SUSE's KBs 000021646 and 000021647 provide detailed information about how the CVE portal works and how to inquire about CVEs in SUSE Rancher Prime products, respectively.
Only the latest patch version of each supported release line and the respective dev/head/master development branches are scanned. Older patch versions and no longer supported (EOL) versions are not scanned. Verify the supported versions in SUSE's product support lifecycle page.
Consult SUSE's KB 000021574 to know how Rancher does its CVE triage workflow for software dependencies.
The CVE scans are executed daily with internal automation developed by the SUSE Rancher Security team.
Our scans use Rancher's VEX Hub reports to remove known false-positives. More information on how to use those reports is available in SUSE's KB 000021573
article.
These pages are updated and regenerated daily.
The CVE scanner used is Trivy with the latest version available.
Only critical and high severity CVEs are displayed (internally we track all severities).
If you want to report an issue with these pages, please open an issue.