SUSE Rancher - Harvester master version - CVE Scans - 2025-10-17

How to use this page

You can click a column header to sort by column.
Use the search bar below to filter the results by image (and version/tag), if the image is mirrored or made by SUSE (true/false),
release, affected binary, vulnerable dependency (and its version), vulnerability ID (CVE, GHSA, SUSE-SU etc.), severity,
status (if affected or not affected/false-positive), justification (for false-positives),
vulnerability type (related to the programming language or container OS).
The search functionality might execute a bit slow depending on the number of vulnerabilities displayed in the page.
False-positive CVEs that are removed with VEX have the status as "not affected" with the severity set to "none",
because they do not affect the binary/package/image. The justification explains why they are false-positives,
according to the VEX statuses as explained in KB 000021573.
For further instructions about scanned versions, scanning frequency, tooling and false-positives, please consult the main instructions.
The severity (CVSS rating) of some CVEs in the portal might differ from the original severity reported by some vendors and security scanners.
This happens, because SUSE recalculates the CVSS rating of CVEs based on criteria, like: applicability and difficulty of the issue being
exploited in the wild; how it can actually affect the confidentiality, integrity and availability of SUSE's products etc. CVEs that had their CVSS
severity rating changed, either decreased or increased, will have the distinctive tag '*' close to its severity.

Search:

Image	Mirrored	Release	Binary/Package	Dependency	Vulnerability ID (CVE)	Severity	Status	Justification (for status not affected)	Type (language or OS)
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.9.2	false	Harvester master	ip-control-loop	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.9.2	false	Harvester master	node-slice-controller	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.9.2	false	Harvester master	whereabouts	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
ghcr.io/kube-vip/kube-vip-iptables:v0.9.2	false	Harvester master	kube-vip	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
kubeovn/kube-ovn:v1.13.13	false	Harvester master	kube-ovn/kube-ovn	stdlib@v1.23.9	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
kubeovn/kube-ovn:v1.13.13	false	Harvester master	kube-ovn/kube-ovn-cmd	stdlib@v1.23.9	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
kubeovn/kube-ovn:v1.13.13	false	Harvester master	kube-ovn/kube-ovn-controller	stdlib@v1.23.9	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
kubeovn/kube-ovn:v1.13.13	false	Harvester master	kube-ovn/kube-ovn-daemon	stdlib@v1.23.9	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
kubeovn/kube-ovn:v1.13.13	false	Harvester master	loopback	stdlib@v1.23.9	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
kubeovn/kube-ovn:v1.13.13	false	Harvester master	macvlan	stdlib@v1.23.9	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
kubeovn/kube-ovn:v1.13.13	false	Harvester master	portmap	stdlib@v1.23.9	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
kubeovn/kube-ovn:v1.13.13	false	Harvester master	usr/bin/gobgp	stdlib@v1.24.3	CVE-2025-22874	HIGH	affected		gobinary
kubeovn/kube-ovn:v1.13.13	false	Harvester master	usr/bin/gobgp	stdlib@v1.24.3	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
kubeovn/kube-ovn:v1.13.13	false	Harvester master	usr/bin/kubectl	stdlib@v1.23.9	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
longhornio/backing-image-manager:v1.10.0	false	Harvester master	iperf	iperf@3.19.1-lp156.95.1	SUSE-SU-2025:02749-1	HIGH	affected		sles
longhornio/backing-image-manager:v1.10.0	false	Harvester master	libexpat1	libexpat1@2.7.1-150700.3.3.1	SUSE-SU-2025:03508-1	HIGH	affected		sles
longhornio/backing-image-manager:v1.10.0	false	Harvester master	libiperf0	libiperf0@3.19.1-lp156.95.1	SUSE-SU-2025:02749-1	HIGH	affected		sles
longhornio/backing-image-manager:v1.10.0	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/backing-image-manager:v1.10.0	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/backing-image-manager:v1.10.0	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-cli:v1.10.0	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-cli:v1.10.0	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-cli:v1.10.0	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-engine:v1.10.0	false	Harvester master	libexpat1	libexpat1@2.7.1-150700.3.3.1	SUSE-SU-2025:03508-1	HIGH	affected		sles
longhornio/longhorn-engine:v1.10.0	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-engine:v1.10.0	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-engine:v1.10.0	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-engine:v1.10.0	false	Harvester master	usr/local/bin/grpc_health_probe	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
longhornio/longhorn-instance-manager:v1.10.0	false	Harvester master	libexpat1	libexpat1@2.7.1-150700.3.3.1	SUSE-SU-2025:03508-1	HIGH	affected		sles
longhornio/longhorn-instance-manager:v1.10.0	false	Harvester master	libopenssl-3-devel	libopenssl-3-devel@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-instance-manager:v1.10.0	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-instance-manager:v1.10.0	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-instance-manager:v1.10.0	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-instance-manager:v1.10.0	false	Harvester master	usr/local/bin/grpc_health_probe	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
longhornio/longhorn-manager:v1.10.0	false	Harvester master	libexpat1	libexpat1@2.7.1-150700.3.3.1	SUSE-SU-2025:03508-1	HIGH	affected		sles
longhornio/longhorn-manager:v1.10.0	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-manager:v1.10.0	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-manager:v1.10.0	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-share-manager:v1.10.0	false	Harvester master	libexpat1	libexpat1@2.7.1-150700.3.3.1	SUSE-SU-2025:03508-1	HIGH	affected		sles
longhornio/longhorn-share-manager:v1.10.0	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-share-manager:v1.10.0	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-share-manager:v1.10.0	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-ui:v1.10.0	false	Harvester master	libexpat1	libexpat1@2.7.1-150700.3.3.1	SUSE-SU-2025:03508-1	HIGH	affected		sles
longhornio/longhorn-ui:v1.10.0	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-ui:v1.10.0	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/longhorn-ui:v1.10.0	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/support-bundle-kit:v0.0.69	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/support-bundle-kit:v0.0.69	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
longhornio/support-bundle-kit:v0.0.69	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	git-core	git-core@2.43.0-150600.3.9.1	SUSE-SU-2025:03012-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	libexpat1	libexpat1@2.6.4-150700.1.4	SUSE-SU-2025:03239-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	libexpat1	libexpat1@2.6.4-150700.1.4	SUSE-SU-2025:03508-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	libxml2-2	libxml2-2@2.12.10-150700.4.3.1	SUSE-SU-2025:02617-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/fleet:v0.13.0	false	Harvester master	usr/bin/fleet	github.com/hashicorp/go-getter@v1.7.8	CVE-2025-8959	HIGH	affected		gobinary
