35) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="redis-1.0.34"></a>
|
||||
### [redis-1.0.34](https://github.com/truecharts/apps/compare/redis-1.0.33...redis-1.0.34) (2021-12-13)
|
||||
|
||||
|
||||
@@ -28,7 +28,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| existingSecret | string | `""` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"ghcr.io/truecharts/redis"` | |
|
||||
| image.tag | string | `"v6.2.6@sha256:471f2da7f69404488e217181aa5514007c9b2ea24e97defcba4791f2d14fb8ab"` | |
|
||||
| image.tag | string | `"v6.2.6@sha256:100253084d6dc4a542a19e77c7c181e9013042788c83673e9f40a24b629a5147"` | |
|
||||
| persistence.redis-health | object | See below | redis-health configmap mount |
|
||||
| persistence.redis-health.mountPath | string | `"/health"` | Where to mount the volume in the main container. Defaults to `/<name_of_the_volume>`, setting to '-' creates the volume but disables the volumeMount. |
|
||||
| persistence.redis-health.readOnly | bool | `false` | Specify if the volume should be mounted read-only. |
|
||||
|
||||
@@ -36,7 +36,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/redis:v6.2.6@sha256:471f2da7f69404488e217181aa5514007c9b2ea24e97defcba4791f2d14fb8ab
|
||||
tccr.io/truecharts/redis:v6.2.6@sha256:100253084d6dc4a542a19e77c7c181e9013042788c83673e9f40a24b629a5147
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -73,7 +73,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/redis:v6.2.6@sha256:471f2da7f69404488e217181aa5514007c9b2ea24e97defcba4791f2d14fb8ab (debian 10.11)
|
||||
#### Container: tccr.io/truecharts/redis:v6.2.6@sha256:100253084d6dc4a542a19e77c7c181e9013042788c83673e9f40a24b629a5147 (debian 10.11)
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="omada-controller-4.0.30"></a>
|
||||
### [omada-controller-4.0.30](https://github.com/truecharts/apps/compare/omada-controller-4.0.29...omada-controller-4.0.30) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="omada-controller-4.0.29"></a>
|
||||
### [omada-controller-4.0.29](https://github.com/truecharts/apps/compare/omada-controller-4.0.28...omada-controller-4.0.29) (2021-12-13)
|
||||
|
||||
|
||||
@@ -15,7 +15,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| env.TZ | string | `"UTC"` | Set the container timezone |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
|
||||
| image.repository | string | `"tccr.io/truecharts/omada-controller"` | image repository |
|
||||
| image.tag | string | `"v4.4@sha256:1e6e8726cc6644a1f06e6547af955c5953e9cc38dc516fc79127a19da3dc2b86"` | image tag |
|
||||
| image.tag | string | `"v4.4@sha256:fdd33637d119a3596b7bdf7d09ddcbefbdc81502b253a50b4ac06b854cfb31da"` | image tag |
|
||||
| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
|
||||
| podSecurityContext.runAsGroup | int | `0` | |
|
||||
| podSecurityContext.runAsUser | int | `0` | |
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="tdarr-node-1.0.24"></a>
|
||||
### [tdarr-node-1.0.24](https://github.com/truecharts/apps/compare/tdarr-node-1.0.23...tdarr-node-1.0.24) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="tdarr-node-1.0.23"></a>
|
||||
### [tdarr-node-1.0.23](https://github.com/truecharts/apps/compare/tdarr-node-1.0.22...tdarr-node-1.0.23) (2021-12-13)
|
||||
|
||||
|
||||
@@ -19,7 +19,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| env.serverPort | int | `8266` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/tdarr_node"` | |
|
||||
| image.tag | string | `"v2.00.11@sha256:f4ff41e5a09ea97bb468bb584e44c0f7d869a989404aa6a7618db1e040ccb31e"` | |
|
||||
| image.tag | string | `"v2.00.12@sha256:79b1211a1eefc564724935d532b6b90904d67efc9d8a238873e7156aa70f2f4a"` | |
|
||||
| persistence.configs.enabled | bool | `true` | |
|
||||
| persistence.configs.mountPath | string | `"/app/configs"` | |
|
||||
| persistence.logs.enabled | bool | `true` | |
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="tdarr-1.0.24"></a>
|
||||
### [tdarr-1.0.24](https://github.com/truecharts/apps/compare/tdarr-1.0.23...tdarr-1.0.24) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="tdarr-1.0.23"></a>
|
||||
### [tdarr-1.0.23](https://github.com/truecharts/apps/compare/tdarr-node-1.0.22...tdarr-1.0.23) (2021-12-13)
|
||||
|
||||
|
||||
@@ -17,7 +17,7 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
| env.webUIPort | int | `8265` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/tdarr"` | |
|
||||
| image.tag | string | `"v2.00.11@sha256:6fdd803b7a48519691ae1b18bf0700cf287fd8773557a0d6d0d16c782528ae18"` | |
|
||||
| image.tag | string | `"v2.00.12@sha256:5c3f4b038b5a59614ab1dca605894e85fe809f9fc08ffb478ab8bcc1a8cdf057"` | |
|
||||
| persistence.configs.enabled | bool | `true` | |
|
||||
| persistence.configs.mountPath | string | `"/app/configs"` | |
|
||||
