Search:
| Image | Mirrored | Release | Binary/Package | Dependency | Vulnerability ID (CVE) | Severity | Status | Justification (for status not affected) | Type (language or OS) |
|---|---|---|---|---|---|---|---|---|---|
| ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0 | false | Harvester v1.6.0 | libcrypto3 | libcrypto3@3.3.1-r3 | CVE-2024-12797 | HIGH | affected | alpine | |
| ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0 | false | Harvester v1.6.0 | libcrypto3 | libcrypto3@3.3.1-r3 | CVE-2024-6119 | HIGH | affected | alpine | |
| ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0 | false | Harvester v1.6.0 | libssl3 | libssl3@3.3.1-r3 | CVE-2024-12797 | HIGH | affected | alpine | |
| ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0 | false | Harvester v1.6.0 | libssl3 | libssl3@3.3.1-r3 | CVE-2024-6119 | HIGH | affected | alpine | |
| ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0 | false | Harvester v1.6.0 | ip-control-loop | golang.org/x/oauth2@v0.10.0 | CVE-2025-22868 | HIGH | affected | gobinary | |
| ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0 | false | Harvester v1.6.0 | ip-control-loop | stdlib@v1.21.12 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0 | false | Harvester v1.6.0 | ip-control-loop | stdlib@v1.21.12 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0 | false | Harvester v1.6.0 | whereabouts | golang.org/x/oauth2@v0.10.0 | CVE-2025-22868 | HIGH | affected | gobinary | |
| ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0 | false | Harvester v1.6.0 | whereabouts | stdlib@v1.21.12 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| ghcr.io/k8snetworkplumbingwg/whereabouts:v0.8.0 | false | Harvester v1.6.0 | whereabouts | stdlib@v1.21.12 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | libcrypto3 | libcrypto3@3.3.1-r0 | CVE-2024-12797 | HIGH | affected | alpine | |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | libcrypto3 | libcrypto3@3.3.1-r0 | CVE-2024-6119 | HIGH | affected | alpine | |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | libssl3 | libssl3@3.3.1-r0 | CVE-2024-12797 | HIGH | affected | alpine | |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | libssl3 | libssl3@3.3.1-r0 | CVE-2024-6119 | HIGH | affected | alpine | |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | kube-vip | github.com/osrg/gobgp/v3@v3.27.0 | CVE-2025-43971 | HIGH | affected | gobinary | |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | kube-vip | stdlib@v1.22.4 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | kube-vip | stdlib@v1.22.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | kube-ovn/kube-ovn | stdlib@v1.23.9 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | kube-ovn/kube-ovn-cmd | stdlib@v1.23.9 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | kube-ovn/kube-ovn-controller | stdlib@v1.23.9 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | kube-ovn/kube-ovn-daemon | stdlib@v1.23.9 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | loopback | stdlib@v1.23.9 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | macvlan | stdlib@v1.23.9 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | portmap | stdlib@v1.23.9 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | usr/bin/gobgp | stdlib@v1.24.3 | CVE-2025-22874 | HIGH | affected | gobinary | |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | usr/bin/gobgp | stdlib@v1.24.3 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | usr/bin/kubectl | stdlib@v1.23.9 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/backing-image-manager:v1.9.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/backing-image-manager:v1.9.1 | false | Harvester v1.6.0 | iperf | iperf@3.19-150500.94.1 | SUSE-SU-2025:02749-1 | HIGH | affected | sles | |
| longhornio/backing-image-manager:v1.9.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/backing-image-manager:v1.9.1 | false | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.8.3-150600.4.6.2 | SUSE-SU-2025:02595-1 | HIGH | affected | sles | |
| longhornio/backing-image-manager:v1.9.1 | false | Harvester v1.6.0 | libiperf0 | libiperf0@3.19-150500.94.1 | SUSE-SU-2025:02749-1 | HIGH | affected | sles | |
| longhornio/backing-image-manager:v1.9.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| longhornio/backing-image-manager:v1.9.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| longhornio/backing-image-manager:v1.9.1 | false | Harvester v1.6.0 | usr/local/bin/backing-image-manager | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/csi-attacher:v4.9.0-20250709 | false | Harvester v1.6.0 | csi-attacher | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/csi-node-driver-registrar:v2.14.0-20250709 | false | Harvester v1.6.0 | csi-node-driver-registrar | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/csi-provisioner:v5.3.0-20250709 | false | Harvester v1.6.0 | csi-provisioner | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/csi-resizer:v1.14.0-20250709 | false | Harvester v1.6.0 | csi-resizer | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/csi-snapshotter:v8.3.0-20250709 | false | Harvester v1.6.0 | csi-snapshotter | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/livenessprobe:v2.16.0-20250709 | false | Harvester v1.6.0 | livenessprobe | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/longhorn-cli:v1.9.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-cli:v1.9.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-cli:v1.9.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| longhornio/longhorn-cli:v1.9.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| longhornio/longhorn-cli:v1.9.1 | false | Harvester v1.6.0 | usr/local/bin/longhornctl | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/longhorn-cli:v1.9.1 | false | Harvester v1.6.0 | usr/local/bin/longhornctl-local | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/longhorn-engine:v1.9.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-engine:v1.9.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-engine:v1.9.1 | false | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.8.3-150600.4.6.2 | SUSE-SU-2025:02595-1 | HIGH | affected | sles | |
| longhornio/longhorn-engine:v1.9.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| longhornio/longhorn-engine:v1.9.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| longhornio/longhorn-engine:v1.9.1 | false | Harvester v1.6.0 | usr/local/bin/grpc_health_probe | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/longhorn-engine:v1.9.1 | false | Harvester v1.6.0 | usr/local/bin/longhorn | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/longhorn-engine:v1.9.1 | false | Harvester v1.6.0 | usr/local/bin/longhorn-instance-manager | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/longhorn-instance-manager:v1.9.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-instance-manager:v1.9.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-instance-manager:v1.9.1 | false | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.8.3-150600.4.6.2 | SUSE-SU-2025:02595-1 | HIGH | affected | sles | |