rancher/fleet:v0.13.0	false	Harvester master	usr/bin/fleet	github.com/rancher/fleet@v0.13.0	CVE-2024-52284	HIGH	affected		gobinary
rancher/fleet:v0.13.0	false	Harvester master	usr/bin/fleet	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/fleet:v0.13.0	false	Harvester master	usr/bin/fleetcontroller	github.com/hashicorp/go-getter@v1.7.8	CVE-2025-8959	HIGH	affected		gobinary
rancher/fleet:v0.13.0	false	Harvester master	usr/bin/fleetcontroller	github.com/rancher/fleet@v0.13.0	CVE-2024-52284	HIGH	affected		gobinary
rancher/fleet:v0.13.0	false	Harvester master	usr/bin/fleetcontroller	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-addon-resizer:1.8.23-build20250612	false	Harvester master	pod_nanny	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	calicoctl	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/bandwidth	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/bond	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/bridge	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/calico	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/calico-ipam	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/dhcp	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/dummy	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/firewall	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/flannel	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/host-device	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/host-local	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/install	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/ipvlan	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/loopback	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/macvlan	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/portmap	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/ptp	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/sbr	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/static	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/tap	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/tuning	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/vlan	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	opt/cni/bin/vrf	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	usr/bin/calico-node	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	usr/bin/check-status	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	usr/bin/kube-controllers	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	usr/local/bin/flexvol/flexvoldriver	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cluster-autoscaler:v1.10.2-build20250611	false	Harvester master	cluster-proportional-autoscaler	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/bandwidth	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/bond	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/bridge	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/dhcp	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/dummy	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/firewall	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/flannel	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/host-device	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/host-local	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/ipvlan	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/loopback	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/macvlan	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/portmap	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/ptp	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/sbr	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/static	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/tap	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/tuning	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/vlan	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-cni-plugins:v1.7.1-build20250611	false	Harvester master	opt/cni/bin/vrf	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-coredns:v1.12.2-build20250611	false	Harvester master	coredns	github.com/quic-go/quic-go@v0.52.0	CVE-2025-59530	HIGH	affected		gobinary
rancher/hardened-coredns:v1.12.2-build20250611	false	Harvester master	coredns	stdlib@v1.23.10	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-dns-node-cache:1.26.0-build20250611	false	Harvester master	node-cache	github.com/coredns/coredns@v1.12.2	CVE-2025-58063	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-dns-node-cache:1.26.0-build20250611	false	Harvester master	node-cache	github.com/quic-go/quic-go@v0.52.0	CVE-2025-59530	HIGH	affected		gobinary
rancher/hardened-dns-node-cache:1.26.0-build20250611	false	Harvester master	node-cache	stdlib@v1.23.10	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-etcd:v3.5.21-k3s1-build20250612	false	Harvester master	usr/local/bin/etcd	stdlib@v1.23.10	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-etcd:v3.5.21-k3s1-build20250612	false	Harvester master	usr/local/bin/etcdctl	stdlib@v1.23.10	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libexpat1	libexpat1@2.6.4-150700.1.4	SUSE-SU-2025:03239-1	HIGH	affected		sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libexpat1	libexpat1@2.6.4-150700.1.4	SUSE-SU-2025:03508-1	HIGH	affected		sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	opt/bin/flanneld	stdlib@v1.23.10	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-k8s-metrics-server:v0.8.0-build20250704	false	Harvester master	metrics-server	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	curl	curl@8.0.1-150400.5.62.1	SUSE-SU-2025:03267-1	HIGH	affected		sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	libcurl4	libcurl4@8.0.1-150400.5.62.1	SUSE-SU-2025:03267-1	HIGH	affected		sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	libopenssl1_1	libopenssl1_1@1.1.1l-150500.17.40.1	SUSE-SU-2025:03438-1	HIGH	affected		sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	libopenssl1_1-hmac	libopenssl1_1-hmac@1.1.1l-150500.17.40.1	SUSE-SU-2025:03438-1	HIGH	affected		sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	openssl-1_1	openssl-1_1@1.1.1l-150500.17.40.1	SUSE-SU-2025:03438-1	HIGH	affected		sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	usr/local/bin/kube-apiserver	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	usr/local/bin/kube-controller-manager	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	usr/local/bin/kube-proxy	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	usr/local/bin/kube-scheduler	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	usr/local/bin/kubectl	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	usr/local/bin/kubelet	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	cert-approver	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	cert-approver	stdlib@v1.21.11	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	install_multus	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	install_multus	stdlib@v1.21.11	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	kubeconfig_generator	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	kubeconfig_generator	stdlib@v1.21.11	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	thin_entrypoint	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	thin_entrypoint	stdlib@v1.21.11	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	usr/src/multus-cni/bin/multus	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	usr/src/multus-cni/bin/multus	stdlib@v1.21.11	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-eventrouter:master-head	false	Harvester master	usr/bin/eventrouter	github.com/golang/glog@v0.0.0-20160126235308-23def4e6c14b	CVE-2024-45339	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-kubeovn-operator:v1.14.10-dev.0	false	Harvester master	manager	golang.org/x/oauth2@v0.25.0	CVE-2025-22868	HIGH	affected		gobinary
