SUSE Rancher - Harvester v1.5.0 version - CVE Scans - 2025-04-30

How to use this page

You can click a column header to sort by column.
Use the search bar below to filter the results by image (and version/tag), if the image is mirrored or made by SUSE (true/false),
release, affected binary, vulnerable dependency (and its version), vulnerability ID (CVE, GHSA, SUSE-SU etc.), severity,
status (if affected or not affected/false-positive), justification (for false-positives),
vulnerability type (related to the programming language or container OS).
The search functionality might execute a bit slow depending on the number of vulnerabilities displayed in the page.
False-positive CVEs that are removed with VEX have the status as "not affected" with the severity set to "none",
because they do not affect the binary/package/image. The justification explains why they are false-positives,
according to the VEX statuses as explained in KB 000021573.
For further instructions about scanned versions, scanning frequency, tooling and false-positives, please consult the main instructions.
The severity (CVSS rating) of some CVEs in the portal might differ from the original severity reported by some vendors and security scanners.
This happens, because SUSE recalculates the CVSS rating of CVEs based on criteria, like: applicability and difficulty of the issue being
exploited in the wild; how it can actually affect the confidentiality, integrity and availability of SUSE's products etc. CVEs that had their CVSS
severity rating changed, either decreased or increased, will have the distinctive tag '*' close to its severity.

Search:

Image	Mirrored	Release	Binary/Package	Dependency	Vulnerability ID (CVE)	Severity	Status	Justification (for status not affected)	Type (language or OS)
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0	false	Harvester v1.5.0	libcrypto3	libcrypto3@3.3.1-r3	CVE-2024-12797	HIGH	affected		alpine
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0	false	Harvester v1.5.0	libssl3	libssl3@3.3.1-r3	CVE-2024-12797	HIGH	affected		alpine
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0	false	Harvester v1.5.0	ip-control-loop	stdlib@v1.21.12	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0	false	Harvester v1.5.0	whereabouts	stdlib@v1.21.12	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1	false	Harvester v1.5.0	libcrypto3	libcrypto3@3.3.1-r0	CVE-2024-12797	HIGH	affected		alpine
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1	false	Harvester v1.5.0	libssl3	libssl3@3.3.1-r0	CVE-2024-12797	HIGH	affected		alpine
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1	false	Harvester v1.5.0	kube-vip	github.com/osrg/gobgp/v3@v3.27.0	CVE-2025-43971	HIGH	affected		gobinary
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1	false	Harvester v1.5.0	kube-vip	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
longhornio/backing-image-manager:v1.8.1	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
longhornio/backing-image-manager:v1.8.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
longhornio/longhorn-cli:v1.8.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
longhornio/longhorn-engine:v1.8.1	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
longhornio/longhorn-engine:v1.8.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
longhornio/longhorn-instance-manager:v1.8.1	false	Harvester v1.5.0	libexpat1	libexpat1@2.6.4-lp156.226.2	SUSE-SU-2025:1201-1	HIGH	affected		sles
longhornio/longhorn-instance-manager:v1.8.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
longhornio/longhorn-manager:v1.8.1	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
longhornio/longhorn-manager:v1.8.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
longhornio/longhorn-share-manager:v1.8.1	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
longhornio/longhorn-share-manager:v1.8.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
longhornio/longhorn-ui:v1.8.1	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
longhornio/longhorn-ui:v1.8.1	false	Harvester v1.5.0	libfreetype6	libfreetype6@2.10.4-150000.4.15.1	SUSE-SU-2025:0998-1	HIGH	affected		sles
longhornio/longhorn-ui:v1.8.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
longhornio/longhorn-ui:v1.8.1	false	Harvester v1.5.0	libxslt1	libxslt1@1.1.34-150400.3.3.1	SUSE-SU-2025:1125-1	HIGH	affected		sles
longhornio/support-bundle-kit:v0.0.52	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
rancher/fleet:v0.12.0	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
rancher/fleet:v0.12.0	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	git-core	git-core@2.35.3-150300.10.39.1	SUSE-SU-2024:2656-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	glibc	glibc@2.31-150300.74.1	SUSE-SU-2024:1895-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	krb5	krb5@1.20.1-150500.3.6.1	SUSE-SU-2024:2302-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.17.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	libglib-2_0-0	libglib-2_0-0@2.70.5-150400.3.11.1	SUSE-SU-2024:4078-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	libopenssl1_1	libopenssl1_1@1.1.1l-150500.17.28.2	SUSE-SU-2024:2051-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	libopenssl1_1-hmac	libopenssl1_1-hmac@1.1.1l-150500.17.28.2	SUSE-SU-2024:2051-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	libprotobuf-lite25_1_0	libprotobuf-lite25_1_0@25.1-150400.9.6.1	SUSE-SU-2024:3747-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.14.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.14.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	openssl-1_1	openssl-1_1@1.1.1l-150500.17.28.2	SUSE-SU-2024:2051-1	HIGH	affected		sles
