SUSE Rancher - Harvester master version - CVE Scans - 2025-03-14

How to use this page

You can click a column header to sort by column.
Use the search bar below to filter the results by image (and version/tag), if the image is mirrored or made by SUSE (true/false),
release, affected binary, vulnerable dependency (and its version), vulnerability ID (CVE, GHSA, SUSE-SU etc.), severity,
status (if affected or not affected/false-positive), justification (for false-positives),
vulnerability type (related to the programming language or container OS).
The search functionality might execute a bit slow depending on the number of vulnerabilities displayed in the page.
False-positive CVEs that are removed with VEX have the status as "not affected" with the severity set to "none",
because they do not affect the binary/package/image. The justification explains why they are false-positives,
according to the VEX statuses as explained in KB 000021573.
For further instructions about scanned versions, scanning frequency, tooling and false-positives, please consult the main instructions.
The severity (CVSS rating) of some CVEs in the portal might differ from the original severity reported by some vendors and security scanners.
This happens, because SUSE recalculates the CVSS rating of CVEs based on criteria, like: applicability and difficulty of the issue being
exploited in the wild; how it can actually affect the confidentiality, integrity and availability of SUSE's products etc. CVEs that had their CVSS
severity rating changed, either decreased or increased, will have the distinctive tag '*' close to its severity.

Search:

Image	Mirrored	Release	Binary/Package	Dependency	Vulnerability ID (CVE)	Severity	Status	Justification (for status not affected)	Type (language or OS)
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0	false	Harvester master	libcrypto3	libcrypto3@3.3.1-r3	CVE-2024-12797	HIGH	affected		alpine
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0	false	Harvester master	libssl3	libssl3@3.3.1-r3	CVE-2024-12797	HIGH	affected		alpine
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0	false	Harvester master	ip-control-loop	golang.org/x/net@v0.24.0	CVE-2024-45338	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0	false	Harvester master	ip-control-loop	stdlib@v1.21.12	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0	false	Harvester master	whereabouts	golang.org/x/net@v0.24.0	CVE-2024-45338	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0	false	Harvester master	whereabouts	stdlib@v1.21.12	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1	false	Harvester master	libcrypto3	libcrypto3@3.3.1-r0	CVE-2024-12797	HIGH	affected		alpine
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1	false	Harvester master	libssl3	libssl3@3.3.1-r0	CVE-2024-12797	HIGH	affected		alpine
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1	false	Harvester master	kube-vip	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/fleet:v0.11.2	false	Harvester master	git-core	git-core@2.43.0-150600.3.6.1	SUSE-SU-2025:0116-1	HIGH	affected		sles
rancher/fleet:v0.11.2	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/fleet:v0.11.2	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/fleet:v0.11.2	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
rancher/fleet:v0.11.2	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/fleet:v0.11.2	false	Harvester master	usr/bin/fleet	github.com/go-git/go-git/v5@v5.12.1-0.20240629213349-b00c68ab7140	CVE-2025-21613	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/fleet:v0.11.2	false	Harvester master	usr/bin/fleet	github.com/go-git/go-git/v5@v5.12.1-0.20240629213349-b00c68ab7140	CVE-2025-21614	HIGH	affected		gobinary
rancher/fleet:v0.11.2	false	Harvester master	usr/bin/fleetcontroller	github.com/go-git/go-git/v5@v5.12.1-0.20240629213349-b00c68ab7140	CVE-2025-21613	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/fleet:v0.11.2	false	Harvester master	usr/bin/fleetcontroller	github.com/go-git/go-git/v5@v5.12.1-0.20240629213349-b00c68ab7140	CVE-2025-21614	HIGH	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester master	git-core	git-core@2.35.3-150300.10.39.1	SUSE-SU-2024:2656-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	glibc	glibc@2.31-150300.74.1	SUSE-SU-2024:1895-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	krb5	krb5@1.20.1-150500.3.6.1	SUSE-SU-2024:2302-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	libglib-2_0-0	libglib-2_0-0@2.70.5-150400.3.11.1	SUSE-SU-2024:4078-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	libopenssl1_1	libopenssl1_1@1.1.1l-150500.17.28.2	SUSE-SU-2024:2051-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	libopenssl1_1-hmac	libopenssl1_1-hmac@1.1.1l-150500.17.28.2	SUSE-SU-2024:2051-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	libprotobuf-lite25_1_0	libprotobuf-lite25_1_0@25.1-150400.9.6.1	SUSE-SU-2024:3747-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.14.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.14.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	openssl-1_1	openssl-1_1@1.1.1l-150500.17.28.2	SUSE-SU-2024:2051-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitcloner	github.com/go-git/go-git/v5@v5.11.0	CVE-2025-21613	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitcloner	github.com/go-git/go-git/v5@v5.11.0	CVE-2025-21614	HIGH	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitcloner	stdlib@v1.21.10	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitcloner	stdlib@v1.21.10	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitjob	github.com/go-git/go-git/v5@v5.11.0	CVE-2025-21613	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitjob	github.com/go-git/go-git/v5@v5.11.0	CVE-2025-21614	HIGH	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitjob	stdlib@v1.21.10	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitjob	stdlib@v1.21.10	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-addon-resizer:1.8.20-build20241001	false	Harvester master	pod_nanny	golang.org/x/net@v0.17.0	CVE-2024-45338	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/hardened-flannel:v0.26.1-build20241211	false	Harvester master	libsoup-2_4-1	libsoup-2_4-1@2.74.3-150600.2.2	SUSE-SU-2024:4290-1	HIGH	affected		sles
rancher/hardened-flannel:v0.26.1-build20241211	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/hardened-flannel:v0.26.1-build20241211	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/hardened-flannel:v0.26.1-build20241211	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