rancher/harvester-load-balancer-webhook:master-head	false	Harvester master	usr/bin/harvester-load-balancer-webhook	github.com/rancher/rancher@v0.0.0-20241119020906-df45e368c82d	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-load-balancer-webhook:master-head	false	Harvester master	usr/bin/harvester-load-balancer-webhook	github.com/rancher/rancher@v0.0.0-20241119020906-df45e368c82d	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester-load-balancer-webhook:master-head	false	Harvester master	usr/bin/harvester-load-balancer-webhook	github.com/rancher/rancher@v0.0.0-20241119020906-df45e368c82d	CVE-2024-58259	HIGH	affected		gobinary
rancher/harvester-node-disk-manager-webhook:master-head	false	Harvester master	usr/bin/node-disk-manager-webhook	gopkg.in/yaml.v3@v3.0.0-20220521103104-8f96da9f5d5e	CVE-2022-28948	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-node-disk-manager:master-head	false	Harvester master	usr/bin/node-disk-manager	gopkg.in/yaml.v3@v3.0.0-20220521103104-8f96da9f5d5e	CVE-2022-28948	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/kubectl	stdlib@v1.23.6	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/virtctl	stdlib@v1.22.8	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/wharfie	stdlib@v1.22.9	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/local/bin/elemental	github.com/docker/docker@v23.0.8+incompatible	CVE-2024-41110	CRITICAL	affected		gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/local/bin/elemental	github.com/go-git/go-git/v5@v5.11.0	CVE-2025-21613	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/local/bin/elemental	github.com/go-git/go-git/v5@v5.11.0	CVE-2025-21614	HIGH	affected		gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/local/bin/elemental	github.com/moby/moby@v25.0.1+incompatible	CVE-2024-36621	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/local/bin/elemental	github.com/moby/moby@v25.0.1+incompatible	CVE-2024-36623	HIGH	affected		gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/local/bin/elemental	golang.org/x/crypto@v0.18.0	CVE-2024-45337	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/local/bin/elemental	golang.org/x/crypto@v0.18.0	CVE-2025-22869	HIGH	affected		gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/local/bin/elemental	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-vm-import-controller:main-head	false	Harvester master	usr/bin/vm-import-controller	github.com/opencontainers/runc@v1.1.13	CVE-2024-45310	LOW*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-webhook:master-head	false	Harvester master	usr/bin/harvester-webhook	github.com/rancher/rancher@v0.0.0-20250828140533-07a90f09a491	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-webhook:master-head	false	Harvester master	usr/bin/harvester-webhook	github.com/rancher/rancher@v0.0.0-20250828140533-07a90f09a491	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester:master-head	false	Harvester master	usr/bin/harvester	github.com/rancher/rancher@v0.0.0-20250828140533-07a90f09a491	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester:master-head	false	Harvester master	usr/bin/harvester	github.com/rancher/rancher@v0.0.0-20250828140533-07a90f09a491	CVE-2021-36775	HIGH	affected		gobinary
rancher/klipper-helm:v0.9.8-build20250709	false	Harvester master	home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/klipper-helm:v0.9.8-build20250709	false	Harvester master	home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/klipper-helm:v0.9.8-build20250709	false	Harvester master	usr/bin/helm	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	google.golang.org/protobuf@v1.31.0	CVE-2024-24786	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2023-45289	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2023-45290	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2024-24783	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2024-24784	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	stdlib@v1.21.7	CVE-2024-24785	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.32.3	false	Harvester master	bin/kubectl	stdlib@v1.23.6	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.33.1	false	Harvester master	bin/kubectl	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/kubectl:v1.33.1	false	Harvester master	bin/kubectl	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	bin/kuberlr	stdlib@v1.23.6	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	usr/bin/kubectl1.31.9	stdlib@v1.23.8	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	usr/bin/kubectl1.32.5	stdlib@v1.23.8	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	usr/bin/kubectl1.33.1	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	usr/bin/kubectl1.33.1	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-cluster-api-controller:v1.10.2	true	Harvester master	manager	stdlib@v1.23.8	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	libc6	libc6@2.36-9+deb12u8	CVE-2025-4802	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	libgnutls30	libgnutls30@3.7.9-2+deb12u3	CVE-2025-32988	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	libgnutls30	libgnutls30@3.7.9-2+deb12u3	CVE-2025-32990	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	libldap-2.5-0	libldap-2.5-0@2.5.13+dfsg-5	CVE-2023-2953	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	liblzma5	liblzma5@5.4.1-0.2	CVE-2025-31115	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	libpq5	libpq5@15.8-0+deb12u1	CVE-2024-10979	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	libpq5	libpq5@15.8-0+deb12u1	CVE-2025-1094	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	libpq5	libpq5@15.8-0+deb12u1	CVE-2025-8714	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	libpq5	libpq5@15.8-0+deb12u1	CVE-2025-8715	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester master	zlib1g	zlib1g@1:1.2.13.dfsg-1	CVE-2023-45853	CRITICAL	affected		debian
rancher/mirrored-grafana-grafana:11.5.5	true	Harvester master	usr/share/grafana/bin/grafana	stdlib@v1.24.3	CVE-2025-22874	HIGH	affected		gobinary
rancher/mirrored-grafana-grafana:11.5.5	true	Harvester master	usr/share/grafana/bin/grafana	stdlib@v1.24.3	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-grafana-grafana:11.5.5	true	Harvester master	usr/share/grafana/bin/grafana-cli	stdlib@v1.24.3	CVE-2025-22874	HIGH	affected		gobinary
rancher/mirrored-grafana-grafana:11.5.5	true	Harvester master	usr/share/grafana/bin/grafana-cli	stdlib@v1.24.3	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-grafana-grafana:11.5.5	true	Harvester master	usr/share/grafana/bin/grafana-server	stdlib@v1.24.3	CVE-2025-22874	HIGH	affected		gobinary
rancher/mirrored-grafana-grafana:11.5.5	true	Harvester master	usr/share/grafana/bin/grafana-server	stdlib@v1.24.3	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.6.0	true	Harvester master	kube-webhook-certgen	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kiwigrid-k8s-sidecar:1.30.0	true	Harvester master	libcrypto3	libcrypto3@3.3.2-r4	CVE-2024-12797	HIGH	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.30.0	true	Harvester master	libssl3	libssl3@3.3.2-r4	CVE-2024-12797	HIGH	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.30.0	true	Harvester master	sqlite-libs	sqlite-libs@3.47.1-r0	CVE-2025-3277	CRITICAL	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.30.0	true	Harvester master	sqlite-libs	sqlite-libs@3.47.1-r0	CVE-2025-6965	CRITICAL	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.30.0	true	Harvester master	sqlite-libs	sqlite-libs@3.47.1-r0	CVE-2025-29087	HIGH	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.30.0	true	Harvester master	xz-libs	xz-libs@5.6.3-r0	CVE-2025-31115	HIGH	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.30.0	true	Harvester master	Python	setuptools@75.8.0	CVE-2025-47273	HIGH	affected		python-pkg