| longhornio/longhorn-instance-manager:v1.9.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| longhornio/longhorn-instance-manager:v1.9.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| longhornio/longhorn-instance-manager:v1.9.1 | false | Harvester v1.6.0 | usr/local/bin/go-spdk-helper | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/longhorn-instance-manager:v1.9.1 | false | Harvester v1.6.0 | usr/local/bin/grpc_health_probe | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/longhorn-instance-manager:v1.9.1 | false | Harvester v1.6.0 | usr/local/bin/longhorn-instance-manager | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/longhorn-manager:v1.9.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-manager:v1.9.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-manager:v1.9.1 | false | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.8.3-150600.4.6.2 | SUSE-SU-2025:02595-1 | HIGH | affected | sles | |
| longhornio/longhorn-manager:v1.9.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| longhornio/longhorn-manager:v1.9.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| longhornio/longhorn-manager:v1.9.1 | false | Harvester v1.6.0 | usr/local/sbin/longhorn-manager | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/longhorn-share-manager:v1.9.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-share-manager:v1.9.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-share-manager:v1.9.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| longhornio/longhorn-share-manager:v1.9.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| longhornio/longhorn-share-manager:v1.9.1 | false | Harvester v1.6.0 | longhorn-share-manager | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/longhorn-ui:v1.9.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-ui:v1.9.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/longhorn-ui:v1.9.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| longhornio/longhorn-ui:v1.9.1 | false | Harvester v1.6.0 | libtiff5 | libtiff5@4.0.9-150000.45.47.1 | SUSE-SU-2025:02815-1 | HIGH | affected | sles | |
| longhornio/longhorn-ui:v1.9.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| longhornio/longhorn-ui:v1.9.1 | false | Harvester v1.6.0 | libxml2-tools | libxml2-tools@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| longhornio/support-bundle-kit:v0.0.61 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/support-bundle-kit:v0.0.61 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| longhornio/support-bundle-kit:v0.0.61 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| longhornio/support-bundle-kit:v0.0.61 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| longhornio/support-bundle-kit:v0.0.61 | false | Harvester v1.6.0 | usr/bin/support-bundle-kit | gopkg.in/yaml.v3@v3.0.0-20220521103104-8f96da9f5d5e | CVE-2022-28948 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/support-bundle-kit:v0.0.61 | false | Harvester v1.6.0 | usr/bin/support-bundle-kit | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| longhornio/support-bundle-kit:v0.0.61 | false | Harvester v1.6.0 | usr/bin/yq | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/fleet-agent:v0.13.0 | false | Harvester v1.6.0 | usr/bin/fleetagent | github.com/hashicorp/go-getter@v1.7.8 | CVE-2025-8959 | HIGH | affected | gobinary | |
| rancher/fleet-agent:v0.13.0 | false | Harvester v1.6.0 | usr/bin/fleetagent | github.com/rancher/fleet@v0.13.0 | CVE-2024-52284 | HIGH | affected | gobinary | |
| rancher/fleet-agent:v0.13.0 | false | Harvester v1.6.0 | usr/bin/fleetagent | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | git-core | git-core@2.43.0-150600.3.9.1 | SUSE-SU-2025:03012-1 | HIGH | affected | sles | |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | usr/bin/fleet | github.com/hashicorp/go-getter@v1.7.8 | CVE-2025-8959 | HIGH | affected | gobinary | |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | usr/bin/fleet | github.com/rancher/fleet@v0.13.0 | CVE-2024-52284 | HIGH | affected | gobinary | |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | usr/bin/fleet | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | usr/bin/fleetcontroller | github.com/hashicorp/go-getter@v1.7.8 | CVE-2025-8959 | HIGH | affected | gobinary | |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | usr/bin/fleetcontroller | github.com/rancher/fleet@v0.13.0 | CVE-2024-52284 | HIGH | affected | gobinary | |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | usr/bin/fleetcontroller | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-addon-resizer:1.8.23-build20250612 | false | Harvester v1.6.0 | pod_nanny | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | calicoctl | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/bandwidth | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/bond | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/bridge | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/calico | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/calico-ipam | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/dhcp | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/dummy | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/firewall | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/flannel | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/host-device | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/host-local | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/install | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/ipvlan | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/loopback | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/macvlan | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/portmap | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/ptp | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/sbr | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/static | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/tap | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/tuning | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/vlan | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | opt/cni/bin/vrf | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | usr/bin/calico-node | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | usr/bin/check-status | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | usr/bin/kube-controllers | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | usr/local/bin/flexvol/flexvoldriver | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cluster-autoscaler:v1.10.2-build20250611 | false | Harvester v1.6.0 | cluster-proportional-autoscaler | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/bandwidth | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/bond | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/bridge | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/dhcp | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/dummy | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/firewall | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/flannel | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/host-device | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/host-local | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/ipvlan | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/loopback | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/macvlan | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/portmap | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/ptp | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/sbr | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/static | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/tap | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/tuning | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/vlan | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-cni-plugins:v1.7.1-build20250611 | false | Harvester v1.6.0 | opt/cni/bin/vrf | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-coredns:v1.12.2-build20250611 | false | Harvester v1.6.0 | coredns | stdlib@v1.23.10 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-dns-node-cache:1.26.0-build20250611 | false | Harvester v1.6.0 | node-cache | github.com/coredns/coredns@v1.12.2 | CVE-2025-58063 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-dns-node-cache:1.26.0-build20250611 | false | Harvester v1.6.0 | node-cache | stdlib@v1.23.10 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-etcd:v3.5.21-k3s1-build20250612 | false | Harvester v1.6.0 | usr/local/bin/etcd | stdlib@v1.23.10 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-etcd:v3.5.21-k3s1-build20250612 | false | Harvester v1.6.0 | usr/local/bin/etcdctl | stdlib@v1.23.10 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-flannel:v0.27.1-build20250710 | false | Harvester v1.6.0 | opt/bin/flanneld | stdlib@v1.23.10 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-k8s-metrics-server:v0.8.0-build20250704 | false | Harvester v1.6.0 | metrics-server | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | usr/local/bin/kube-apiserver | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | usr/local/bin/kube-controller-manager | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | usr/local/bin/kube-proxy | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | usr/local/bin/kube-scheduler | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | usr/local/bin/kubectl | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | usr/local/bin/kubelet | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | cert-approver | stdlib@v1.21.11 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | cert-approver | stdlib@v1.21.11 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | install_multus | stdlib@v1.21.11 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | install_multus | stdlib@v1.21.11 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | kubeconfig_generator | stdlib@v1.21.11 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | kubeconfig_generator | stdlib@v1.21.11 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | thin_entrypoint | stdlib@v1.21.11 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | thin_entrypoint | stdlib@v1.21.11 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | usr/src/multus-cni/bin/multus | stdlib@v1.21.11 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | usr/src/multus-cni/bin/multus | stdlib@v1.21.11 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-cluster-repo:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-cluster-repo:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-eventrouter:v1.6.0 | false | Harvester v1.6.0 | usr/bin/eventrouter | github.com/golang/glog@v0.0.0-20160126235308-23def4e6c14b | CVE-2024-45339 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-kubeovn-operator:v1.13.13 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-kubeovn-operator:v1.13.13 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-kubeovn-operator:v1.13.13 | false | Harvester v1.6.0 | manager | golang.org/x/oauth2@v0.25.0 | CVE-2025-22868 | HIGH | affected | gobinary | |
| rancher/harvester-load-balancer-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-load-balancer-webhook | github.com/rancher/rancher@v0.0.0-20241119020906-df45e368c82d | CVE-2019-12274 | HIGH | affected | gobinary | |
| rancher/harvester-load-balancer-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-load-balancer-webhook | github.com/rancher/rancher@v0.0.0-20241119020906-df45e368c82d | CVE-2021-36775 | HIGH | affected | gobinary | |
| rancher/harvester-load-balancer-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-load-balancer-webhook | github.com/rancher/rancher@v0.0.0-20241119020906-df45e368c82d | CVE-2024-58259 | HIGH | affected | gobinary | |
| rancher/harvester-network-controller:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-network-controller:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-network-controller:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-network-controller | github.com/opencontainers/runc@v1.1.13 | CVE-2024-45310 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-network-controller:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-network-controller | stdlib@v1.24.0 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/harvester-network-controller:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-network-controller | stdlib@v1.24.0 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-network-helper:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-network-helper | github.com/opencontainers/runc@v1.1.13 | CVE-2024-45310 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-network-helper:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-network-helper | stdlib@v1.24.0 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/harvester-network-helper:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-network-helper | stdlib@v1.24.0 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-network-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-network-webhook | github.com/opencontainers/runc@v1.1.13 | CVE-2024-45310 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-network-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-network-webhook | stdlib@v1.24.0 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/harvester-network-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-network-webhook | stdlib@v1.24.0 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-networkfs-manager:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-networkfs-manager:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-node-disk-manager-webhook:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-node-disk-manager-webhook:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-node-disk-manager-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/node-disk-manager-webhook | gopkg.in/yaml.v3@v3.0.0-20220521103104-8f96da9f5d5e | CVE-2022-28948 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-node-disk-manager:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-node-disk-manager:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-node-disk-manager:v1.6.0 | false | Harvester v1.6.0 | usr/bin/node-disk-manager | gopkg.in/yaml.v3@v3.0.0-20220521103104-8f96da9f5d5e | CVE-2022-28948 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-node-manager-webhook:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-node-manager-webhook:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-node-manager:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-node-manager:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-pcidevices:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-pcidevices:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-seeder:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-seeder:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/kubectl | stdlib@v1.23.6 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/virtctl | stdlib@v1.22.8 