rancher/hardened-flannel:v0.26.1-build20241211	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/hardened-multus-cni:v4.1.3-build20241028	false	Harvester master	cert-approver	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.1.3-build20241028	false	Harvester master	install_multus	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.1.3-build20241028	false	Harvester master	kubeconfig_generator	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.1.3-build20241028	false	Harvester master	thin_entrypoint	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.1.3-build20241028	false	Harvester master	usr/src/multus-cni/bin/multus	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-load-balancer-webhook:master-head	false	Harvester master	usr/bin/harvester-load-balancer-webhook	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-load-balancer-webhook:master-head	false	Harvester master	usr/bin/harvester-load-balancer-webhook	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester-load-balancer-webhook:master-head	false	Harvester master	usr/bin/harvester-load-balancer-webhook	github.com/rancher/steve@v0.0.0-20221209194631-acf9d31ce0dd	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester-load-balancer:master-head	false	Harvester master	usr/bin/harvester-load-balancer	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-load-balancer:master-head	false	Harvester master	usr/bin/harvester-load-balancer	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester-load-balancer:master-head	false	Harvester master	usr/bin/harvester-load-balancer	github.com/rancher/steve@v0.0.0-20221209194631-acf9d31ce0dd	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester-network-controller:master-head	false	Harvester master	usr/bin/harvester-network-controller	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-network-controller:master-head	false	Harvester master	usr/bin/harvester-network-controller	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester-network-controller:master-head	false	Harvester master	usr/bin/harvester-network-controller	github.com/rancher/steve@v0.0.0-20221209194631-acf9d31ce0dd	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester-network-controller:master-head	false	Harvester master	usr/bin/harvester-network-controller	kubevirt.io/kubevirt@v0.54.0	CVE-2023-26484	HIGH	affected		gobinary
rancher/harvester-network-helper:master-head	false	Harvester master	usr/bin/harvester-network-helper	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-network-helper:master-head	false	Harvester master	usr/bin/harvester-network-helper	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester-network-helper:master-head	false	Harvester master	usr/bin/harvester-network-helper	github.com/rancher/steve@v0.0.0-20221209194631-acf9d31ce0dd	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester-network-helper:master-head	false	Harvester master	usr/bin/harvester-network-helper	kubevirt.io/kubevirt@v0.54.0	CVE-2023-26484	HIGH	affected		gobinary
rancher/harvester-network-webhook:master-head	false	Harvester master	usr/bin/harvester-network-webhook	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-network-webhook:master-head	false	Harvester master	usr/bin/harvester-network-webhook	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester-network-webhook:master-head	false	Harvester master	usr/bin/harvester-network-webhook	github.com/rancher/steve@v0.0.0-20221209194631-acf9d31ce0dd	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester-network-webhook:master-head	false	Harvester master	usr/bin/harvester-network-webhook	kubevirt.io/kubevirt@v0.54.0	CVE-2023-26484	HIGH	affected		gobinary
rancher/harvester-networkfs-manager:main-head	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/harvester-networkfs-manager:main-head	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/harvester-networkfs-manager:main-head	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
rancher/harvester-networkfs-manager:main-head	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/harvester-node-manager-webhook:master-head	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/harvester-node-manager:master-head	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/harvester-seeder:v1.5.0-dev.0	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/harvester-seeder:v1.5.0-dev.0	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/harvester-seeder:v1.5.0-dev.0	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
rancher/harvester-seeder:v1.5.0-dev.0	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/kubectl	stdlib@v1.22.6	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-vm-import-controller:v1.5.0-dev.0	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/harvester-webhook:master-head	false	Harvester master	usr/bin/harvester-webhook	github.com/rancher/steve@v0.0.0-20240911190153-79304d93b49b	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester:master-head	false	Harvester master	usr/bin/harvester	github.com/rancher/steve@v0.0.0-20240911190153-79304d93b49b	CVE-2024-52280	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-23806	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-24538	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-24540	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2021-41771	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2021-41772	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2021-44716	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-23772	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-24675	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-24921	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-27664	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-28131	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-28327	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-2879	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-2880	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-29804	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-30580	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-30630	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-30631	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-30632	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-30633	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-30634	LOW*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-30635	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-32189	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-41715	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-41716	UNKNOWN*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-41720	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-41722	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-41723	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-41724	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2022-41725	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-24534	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-24536	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-24537	