rancher/mirrored-kube-logging-config-reloader:v0.0.6	true	Harvester master	config-reloader	google.golang.org/protobuf@v1.28.1	CVE-2024-24786	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kube-logging-config-reloader:v0.0.6	true	Harvester master	config-reloader	stdlib@v1.23.1	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	ruby	ruby@3.3.6-r0	CVE-2025-27219	HIGH	affected		alpine
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	ruby-libs	ruby-libs@3.3.6-r0	CVE-2025-27219	HIGH	affected		alpine
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	google-protobuf@3.21.12	CVE-2024-7254	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	net-imap@0.3.4.1	CVE-2025-43857	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	net-imap@0.4.19	CVE-2025-43857	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	nokogiri@1.18.4	GHSA-353f-x4gh-cqq8	CRITICAL	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	rack@3.0.14	CVE-2025-46727	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	rack@3.0.14	CVE-2025-61770	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	rack@3.0.14	CVE-2025-61771	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	rack@3.0.14	CVE-2025-61772	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	rack@3.0.14	CVE-2025-61919	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	rexml@3.2.6	CVE-2024-49761	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	rexml@3.3.2	CVE-2024-49761	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester master	Ruby	webrick@1.8.1	CVE-2024-47220	HIGH	affected		gemspec
rancher/mirrored-kube-logging-logging-operator:4.10.0	true	Harvester master	manager	stdlib@v1.23.1	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.15.0	true	Harvester master	kube-state-metrics	golang.org/x/crypto@v0.31.0	CVE-2025-22869	HIGH	affected		gobinary
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.15.0	true	Harvester master	kube-state-metrics	golang.org/x/oauth2@v0.24.0	CVE-2025-22868	HIGH	affected		gobinary
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.15.0	true	Harvester master	kube-state-metrics	stdlib@v1.23.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-library-nginx:1.27.2-alpine	true	Harvester master	libcrypto3	libcrypto3@3.3.2-r1	CVE-2024-12797	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.27.2-alpine	true	Harvester master	libexpat	libexpat@2.6.4-r0	CVE-2024-8176	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.27.2-alpine	true	Harvester master	libssl3	libssl3@3.3.2-r1	CVE-2024-12797	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.27.2-alpine	true	Harvester master	libxml2	libxml2@2.12.7-r0	CVE-2024-56171	CRITICAL	affected		alpine
rancher/mirrored-library-nginx:1.27.2-alpine	true	Harvester master	libxml2	libxml2@2.12.7-r0	CVE-2025-24928	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.27.2-alpine	true	Harvester master	libxml2	libxml2@2.12.7-r0	CVE-2025-27113	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.27.2-alpine	true	Harvester master	libxml2	libxml2@2.12.7-r0	CVE-2025-32414	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.27.2-alpine	true	Harvester master	libxml2	libxml2@2.12.7-r0	CVE-2025-32415	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.27.2-alpine	true	Harvester master	libxslt	libxslt@1.1.39-r1	CVE-2024-55549	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.27.2-alpine	true	Harvester master	libxslt	libxslt@1.1.39-r1	CVE-2025-24855	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.27.2-alpine	true	Harvester master	xz-libs	xz-libs@5.6.2-r0	CVE-2025-31115	HIGH	affected		alpine
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	stdlib@v1.22.2	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	stdlib@v1.22.2	CVE-2024-24788	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	stdlib@v1.22.2	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	stdlib@v1.22.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.28.1	true	Harvester master	bin/alertmanager	stdlib@v1.23.7	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.28.1	true	Harvester master	bin/amtool	stdlib@v1.23.7	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-node-exporter:v1.9.0	true	Harvester master	bin/node_exporter	stdlib@v1.23.6	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-admission-webhook:v0.80.1	true	Harvester master	bin/admission-webhook	stdlib@v1.23.6	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.80.1	true	Harvester master	bin/prometheus-config-reloader	stdlib@v1.23.6	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-prometheus-operator:v0.80.1	true	Harvester master	bin/operator	stdlib@v1.23.6	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-sig-storage-snapshot-controller:v8.2.0	true	Harvester master	snapshot-controller	stdlib@v1.23.1	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libopenssl1_1	libopenssl1_1@1.1.1w-150600.5.12.2	SUSE-SU-2025:03443-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libopenssl3	libopenssl3@3.1.4-150600.5.33.1	SUSE-SU-2025:03442-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libpython3_6m1_0	libpython3_6m1_0@3.6.15-150300.10.84.1	SUSE-SU-2025:02778-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	python3-base	python3-base@3.6.15-150300.10.84.1	SUSE-SU-2025:02778-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	dbg	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	nginx-ingress-controller	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	wait-shutdown	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/prom-prometheus:v3.2.1	false	Harvester master	bin/prometheus	stdlib@v1.23.6	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/prom-prometheus:v3.2.1	false	Harvester master	bin/promtool	stdlib@v1.23.6	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher-webhook:v0.9.0-rc.7	false	Harvester master	usr/bin/webhook	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/rancher-webhook:v0.9.0-rc.7	false	Harvester master	usr/bin/webhook	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	libexpat1	libexpat1@2.7.1-150700.3.3.1	SUSE-SU-2025:03508-1	HIGH	affected		sles