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/wharfie | stdlib@v1.22.9 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/yq | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/local/bin/elemental | github.com/docker/docker@v23.0.8+incompatible | CVE-2024-41110 | CRITICAL | affected | gobinary | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/local/bin/elemental | github.com/go-git/go-git/v5@v5.11.0 | CVE-2025-21613 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/local/bin/elemental | github.com/go-git/go-git/v5@v5.11.0 | CVE-2025-21614 | HIGH | affected | gobinary | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/local/bin/elemental | github.com/moby/moby@v25.0.1+incompatible | CVE-2024-36621 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/local/bin/elemental | github.com/moby/moby@v25.0.1+incompatible | CVE-2024-36623 | HIGH | affected | gobinary | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/local/bin/elemental | golang.org/x/crypto@v0.18.0 | CVE-2024-45337 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/local/bin/elemental | golang.org/x/crypto@v0.18.0 | CVE-2025-22869 | HIGH | affected | gobinary | |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/local/bin/elemental | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-vm-import-controller:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-vm-import-controller:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-vm-import-controller:v1.6.0 | false | Harvester v1.6.0 | usr/bin/vm-import-controller | github.com/opencontainers/runc@v1.1.13 | CVE-2024-45310 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-webhook:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-webhook:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-webhook | github.com/opencontainers/runc@v1.1.13 | CVE-2024-45310 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-webhook | github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1 | CVE-2024-58259 | HIGH | affected | gobinary | |
| rancher/harvester-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-webhook | github.com/rancher/steve@v0.5.6 | CVE-2023-32198 | HIGH | affected | gobinary | |
| rancher/harvester:v1.6.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester:v1.6.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/harvester:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester | github.com/opencontainers/runc@v1.1.13 | CVE-2024-45310 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/harvester:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester | github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1 | CVE-2024-58259 | HIGH | affected | gobinary | |
| rancher/harvester:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester | github.com/rancher/steve@v0.5.6 | CVE-2023-32198 | HIGH | affected | gobinary | |
| rancher/klipper-helm:v0.9.8-build20250709 | false | Harvester v1.6.0 | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/klipper-helm:v0.9.8-build20250709 | false | Harvester v1.6.0 | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/klipper-helm:v0.9.8-build20250709 | false | Harvester v1.6.0 | usr/bin/helm | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | google.golang.org/protobuf@v1.31.0 | CVE-2024-24786 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.21.7 | CVE-2024-24790 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.21.7 | CVE-2023-45288 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.21.7 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.21.7 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.21.7 | CVE-2023-45289 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.21.7 | CVE-2023-45290 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.21.7 | CVE-2024-24783 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.21.7 | CVE-2024-24784 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.21.7 | CVE-2024-24785 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.32.3 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.23.6 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/kubectl:v1.33.1 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/kubectl:v1.33.1 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-cluster-api-controller:v1.10.2 | true | Harvester v1.6.0 | manager | stdlib@v1.23.8 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-fluent-fluent-bit:3.1.8 | true | Harvester v1.6.0 | libc6 | libc6@2.36-9+deb12u8 | CVE-2025-4802 | HIGH | affected | debian | |
| rancher/mirrored-fluent-fluent-bit:3.1.8 | true | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.7.9-2+deb12u3 | CVE-2025-32988 | HIGH | affected | debian | |
| rancher/mirrored-fluent-fluent-bit:3.1.8 | true | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.7.9-2+deb12u3 | CVE-2025-32990 | HIGH | affected | debian | |
| rancher/mirrored-fluent-fluent-bit:3.1.8 | true | Harvester v1.6.0 | libldap-2.5-0 | libldap-2.5-0@2.5.13+dfsg-5 | CVE-2023-2953 | HIGH | affected | debian | |
| rancher/mirrored-fluent-fluent-bit:3.1.8 | true | Harvester v1.6.0 | liblzma5 | liblzma5@5.4.1-0.2 | CVE-2025-31115 | HIGH | affected | debian | |
| rancher/mirrored-fluent-fluent-bit:3.1.8 | true | Harvester v1.6.0 | libpq5 | libpq5@15.8-0+deb12u1 | CVE-2024-10979 | HIGH | affected | debian | |
| rancher/mirrored-fluent-fluent-bit:3.1.8 | true | Harvester v1.6.0 | libpq5 | libpq5@15.8-0+deb12u1 | CVE-2025-1094 | HIGH | affected | debian | |
| rancher/mirrored-fluent-fluent-bit:3.1.8 | true | Harvester v1.6.0 | libpq5 | libpq5@15.8-0+deb12u1 | CVE-2025-8714 | HIGH | affected | debian | |
| rancher/mirrored-fluent-fluent-bit:3.1.8 | true | Harvester v1.6.0 | libpq5 | libpq5@15.8-0+deb12u1 | CVE-2025-8715 | HIGH | affected | debian | |
| rancher/mirrored-fluent-fluent-bit:3.1.8 | true | Harvester v1.6.0 | zlib1g | zlib1g@1:1.2.13.dfsg-1 | CVE-2023-45853 | CRITICAL | affected | debian | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | curl | curl@8.5.0-r0 | CVE-2024-2398 | HIGH | affected | alpine | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | curl | curl@8.5.0-r0 | CVE-2024-6197 | HIGH | affected | alpine | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | libcrypto3 | libcrypto3@3.1.4-r5 | CVE-2024-6119 | HIGH | affected | alpine | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | libcurl | libcurl@8.5.0-r0 | CVE-2024-2398 | HIGH | affected | alpine | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | libcurl | libcurl@8.5.0-r0 | CVE-2024-6197 | HIGH | affected | alpine | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | libssl3 | libssl3@3.1.4-r5 | CVE-2024-6119 | HIGH | affected | alpine | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | github.com/go-jose/go-jose/v3@v3.0.3 | CVE-2025-27144 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | github.com/golang/glog@v1.2.0 | CVE-2024-45339 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | stdlib@v1.22.4 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | stdlib@v1.22.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana-cli | stdlib@v1.22.4 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana-cli | stdlib@v1.22.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana-server | stdlib@v1.22.4 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana-server | stdlib@v1.22.