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitcloner	github.com/go-git/go-git/v5@v5.11.0	CVE-2025-21613	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitcloner	github.com/go-git/go-git/v5@v5.11.0	CVE-2025-21614	HIGH	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitcloner	golang.org/x/crypto@v0.22.0	CVE-2025-22869	HIGH	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitcloner	stdlib@v1.21.10	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitcloner	stdlib@v1.21.10	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitjob	github.com/go-git/go-git/v5@v5.11.0	CVE-2025-21613	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitjob	github.com/go-git/go-git/v5@v5.11.0	CVE-2025-21614	HIGH	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitjob	golang.org/x/crypto@v0.22.0	CVE-2025-22869	HIGH	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitjob	stdlib@v1.21.10	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitjob	stdlib@v1.21.10	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-calico:v3.29.2-build20250306	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
rancher/hardened-coredns:v1.12.0-build20241126	false	Harvester v1.5.0	coredns	github.com/expr-lang/expr@v1.16.9	CVE-2025-29786	HIGH	affected		gobinary
rancher/hardened-flannel:v0.26.5-build20250306	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
rancher/hardened-flannel:v0.26.5-build20250306	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
rancher/hardened-multus-cni:v4.1.4-build20250108	false	Harvester v1.5.0	cert-approver	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.1.4-build20250108	false	Harvester v1.5.0	install_multus	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.1.4-build20250108	false	Harvester v1.5.0	kubeconfig_generator	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.1.4-build20250108	false	Harvester v1.5.0	thin_entrypoint	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/hardened-multus-cni:v4.1.4-build20250108	false	Harvester v1.5.0	usr/src/multus-cni/bin/multus	stdlib@v1.21.11	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/harvester-load-balancer-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer-webhook	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-load-balancer-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer-webhook	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester-load-balancer-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer-webhook	github.com/rancher/steve@v0.0.0-20221209194631-acf9d31ce0dd	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester-load-balancer:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-load-balancer:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester-load-balancer:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer	github.com/rancher/steve@v0.0.0-20221209194631-acf9d31ce0dd	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester-network-controller:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-controller	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-network-controller:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-controller	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester-network-controller:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-controller	github.com/rancher/steve@v0.0.0-20221209194631-acf9d31ce0dd	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester-network-controller:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-controller	kubevirt.io/kubevirt@v0.54.0	CVE-2023-26484	HIGH	affected		gobinary
rancher/harvester-network-helper:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-helper	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-network-helper:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-helper	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester-network-helper:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-helper	github.com/rancher/steve@v0.0.0-20221209194631-acf9d31ce0dd	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester-network-helper:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-helper	kubevirt.io/kubevirt@v0.54.0	CVE-2023-26484	HIGH	affected		gobinary
rancher/harvester-network-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-webhook	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2019-12274	HIGH	affected		gobinary
rancher/harvester-network-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-webhook	github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803	CVE-2021-36775	HIGH	affected		gobinary
rancher/harvester-network-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-webhook	github.com/rancher/steve@v0.0.0-20221209194631-acf9d31ce0dd	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester-network-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-webhook	kubevirt.io/kubevirt@v0.54.0	CVE-2023-26484	HIGH	affected		gobinary
rancher/harvester-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-webhook	github.com/rancher/steve@v0.0.0-20240911190153-79304d93b49b	CVE-2024-52280	HIGH	affected		gobinary
rancher/harvester:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester	github.com/rancher/steve@v0.0.0-20240911190153-79304d93b49b	CVE-2024-52280	HIGH	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester v1.5.0	bin/kubectl	stdlib@v1.21.7	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester v1.5.0	bin/kubectl	stdlib@v1.21.7	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/kubectl:v1.29.2	false	Harvester v1.5.0	bin/kubectl	stdlib@v1.21.7	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester v1.5.0	libldap-2.5-0	libldap-2.5-0@2.5.13+dfsg-5	CVE-2023-2953	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-0.2	CVE-2025-31115	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester v1.5.0	libpq5	libpq5@15.8-0+deb12u1	CVE-2024-10979	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester v1.5.0	libpq5	libpq5@15.8-0+deb12u1	CVE-2025-1094	HIGH	affected		debian
rancher/mirrored-fluent-fluent-bit:3.1.8	true	Harvester v1.5.0	zlib1g	zlib1g@1:1.2.13.dfsg-1	CVE-2023-45853	CRITICAL	affected		debian
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	curl	curl@8.5.0-r0	CVE-2024-2398	HIGH	affected		alpine
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	curl	curl@8.5.0-r0	CVE-2024-6197	HIGH	affected		alpine
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	libcurl	libcurl@8.5.0-r0	CVE-2024-2398	HIGH	affected		alpine