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-24539	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-29400	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-29403	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-39325	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-45283	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-45287	HIGH	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.21.5	false	Harvester master	bin/kubectl	stdlib@v1.16.8	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.28.7	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.28.7	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.28.7	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	libldap-2.5-0	libldap-2.5-0@2.5.13+dfsg-5	CVE-2023-2953	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	libpq5	libpq5@15.8-0+deb12u1	CVE-2024-10979	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	libpq5	libpq5@15.8-0+deb12u1	CVE-2025-1094	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	zlib1g	zlib1g@1:1.2.13.dfsg-1	CVE-2023-45853	CRITICAL	affected		debian
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester master	curl	curl@8.5.0-r0	CVE-2024-2398	HIGH	affected		alpine
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester master	curl	curl@8.5.0-r0	CVE-2024-6197	HIGH	affected		alpine
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester master	libcurl	libcurl@8.5.0-r0	CVE-2024-2398	HIGH	affected		alpine
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester master	libcurl	libcurl@8.5.0-r0	CVE-2024-6197	HIGH	affected		alpine
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester master	usr/share/grafana/bin/grafana	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester master	usr/share/grafana/bin/grafana-cli	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester master	usr/share/grafana/bin/grafana-server	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.4.3	true	Harvester master	kube-webhook-certgen	golang.org/x/net@v0.28.0	CVE-2024-45338	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.4.3	true	Harvester master	kube-webhook-certgen	stdlib@v1.22.6	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.4.4	true	Harvester master	kube-webhook-certgen	golang.org/x/net@v0.28.0	CVE-2024-45338	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester master	libcrypto3	libcrypto3@3.3.0-r2	CVE-2024-12797	HIGH	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester master	libexpat	libexpat@2.6.2-r0	CVE-2024-45491	CRITICAL	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester master	libexpat	libexpat@2.6.2-r0	CVE-2024-45492	CRITICAL	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester master	libexpat	libexpat@2.6.2-r0	CVE-2024-45490	HIGH	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester master	libssl3	libssl3@3.3.0-r2	CVE-2024-12797	HIGH	affected		alpine
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	libcrypto3	libcrypto3@3.3.2-r1	CVE-2024-12797	HIGH	affected		alpine
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	libssl3	libssl3@3.3.2-r1	CVE-2024-12797	HIGH	affected		alpine
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	google-protobuf@3.21.12	CVE-2024-7254	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	rack@3.0.9.1	CVE-2025-27610	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	rexml@3.2.6	CVE-2024-49761	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	rexml@3.3.2	CVE-2024-49761	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	webrick@1.8.1	CVE-2024-47220	HIGH	affected		gemspec
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0	true	Harvester master	kube-state-metrics	golang.org/x/crypto@v0.21.0	CVE-2024-45337	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0	true	Harvester master	kube-state-metrics	golang.org/x/net@v0.22.0	CVE-2024-45338	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0	true	Harvester master	kube-state-metrics	stdlib@v1.21.8	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0	true	Harvester master	kube-state-metrics	stdlib@v1.21.8	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0	true	Harvester master	kube-state-metrics	stdlib@v1.21.8	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester master	curl	curl@8.5.0-r0	CVE-2024-2398	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester master	curl	curl@8.5.0-r0	CVE-2024-6197	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester master	libcurl	libcurl@8.5.0-r0	CVE-2024-2398	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester master	libcurl	libcurl@8.5.0-r0	CVE-2024-6197	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester master	libexpat	libexpat@2.6.2-r0	CVE-2024-45491	CRITICAL	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester master	libexpat	libexpat@2.6.2-r0	CVE-2024-45492	CRITICAL	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester master	libexpat	libexpat@2.6.2-r0	CVE-2024-45490	HIGH	affected		alpine
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	stdlib@v1.22.2	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	stdlib@v1.22.2	CVE-2024-24788	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	stdlib@v1.22.2	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester master	bin/alertmanager	stdlib@v1.21.7	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester master	bin/alertmanager	stdlib@v1.21.7	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester master	bin/alertmanager	stdlib@v1.21.7	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester master	bin/amtool	stdlib@v1.21.7	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester master	bin/amtool	stdlib@v1.21.7	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester master	bin/amtool	stdlib@v1.21.7	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-node-exporter:v1.8.2	true	Harvester master	bin/node_exporter	stdlib@v1.22.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-admission-webhook:v0.75.1	true	Harvester master	bin/admission-webhook	golang.org/x/net@v0.26.0	CVE-2024-45338	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-admission-webhook:v0.75.1	true	Harvester master	bin/admission-webhook	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1	true	Harvester master	bin/prometheus-config-reloader	golang.org/x/crypto@v0.24.0	CVE-2024-45337	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1	true	Harvester master	bin/prometheus-config-reloader	golang.org/x/net@v0.26.0	CVE-2024-45338	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1	true	Harvester master	bin/prometheus-config-reloader	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-prometheus-operator:v0.75.1	true	Harvester master	bin/operator	golang.org/x/net@v0.26.0	CVE-2024-45338	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-prometheus-operator:v0.75.1	true	Harvester master	bin/operator	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester master	bin/prometheus	stdlib@v1.22.