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.6.0 | true | Harvester v1.6.0 | kube-webhook-certgen | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | libcrypto3 | libcrypto3@3.3.0-r2 | CVE-2024-12797 | HIGH | affected | alpine | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | libcrypto3 | libcrypto3@3.3.0-r2 | CVE-2024-6119 | HIGH | affected | alpine | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | libexpat | libexpat@2.6.2-r0 | CVE-2024-45491 | CRITICAL | affected | alpine | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | libexpat | libexpat@2.6.2-r0 | CVE-2024-45492 | CRITICAL | affected | alpine | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | libexpat | libexpat@2.6.2-r0 | CVE-2024-45490 | HIGH | affected | alpine | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | libexpat | libexpat@2.6.2-r0 | CVE-2024-8176 | HIGH | affected | alpine | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | libssl3 | libssl3@3.3.0-r2 | CVE-2024-12797 | HIGH | affected | alpine | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | libssl3 | libssl3@3.3.0-r2 | CVE-2024-6119 | HIGH | affected | alpine | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | sqlite-libs | sqlite-libs@3.45.3-r1 | CVE-2025-29087 | HIGH | affected | alpine | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | xz-libs | xz-libs@5.6.1-r3 | CVE-2025-31115 | HIGH | affected | alpine | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | Python | setuptools@70.0.0 | CVE-2025-47273 | HIGH | affected | python-pkg | |
| rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 | true | Harvester v1.6.0 | Python | setuptools@70.0.0 | CVE-2025-47273 | HIGH | affected | python-pkg | |
| rancher/mirrored-kube-logging-config-reloader:v0.0.6 | true | Harvester v1.6.0 | config-reloader | google.golang.org/protobuf@v1.28.1 | CVE-2024-24786 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-kube-logging-config-reloader:v0.0.6 | true | Harvester v1.6.0 | config-reloader | stdlib@v1.23.1 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full | true | Harvester v1.6.0 | ruby | ruby@3.3.6-r0 | CVE-2025-27219 | HIGH | affected | alpine | |
| rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full | true | Harvester v1.6.0 | ruby-libs | ruby-libs@3.3.6-r0 | CVE-2025-27219 | HIGH | affected | alpine | |
| rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full | true | Harvester v1.6.0 | Ruby | google-protobuf@3.21.12 | CVE-2024-7254 | HIGH | affected | gemspec | |
| rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full | true | Harvester v1.6.0 | Ruby | net-imap@0.3.4.1 | CVE-2025-43857 | HIGH | affected | gemspec | |
| rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full | true | Harvester v1.6.0 | Ruby | net-imap@0.4.19 | CVE-2025-43857 | HIGH | affected | gemspec | |
| rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full | true | Harvester v1.6.0 | Ruby | nokogiri@1.18.4 | GHSA-353f-x4gh-cqq8 | CRITICAL | affected | gemspec | |
| rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full | true | Harvester v1.6.0 | Ruby | rack@3.0.14 | CVE-2025-46727 | HIGH | affected | gemspec | |
| rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full | true | Harvester v1.6.0 | Ruby | rexml@3.2.6 | CVE-2024-49761 | HIGH | affected | gemspec | |
| rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full | true | Harvester v1.6.0 | Ruby | rexml@3.3.2 | CVE-2024-49761 | HIGH | affected | gemspec | |
| rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full | true | Harvester v1.6.0 | Ruby | webrick@1.8.1 | CVE-2024-47220 | HIGH | affected | gemspec | |
| rancher/mirrored-kube-logging-logging-operator:4.10.0 | true | Harvester v1.6.0 | manager | stdlib@v1.23.1 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0 | true | Harvester v1.6.0 | kube-state-metrics | golang.org/x/crypto@v0.21.0 | CVE-2024-45337 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0 | true | Harvester v1.6.0 | kube-state-metrics | golang.org/x/crypto@v0.21.0 | CVE-2025-22869 | HIGH | affected | gobinary | |
| rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0 | true | Harvester v1.6.0 | kube-state-metrics | golang.org/x/oauth2@v0.18.0 | CVE-2025-22868 | HIGH | affected | gobinary | |
| rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0 | true | Harvester v1.6.0 | kube-state-metrics | stdlib@v1.21.8 | CVE-2024-24790 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0 | true | Harvester v1.6.0 | kube-state-metrics | stdlib@v1.21.8 | CVE-2023-45288 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0 | true | Harvester v1.6.0 | kube-state-metrics | stdlib@v1.21.8 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0 | true | Harvester v1.6.0 | kube-state-metrics | stdlib@v1.21.8 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-library-nginx:1.24.0-alpine | true | Harvester v1.6.0 | curl | curl@8.5.0-r0 | CVE-2024-2398 | HIGH | affected | alpine | |
| rancher/mirrored-library-nginx:1.24.0-alpine | true | Harvester v1.6.0 | curl | curl@8.5.0-r0 | CVE-2024-6197 | HIGH | affected | alpine | |
| rancher/mirrored-library-nginx:1.24.0-alpine | true | Harvester v1.6.0 | libcrypto3 | libcrypto3@3.0.12-r4 | CVE-2024-6119 | HIGH | affected | alpine | |
| rancher/mirrored-library-nginx:1.24.0-alpine | true | Harvester v1.6.0 | libcurl | libcurl@8.5.0-r0 | CVE-2024-2398 | HIGH | affected | alpine | |
| rancher/mirrored-library-nginx:1.24.0-alpine | true | Harvester v1.6.0 | libcurl | libcurl@8.5.0-r0 | CVE-2024-6197 | HIGH | affected | alpine | |
| rancher/mirrored-library-nginx:1.24.0-alpine | true | Harvester v1.6.0 | libexpat | libexpat@2.6.2-r0 | CVE-2024-45491 | CRITICAL | affected | alpine | |
| rancher/mirrored-library-nginx:1.24.0-alpine | true | Harvester v1.6.0 | libexpat | libexpat@2.6.2-r0 | CVE-2024-45492 | CRITICAL | affected | alpine | |
| rancher/mirrored-library-nginx:1.24.0-alpine | true | Harvester v1.6.0 | libexpat | libexpat@2.6.2-r0 | CVE-2024-45490 | HIGH | affected | alpine | |
| rancher/mirrored-library-nginx:1.24.0-alpine | true | Harvester v1.6.0 | libssl3 | libssl3@3.0.12-r4 | CVE-2024-6119 | HIGH | affected | alpine | |
| rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0 | true | Harvester v1.6.0 | adapter | stdlib@v1.22.2 | CVE-2024-24790 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0 | true | Harvester v1.6.0 | adapter | stdlib@v1.22.2 | CVE-2024-24788 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0 | true | Harvester v1.6.0 | adapter | stdlib@v1.22.2 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0 | true | Harvester v1.6.0 | adapter | stdlib@v1.22.