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	libcurl	libcurl@8.5.0-r0	CVE-2024-6197	HIGH	affected		alpine
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	usr/share/grafana/bin/grafana	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	usr/share/grafana/bin/grafana-cli	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	usr/share/grafana/bin/grafana-server	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.4.3	true	Harvester v1.5.0	kube-webhook-certgen	stdlib@v1.22.6	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester v1.5.0	libcrypto3	libcrypto3@3.3.0-r2	CVE-2024-12797	HIGH	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester v1.5.0	libexpat	libexpat@2.6.2-r0	CVE-2024-45491	CRITICAL	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester v1.5.0	libexpat	libexpat@2.6.2-r0	CVE-2024-45492	CRITICAL	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester v1.5.0	libexpat	libexpat@2.6.2-r0	CVE-2024-45490	HIGH	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester v1.5.0	libexpat	libexpat@2.6.2-r0	CVE-2024-8176	HIGH	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester v1.5.0	libssl3	libssl3@3.3.0-r2	CVE-2024-12797	HIGH	affected		alpine
rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4	true	Harvester v1.5.0	xz-libs	xz-libs@5.6.1-r3	CVE-2025-31115	HIGH	affected		alpine
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester v1.5.0	ruby	ruby@3.3.6-r0	CVE-2025-27219	HIGH	affected		alpine
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester v1.5.0	ruby-libs	ruby-libs@3.3.6-r0	CVE-2025-27219	HIGH	affected		alpine
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester v1.5.0	Ruby	google-protobuf@3.21.12	CVE-2024-7254	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester v1.5.0	Ruby	rexml@3.2.6	CVE-2024-49761	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester v1.5.0	Ruby	rexml@3.3.2	CVE-2024-49761	HIGH	affected		gemspec
rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full	true	Harvester v1.5.0	Ruby	webrick@1.8.1	CVE-2024-47220	HIGH	affected		gemspec
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0	true	Harvester v1.5.0	kube-state-metrics	golang.org/x/crypto@v0.21.0	CVE-2024-45337	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0	true	Harvester v1.5.0	kube-state-metrics	golang.org/x/crypto@v0.21.0	CVE-2025-22869	HIGH	affected		gobinary
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0	true	Harvester v1.5.0	kube-state-metrics	stdlib@v1.21.8	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0	true	Harvester v1.5.0	kube-state-metrics	stdlib@v1.21.8	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0	true	Harvester v1.5.0	kube-state-metrics	stdlib@v1.21.8	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester v1.5.0	curl	curl@8.5.0-r0	CVE-2024-2398	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester v1.5.0	curl	curl@8.5.0-r0	CVE-2024-6197	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester v1.5.0	libcurl	libcurl@8.5.0-r0	CVE-2024-2398	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester v1.5.0	libcurl	libcurl@8.5.0-r0	CVE-2024-6197	HIGH	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester v1.5.0	libexpat	libexpat@2.6.2-r0	CVE-2024-45491	CRITICAL	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester v1.5.0	libexpat	libexpat@2.6.2-r0	CVE-2024-45492	CRITICAL	affected		alpine
rancher/mirrored-library-nginx:1.24.0-alpine	true	Harvester v1.5.0	libexpat	libexpat@2.6.2-r0	CVE-2024-45490	HIGH	affected		alpine
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester v1.5.0	adapter	stdlib@v1.22.2	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester v1.5.0	adapter	stdlib@v1.22.2	CVE-2024-24788	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester v1.5.0	adapter	stdlib@v1.22.2	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester v1.5.0	bin/alertmanager	stdlib@v1.21.7	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester v1.5.0	bin/alertmanager	stdlib@v1.21.7	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester v1.5.0	bin/alertmanager	stdlib@v1.21.7	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester v1.5.0	bin/amtool	stdlib@v1.21.7	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester v1.5.0	bin/amtool	stdlib@v1.21.7	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester v1.5.0	bin/amtool	stdlib@v1.21.7	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-node-exporter:v1.8.2	true	Harvester v1.5.0	bin/node_exporter	stdlib@v1.22.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-admission-webhook:v0.75.1	true	Harvester v1.5.0	bin/admission-webhook	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1	true	Harvester v1.5.0	bin/prometheus-config-reloader	golang.org/x/crypto@v0.24.0	CVE-2024-45337	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1	true	Harvester v1.5.0	bin/prometheus-config-reloader	golang.org/x/crypto@v0.24.0	CVE-2025-22869	HIGH	affected		gobinary
rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1	true	Harvester v1.5.0	bin/prometheus-config-reloader	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-operator-prometheus-operator:v0.75.1	true	Harvester v1.5.0	bin/operator	stdlib@v1.22.4	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester v1.5.0	bin/prometheus	stdlib@v1.22.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester v1.5.0	bin/promtool	stdlib@v1.22.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/nginx-ingress-controller:v1.12.1-hardened1	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
rancher/nginx-ingress-controller:v1.12.1-hardened1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	xz	xz@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	usr/bin/agent	github.com/golang-jwt/jwt@v3.2.1+incompatible	CVE-2025-30204	HIGH	affected		gobinary
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	usr/bin/agent	github.com/golang-jwt/jwt/v4@v4.5.1	CVE-2025-30204	HIGH	affected		gobinary
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	usr/bin/agent	github.com/golang-jwt/jwt/v5@v5.2.1	CVE-2025-30204	HIGH	affected		gobinary