rancher/rancher:v2.13.0-alpha2	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29	CVE-2021-21284	LOW*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-linode	stdlib@v1.24.1	CVE-2025-22874	HIGH	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-linode	stdlib@v1.24.1	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/bandwidth	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/bandwidth	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/cni	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/cni	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/containerd	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/containerd	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/containerd-shim-runc-v2	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/containerd-shim-runc-v2	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/etcdctl	stdlib@v1.23.7	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/firewall	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/firewall	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/k3s	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/k3s	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/rancher	github.com/golang-jwt/jwt@v3.2.1+incompatible	CVE-2025-30204	HIGH	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/runc	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/runc	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rke2-cloud-provider:v1.33.1-0.20250516163953-99d91538b132-build20250612	false	Harvester master	usr/local/bin/rke2-cloud-provider	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rke2-runtime:v1.33.3-rke2r1	false	Harvester master	bin/containerd	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rke2-runtime:v1.33.3-rke2r1	false	Harvester master	bin/containerd-shim-runc-v2	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rke2-runtime:v1.33.3-rke2r1	false	Harvester master	bin/crictl	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rke2-runtime:v1.33.3-rke2r1	false	Harvester master	bin/ctr	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rke2-runtime:v1.33.3-rke2r1	false	Harvester master	bin/kubectl	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rke2-runtime:v1.33.3-rke2r1	false	Harvester master	bin/kubelet	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rke2-runtime:v1.33.3-rke2r1	false	Harvester master	bin/runc	stdlib@v1.23.10	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.5.0	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
rancher/shell:v0.5.0	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
rancher/shell:v0.5.0	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
rancher/shell:v0.5.0	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
rancher/shell:v0.5.0	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/shell:v0.5.0	false	Harvester master	usr/local/bin/helm	stdlib@v1.24.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.5.0	false	Harvester master	usr/local/bin/k9s	github.com/hashicorp/go-getter@v1.7.8	CVE-2025-8959	HIGH	affected		gobinary
rancher/shell:v0.5.0	false	Harvester master	usr/local/bin/k9s	github.com/nwaples/rardecode/v2@v2.1.0	CVE-2025-11579	LOW*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.5.0	false	Harvester master	usr/local/bin/k9s	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.5.0	false	Harvester master	usr/local/bin/kubectl	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/shell:v0.5.0	false	Harvester master	usr/local/bin/kubectl	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.5.0	false	Harvester master	usr/local/bin/kustomize	stdlib@v1.22.7	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/support-bundle-kit:master-head	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/support-bundle-kit:master-head	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/support-bundle-kit:master-head	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
rancher/system-agent-installer-rancher:v2.13.0-alpha2	false	Harvester master	helm	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/system-agent:v0.3.14-rc.1-suc	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.1.4-150600.5.36.4	SUSE-SU-2025:03442-1	HIGH	affected		sles
rancher/system-agent:v0.3.14-rc.1-suc	false	Harvester master	libopenssl3	libopenssl3@3.1.4-150600.5.36.4	SUSE-SU-2025:03442-1	HIGH	affected		sles
rancher/system-agent:v0.3.14-rc.1-suc	false	Harvester master	openssl-3	openssl-3@3.1.4-150600.5.36.4	SUSE-SU-2025:03442-1	HIGH	affected		sles
rancher/system-agent:v0.3.14-rc.1-suc	false	Harvester master	usr/bin/kubectl	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
rancher/system-agent:v0.3.14-rc.1-suc	false	Harvester master	usr/bin/kubectl	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/system-upgrade-controller:v0.16.0	false	Harvester master	bin/system-upgrade-controller	stdlib@v1.24.4	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/descheduler/descheduler:v0.33.0	false	Harvester master	bin/descheduler	stdlib@v1.24.2	CVE-2025-22874	HIGH	affected		gobinary
registry.k8s.io/descheduler/descheduler:v0.33.0	false	Harvester master	bin/descheduler	stdlib@v1.24.2	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2023-39325	HIGH	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2023-45283	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2023-29409	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2023-39326	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2023-45289	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2023-45290	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2024-24783	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2024-24784	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	stdlib@v1.20.5	CVE-2024-24785	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-39325	HIGH	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-45283	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2025-47907	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-29409	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-39326	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-45289	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-45290	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2024-24783	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2024-24784	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2024-24785	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	libxml2-2	libxml2-2@2.12.10-150700.4.3.1	SUSE-SU-2025:02617-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	libxml2-2	libxml2-2@2.12.10-150700.4.3.1	SUSE-SU-2025:02617-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	libxml2-2	libxml2-2@2.12.10-150700.4.3.1	SUSE-SU-2025:02617-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	libgnutls30	libgnutls30@3.8.3-150600.4.6.2	SUSE-SU-2025:02595-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	libxml2-2	libxml2-2@2.12.10-150700.4.3.1	SUSE-SU-2025:02617-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	libxml2-2	libxml2-2@2.12.10-150700.4.3.1	SUSE-SU-2025:02617-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	libxml2-2	libxml2-2@2.12.10-150700.4.3.1	SUSE-SU-2025:02617-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	CRITICAL	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	libgnutls30	libgnutls30@3.8.3-150600.4.6.2	SUSE-SU-2025:02595-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	libxml2-2	libxml2-2@2.12.10-150700.4.3.1	SUSE-SU-2025:02617-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/libguestfs-tools:1.6.0-150700.3.8.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/libguestfs-tools:1.6.0-150700.3.8.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/libguestfs-tools:1.6.0-150700.3.8.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/libguestfs-tools:1.6.0-150700.3.8.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/libguestfs-tools:1.6.0-150700.3.8.1	false	Harvester master	libexpat1	libexpat1@2.6.4-150700.1.4	SUSE-SU-2025:03239-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/libguestfs-tools:1.6.0-150700.3.8.1	false	Harvester master	libexpat1	libexpat1@2.6.4-150700.1.4	SUSE-SU-2025:03508-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/libguestfs-tools:1.6.0-150700.3.8.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/libguestfs-tools:1.6.0-150700.3.8.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/libguestfs-tools:1.6.0-150700.3.8.