| persistence.logs.enabled | bool | `true` | |
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: anonaddy/charts/mariadb/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-mariadb' of StatefulSet 'RELEASE-NAME-mariadb' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -31,7 +31,7 @@ hide:
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of StatefulSet 'RELEASE-NAME-mariadb' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> StatefulSet 'RELEASE-NAME-mariadb' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-redis' of StatefulSet 'RELEASE-NAME-redis' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -48,7 +48,7 @@ hide:
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of StatefulSet 'RELEASE-NAME-redis' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> StatefulSet 'RELEASE-NAME-redis' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-anonaddy' of Deployment 'RELEASE-NAME-anonaddy' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -81,11 +81,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -113,47 +113,47 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/anonaddy:v0.8.9@sha256:7e6295239394c21d94fa370d6a1fbab5b35fd06026f47ba8a35a9d367d763254 (alpine 3.14.3)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**node-pkg**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**composer**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -181,11 +181,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:393628e4fc0eb3f334c762c395477d85844294aedcdf5b0c88638a33a7ccb3f3 (debian 10.11)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
@@ -335,27 +335,27 @@ hide:
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -383,11 +383,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/redis:v6.2.6@sha256:ab162a9e97594601d1fc0af622d1e271d0503b668b6e7d9f05ce9cfb8d1c177a (debian 10.11)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
@@ -535,17 +535,14 @@ hide:
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: blog/charts/postgresql/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-postgresql' of StatefulSet 'RELEASE-NAME-postgresql' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -31,7 +31,7 @@ hide:
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of StatefulSet 'RELEASE-NAME-postgresql' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> StatefulSet 'RELEASE-NAME-postgresql' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'postgresql-init' of Deployment 'RELEASE-NAME-blog' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
@@ -70,11 +70,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -102,11 +102,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:2aa01c5c4525cfbcf1259f6bb34c5699b6744f9d3280f77e05912cc80e24184c (debian 10.11)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
@@ -302,27 +302,27 @@ hide:
|
||||
|
||||
**jar**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/blog:latest@sha256:22871bf5fcf28e31ca4389e7fff6c44978f4eed9c106fba6e862fe165e649cb0 (debian 11.1)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apache2 | CVE-2001-1534 | LOW | 2.4.51-1~deb11u1 | | <details><summary>Expand...</summary><a href="http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html">http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html</a><br><a href="http://www.iss.net/security_center/static/7494.php">http://www.iss.net/security_center/static/7494.php</a><br><a href="http://www.securityfocus.com/bid/3521">http://www.securityfocus.com/bid/3521</a><br></details> |
|
||||
@@ -672,11 +672,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -704,11 +704,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/postgresql:v14.1.0@sha256:2aa01c5c4525cfbcf1259f6bb34c5699b6744f9d3280f77e05912cc80e24184c (debian 10.11)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
@@ -904,17 +904,14 @@ hide:
|
||||
|
||||
**jar**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: boinc/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-boinc' of Deployment 'RELEASE-NAME-boinc' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -41,11 +41,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -73,11 +73,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/boinc:v18.04.1 (ubuntu 18.04)
|
||||
|
||||
|
||||
|
||||
**ubuntu**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html">http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276</a><br><a href="https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff">https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff</a><br><a href="https://linux.oracle.com/cve/CVE-2019-18276.html">https://linux.oracle.com/cve/CVE-2019-18276.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-1679.html">https://linux.oracle.com/errata/ELSA-2021-1679.html</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security.gentoo.org/glsa/202105-34">https://security.gentoo.org/glsa/202105-34</a><br><a href="https://security.netapp.com/advisory/ntap-20200430-0003/">https://security.netapp.com/advisory/ntap-20200430-0003/</a><br><a href="https://www.youtube.com/watch?v=-wGtxJ8opa8">https://www.youtube.com/watch?v=-wGtxJ8opa8</a><br></details> |
|