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	usr/bin/agent	github.com/rancher/rancher@v2.11.0	CVE-2024-22031	HIGH	affected		gobinary
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	usr/bin/agent	github.com/rancher/steve@v0.5.10	CVE-2023-32198	HIGH	affected		gobinary
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	usr/bin/kubectl	stdlib@v1.20.13	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	usr/bin/kubectl	stdlib@v1.20.13	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	usr/bin/kubectl	stdlib@v1.20.13	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
rancher/rancher:v2.11.0	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
rancher/rancher:v2.11.0	false	Harvester v1.5.0	xz	xz@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
rancher/rancher:v2.11.0	false	Harvester v1.5.0	opt/drivers/management-state/bin/docker-machine-driver-linode	golang.org/x/crypto@v0.22.0	CVE-2025-22869	HIGH	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	opt/drivers/management-state/bin/docker-machine-driver-linode	stdlib@v1.22.2	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	opt/drivers/management-state/bin/docker-machine-driver-linode	stdlib@v1.22.2	CVE-2024-24788	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	opt/drivers/management-state/bin/docker-machine-driver-linode	stdlib@v1.22.2	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/rancher	github.com/golang-jwt/jwt@v3.2.1+incompatible	CVE-2025-30204	HIGH	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/rancher	github.com/golang-jwt/jwt/v4@v4.5.1	CVE-2025-30204	HIGH	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/rancher	github.com/golang-jwt/jwt/v5@v5.2.1	CVE-2025-30204	HIGH	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/rancher	github.com/rancher/rancher@v2.11.0	CVE-2024-22031	HIGH	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/rancher	github.com/rancher/steve@v0.5.10	CVE-2023-32198	HIGH	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/rancher-machine	golang.org/x/crypto@v0.26.0	CVE-2025-22869	HIGH	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/share/rancher/ui/assets/wins.exe	golang.org/x/crypto@v0.30.0	CVE-2024-45337	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/share/rancher/ui/assets/wins.exe	golang.org/x/crypto@v0.30.0	CVE-2025-22869	HIGH	affected		gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/k9s	github.com/go-git/go-git/v5@v5.12.0	CVE-2025-21613	HIGH*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/k9s	github.com/go-git/go-git/v5@v5.12.0	CVE-2025-21614	HIGH	affected		gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/k9s	github.com/hashicorp/go-getter@v1.7.4	CVE-2024-6257	HIGH	affected		gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/k9s	github.com/mholt/archiver/v3@v3.5.1	CVE-2025-3445	HIGH	affected		gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/k9s	golang.org/x/crypto@v0.22.0	CVE-2025-22869	HIGH	affected		gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/k9s	stdlib@v1.22.0	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/k9s	stdlib@v1.22.0	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/k9s	stdlib@v1.22.0	CVE-2024-24788	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/k9s	stdlib@v1.22.0	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/shell:v0.4.0	false	Harvester v1.5.0	usr/local/bin/k9s	golang.org/x/crypto@v0.32.0	CVE-2025-22869	HIGH	affected		gobinary
rancher/support-bundle-kit:v0.0.46	false	Harvester v1.5.0	libglib-2_0-0	libglib-2_0-0@2.78.6-150600.4.3.1	SUSE-SU-2024:4254-1	HIGH	affected		sles
rancher/support-bundle-kit:v0.0.46	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
rancher/support-bundle-kit:v0.0.46	false	Harvester v1.5.0	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/support-bundle-kit:v0.0.46	false	Harvester v1.5.0	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
rancher/support-bundle-kit:v0.0.46	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
rancher/support-bundle-kit:v0.0.46	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
rancher/support-bundle-kit:v0.0.46	false	Harvester v1.5.0	usr/bin/yq	stdlib@v1.22.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
rancher/system-agent:v0.3.12-suc	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.k8s.io/sig-storage/snapshot-controller:v6.3.3	false	Harvester v1.5.0	snapshot-controller	stdlib@v1.20.5	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.3	false	Harvester v1.5.0	snapshot-controller	stdlib@v1.20.5	CVE-2023-39325	HIGH	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.3	false	Harvester v1.5.0	snapshot-controller	stdlib@v1.20.5	CVE-2023-45283	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.3	false	Harvester v1.5.0	snapshot-controller	stdlib@v1.20.5	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-controller:v6.3.3	false	Harvester v1.5.0	snapshot-controller	stdlib@v1.20.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3	false	Harvester v1.5.0	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2024-24790	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3	false	Harvester v1.5.0	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-39325	HIGH	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3	false	Harvester v1.5.0	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-45283	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3	false	Harvester v1.5.0	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2023-45288	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3	false	Harvester v1.5.0	snapshot-validation-webhook	stdlib@v1.20.5	CVE-2024-34156	MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating	affected		gobinary