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester master	bin/promtool	stdlib@v1.22.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-sig-storage-snapshot-controller:v8.1.0	true	Harvester master	snapshot-controller	stdlib@v1.22.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-sig-storage-snapshot-validation-webhook:v8.1.0	true	Harvester master	snapshot-validation-webhook	stdlib@v1.22.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/nginx-ingress-controller:v1.10.5-hardened6	false	Harvester master	git	git@2.43.0-150600.3.6.1	SUSE-SU-2025:0116-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.10.5-hardened6	false	Harvester master	git-core	git-core@2.43.0-150600.3.6.1	SUSE-SU-2025:0116-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.10.5-hardened6	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.10.5-hardened6	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.10.5-hardened6	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.10.5-hardened6	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.10.5-hardened6	false	Harvester master	libxml2-tools	libxml2-tools@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.10.5-hardened6	false	Harvester master	libxml2-tools	libxml2-tools@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.10.5-hardened6	false	Harvester master	perl-Git	perl-Git@2.43.0-150600.3.6.1	SUSE-SU-2025:0116-1	HIGH	affected		sles
rancher/rancher-agent:v2.10.1	false	Harvester master	bind-utils	bind-utils@9.18.28-150600.3.3.1	SUSE-SU-2025:0355-1	HIGH	affected		sles
rancher/rancher-agent:v2.10.1	false	Harvester master	git-core	git-core@2.43.0-150600.3.6.1	SUSE-SU-2025:0116-1	HIGH	affected		sles
rancher/rancher-agent:v2.10.1	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/rancher-agent:v2.10.1	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/rancher-agent:v2.10.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
rancher/rancher-agent:v2.10.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/rancher-agent:v2.10.1	false	Harvester master	usr/bin/agent	github.com/rancher/rancher@v2.10.1	CVE-2025-23388	HIGH	affected		gobinary
rancher/rancher-agent:v2.10.1	false	Harvester master	usr/bin/agent	github.com/rancher/rancher@v2.10.1	CVE-2025-23389	HIGH	affected		gobinary
rancher/rancher-agent:v2.10.1	false	Harvester master	usr/bin/kubectl	stdlib@v1.20.13	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher-agent:v2.10.1	false	Harvester master	usr/bin/kubectl	stdlib@v1.20.13	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher-agent:v2.10.1	false	Harvester master	usr/bin/kubectl	stdlib@v1.20.13	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	git-core	git-core@2.43.0-150600.3.6.1	SUSE-SU-2025:0116-1	HIGH	affected		sles
rancher/rancher:v2.10.1	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/rancher:v2.10.1	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	k8s.io/kubernetes@v1.24.10	CVE-2023-5528	HIGH	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	k8s.io/kubernetes@v1.24.10	CVE-2024-0793	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	k8s.io/kubernetes@v1.24.10	CVE-2024-5321	HIGH	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-linode	github.com/docker/docker@v20.10.27+incompatible	CVE-2024-41110	CRITICAL	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-linode	golang.org/x/crypto@v0.22.0	CVE-2024-45337	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-linode	golang.org/x/net@v0.24.0	CVE-2024-45338	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-linode	stdlib@v1.22.2	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-linode	stdlib@v1.22.2	CVE-2024-24788	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-linode	stdlib@v1.22.2	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/bandwidth	stdlib@v1.22.6	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/cni	stdlib@v1.22.6	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/containerd	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.45.0	CVE-2023-47108	HIGH	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/containerd	stdlib@v1.22.6	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/containerd-shim-runc-v2	stdlib@v1.22.6	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/etcdctl	stdlib@v1.21.10	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/etcdctl	stdlib@v1.21.10	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/firewall	stdlib@v1.22.6	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/k3s	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.45.0	CVE-2023-47108	HIGH	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/k3s	stdlib@v1.22.6	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/kustomize	stdlib@v1.21.10	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/kustomize	stdlib@v1.21.10	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/rancher	github.com/rancher/rancher@v2.10.1	CVE-2025-23388	HIGH	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/rancher	github.com/rancher/rancher@v2.10.1	CVE-2025-23389	HIGH	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/runc	stdlib@v1.22.6	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/telemetry	stdlib@v1.21.3	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/telemetry	stdlib@v1.21.3	CVE-2023-45283	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/telemetry	stdlib@v1.21.3	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/telemetry	stdlib@v1.21.3	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/share/rancher/ui/assets/wins.exe	golang.org/x/crypto@v0.25.0	CVE-2024-45337	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/share/rancher/ui/assets/wins.exe	golang.org/x/net@v0.27.0	CVE-2024-45338	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/k9s	github.com/go-git/go-git/v5@v5.12.0	CVE-2025-21613	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/k9s	github.com/go-git/go-git/v5@v5.12.0	CVE-2025-21614	HIGH	affected		gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/k9s	github.com/hashicorp/go-getter@v1.7.4	CVE-2024-6257	HIGH	affected		gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/k9s	stdlib@v1.22.0	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/k9s	stdlib@v1.22.0	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/k9s	stdlib@v1.22.0	CVE-2024-24788	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/k9s	stdlib@v1.22.0	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/system-agent:v0.3.11-suc	false	Harvester master	usr/bin/kubectl	stdlib@v1.22.