||||
@@ -291,9 +291,8 @@ hide:
|
||||
|
||||
**node-pkg**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-hr2v-3952-633q">https://github.com/advisories/GHSA-hr2v-3952-633q</a><br><a href="https://hackerone.com/reports/311333">https://hackerone.com/reports/311333</a><br><a href="https://nodesecurity.io/advisories/612">https://nodesecurity.io/advisories/612</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-3750">https://nvd.nist.gov/vuln/detail/CVE-2018-3750</a><br><a href="https://www.npmjs.com/advisories/612">https://www.npmjs.com/advisories/612</a><br></details> |
|
||||
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | <details><summary>Expand...</summary><a href="https://hackerone.com/reports/311333">https://hackerone.com/reports/311333</a><br></details> |
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: bookstack/charts/mariadb/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-mariadb' of StatefulSet 'RELEASE-NAME-mariadb' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -31,7 +31,7 @@ hide:
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of StatefulSet 'RELEASE-NAME-mariadb' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> StatefulSet 'RELEASE-NAME-mariadb' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-bookstack' of Deployment 'RELEASE-NAME-bookstack' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -62,11 +62,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -94,11 +94,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: var/www-tmp/html/composer.lock
|
||||
|
||||
|
||||
|
||||
**composer**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| laravel/framework | CVE-2021-43808 | MEDIUM | v8.70.2 | 8.75.0, 7.30.6, 6.20.42 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43808">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43808</a><br><a href="https://github.com/advisories/GHSA-66hf-2p6w-jqfw">https://github.com/advisories/GHSA-66hf-2p6w-jqfw</a><br><a href="https://github.com/laravel/framework/commit/b8174169b1807f36de1837751599e2828ceddb9b">https://github.com/laravel/framework/commit/b8174169b1807f36de1837751599e2828ceddb9b</a><br><a href="https://github.com/laravel/framework/pull/39906">https://github.com/laravel/framework/pull/39906</a><br><a href="https://github.com/laravel/framework/pull/39908">https://github.com/laravel/framework/pull/39908</a><br><a href="https://github.com/laravel/framework/pull/39909">https://github.com/laravel/framework/pull/39909</a><br><a href="https://github.com/laravel/framework/releases/tag/v6.20.42">https://github.com/laravel/framework/releases/tag/v6.20.42</a><br><a href="https://github.com/laravel/framework/releases/tag/v7.30.6">https://github.com/laravel/framework/releases/tag/v7.30.6</a><br><a href="https://github.com/laravel/framework/releases/tag/v8.75.0">https://github.com/laravel/framework/releases/tag/v8.75.0</a><br><a href="https://github.com/laravel/framework/security/advisories/GHSA-66hf-2p6w-jqfw">https://github.com/laravel/framework/security/advisories/GHSA-66hf-2p6w-jqfw</a><br></details> |
|
||||
@@ -106,11 +106,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -138,11 +138,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:393628e4fc0eb3f334c762c395477d85844294aedcdf5b0c88638a33a7ccb3f3 (debian 10.11)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
@@ -292,17 +292,14 @@ hide:
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: chevereto/charts/mariadb/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-mariadb' of StatefulSet 'RELEASE-NAME-mariadb' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -31,7 +31,7 @@ hide:
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of StatefulSet 'RELEASE-NAME-mariadb' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> StatefulSet 'RELEASE-NAME-mariadb' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-chevereto' of Deployment 'RELEASE-NAME-chevereto' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -61,11 +61,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -93,23 +93,23 @@ hide:
|
||||
|
||||
|
||||
#### Container: app/chevereto/composer.lock
|
||||
|
||||
|
||||
|
||||
**composer**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -137,11 +137,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:393628e4fc0eb3f334c762c395477d85844294aedcdf5b0c88638a33a7ccb3f3 (debian 10.11)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
@@ -291,17 +291,14 @@ hide:
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: clarkson/charts/mariadb/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-mariadb' of StatefulSet 'RELEASE-NAME-mariadb' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -31,7 +31,7 @@ hide:
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of StatefulSet 'RELEASE-NAME-mariadb' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> StatefulSet 'RELEASE-NAME-mariadb' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-clarkson' of Deployment 'RELEASE-NAME-clarkson' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -62,11 +62,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -94,18 +94,18 @@ hide:
|
||||
|
||||
|
||||
#### Container: Java
|
||||
|
||||
|
||||
|
||||
**jar**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| org.apache.derby:derby | CVE-2018-1313 | MEDIUM | 10.12.1.1 | 10.14.2.0 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/104140">http://www.securityfocus.com/bid/104140</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r437d94437e6aef31af689b1e7025d024d676fd1ea9901d74e3e9ae48@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r437d94437e6aef31af689b1e7025d024d676fd1ea9901d74e3e9ae48@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r6755f48d4f5e44e39bba7dbf8d746678239d7f1f2cc108125519ce53@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r6755f48d4f5e44e39bba7dbf8d746678239d7f1f2cc108125519ce53@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/re29ab90978e6c997377fb975f674f7514f6beb642bbf79deb45477e5@%3Cdev.hive.apache.org%3E">https://lists.apache.org/thread.html/re29ab90978e6c997377fb975f674f7514f6beb642bbf79deb45477e5@%3Cdev.hive.apache.org%3E</a><br><a href="https://markmail.org/message/akkappppxcdqrgxk">https://markmail.org/message/akkappppxcdqrgxk</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1313">https://nvd.nist.gov/vuln/detail/CVE-2018-1313</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a><br></details> |
|
||||
|
||||
**node-pkg**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| express-jwt | CVE-2020-15084 | CRITICAL | 5.3.3 | 6.0.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-6g6m-m6h5-w9gf">https://github.com/advisories/GHSA-6g6m-m6h5-w9gf</a><br><a href="https://github.com/auth0/express-jwt/commit/7ecab5f8f0cab5297c2b863596566eb0c019cdef">https://github.com/auth0/express-jwt/commit/7ecab5f8f0cab5297c2b863596566eb0c019cdef</a><br><a href="https://github.com/auth0/express-jwt/security/advisories/GHSA-6g6m-m6h5-w9gf">https://github.com/auth0/express-jwt/security/advisories/GHSA-6g6m-m6h5-w9gf</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-15084">https://nvd.nist.gov/vuln/detail/CVE-2020-15084</a><br></details> |
|
||||
@@ -113,11 +113,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -145,11 +145,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/mariadb:v10.6.5@sha256:393628e4fc0eb3f334c762c395477d85844294aedcdf5b0c88638a33a7ccb3f3 (debian 10.11)
|
||||
|
||||
|
||||
|
||||
**debian**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2011-3374">https://access.redhat.com/security/cve/cve-2011-3374</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html">https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html</a><br><a href="https://seclists.org/fulldisclosure/2011/Sep/221">https://seclists.org/fulldisclosure/2011/Sep/221</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2011-3374">https://security-tracker.debian.org/tracker/CVE-2011-3374</a><br><a href="https://snyk.io/vuln/SNYK-LINUX-APT-116518">https://snyk.io/vuln/SNYK-LINUX-APT-116518</a><br><a href="https://ubuntu.com/security/CVE-2011-3374">https://ubuntu.com/security/CVE-2011-3374</a><br></details> |
|
||||
@@ -299,17 +299,14 @@ hide:
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
**gobinary**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: couchpotato/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-couchpotato' of Deployment 'RELEASE-NAME-couchpotato' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -41,11 +41,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -76,4 +76,3 @@ hide:
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="custom-app-3.0.38"></a>
|
||||
### [custom-app-3.0.38](https://github.com/truecharts/apps/compare/custom-app-3.0.37...custom-app-3.0.38) (2021-12-13)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update docker general non-major ([#1531](https://github.com/truecharts/apps/issues/1531))
|
||||
|
||||
|
||||
|
||||
<a name="custom-app-3.0.37"></a>
|
||||
### [custom-app-3.0.37](https://github.com/truecharts/apps/compare/custom-app-3.0.36...custom-app-3.0.37) (2021-12-13)
|
||||
|
||||
|
||||
@@ -13,6 +13,6 @@ You will, however, be able to use all values referenced in the common chart here
|
||||
|-----|------|---------|-------------|