registry.suse.com/suse/sles/15.6/cdi-apiserver:1.61.0-150600.3.12.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-apiserver:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-apiserver:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-apiserver:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-apiserver:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-cloner:1.61.0-150600.3.12.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-cloner:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-cloner:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-cloner:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-cloner:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-controller:1.61.0-150600.3.12.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-controller:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-controller:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-controller:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-controller:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-importer:1.61.0-150600.3.12.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-importer:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-importer:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-importer:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-importer:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-operator:1.61.0-150600.3.12.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-operator:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-operator:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-operator:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-operator:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadproxy:1.61.0-150600.3.12.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadproxy:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadproxy:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadproxy:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadproxy:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadserver:1.61.0-150600.3.12.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadserver:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1	libtasn1@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadserver:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libtasn1-6	libtasn1-6@4.13-150000.4.8.1	SUSE-SU-2025:0548-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadserver:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0348-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/cdi-uploadserver:1.61.0-150600.3.12.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.17.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/libguestfs-tools:1.4.0-150600.5.15.1	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/libguestfs-tools:1.4.0-150600.5.15.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/libguestfs-tools:1.4.0-150600.5.15.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/libguestfs-tools:1.4.0-150600.5.15.1	false	Harvester v1.5.0	libxslt1	libxslt1@1.1.34-150400.3.3.1	SUSE-SU-2025:1125-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/libguestfs-tools:1.4.0-150600.5.15.1	false	Harvester v1.5.0	xz	xz@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-api:1.4.0-150600.5.15.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-api:1.4.0-150600.5.15.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-controller:1.4.0-150600.5.15.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-controller:1.4.0-150600.5.15.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-handler:1.4.0-150600.5.15.1	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-handler:1.4.0-150600.5.15.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-handler:1.4.0-150600.5.15.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-launcher:1.4.0-150600.5.15.1	false	Harvester v1.5.0	libexpat1	libexpat1@2.4.4-150400.3.25.1	SUSE-SU-2025:1201-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-launcher:1.4.0-150600.5.15.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-launcher:1.4.0-150600.5.15.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-launcher:1.4.0-150600.5.15.1	false	Harvester v1.5.0	xz	xz@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-operator:1.4.0-150600.5.15.1	false	Harvester v1.5.0	liblzma5	liblzma5@5.4.1-150600.1.2	SUSE-SU-2025:1137-1	HIGH	affected		sles
registry.suse.com/suse/sles/15.6/virt-operator:1.4.0-150600.5.15.1	false	Harvester v1.5.0	libxml2-2	libxml2-2@2.10.3-150500.5.20.1	SUSE-SU-2025:0746-1	HIGH	affected		sles
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1	false	Harvester v1.5.0	kube-vip	golang.org/x/crypto@v0.23.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
ghcr.io/kube-vip/kube-vip-iptables:v0.8.1	false	Harvester v1.5.0	kube-vip	golang.org/x/crypto@v0.23.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
longhornio/longhorn-engine:v1.8.1	false	Harvester v1.5.0	usr/local/bin/grpc_health_probe	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
longhornio/longhorn-instance-manager:v1.8.1	false	Harvester v1.5.0	usr/local/bin/grpc_health_probe	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
longhornio/longhorn-manager:v1.8.1	false	Harvester v1.5.0	usr/local/sbin/longhorn-manager	golang.org/x/crypto@v0.32.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitcloner	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/gitjob:v0.9.8	false	Harvester v1.5.0	usr/bin/gitjob	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-calico:v3.29.2-build20250306	false	Harvester v1.5.0	calicoctl	golang.org/x/crypto@v0.32.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.2-build20250306	false	Harvester v1.5.0	opt/cni/bin/calico	golang.org/x/crypto@v0.32.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.2-build20250306	false	Harvester v1.5.0	opt/cni/bin/calico-ipam	golang.org/x/crypto@v0.32.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.2-build20250306	false	Harvester v1.5.0	usr/bin/calico-node	golang.org/x/crypto@v0.32.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-calico:v3.29.2-build20250306	false	Harvester v1.5.0	usr/bin/kube-controllers	golang.org/x/crypto@v0.32.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-coredns:v1.12.0-build20241126	false	Harvester v1.5.0	coredns	github.com/golang-jwt/jwt/v4@v4.5.1	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-coredns:v1.12.0-build20241126	false	Harvester v1.5.0	coredns	golang.org/x/crypto@v0.29.