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | stdlib@v1.21.7 | CVE-2024-24790 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | stdlib@v1.21.7 | CVE-2023-45288 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | stdlib@v1.21.7 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | stdlib@v1.21.7 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | stdlib@v1.21.7 | CVE-2023-45289 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | stdlib@v1.21.7 | CVE-2023-45290 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | stdlib@v1.21.7 | CVE-2024-24783 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | stdlib@v1.21.7 | CVE-2024-24784 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | stdlib@v1.21.7 | CVE-2024-24785 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | stdlib@v1.21.7 | CVE-2024-24790 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | stdlib@v1.21.7 | CVE-2023-45288 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | stdlib@v1.21.7 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | stdlib@v1.21.7 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | stdlib@v1.21.7 | CVE-2023-45289 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | stdlib@v1.21.7 | CVE-2023-45290 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | stdlib@v1.21.7 | CVE-2024-24783 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | stdlib@v1.21.7 | CVE-2024-24784 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | stdlib@v1.21.7 | CVE-2024-24785 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-node-exporter:v1.8.2 | true | Harvester v1.6.0 | bin/node_exporter | stdlib@v1.22.5 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-node-exporter:v1.8.2 | true | Harvester v1.6.0 | bin/node_exporter | stdlib@v1.22.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-operator-admission-webhook:v0.75.1 | true | Harvester v1.6.0 | bin/admission-webhook | golang.org/x/oauth2@v0.21.0 | CVE-2025-22868 | HIGH | affected | gobinary | |
| rancher/mirrored-prometheus-operator-admission-webhook:v0.75.1 | true | Harvester v1.6.0 | bin/admission-webhook | stdlib@v1.22.4 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-operator-admission-webhook:v0.75.1 | true | Harvester v1.6.0 | bin/admission-webhook | stdlib@v1.22.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1 | true | Harvester v1.6.0 | bin/prometheus-config-reloader | golang.org/x/crypto@v0.24.0 | CVE-2024-45337 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1 | true | Harvester v1.6.0 | bin/prometheus-config-reloader | golang.org/x/crypto@v0.24.0 | CVE-2025-22869 | HIGH | affected | gobinary | |
| rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1 | true | Harvester v1.6.0 | bin/prometheus-config-reloader | golang.org/x/oauth2@v0.21.0 | CVE-2025-22868 | HIGH | affected | gobinary | |
| rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1 | true | Harvester v1.6.0 | bin/prometheus-config-reloader | stdlib@v1.22.4 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1 | true | Harvester v1.6.0 | bin/prometheus-config-reloader | stdlib@v1.22.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-operator-prometheus-operator:v0.75.1 | true | Harvester v1.6.0 | bin/operator | golang.org/x/oauth2@v0.21.0 | CVE-2025-22868 | HIGH | affected | gobinary | |
| rancher/mirrored-prometheus-operator-prometheus-operator:v0.75.1 | true | Harvester v1.6.0 | bin/operator | stdlib@v1.22.4 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-operator-prometheus-operator:v0.75.1 | true | Harvester v1.6.0 | bin/operator | stdlib@v1.22.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/prometheus | stdlib@v1.22.5 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/prometheus | stdlib@v1.22.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/promtool | stdlib@v1.22.5 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/promtool | stdlib@v1.22.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | Harvester v1.6.0 | snapshot-controller | stdlib@v1.23.1 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | dbg | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | nginx-ingress-controller | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | wait-shutdown | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher-webhook:v0.8.0 | false | Harvester v1.6.0 | usr/bin/webhook | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/rancher-webhook:v0.8.0 | false | Harvester v1.6.0 | usr/bin/webhook | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | git-core | git-core@2.43.0-150600.3.9.1 | SUSE-SU-2025:03012-1 | HIGH | affected | sles | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29 | CVE-2021-21284 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-linode | stdlib@v1.24.1 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-linode | stdlib@v1.24.1 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/bandwidth | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/bandwidth | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/cni | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/cni | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/containerd | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/containerd | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/containerd-shim-runc-v2 | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/containerd-shim-runc-v2 | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/etcdctl | stdlib@v1.23.7 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/firewall | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/firewall | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/k3s | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/k3s | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/rancher | github.com/go-jose/go-jose/v3@v3.0.3 | CVE-2025-27144 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/rancher | github.com/golang-jwt/jwt@v3.2.1+incompatible | CVE-2025-30204 | HIGH | affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/rancher | github.com/rancher/rancher@v2.12.0 | CVE-2024-58259 | HIGH | affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/rancher | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/rancher-machine | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/rancher-machine | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/runc | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/runc | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/share/rancher/ui/assets/wins.exe | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-cloud-provider:v1.33.1-0.20250516163953-99d91538b132-build20250612 | false | Harvester v1.6.0 | usr/local/bin/rke2-cloud-provider | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-runtime:v1.33.3-rke2r1 | false | Harvester v1.6.0 | bin/containerd | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-runtime:v1.33.3-rke2r1 | false | Harvester v1.6.0 | bin/containerd-shim-runc-v2 | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-runtime:v1.33.3-rke2r1 | false | Harvester v1.6.0 | bin/crictl | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-runtime:v1.33.3-rke2r1 | false | Harvester v1.6.0 | bin/ctr | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-runtime:v1.33.3-rke2r1 | false | Harvester v1.6.0 | bin/kubectl | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-runtime:v1.33.3-rke2r1 | false | Harvester v1.6.0 | bin/kubelet | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-runtime:v1.33.3-rke2r1 | false | Harvester v1.6.0 | bin/runc | stdlib@v1.23.10 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.12.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | glibc | glibc@2.38-150600.14.14.2 | SUSE-SU-2025:01702-1 | HIGH | affected | sles | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.12.