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"tccr.io/truecharts/jackett"` | |
|
||||
| image.tag | string | `"v0.20.159@sha256:c1992f06be549184f5405e55333189f67c20f0d2cdacb94b7dfbd493b5ce62c2"` | |
|
||||
| image.tag | string | `"v0.20.162@sha256:aadc89b3fb38def8614dc44a3359fbf40b90486810bf0c3682a82d68d24ca3da"` | |
|
||||
|
||||
All Rights Reserved - The TrueCharts Project
|
||||
|
||||
@@ -34,7 +34,7 @@ hide:
|
||||
##### Detected Containers
|
||||
|
||||
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
|
||||
tccr.io/truecharts/jackett:v0.20.159@sha256:c1992f06be549184f5405e55333189f67c20f0d2cdacb94b7dfbd493b5ce62c2
|
||||
tccr.io/truecharts/jackett:v0.20.162@sha256:aadc89b3fb38def8614dc44a3359fbf40b90486810bf0c3682a82d68d24ca3da
|
||||
|
||||
##### Scan Results
|
||||
|
||||
@@ -71,7 +71,7 @@ hide:
|
||||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/jackett:v0.20.159@sha256:c1992f06be549184f5405e55333189f67c20f0d2cdacb94b7dfbd493b5ce62c2 (ubuntu 20.04)
|
||||
#### Container: tccr.io/truecharts/jackett:v0.20.162@sha256:aadc89b3fb38def8614dc44a3359fbf40b90486810bf0c3682a82d68d24ca3da (ubuntu 20.04)
|
||||
|
||||
|
||||
**ubuntu**
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: darktable/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-darktable' of Deployment 'RELEASE-NAME-darktable' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -41,11 +41,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -73,13 +73,12 @@ hide:
|
||||
|
||||
|
||||
#### Container: Node.js
|
||||
|
||||
|
||||
|
||||
**node-pkg**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-hr2v-3952-633q">https://github.com/advisories/GHSA-hr2v-3952-633q</a><br><a href="https://hackerone.com/reports/311333">https://hackerone.com/reports/311333</a><br><a href="https://nodesecurity.io/advisories/612">https://nodesecurity.io/advisories/612</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-3750">https://nvd.nist.gov/vuln/detail/CVE-2018-3750</a><br><a href="https://www.npmjs.com/advisories/612">https://www.npmjs.com/advisories/612</a><br></details> |
|
||||
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | <details><summary>Expand...</summary><a href="https://hackerone.com/reports/311333">https://hackerone.com/reports/311333</a><br></details> |
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: ddclient/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-ddclient' of Deployment 'RELEASE-NAME-ddclient' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -41,11 +41,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -76,4 +76,3 @@ hide:
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: dillinger/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-dillinger' of Deployment 'RELEASE-NAME-dillinger' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -41,11 +41,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -73,11 +73,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/dillinger:v3.39.1 (ubuntu 18.04)
|
||||
|
||||
|
||||
|
||||
**ubuntu**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html">http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276</a><br><a href="https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff">https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff</a><br><a href="https://linux.oracle.com/cve/CVE-2019-18276.html">https://linux.oracle.com/cve/CVE-2019-18276.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-1679.html">https://linux.oracle.com/errata/ELSA-2021-1679.html</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security.gentoo.org/glsa/202105-34">https://security.gentoo.org/glsa/202105-34</a><br><a href="https://security.netapp.com/advisory/ntap-20200430-0003/">https://security.netapp.com/advisory/ntap-20200430-0003/</a><br><a href="https://www.youtube.com/watch?v=-wGtxJ8opa8">https://www.youtube.com/watch?v=-wGtxJ8opa8</a><br></details> |
|
||||
@@ -261,7 +261,7 @@ hide:
|
||||
|
||||
**node-pkg**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| acorn | GHSA-6chw-6frg-f759 | HIGH | 5.7.3 | 5.7.4, 7.1.1, 6.4.1 | <details><summary>Expand...</summary><a href="https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802">https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802</a><br><a href="https://github.com/acornjs/acorn/issues/929">https://github.com/acornjs/acorn/issues/929</a><br><a href="https://github.com/advisories/GHSA-6chw-6frg-f759">https://github.com/advisories/GHSA-6chw-6frg-f759</a><br><a href="https://snyk.io/vuln/SNYK-JS-ACORN-559469">https://snyk.io/vuln/SNYK-JS-ACORN-559469</a><br><a href="https://www.npmjs.com/advisories/1488">https://www.npmjs.com/advisories/1488</a><br></details> |
|
||||
@@ -325,4 +325,3 @@ hide:
|
||||