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-coredns:v1.12.0-build20241126	false	Harvester v1.5.0	coredns	golang.org/x/crypto@v0.29.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-dns-node-cache:1.24.0-build20241211	false	Harvester v1.5.0	node-cache	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-dns-node-cache:1.24.0-build20241211	false	Harvester v1.5.0	node-cache	golang.org/x/crypto@v0.22.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-etcd:v3.5.19-k3s1-build20250306	false	Harvester v1.5.0	usr/local/bin/etcd	github.com/golang-jwt/jwt/v4@v4.5.1	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-etcd:v3.5.19-k3s1-build20250306	false	Harvester v1.5.0	usr/local/bin/etcdctl	github.com/golang-jwt/jwt/v4@v4.5.1	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-flannel:v0.26.5-build20250306	false	Harvester v1.5.0	opt/bin/flanneld	golang.org/x/crypto@v0.32.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-k8s-metrics-server:v0.7.2-build20250110	false	Harvester v1.5.0	metrics-server	golang.org/x/crypto@v0.26.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/hardened-k8s-metrics-server:v0.7.2-build20250110	false	Harvester v1.5.0	metrics-server	golang.org/x/crypto@v0.26.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kube-apiserver	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kube-apiserver	golang.org/x/crypto@v0.28.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kube-controller-manager	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kube-controller-manager	golang.org/x/crypto@v0.28.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kube-proxy	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kube-proxy	golang.org/x/crypto@v0.28.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kube-scheduler	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kube-scheduler	golang.org/x/crypto@v0.28.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kubeadm	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kubeadm	golang.org/x/crypto@v0.28.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kubelet	go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0	CVE-2023-45142	none	not affected	vulnerable code not present	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kubelet	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/hardened-kubernetes:v1.32.3-rke2r1-build20250312	false	Harvester v1.5.0	usr/local/bin/kubelet	golang.org/x/crypto@v0.28.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/harvester-eventrouter:v1.5.0-dev.0	false	Harvester v1.5.0	usr/bin/eventrouter	github.com/golang-jwt/jwt/v4@v4.2.0	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-eventrouter:v1.5.0-dev.0	false	Harvester v1.5.0	usr/bin/eventrouter	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-eventrouter:v1.5.0-dev.0	false	Harvester v1.5.0	usr/bin/eventrouter	golang.org/x/crypto@v0.21.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/harvester-load-balancer-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer-webhook	github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7	CVE-2023-32192	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer-webhook	github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99	CVE-2023-32193	none	not affected	vulnerable code not present	gobinary
rancher/harvester-load-balancer-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer-webhook	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1	CVE-2023-45142	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer-webhook	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer-webhook	golang.org/x/crypto@v0.21.0	CVE-2025-22869	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer	github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7	CVE-2023-32192	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer	github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99	CVE-2023-32193	none	not affected	vulnerable code not present	gobinary
rancher/harvester-load-balancer:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1	CVE-2023-45142	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-load-balancer:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-load-balancer	golang.org/x/crypto@v0.21.0	CVE-2025-22869	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-network-controller:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-controller	github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7	CVE-2023-32192	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-controller:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-controller	github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99	CVE-2023-32193	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-controller:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-controller	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0	CVE-2023-45142	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-network-controller:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-controller	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-network-controller:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-controller	kubevirt.io/kubevirt@v0.54.0	GHSA-qv98-3369-g364	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-helper:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-helper	github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7	CVE-2023-32192	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-helper:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-helper	github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99	CVE-2023-32193	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-helper:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-helper	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0	CVE-2023-45142	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-network-helper:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-helper	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-network-helper:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-helper	kubevirt.io/kubevirt@v0.54.0	GHSA-qv98-3369-g364	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-webhook	github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7	CVE-2023-32192	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-webhook	github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99	CVE-2023-32193	none	not affected	vulnerable code not present	gobinary