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/libguestfs-tools:1.6.0-150700.3.8.1	false	Harvester master	xen-libs	xen-libs@4.20.1_02-150700.3.8.1	SUSE-SU-2025:03172-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-api:1.6.0-150700.3.8.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-api:1.6.0-150700.3.8.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-api:1.6.0-150700.3.8.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-api:1.6.0-150700.3.8.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-api:1.6.0-150700.3.8.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-api:1.6.0-150700.3.8.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-api:1.6.0-150700.3.8.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-controller:1.6.0-150700.3.8.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-controller:1.6.0-150700.3.8.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-controller:1.6.0-150700.3.8.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-controller:1.6.0-150700.3.8.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-controller:1.6.0-150700.3.8.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-controller:1.6.0-150700.3.8.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-controller:1.6.0-150700.3.8.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-handler:1.6.0-150700.3.8.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-handler:1.6.0-150700.3.8.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-handler:1.6.0-150700.3.8.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-handler:1.6.0-150700.3.8.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-handler:1.6.0-150700.3.8.1	false	Harvester master	libexpat1	libexpat1@2.6.4-150700.1.4	SUSE-SU-2025:03239-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-handler:1.6.0-150700.3.8.1	false	Harvester master	libexpat1	libexpat1@2.6.4-150700.1.4	SUSE-SU-2025:03508-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-handler:1.6.0-150700.3.8.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-handler:1.6.0-150700.3.8.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-handler:1.6.0-150700.3.8.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-launcher:1.6.0-150700.3.8.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-launcher:1.6.0-150700.3.8.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-launcher:1.6.0-150700.3.8.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-launcher:1.6.0-150700.3.8.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-launcher:1.6.0-150700.3.8.1	false	Harvester master	libexpat1	libexpat1@2.6.4-150700.1.4	SUSE-SU-2025:03239-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-launcher:1.6.0-150700.3.8.1	false	Harvester master	libexpat1	libexpat1@2.6.4-150700.1.4	SUSE-SU-2025:03508-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-launcher:1.6.0-150700.3.8.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-launcher:1.6.0-150700.3.8.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-launcher:1.6.0-150700.3.8.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-launcher:1.6.0-150700.3.8.1	false	Harvester master	xen-libs	xen-libs@4.20.1_02-150700.3.8.1	SUSE-SU-2025:03172-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-operator:1.6.0-150700.3.8.1	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-operator:1.6.0-150700.3.8.1	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-operator:1.6.0-150700.3.8.1	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-operator:1.6.0-150700.3.8.1	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-operator:1.6.0-150700.3.8.1	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-operator:1.6.0-150700.3.8.1	false	Harvester master	libopenssl3	libopenssl3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.7/virt-operator:1.6.0-150700.3.8.1	false	Harvester master	openssl-3	openssl-3@3.2.3-150700.5.18.1	SUSE-SU-2025:03546-1	HIGH	affected		sles
kubeovn/kube-ovn:v1.13.13	false	Harvester master	usr/bin/kubectl	golang.org/x/net@v0.26.0	CVE-2025-22870	none	not affected	vulnerable code not in execute path	gobinary
kubeovn/kube-ovn:v1.13.13	false	Harvester master	usr/bin/kubectl	golang.org/x/oauth2@v0.21.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/fleet:v0.13.0	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/fleet:v0.13.0	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/fleet:v0.13.0	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-addon-resizer:1.8.23-build20250612	false	Harvester master	pod_nanny	golang.org/x/net@v0.33.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/hardened-addon-resizer:1.8.23-build20250612	false	Harvester master	pod_nanny	golang.org/x/net@v0.33.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/hardened-addon-resizer:1.8.23-build20250612	false	Harvester master	pod_nanny	golang.org/x/oauth2@v0.24.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	libxml2-2	libxml2-2@2.12.10-150700.4.3.1	SUSE-SU-2025:02617-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-calico:v3.30.2-build20250711	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.2.3-150700.5.10.1	SUSE-SU-2025:03546-1	none	not affected	vulnerable code not present	sles
rancher/hardened-cluster-autoscaler:v1.10.2-build20250611	false	Harvester master	cluster-proportional-autoscaler	golang.org/x/net@v0.36.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/hardened-cluster-autoscaler:v1.10.2-build20250611	false	Harvester master	cluster-proportional-autoscaler	golang.org/x/oauth2@v0.23.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libgnutls30	libgnutls30@3.8.3-150600.4.6.2	SUSE-SU-2025:02595-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	libxml2-2	libxml2-2@2.12.10-150700.4.3.1	SUSE-SU-2025:02617-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-flannel:v0.27.1-build20250710	false	Harvester master	opt/bin/flanneld	golang.org/x/oauth2@v0.23.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.29.1	SUSE-SU-2025:02758-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716	false	Harvester master	usr/local/bin/kubelet	go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0	CVE-2023-45142	none	not affected	vulnerable code not present	gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	cert-approver	golang.org/x/net@v0.28.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	cert-approver	golang.org/x/net@v0.28.0	CVE-2025-22872	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	cert-approver	golang.org/x/oauth2@v0.10.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	kubeconfig_generator	golang.org/x/net@v0.28.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	kubeconfig_generator	golang.org/x/net@v0.28.0	CVE-2025-22872	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	kubeconfig_generator	golang.org/x/oauth2@v0.10.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	usr/src/multus-cni/bin/multus	golang.org/x/net@v0.28.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	usr/src/multus-cni/bin/multus	golang.org/x/net@v0.28.0	CVE-2025-22872	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-multus-cni:v4.2.1-build20250627	false	Harvester master	usr/src/multus-cni/bin/multus	golang.org/x/oauth2@v0.10.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/harvester-eventrouter:master-head	false	Harvester master	usr/bin/eventrouter	github.com/golang-jwt/jwt/v4@v4.2.0	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-eventrouter:master-head	false	Harvester master	usr/bin/eventrouter	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-eventrouter:master-head	false	Harvester master	usr/bin/eventrouter	golang.org/x/crypto@v0.24.