| ws | CVE-2021-32640 | MEDIUM | 6.1.4 | 5.2.3, 6.2.2, 7.4.6 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-6fc8-4gx4-v693">https://github.com/advisories/GHSA-6fc8-4gx4-v693</a><br><a href="https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff">https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff</a><br><a href="https://github.com/websockets/ws/issues/1895">https://github.com/websockets/ws/issues/1895</a><br><a href="https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693">https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693</a><br><a href="https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-32640">https://nvd.nist.gov/vuln/detail/CVE-2021-32640</a><br></details> |
|
||||
| y18n | CVE-2020-7774 | HIGH | 3.2.1 | 5.0.5, 4.0.1, 3.2.2 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-c4w7-xm78-47vh">https://github.com/advisories/GHSA-c4w7-xm78-47vh</a><br><a href="https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25">https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25</a><br><a href="https://github.com/yargs/y18n/issues/96">https://github.com/yargs/y18n/issues/96</a><br><a href="https://github.com/yargs/y18n/pull/108">https://github.com/yargs/y18n/pull/108</a><br><a href="https://linux.oracle.com/cve/CVE-2020-7774.html">https://linux.oracle.com/cve/CVE-2020-7774.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-0551.html">https://linux.oracle.com/errata/ELSA-2021-0551.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-7774">https://nvd.nist.gov/vuln/detail/CVE-2020-7774</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306</a><br><a href="https://snyk.io/vuln/SNYK-JS-Y18N-1021887">https://snyk.io/vuln/SNYK-JS-Y18N-1021887</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br></details> |
|
||||
| yargs-parser | CVE-2020-7608 | MEDIUM | 4.2.1 | 5.0.1, 13.1.2, 18.1.2, 15.0.1 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-p9pc-299p-vxgp">https://github.com/advisories/GHSA-p9pc-299p-vxgp</a><br><a href="https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2">https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2</a><br><a href="https://linux.oracle.com/cve/CVE-2020-7608.html">https://linux.oracle.com/cve/CVE-2020-7608.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-0548.html">https://linux.oracle.com/errata/ELSA-2021-0548.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-7608">https://nvd.nist.gov/vuln/detail/CVE-2020-7608</a><br><a href="https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381">https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381</a><br><a href="https://www.npmjs.com/advisories/1500">https://www.npmjs.com/advisories/1500</a><br></details> |
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: dokuwiki/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-dokuwiki' of Deployment 'RELEASE-NAME-dokuwiki' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -42,11 +42,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -77,4 +77,3 @@ hide:
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: domoticz/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-domoticz' of Deployment 'RELEASE-NAME-domoticz' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -41,11 +41,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -73,11 +73,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/domoticz:v2021.1.20211128 (ubuntu 20.04)
|
||||
|
||||
|
||||
|
||||
**ubuntu**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html">http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276</a><br><a href="https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff">https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff</a><br><a href="https://linux.oracle.com/cve/CVE-2019-18276.html">https://linux.oracle.com/cve/CVE-2019-18276.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-1679.html">https://linux.oracle.com/errata/ELSA-2021-1679.html</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security.gentoo.org/glsa/202105-34">https://security.gentoo.org/glsa/202105-34</a><br><a href="https://security.netapp.com/advisory/ntap-20200430-0003/">https://security.netapp.com/advisory/ntap-20200430-0003/</a><br><a href="https://www.youtube.com/watch?v=-wGtxJ8opa8">https://www.youtube.com/watch?v=-wGtxJ8opa8</a><br></details> |
|
||||
@@ -157,9 +157,6 @@ hide:
|
||||
|
||||
**node-pkg**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: duckdns/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-duckdns' of Deployment 'RELEASE-NAME-duckdns' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -41,11 +41,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -76,4 +76,3 @@ hide:
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: embystat/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-embystat' of Deployment 'RELEASE-NAME-embystat' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -41,11 +41,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -73,11 +73,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/embystat:v0.2.0 (ubuntu 18.04)