rancher/harvester-network-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-webhook	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0	CVE-2023-45142	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-network-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-webhook	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-network-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-network-webhook	kubevirt.io/kubevirt@v0.54.0	GHSA-qv98-3369-g364	none	not affected	vulnerable code not present	gobinary
rancher/harvester-node-disk-manager-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/node-disk-manager-webhook	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/harvester-node-disk-manager:v1.5.0	false	Harvester v1.5.0	usr/bin/node-disk-manager	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/harvester-node-manager-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-node-manager-webhook	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-node-manager-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-node-manager-webhook	golang.org/x/crypto@v0.22.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/harvester-pcidevices:v1.5.0	false	Harvester v1.5.0	bin/pcidevices	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-pcidevices:v1.5.0	false	Harvester v1.5.0	bin/pcidevices	golang.org/x/crypto@v0.21.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/harvester-seeder:v1.5.0	false	Harvester v1.5.0	bin/manager	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-seeder:v1.5.0	false	Harvester v1.5.0	bin/manager	golang.org/x/crypto@v0.21.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/harvester-upgrade:v1.5.0	false	Harvester v1.5.0	usr/bin/wharfie	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0	CVE-2023-47108	none	not affected	vulnerable code not in execute path	gobinary
rancher/harvester-upgrade:v1.5.0	false	Harvester v1.5.0	usr/bin/wharfie	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/harvester-upgrade:v1.5.0	false	Harvester v1.5.0	usr/bin/wharfie	golang.org/x/crypto@v0.21.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/harvester-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-webhook	github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1	CVE-2019-12274	none	not affected	vulnerable code not present	gobinary
rancher/harvester-webhook:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester-webhook	github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1	CVE-2021-36775	none	not affected	vulnerable code not present	gobinary
rancher/harvester:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester	github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1	CVE-2019-12274	none	not affected	vulnerable code not present	gobinary
rancher/harvester:v1.5.0	false	Harvester v1.5.0	usr/bin/harvester	github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1	CVE-2021-36775	none	not affected	vulnerable code not present	gobinary
rancher/klipper-helm:v0.9.4-build20250113	false	Harvester v1.5.0	libcrypto3	libcrypto3@3.3.2-r4	CVE-2024-12797	none	not affected	vulnerable code cannot be controlled by adversary	alpine
rancher/klipper-helm:v0.9.4-build20250113	false	Harvester v1.5.0	libssl3	libssl3@3.3.2-r4	CVE-2024-12797	none	not affected	vulnerable code cannot be controlled by adversary	alpine
rancher/klipper-helm:v0.9.4-build20250113	false	Harvester v1.5.0	home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis	golang.org/x/crypto@v0.26.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/klipper-helm:v0.9.4-build20250113	false	Harvester v1.5.0	home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis	golang.org/x/crypto@v0.26.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/klipper-helm:v0.9.4-build20250113	false	Harvester v1.5.0	home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status	golang.org/x/crypto@v0.25.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/klipper-helm:v0.9.4-build20250113	false	Harvester v1.5.0	home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status	golang.org/x/crypto@v0.25.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/klipper-helm:v0.9.4-build20250113	false	Harvester v1.5.0	usr/bin/helm	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-cluster-api-controller:v1.9.5	true	Harvester v1.5.0	manager	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	usr/share/grafana/bin/grafana	github.com/golang-jwt/jwt/v4@v4.5.0	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	usr/share/grafana/bin/grafana	github.com/golang-jwt/jwt/v5@v5.2.1	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	usr/share/grafana/bin/grafana	github.com/grafana/grafana-plugin-sdk-go@v0.234.0	CVE-2024-8986	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	usr/share/grafana/bin/grafana	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-grafana-grafana:11.1.0	true	Harvester v1.5.0	usr/share/grafana/bin/grafana	golang.org/x/crypto@v0.24.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester v1.5.0	adapter	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0	true	Harvester v1.5.0	adapter	golang.org/x/crypto@v0.22.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester v1.5.0	bin/alertmanager	golang.org/x/crypto@v0.18.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester v1.5.0	bin/alertmanager	golang.org/x/crypto@v0.18.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester v1.5.0	bin/amtool	golang.org/x/crypto@v0.18.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-alertmanager:v0.27.0	true	Harvester v1.5.0	bin/amtool	golang.org/x/crypto@v0.18.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-node-exporter:v1.8.2	true	Harvester v1.5.0	bin/node_exporter	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-node-exporter:v1.8.2	true	Harvester v1.5.0	bin/node_exporter	golang.org/x/crypto@v0.21.