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.3	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.3	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2023-39325	HIGH	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.3	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2023-45283	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.3	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.3	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-39325	HIGH	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-45283	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.suse.com/suse/sles/15.6/cdi-apiserver:1.61.0-150600.3.12.1	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-apiserver:1.61.0-150600.3.12.1	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-apiserver:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-apiserver:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-cloner:1.61.0-150600.3.12.1	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-cloner:1.61.0-150600.3.12.1	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-cloner:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-cloner:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-controller:1.61.0-150600.3.12.1	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-controller:1.61.0-150600.3.12.1	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-controller:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-controller:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-importer:1.61.0-150600.3.12.1	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-importer:1.61.0-150600.3.12.1	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-importer:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-importer:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-operator:1.61.0-150600.3.12.1	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-operator:1.61.0-150600.3.12.1	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-operator:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-operator:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadproxy:1.61.0-150600.3.12.1	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadproxy:1.61.0-150600.3.12.1	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadproxy:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadproxy:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadserver:1.61.0-150600.3.12.1	false	Harvester master	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadserver:1.61.0-150600.3.12.1	false	Harvester master	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadserver:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadserver:1.61.0-150600.3.12.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/libguestfs-tools:1.4.0-150600.5.15.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-api:1.4.0-150600.5.15.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-controller:1.4.0-150600.5.15.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-handler:1.4.0-150600.5.15.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-launcher:1.4.0-150600.5.15.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-operator:1.4.0-150600.5.15.1	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1	false	Harvester master	kube-vip	golang.org/x/crypto@v0.23.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1	false	Harvester master	kube-vip	golang.org/x/net@v0.25.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
longhornio/csi-node-driver-registrar:v2.13.0	false	Harvester master	csi-node-driver-registrar	golang.org/x/net@v0.32.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
longhornio/csi-snapshotter:v8.2.0	false	Harvester master	csi-snapshotter	golang.org/x/net@v0.31.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
longhornio/livenessprobe:v2.15.0	false	Harvester master	livenessprobe	golang.org/x/net@v0.32.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/fleet-agent:v0.11.2	false	Harvester master	usr/bin/fleetagent	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/fleet-agent:v0.11.2	false	Harvester master	usr/bin/fleetagent	golang.org/x/net@v0.30.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/fleet:v0.11.2	false	Harvester master	usr/bin/fleet	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/fleet:v0.11.2	false	Harvester master	usr/bin/fleet	golang.org/x/net@v0.30.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/fleet:v0.11.2	false	Harvester master	usr/bin/fleetcontroller	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/fleet:v0.11.2	false	Harvester master	usr/bin/fleetcontroller	golang.org/x/net@v0.30.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitcloner	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitcloner	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitjob	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/gitjob:v0.9.8	false	Harvester master	usr/bin/gitjob	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	calicoctl	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	calicoctl	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	opt/cni/bin/calico	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	opt/cni/bin/calico	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	opt/cni/bin/calico-ipam	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	opt/cni/bin/calico-ipam	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	opt/cni/bin/dhcp	golang.org/x/net@v0.30.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	opt/cni/bin/install	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	usr/bin/calico-node	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	usr/bin/calico-node	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	usr/bin/kube-controllers	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.1-build20241211	false	Harvester master	usr/bin/kube-controllers	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-cluster-autoscaler:v1.9.0-build20241126	false	Harvester master	cluster-proportional-autoscaler	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-cni-plugins:v1.6.0-build20241022	false	Harvester master	opt/cni/bin/dhcp	golang.org/x/net@v0.28.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-coredns:v1.12.0-build20241126	false	Harvester master	coredns	golang.org/x/crypto@v0.29.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-coredns:v1.12.0-build20241126	false	Harvester master	coredns	golang.org/x/net@v0.31.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-dns-node-cache:1.24.0-build20241211	false	Harvester master	node-cache	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-dns-node-cache:1.24.0-build20241211	false	Harvester master	node-cache	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-etcd:v3.5.16-k3s1-build20241106	false	Harvester master	usr/local/bin/etcd	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-etcd:v3.5.16-k3s1-build20241106	false	Harvester master	usr/local/bin/etcd	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-etcd:v3.5.16-k3s1-build20241106	false	Harvester master	usr/local/bin/etcdctl	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-etcd:v3.5.16-k3s1-build20241106	false	Harvester master	usr/local/bin/etcdctl	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-flannel:v0.26.1-build20241211	false	Harvester master	opt/bin/flanneld	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-flannel:v0.26.1-build20241211	false	Harvester master	opt/bin/flanneld	golang.org/x/net@v0.30.