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/harvester-eventrouter:master-head	false	Harvester master	usr/bin/eventrouter	golang.org/x/net@v0.26.0	CVE-2025-22870	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-eventrouter:master-head	false	Harvester master	usr/bin/eventrouter	golang.org/x/net@v0.26.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/harvester-eventrouter:master-head	false	Harvester master	usr/bin/eventrouter	golang.org/x/oauth2@v0.21.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/harvester-networkfs-manager:main-head	false	Harvester master	usr/bin/networkfs-manager	golang.org/x/oauth2@v0.23.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/harvester-pcidevices:master-head	false	Harvester master	bin/pcidevices	golang.org/x/net@v0.23.0	CVE-2025-22870	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-pcidevices:master-head	false	Harvester master	bin/pcidevices	golang.org/x/net@v0.23.0	CVE-2025-22872	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-seeder:main-head	false	Harvester master	bin/manager	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-seeder:main-head	false	Harvester master	bin/manager	golang.org/x/crypto@v0.28.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/harvester-seeder:main-head	false	Harvester master	bin/manager	golang.org/x/net@v0.30.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/harvester-seeder:main-head	false	Harvester master	bin/manager	golang.org/x/net@v0.30.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/harvester-seeder:main-head	false	Harvester master	bin/manager	golang.org/x/oauth2@v0.23.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/kubectl	golang.org/x/net@v0.30.0	CVE-2025-22870	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/kubectl	golang.org/x/oauth2@v0.23.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/wharfie	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0	CVE-2023-47108	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/wharfie	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/wharfie	golang.org/x/crypto@v0.21.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/wharfie	golang.org/x/net@v0.23.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/wharfie	golang.org/x/net@v0.23.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/bin/wharfie	golang.org/x/oauth2@v0.10.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/local/bin/harvester-installer	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-upgrade:master-head	false	Harvester master	usr/local/bin/harvester-installer	golang.org/x/net@v0.33.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/harvester-vm-import-controller:main-head	false	Harvester master	usr/bin/vm-import-controller	github.com/golang/glog@v1.2.2	CVE-2024-45339	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-vm-import-controller:main-head	false	Harvester master	usr/bin/vm-import-controller	golang.org/x/net@v0.23.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/harvester-vm-import-controller:main-head	false	Harvester master	usr/bin/vm-import-controller	golang.org/x/net@v0.23.0	CVE-2025-22872	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-vm-import-controller:main-head	false	Harvester master	usr/bin/vm-import-controller	golang.org/x/oauth2@v0.24.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/harvester-webhook:master-head	false	Harvester master	usr/bin/harvester-webhook	github.com/go-jose/go-jose/v3@v3.0.3	CVE-2025-27144	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester:master-head	false	Harvester master	usr/bin/harvester	github.com/go-jose/go-jose/v3@v3.0.3	CVE-2025-27144	none	not affected	vulnerable code not in execute path	gobinary
rancher/klipper-helm:v0.9.8-build20250709	false	Harvester master	home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis	helm.sh/helm/v3@v3.18.4	CVE-2025-55198	none	not affected	vulnerable code not in execute path	gobinary
rancher/klipper-helm:v0.9.8-build20250709	false	Harvester master	home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis	helm.sh/helm/v3@v3.18.4	CVE-2025-55199	none	not affected	vulnerable code not in execute path	gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	golang.org/x/net@v0.19.0	CVE-2025-22870	none	not affected	vulnerable code not in execute path	gobinary
rancher/kubectl:v1.29.2	false	Harvester master	bin/kubectl	golang.org/x/oauth2@v0.10.0	CVE-2025-22868	none	not affected	vulnerable code not in execute path	gobinary
rancher/kubectl:v1.32.3	false	Harvester master	bin/kubectl	golang.org/x/net@v0.30.0	CVE-2025-22870	none	not affected	vulnerable code not in execute path	gobinary
rancher/kubectl:v1.32.3	false	Harvester master	bin/kubectl	golang.org/x/oauth2@v0.23.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	bin/kuberlr	golang.org/x/net@v0.33.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	bin/kuberlr	golang.org/x/net@v0.33.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	bin/kuberlr	golang.org/x/oauth2@v0.23.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	usr/bin/kubectl1.31.9	golang.org/x/net@v0.26.0	CVE-2025-22870	none	not affected	vulnerable code not in execute path	gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	usr/bin/kubectl1.31.9	golang.org/x/oauth2@v0.21.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	usr/bin/kubectl1.32.5	golang.org/x/net@v0.30.0	CVE-2025-22870	none	not affected	vulnerable code not in execute path	gobinary
rancher/kuberlr-kubectl:v5.0.0	false	Harvester master	usr/bin/kubectl1.32.5	golang.org/x/oauth2@v0.23.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-kube-logging-logging-operator:4.10.0	true	Harvester master	manager	golang.org/x/net@v0.29.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-kube-logging-logging-operator:4.10.0	true	Harvester master	manager	golang.org/x/net@v0.29.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-kube-logging-logging-operator:4.10.0	true	Harvester master	manager	golang.org/x/oauth2@v0.21.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	golang.org/x/crypto@v0.22.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	golang.org/x/net@v0.24.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	golang.org/x/net@v0.24.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester master	adapter	golang.org/x/oauth2@v0.18.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.28.1	true	Harvester master	bin/alertmanager	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.28.1	true	Harvester master	bin/alertmanager	golang.org/x/net@v0.33.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.28.1	true	Harvester master	bin/alertmanager	golang.org/x/oauth2@v0.24.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.28.1	true	Harvester master	bin/amtool	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.28.1	true	Harvester master	bin/amtool	golang.org/x/net@v0.33.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.28.1	true	Harvester master	bin/amtool	golang.org/x/oauth2@v0.24.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-node-exporter:v1.9.0	true	Harvester master	bin/node_exporter	golang.org/x/crypto@v0.32.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-node-exporter:v1.9.0	true	Harvester master	bin/node_exporter	golang.org/x/net@v0.33.0	CVE-2025-22870	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-prometheus-node-exporter:v1.9.0	true	Harvester master	bin/node_exporter	golang.org/x/net@v0.33.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-node-exporter:v1.9.0	true	Harvester master	bin/node_exporter	golang.org/x/oauth2@v0.24.