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester v1.5.0	bin/prometheus	github.com/docker/docker@v26.1.3+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester v1.5.0	bin/prometheus	github.com/golang-jwt/jwt/v5@v5.2.1	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester v1.5.0	bin/prometheus	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester v1.5.0	bin/prometheus	golang.org/x/crypto@v0.24.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester v1.5.0	bin/promtool	github.com/docker/docker@v26.1.3+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester v1.5.0	bin/promtool	github.com/golang-jwt/jwt/v5@v5.2.1	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester v1.5.0	bin/promtool	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/mirrored-prometheus-prometheus:v2.53.1	true	Harvester v1.5.0	bin/promtool	golang.org/x/crypto@v0.24.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	usr/bin/agent	github.com/docker/docker@v20.10.27+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/rancher-agent:v2.11.0	false	Harvester v1.5.0	usr/bin/kubectl	github.com/docker/distribution@v2.8.1+incompatible	CVE-2023-2253	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	opt/drivers/management-state/bin/docker-machine-driver-harvester	github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29	CVE-2024-36621	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	opt/drivers/management-state/bin/docker-machine-driver-harvester	github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29	CVE-2024-36623	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	opt/drivers/management-state/bin/docker-machine-driver-harvester	golang.org/x/crypto@v0.27.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	opt/drivers/management-state/bin/docker-machine-driver-harvester	golang.org/x/crypto@v0.27.0	CVE-2025-22869	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	opt/drivers/management-state/bin/docker-machine-driver-linode	github.com/docker/docker@v20.10.27+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	opt/drivers/management-state/bin/docker-machine-driver-linode	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/containerd	github.com/golang-jwt/jwt/v4@v4.5.1	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/containerd	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/containerd	golang.org/x/crypto@v0.24.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/etcdctl	github.com/golang-jwt/jwt/v4@v4.4.2	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/etcdctl	golang.org/x/crypto@v0.21.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/etcdctl	golang.org/x/crypto@v0.21.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/k3s	github.com/golang-jwt/jwt/v4@v4.5.1	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/k3s	golang.org/x/crypto@v0.24.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/k3s	golang.org/x/crypto@v0.24.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/rancher	github.com/docker/docker@v20.10.27+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/rancher-machine	github.com/golang-jwt/jwt/v4@v4.5.0	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/rancher-machine	github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29	CVE-2024-36621	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/rancher-machine	github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29	CVE-2024-36623	none	not affected	vulnerable code not present	gobinary
rancher/rancher:v2.11.0	false	Harvester v1.5.0	usr/bin/rancher-machine	golang.org/x/crypto@v0.26.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/rke2-cloud-provider:v1.32.0-rc3.0.20241220224140-68fbd1a6b543-build20250101	false	Harvester v1.5.0	usr/local/bin/rke2-cloud-provider	github.com/golang-jwt/jwt/v4@v4.5.1	CVE-2025-30204	none	not affected	vulnerable code not in execute path	gobinary
rancher/rke2-cloud-provider:v1.32.0-rc3.0.20241220224140-68fbd1a6b543-build20250101	false	Harvester v1.5.0	usr/local/bin/rke2-cloud-provider	golang.org/x/crypto@v0.29.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/rke2-cloud-provider:v1.32.0-rc3.0.20241220224140-68fbd1a6b543-build20250101	false	Harvester v1.5.0	usr/local/bin/rke2-cloud-provider	golang.org/x/crypto@v0.29.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/rke2-runtime:v1.32.3-rke2r1	false	Harvester v1.5.0	bin/containerd	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/rke2-runtime:v1.32.3-rke2r1	false	Harvester v1.5.0	bin/kubelet	go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0	CVE-2023-45142	none	not affected	vulnerable code not present	gobinary
rancher/rke2-runtime:v1.32.3-rke2r1	false	Harvester v1.5.0	bin/kubelet	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/rke2-runtime:v1.32.3-rke2r1	false	Harvester v1.5.0	bin/kubelet	golang.org/x/crypto@v0.28.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/helm	golang.org/x/crypto@v0.26.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/helm	golang.org/x/crypto@v0.26.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/k9s	github.com/docker/docker@v26.0.1+incompatible	CVE-2024-41110	none	not affected	vulnerable code not present	gobinary
rancher/shell:v0.3.0	false	Harvester v1.5.0	usr/local/bin/k9s	golang.org/x/crypto@v0.22.0	CVE-2024-45337	none	not affected	vulnerable code not in execute path	gobinary
rancher/shell:v0.4.0	false	Harvester v1.5.0	usr/local/bin/helm	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/system-agent-installer-rancher:v2.11.0	false	Harvester v1.5.0	helm	golang.org/x/crypto@v0.31.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary
rancher/system-agent:v0.3.12-suc	false	Harvester v1.5.0	opt/rancher-system-agent-suc/rancher-system-agent	golang.org/x/crypto@v0.28.0	CVE-2024-45337	none	not affected	vulnerable code not present	gobinary
rancher/system-agent:v0.3.12-suc	false	Harvester v1.5.0	opt/rancher-system-agent-suc/rancher-system-agent	golang.org/x/crypto@v0.28.0	CVE-2025-22869	none	not affected	vulnerable code not present	gobinary