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-k8s-metrics-server:v0.7.1-build20241008	false	Harvester master	metrics-server	golang.org/x/crypto@v0.18.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-k8s-metrics-server:v0.7.1-build20241008	false	Harvester master	metrics-server	golang.org/x/net@v0.20.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kube-apiserver	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kube-apiserver	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kube-controller-manager	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kube-controller-manager	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kube-proxy	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kube-proxy	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kube-scheduler	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kube-scheduler	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kubeadm	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kubeadm	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kubectl	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kubelet	go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0	CVE-2023-45142	none	not affected	vulnerable code not present	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kubelet	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.31.4-rke2r1-build20241212	false	Harvester master	usr/local/bin/kubelet	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-multus-cni:v4.1.3-build20241028	false	Harvester master	cert-approver	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-multus-cni:v4.1.3-build20241028	false	Harvester master	kubeconfig_generator	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-multus-cni:v4.1.3-build20241028	false	Harvester master	usr/src/multus-cni/bin/multus	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-eventrouter:v1.5.0-dev.0	false	Harvester master	usr/bin/eventrouter	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-eventrouter:v1.5.0-dev.0	false	Harvester master	usr/bin/eventrouter	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/harvester-load-balancer-webhook:master-head	false	Harvester master	usr/bin/harvester-load-balancer-webhook	github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7	CVE-2023-32192	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer-webhook:master-head	false	Harvester master	usr/bin/harvester-load-balancer-webhook	github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99	CVE-2023-32193	none	not affected	vulnerable code not present	gobinary
rancher/harvester-load-balancer-webhook:master-head	false	Harvester master	usr/bin/harvester-load-balancer-webhook	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1	CVE-2023-45142	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer-webhook:master-head	false	Harvester master	usr/bin/harvester-load-balancer-webhook	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer-webhook:master-head	false	Harvester master	usr/bin/harvester-load-balancer-webhook	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer:master-head	false	Harvester master	usr/bin/harvester-load-balancer	github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7	CVE-2023-32192	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer:master-head	false	Harvester master	usr/bin/harvester-load-balancer	github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99	CVE-2023-32193	none	not affected	vulnerable code not present	gobinary
rancher/harvester-load-balancer:master-head	false	Harvester master	usr/bin/harvester-load-balancer	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1	CVE-2023-45142	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer:master-head	false	Harvester master	usr/bin/harvester-load-balancer	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer:master-head	false	Harvester master	usr/bin/harvester-load-balancer	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-network-controller:master-head	false	Harvester master	usr/bin/harvester-network-controller	github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7	CVE-2023-32192	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-controller:master-head	false	Harvester master	usr/bin/harvester-network-controller	github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99	CVE-2023-32193	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-controller:master-head	false	Harvester master	usr/bin/harvester-network-controller	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0	CVE-2023-45142	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-network-controller:master-head	false	Harvester master	usr/bin/harvester-network-controller	kubevirt.io/kubevirt@v0.54.0	GHSA-qv98-3369-g364	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-helper:master-head	false	Harvester master	usr/bin/harvester-network-helper	github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7	CVE-2023-32192	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-helper:master-head	false	Harvester master	usr/bin/harvester-network-helper	github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99	CVE-2023-32193	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-helper:master-head	false	Harvester master	usr/bin/harvester-network-helper	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0	CVE-2023-45142	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-network-helper:master-head	false	Harvester master	usr/bin/harvester-network-helper	kubevirt.io/kubevirt@v0.54.0	GHSA-qv98-3369-g364	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-webhook:master-head	false	Harvester master	usr/bin/harvester-network-webhook	github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7	CVE-2023-32192	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-webhook:master-head	false	Harvester master	usr/bin/harvester-network-webhook	github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99	CVE-2023-32193	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-webhook:master-head	false	Harvester master	usr/bin/harvester-network-webhook	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0	CVE-2023-45142	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-network-webhook:master-head	false	Harvester master	usr/bin/harvester-network-webhook	kubevirt.io/kubevirt@v0.54.0	GHSA-qv98-3369-g364	none	not affected	vulnerable code not present	gobinary
