diff --git a/charts/incubator/senseai-server/CHANGELOG.md b/charts/incubator/senseai-server/CHANGELOG.md index 5ade7bc6023..0ec0d4b1470 100644 --- a/charts/incubator/senseai-server/CHANGELOG.md +++ b/charts/incubator/senseai-server/CHANGELOG.md @@ -1,10 +1,18 @@ # Changelog
+ +### [senseai-server-0.0.2](https://github.com/truecharts/apps/compare/senseai-server-0.0.1...senseai-server-0.0.2) (2022-06-16) + +#### Chore + +* cleanup ([#2909](https://github.com/truecharts/apps/issues/2909)) + + + ### senseai-server-0.0.1 (2022-06-16) #### Feat * add senseai-server ([#2907](https://github.com/truecharts/apps/issues/2907)) - diff --git a/charts/incubator/senseai-server/security.md b/charts/incubator/senseai-server/security.md index bd6c610a283..1c9feb35686 100644 --- a/charts/incubator/senseai-server/security.md +++ b/charts/incubator/senseai-server/security.md @@ -12,9 +12,9 @@ hide: ##### Scan Results #### Chart Object: senseai-server/templates/common.yaml - - + + | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'autopermissions' of Deployment 'RELEASE-NAME-senseai-server' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| @@ -40,11 +40,11 @@ hide: #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) - + **alpine** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| @@ -61,11 +61,11 @@ hide: #### Container: codeproject/senseai-server:focal-1.4.0@sha256:e26603f89a1a994cda27c4604fb79ed380acd65e4233e9bd4a8689eb21625b39 (ubuntu 20.04) - + **ubuntu** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | binutils | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2017-13716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009
| @@ -284,8 +284,7 @@ hide: **python-pkg** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | mpmath | CVE-2021-29063 | HIGH | 1.2.1 | |
Expand...https://github.com/advisories/GHSA-f865-m6cq-j9vx
https://github.com/fredrik-johansson/mpmath/commit/46d44c3c8f3244017fe1eb102d564eb4ab8ef750
https://github.com/fredrik-johansson/mpmath/commit/c811b37c65a4372a7ce613111d2a508c204f9833
https://github.com/fredrik-johansson/mpmath/issues/548
https://github.com/npm/hosted-git-info/pull/76
https://github.com/yetingli/PoCs/blob/main/CVE-2021-29063/Mpmath.md
https://github.com/yetingli/SaveResults/blob/main/js/hosted-git-info.js
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3M5O55E7VUDMXCPQR6MQTOIFDKHP36AA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUX3XWY2K3MSO7QXMZXQQYAURARSPC5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MS2U6GLXQSRZJE2HVUAUMVFR2DWQLCZG/
https://nvd.nist.gov/vuln/detail/CVE-2021-29063
https://www.npmjs.com/package/hosted-git-info
| -