|
||||
|
||||
|
||||
|
||||
**ubuntu**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html">http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276</a><br><a href="https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff">https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff</a><br><a href="https://linux.oracle.com/cve/CVE-2019-18276.html">https://linux.oracle.com/cve/CVE-2019-18276.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-1679.html">https://linux.oracle.com/errata/ELSA-2021-1679.html</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security.gentoo.org/glsa/202105-34">https://security.gentoo.org/glsa/202105-34</a><br><a href="https://security.netapp.com/advisory/ntap-20200430-0003/">https://security.netapp.com/advisory/ntap-20200430-0003/</a><br><a href="https://www.youtube.com/watch?v=-wGtxJ8opa8">https://www.youtube.com/watch?v=-wGtxJ8opa8</a><br></details> |
|
||||
@@ -188,4 +188,3 @@ hide:
|
||||
| passwd | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/cve-2013-4235">https://access.redhat.com/security/cve/cve-2013-4235</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2013-4235">https://security-tracker.debian.org/tracker/CVE-2013-4235</a><br></details> |
|
||||
| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | | <details><summary>Expand...</summary><a href="https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357">https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169</a><br><a href="https://github.com/shadow-maint/shadow/pull/97">https://github.com/shadow-maint/shadow/pull/97</a><br><a href="https://security.gentoo.org/glsa/201805-09">https://security.gentoo.org/glsa/201805-09</a><br></details> |
|
||||
| perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | | <details><summary>Expand...</summary><a href="http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html">http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html</a><br><a href="https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/">https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156</a><br><a href="https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c">https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c</a><br></details> |
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: emulatorjs/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-emulatorjs' of Deployment 'RELEASE-NAME-emulatorjs' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -41,11 +41,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -73,13 +73,10 @@ hide:
|
||||
|
||||
|
||||
#### Container: Node.js
|
||||
|
||||
|
||||
|
||||
**node-pkg**
|
||||
|
||||
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: endlessh/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-endlessh' of Deployment 'RELEASE-NAME-endlessh' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -41,11 +41,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -76,4 +76,3 @@ hide:
|
||||
|
||||
| No Vulnerabilities found |
|
||||
|:---------------------------------|
|
||||
|
||||
|
||||
@@ -12,9 +12,9 @@ hide:
|
||||
##### Scan Results
|
||||
|
||||
#### Chart Object: firefox/templates/common.yaml
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-firefox' of Deployment 'RELEASE-NAME-firefox' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
@@ -41,11 +41,11 @@ hide:
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
|
||||
|
||||
|
||||
|
||||
**alpine**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||||
@@ -73,13 +73,12 @@ hide:
|
||||
|
||||
|
||||
#### Container: Node.js
|
||||
|
||||
|
||||
|
||||
**node-pkg**
|
||||
|
||||
|
||||
|
||||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||||
| deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-hr2v-3952-633q">https://github.com/advisories/GHSA-hr2v-3952-633q</a><br><a href="https://hackerone.com/reports/311333">https://hackerone.com/reports/311333</a><br><a href="https://nodesecurity.io/advisories/612">https://nodesecurity.io/advisories/612</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-3750">https://nvd.nist.gov/vuln/detail/CVE-2018-3750</a><br><a href="https://www.npmjs.com/advisories/612">https://www.npmjs.com/advisories/612</a><br></details> |
|
||||
| deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 | <details><summary>Expand...</summary><a href="https://hackerone.com/reports/311333">https://hackerone.com/reports/311333</a><br></details> |
|
||||
|
||||
|
||||
File diff suppressed because one or more lines are too long
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user