rancher/harvester-node-manager-webhook:master-head	false	Harvester master	usr/bin/harvester-node-manager-webhook	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-node-manager-webhook:master-head	false	Harvester master	usr/bin/harvester-node-manager-webhook	golang.org/x/net@v0.24.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/harvester-node-manager:master-head	false	Harvester master	usr/bin/harvester-node-manager	golang.org/x/net@v0.24.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/harvester-pcidevices:v1.5.0-dev.1	false	Harvester master	bin/pcidevices	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-pcidevices:v1.5.0-dev.1	false	Harvester master	bin/pcidevices	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-seeder:v1.5.0-dev.0	false	Harvester master	bin/manager	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-seeder:v1.5.0-dev.0	false	Harvester master	bin/manager	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/kubectl	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/wharfie	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0	CVE-2023-47108	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/wharfie	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/wharfie	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/harvester-vm-import-controller:v1.5.0-dev.0	false	Harvester master	usr/bin/vm-import-controller	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/harvester-webhook:master-head	false	Harvester master	usr/bin/harvester-webhook	github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1	CVE-2019-12274	none	not affected	vulnerable code not present	gobinary
rancher/harvester-webhook:master-head	false	Harvester master	usr/bin/harvester-webhook	github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1	CVE-2021-36775	none	not affected	vulnerable code not present	gobinary
rancher/harvester:master-head	false	Harvester master	usr/bin/harvester	github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1	CVE-2019-12274	none	not affected	vulnerable code not present	gobinary
rancher/harvester:master-head	false	Harvester master	usr/bin/harvester	github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1	CVE-2021-36775	none	not affected	vulnerable code not present	gobinary
rancher/klipper-helm:v0.9.3-build20241008	false	Harvester master	libcrypto3	libcrypto3@3.3.2-r0	CVE-2024-12797	none	not affected	vulnerable code cannot be controlled by adversary	alpine
rancher/klipper-helm:v0.9.3-build20241008	false	Harvester master	libssl3	libssl3@3.3.2-r0	CVE-2024-12797	none	not affected	vulnerable code cannot be controlled by adversary	alpine
rancher/klipper-helm:v0.9.3-build20241008	false	Harvester master	home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis	golang.org/x/crypto@v0.26.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/klipper-helm:v0.9.3-build20241008	false	Harvester master	home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis	golang.org/x/net@v0.28.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/klipper-helm:v0.9.3-build20241008	false	Harvester master	home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status	golang.org/x/crypto@v0.25.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/klipper-helm:v0.9.3-build20241008	false	Harvester master	home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/klipper-helm:v0.9.3-build20241008	false	Harvester master	usr/bin/helm	golang.org/x/crypto@v0.26.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/klipper-helm:v0.9.3-build20241008	false	Harvester master	usr/bin/helm	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/klipper-lb:v0.4.9	false	Harvester master	libcrypto3	libcrypto3@3.3.1-r3	CVE-2024-12797	none	not affected	vulnerable code cannot be controlled by adversary	alpine
rancher/klipper-lb:v0.4.9	false	Harvester master	libssl3	libssl3@3.3.1-r3	CVE-2024-12797	none	not affected	vulnerable code cannot be controlled by adversary	alpine
rancher/kubectl:v1.28.7	false	Harvester master	bin/kubectl	golang.org/x/net@v0.19.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	golang.org/x/net@v0.19.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-cluster-api-controller:v1.8.3	true	Harvester master	manager	golang.org/x/crypto@v0.25.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-cluster-api-controller:v1.8.3	true	Harvester master	manager	golang.org/x/net@v0.27.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester master	usr/share/grafana/bin/grafana	github.com/grafana/grafana-plugin-sdk-go@v0.234.0	CVE-2024-8986	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester master	usr/share/grafana/bin/grafana	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester master	usr/share/grafana/bin/grafana	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-kube-logging-logging-operator:4.10.0	true	Harvester master	manager	golang.org/x/net@v0.29.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	golang.org/x/net@v0.24.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester master	bin/alertmanager	golang.org/x/crypto@v0.18.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester master	bin/alertmanager	golang.org/x/net@v0.20.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester master	bin/amtool	golang.org/x/crypto@v0.18.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester master	bin/amtool	golang.org/x/net@v0.20.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-node-exporter:v1.8.2	true	Harvester master	bin/node_exporter	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-node-exporter:v1.8.2	true	Harvester master	bin/node_exporter	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester master	bin/prometheus	github.com/docker/docker@v26.1.3+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester master	bin/prometheus	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester master	bin/prometheus	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester master	bin/promtool	github.com/docker/docker@v26.1.3+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester master	bin/promtool	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester master	bin/promtool	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-sig-storage-snapshot-controller:v8.1.0	true	Harvester master	snapshot-controller	golang.org/x/net@v0.28.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-sig-storage-snapshot-validation-webhook:v8.1.0	true	Harvester master	snapshot-validation-webhook	golang.org/x/net@v0.28.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/nginx-ingress-controller:v1.10.5-hardened6	false	Harvester master	nginx-ingress-controller	golang.org/x/net@v0.29.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/rancher-agent:v2.10.1	false	Harvester master	usr/bin/agent	github.com/docker/docker@v20.10.27+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/rancher-agent:v2.10.1	false	Harvester master	usr/bin/agent	golang.org/x/crypto@v0.30.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher-agent:v2.10.1	false	Harvester master	usr/bin/agent	golang.org/x/net@v0.32.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher-agent:v2.10.1	false	Harvester master	usr/bin/kubectl	github.com/docker/distribution@v2.8.1+incompatible	CVE-2023-2253	none	not affected	vulnerable code not present	gobinary