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-operator-admission-webhook:v0.80.1	true	Harvester master	bin/admission-webhook	golang.org/x/net@v0.34.0	CVE-2025-22872	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-prometheus-operator-admission-webhook:v0.80.1	true	Harvester master	bin/admission-webhook	golang.org/x/oauth2@v0.25.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.80.1	true	Harvester master	bin/prometheus-config-reloader	golang.org/x/crypto@v0.32.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.80.1	true	Harvester master	bin/prometheus-config-reloader	golang.org/x/net@v0.34.0	CVE-2025-22872	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.80.1	true	Harvester master	bin/prometheus-config-reloader	golang.org/x/oauth2@v0.25.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-operator-prometheus-operator:v0.80.1	true	Harvester master	bin/operator	golang.org/x/net@v0.34.0	CVE-2025-22872	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-prometheus-operator-prometheus-operator:v0.80.1	true	Harvester master	bin/operator	golang.org/x/oauth2@v0.25.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-sig-storage-snapshot-controller:v8.2.0	true	Harvester master	snapshot-controller	golang.org/x/net@v0.31.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-sig-storage-snapshot-controller:v8.2.0	true	Harvester master	snapshot-controller	golang.org/x/net@v0.31.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-sig-storage-snapshot-controller:v8.2.0	true	Harvester master	snapshot-controller	golang.org/x/oauth2@v0.24.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	boost-license1_66_0	boost-license1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libboost_system1_66_0	libboost_system1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libboost_thread1_66_0	libboost_thread1_66_0@1.66.0-12.3.1	SUSE-SU-2025:02536-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libbrotlicommon1	libbrotlicommon1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libbrotlidec1	libbrotlidec1@1.0.7-3.3.1	SUSE-SU-2025:03268-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libcurl4	libcurl4@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libsqlite3-0	libsqlite3-0@3.49.1-150000.3.27.1	SUSE-SU-2025:02672-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libxml2-2	libxml2-2@2.10.3-150500.5.29.1	SUSE-SU-2025:02758-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	curl	curl@8.6.0-150600.4.21.1	SUSE-SU-2025:03198-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	git	git@2.43.0-150600.3.9.1	SUSE-SU-2025:03012-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	git-core	git-core@2.43.0-150600.3.9.1	SUSE-SU-2025:03012-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libopenssl-3-devel	libopenssl-3-devel@3.1.4-150600.5.33.1	SUSE-SU-2025:03442-1	none	not affected	vulnerable code not present	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libopenssl-3-fips-provider	libopenssl-3-fips-provider@3.1.4-150600.5.33.1	SUSE-SU-2025:03442-1	none	not affected	vulnerable code not present	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	libxml2-tools	libxml2-tools@2.10.3-150500.5.29.1	SUSE-SU-2025:02758-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	openssl-3	openssl-3@3.1.4-150600.5.33.1	SUSE-SU-2025:03442-1	none	not affected	vulnerable code not present	sles
rancher/nginx-ingress-controller:v1.12.4-hardened2	false	Harvester master	perl-Git	perl-Git@2.43.0-150600.3.9.1	SUSE-SU-2025:03012-1	none	not affected	vulnerable code cannot be controlled by adversary	sles
rancher/prom-prometheus:v3.2.1	false	Harvester master	bin/prometheus	github.com/golang-jwt/jwt/v5@v5.2.1	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/prom-prometheus:v3.2.1	false	Harvester master	bin/prometheus	golang.org/x/crypto@v0.32.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/prom-prometheus:v3.2.1	false	Harvester master	bin/prometheus	golang.org/x/net@v0.34.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/prom-prometheus:v3.2.1	false	Harvester master	bin/prometheus	golang.org/x/oauth2@v0.25.0	CVE-2025-22868	none	not affected	vulnerable code not in execute path	gobinary
rancher/prom-prometheus:v3.2.1	false	Harvester master	bin/promtool	github.com/golang-jwt/jwt/v5@v5.2.1	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/prom-prometheus:v3.2.1	false	Harvester master	bin/promtool	golang.org/x/crypto@v0.32.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/prom-prometheus:v3.2.1	false	Harvester master	bin/promtool	golang.org/x/net@v0.34.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
rancher/prom-prometheus:v3.2.1	false	Harvester master	bin/promtool	golang.org/x/oauth2@v0.25.0	CVE-2025-22868	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	github.com/golang/glog@v1.2.1	CVE-2024-45339	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29	CVE-2024-36621	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29	CVE-2024-36623	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29	CVE-2021-41091	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29	CVE-2024-24557	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	golang.org/x/crypto@v0.27.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	golang.org/x/crypto@v0.27.0	CVE-2025-22869	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	golang.org/x/net@v0.29.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	golang.org/x/net@v0.29.0	CVE-2025-22872	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	opt/drivers/management-state/bin/docker-machine-driver-harvester	golang.org/x/oauth2@v0.23.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/containerd	github.com/pion/interceptor@v0.1.37	CVE-2025-49140	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/containerd	github.com/quic-go/quic-go@v0.50.1	CVE-2025-59530	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/k3s	github.com/pion/interceptor@v0.1.37	CVE-2025-49140	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/k3s	github.com/quic-go/quic-go@v0.50.1	CVE-2025-59530	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.13.0-alpha2	false	Harvester master	usr/bin/rancher-machine	github.com/golang-jwt/jwt/v4@v4.5.0	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/rke2-runtime:v1.33.3-rke2r1	false	Harvester master	bin/kubelet	go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0	CVE-2023-45142	none	not affected	vulnerable code not present	gobinary
rancher/shell:v0.5.0	false	Harvester master	usr/local/bin/k9s	helm.sh/helm/v3@v3.18.4	CVE-2025-55198	none	not affected	vulnerable code not in execute path	gobinary
rancher/shell:v0.5.0	false	Harvester master	usr/local/bin/k9s	helm.sh/helm/v3@v3.18.4	CVE-2025-55199	none	not affected	vulnerable code not in execute path	gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	golang.org/x/net@v0.17.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	golang.org/x/net@v0.17.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.4	false	Harvester master	snapshot-controller	golang.org/x/oauth2@v0.11.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	golang.org/x/net@v0.17.0	CVE-2025-22870	none	not affected	vulnerable code not present	gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	golang.org/x/net@v0.17.0	CVE-2025-22872	none	not affected	vulnerable code not present	gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.4	false	Harvester master	snapshot-validation-webhook	golang.org/x/oauth2@v0.11.0	CVE-2025-22868	none	not affected	vulnerable code not present	gobinary