rancher/rancher-agent:v2.10.1	false	Harvester master	usr/bin/kubectl	golang.org/x/net@v0.19.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher-webhook:v0.6.2	false	Harvester master	usr/bin/webhook	golang.org/x/crypto@v0.30.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rancher-webhook:v0.6.2	false	Harvester master	usr/bin/webhook	golang.org/x/net@v0.32.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	github.com/docker/docker@v20.10.27+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	golang.org/x/crypto@v0.25.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	golang.org/x/net@v0.27.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	k8s.io/kubernetes@v1.24.10	CVE-2023-3676	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	k8s.io/kubernetes@v1.24.10	CVE-2023-3955	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	k8s.io/kubernetes@v1.24.10	CVE-2024-10220	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/containerd	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/containerd	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/containerd-shim-runc-v2	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/etcdctl	golang.org/x/crypto@v0.17.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/etcdctl	golang.org/x/net@v0.17.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/helm_v3	golang.org/x/crypto@v0.26.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/helm_v3	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/k3s	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/k3s	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/rancher	github.com/docker/docker@v20.10.27+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/rancher	golang.org/x/crypto@v0.30.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/rancher	golang.org/x/net@v0.32.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/rancher-machine	github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29	CVE-2024-36621	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/rancher-machine	github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29	CVE-2024-36623	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/rancher-machine	golang.org/x/crypto@v0.26.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/rancher-machine	golang.org/x/net@v0.28.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/runc	golang.org/x/net@v0.24.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/telemetry	github.com/rancher/norman@v0.0.0-20210709145327-afd06f533ca3	CVE-2023-32193	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/telemetry	golang.org/x/crypto@v0.14.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.10.1	false	Harvester master	usr/bin/telemetry	golang.org/x/net@v0.17.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/rke2-cloud-provider:v1.31.2-0.20241016053446-0955fa330f90-build20241016	false	Harvester master	usr/local/bin/rke2-cloud-provider	golang.org/x/crypto@v0.27.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rke2-cloud-provider:v1.31.2-0.20241016053446-0955fa330f90-build20241016	false	Harvester master	usr/local/bin/rke2-cloud-provider	golang.org/x/net@v0.28.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/rke2-runtime:v1.31.4-rke2r1	false	Harvester master	bin/containerd	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.45.0	CVE-2023-47108	none	not affected	vulnerable code not in execute path	gobinary
rancher/rke2-runtime:v1.31.4-rke2r1	false	Harvester master	bin/containerd	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rke2-runtime:v1.31.4-rke2r1	false	Harvester master	bin/containerd	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/rke2-runtime:v1.31.4-rke2r1	false	Harvester master	bin/containerd-shim-runc-v2	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/rke2-runtime:v1.31.4-rke2r1	false	Harvester master	bin/crictl	golang.org/x/net@v0.28.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/rke2-runtime:v1.31.4-rke2r1	false	Harvester master	bin/ctr	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/rke2-runtime:v1.31.4-rke2r1	false	Harvester master	bin/kubectl	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/rke2-runtime:v1.31.4-rke2r1	false	Harvester master	bin/kubelet	go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0	CVE-2023-45142	none	not affected	vulnerable code not present	gobinary
rancher/rke2-runtime:v1.31.4-rke2r1	false	Harvester master	bin/kubelet	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/rke2-runtime:v1.31.4-rke2r1	false	Harvester master	bin/kubelet	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/rke2-runtime:v1.31.4-rke2r1	false	Harvester master	bin/runc	golang.org/x/net@v0.24.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/helm	golang.org/x/crypto@v0.26.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/helm	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/k9s	github.com/docker/docker@v26.0.1+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/k9s	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/k9s	golang.org/x/net@v0.24.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/shell:v0.3.0	false	Harvester master	usr/local/bin/kubectl	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/system-agent-installer-rancher:v2.10.1	false	Harvester master	helm	golang.org/x/crypto@v0.26.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/system-agent-installer-rancher:v2.10.1	false	Harvester master	helm	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/system-agent:v0.3.11-suc	false	Harvester master	opt/rancher-system-agent-suc/rancher-system-agent	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/system-agent:v0.3.11-suc	false	Harvester master	opt/rancher-system-agent-suc/rancher-system-agent	golang.org/x/net@v0.26.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
rancher/system-agent:v0.3.11-suc	false	Harvester master	usr/bin/kubectl	golang.org/x/net@v0.23.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
rancher/system-upgrade-controller:v0.14.2	false	Harvester master	bin/system-upgrade-controller	golang.org/x/net@v0.28.0	CVE-2024-45338	none	not affected	vulnerable code not in execute path	gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.3	false	Harvester master	snapshot-controller	golang.org/x/net@v0.17.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3	false	Harvester master	snapshot-validation-webhook	golang.org/x/net@v0.17.0	CVE-2024-45338	none	not affected	vulnerable code not present	gobinary