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | libopenssl3 | libopenssl3@3.1.4-150600.5.21.1 | SUSE-SU-2025:1550-1 | HIGH | affected | sles | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | libssh-config | libssh-config@0.9.8-150600.9.1 | SUSE-SU-2025:02229-1 | HIGH | affected | sles | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | libssh4 | libssh4@0.9.8-150600.9.1 | SUSE-SU-2025:02229-1 | HIGH | affected | sles | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/helm | stdlib@v1.22.8 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | github.com/go-git/go-git/v5@v5.12.0 | CVE-2025-21613 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | github.com/go-git/go-git/v5@v5.12.0 | CVE-2025-21614 | HIGH | affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | github.com/hashicorp/go-getter@v1.7.4 | CVE-2024-6257 | HIGH | affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | github.com/hashicorp/go-getter@v1.7.4 | CVE-2025-8959 | HIGH | affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | github.com/mholt/archiver/v3@v3.5.1 | CVE-2025-3445 | HIGH | affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | golang.org/x/crypto@v0.22.0 | CVE-2025-22869 | HIGH | affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | stdlib@v1.22.0 | CVE-2024-24790 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | stdlib@v1.22.0 | CVE-2023-45288 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | stdlib@v1.22.0 | CVE-2024-24788 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | stdlib@v1.22.0 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | stdlib@v1.22.0 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | stdlib@v1.22.0 | CVE-2023-45289 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | stdlib@v1.22.0 | CVE-2023-45290 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | stdlib@v1.22.0 | CVE-2024-24783 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | stdlib@v1.22.0 | CVE-2024-24784 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | stdlib@v1.22.0 | CVE-2024-24785 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/kubectl | stdlib@v1.22.8 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/kustomize | stdlib@v1.22.7 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.5.0 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/shell:v0.5.0 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/shell:v0.5.0 | false | Harvester v1.6.0 | usr/local/bin/helm | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.5.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | github.com/hashicorp/go-getter@v1.7.8 | CVE-2025-8959 | HIGH | affected | gobinary | |
| rancher/shell:v0.5.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.5.0 | false | Harvester v1.6.0 | usr/local/bin/kubectl | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/shell:v0.5.0 | false | Harvester v1.6.0 | usr/local/bin/kubectl | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/shell:v0.5.0 | false | Harvester v1.6.0 | usr/local/bin/kustomize | stdlib@v1.22.7 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | libssh-config | libssh-config@0.9.8-150600.9.1 | SUSE-SU-2025:02229-1 | HIGH | affected | sles | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | libssh4 | libssh4@0.9.8-150600.9.1 | SUSE-SU-2025:02229-1 | HIGH | affected | sles | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.10.3-150500.5.26.1 | SUSE-SU-2025:02314-1 | HIGH | affected | sles | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.10.3-150500.5.26.1 | SUSE-SU-2025:02758-1 | HIGH | affected | sles | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | pam | pam@1.3.0-150000.6.76.1 | SUSE-SU-2025:02013-1 | HIGH | affected | sles | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | usr/bin/support-bundle-kit | gopkg.in/yaml.v3@v3.0.0-20220521103104-8f96da9f5d5e | CVE-2022-28948 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | usr/bin/support-bundle-kit | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | usr/bin/yq | stdlib@v1.24.3 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | usr/bin/yq | stdlib@v1.24.3 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/system-agent-installer-rancher:v2.12.0 | false | Harvester v1.6.0 | helm | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/system-agent:v0.3.13-suc | false | Harvester v1.6.0 | opt/rancher-system-agent-suc/rancher-system-agent | stdlib@v1.24.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/system-agent:v0.3.13-suc | false | Harvester v1.6.0 | usr/bin/kubectl | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
| rancher/system-agent:v0.3.13-suc | false | Harvester v1.6.0 | usr/bin/kubectl | stdlib@v1.24.2 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/system-upgrade-controller:v0.16.0 | false | Harvester v1.6.0 | bin/system-upgrade-controller | stdlib@v1.24.4 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2024-24790 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2023-39325 | HIGH | affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2023-45283 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2023-45288 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2023-29409 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2023-39326 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2023-45289 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2023-45290 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2024-24783 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2024-24784 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | stdlib@v1.20.5 | CVE-2024-24785 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2024-24790 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2023-39325 | HIGH | affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2023-45283 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2023-45288 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2025-47907 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2023-29409 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2023-39326 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2023-45289 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2023-45290 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2024-24783 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2024-24784 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | stdlib@v1.20.5 | CVE-2024-24785 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-cloner:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.8.3-150600.4.6.2 | SUSE-SU-2025:02595-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-importer:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadproxy:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | CRITICAL | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.8.3-150600.4.6.2 | SUSE-SU-2025:02595-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/cdi-uploadserver:1.62.0-150700.9.3.1 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/libguestfs-tools:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/libguestfs-tools:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/libguestfs-tools:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.8.3-150600.4.6.2 | SUSE-SU-2025:02595-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/libguestfs-tools:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/libguestfs-tools:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-api:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-api:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-api:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-api:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-controller:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-controller:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-controller:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-controller:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-handler:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-handler:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-handler:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.8.3-150600.4.6.2 | SUSE-SU-2025:02595-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-handler:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-handler:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-launcher:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-launcher:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | gnutls | gnutls@3.8.3-150600.4.6.2 | SUSE-SU-2025:02595-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-launcher:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-launcher:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.8.3-150600.4.6.2 | SUSE-SU-2025:02595-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-launcher:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-launcher:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-launcher:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | xen-libs | xen-libs@4.20.1_02-150700.3.8.1 | SUSE-SU-2025:03172-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-operator:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-operator:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-operator:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | HIGH | affected | sles | |
| registry.suse.com/suse/sles/15.7/virt-operator:1.5.2-150700.3.5.2 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | HIGH | affected | sles | |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | kube-vip | github.com/osrg/gobgp/v3@v3.27.0 | CVE-2025-43970 | none | not affected | vulnerable code not in execute path | gobinary |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | kube-vip | golang.org/x/crypto@v0.23.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | kube-vip | golang.org/x/crypto@v0.23.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | kube-vip | golang.org/x/net@v0.25.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | kube-vip | golang.org/x/net@v0.25.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| ghcr.io/kube-vip/kube-vip-iptables:v0.8.1 | false | Harvester v1.6.0 | kube-vip | golang.org/x/oauth2@v0.16.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | usr/bin/kubectl | golang.org/x/net@v0.26.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| kubeovn/kube-ovn:v1.13.13 | false | Harvester v1.6.0 | usr/bin/kubectl | golang.org/x/oauth2@v0.21.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| longhornio/backing-image-manager:v1.9.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/backing-image-manager:v1.9.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/backing-image-manager:v1.9.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-cli:v1.9.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-cli:v1.9.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-cli:v1.9.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-engine:v1.9.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-engine:v1.9.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-engine:v1.9.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-instance-manager:v1.9.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-instance-manager:v1.9.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-instance-manager:v1.9.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-manager:v1.9.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-manager:v1.9.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-manager:v1.9.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-share-manager:v1.9.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-share-manager:v1.9.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-share-manager:v1.9.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-ui:v1.9.1 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-ui:v1.9.1 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/longhorn-ui:v1.9.1 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/support-bundle-kit:v0.0.61 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/support-bundle-kit:v0.0.61 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| longhornio/support-bundle-kit:v0.0.61 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/fleet:v0.13.0 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-addon-resizer:1.8.23-build20250612 | false | Harvester v1.6.0 | pod_nanny | golang.org/x/net@v0.33.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-addon-resizer:1.8.23-build20250612 | false | Harvester v1.6.0 | pod_nanny | golang.org/x/net@v0.33.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-addon-resizer:1.8.23-build20250612 | false | Harvester v1.6.0 | pod_nanny | golang.org/x/oauth2@v0.24.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-calico:v3.30.2-build20250711 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-cluster-autoscaler:v1.10.2-build20250611 | false | Harvester v1.6.0 | cluster-proportional-autoscaler | golang.org/x/net@v0.36.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-cluster-autoscaler:v1.10.2-build20250611 | false | Harvester v1.6.0 | cluster-proportional-autoscaler | golang.org/x/oauth2@v0.23.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-flannel:v0.27.1-build20250710 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-flannel:v0.27.1-build20250710 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-flannel:v0.27.1-build20250710 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-flannel:v0.27.1-build20250710 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-flannel:v0.27.1-build20250710 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-flannel:v0.27.1-build20250710 | false | Harvester v1.6.0 | libgnutls30 | libgnutls30@3.8.3-150600.4.6.2 | SUSE-SU-2025:02595-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-flannel:v0.27.1-build20250710 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-flannel:v0.27.1-build20250710 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.12.10-150700.4.3.1 | SUSE-SU-2025:02617-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-flannel:v0.27.1-build20250710 | false | Harvester v1.6.0 | opt/bin/flanneld | golang.org/x/oauth2@v0.23.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.10.3-150500.5.29.1 | SUSE-SU-2025:02758-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716 | false | Harvester v1.6.0 | usr/local/bin/kubelet | go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0 | CVE-2023-45142 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | cert-approver | golang.org/x/net@v0.28.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | cert-approver | golang.org/x/net@v0.28.0 | CVE-2025-22872 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | cert-approver | golang.org/x/oauth2@v0.10.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | kubeconfig_generator | golang.org/x/net@v0.28.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | kubeconfig_generator | golang.org/x/net@v0.28.0 | CVE-2025-22872 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | kubeconfig_generator | golang.org/x/oauth2@v0.10.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | usr/src/multus-cni/bin/multus | golang.org/x/net@v0.28.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | usr/src/multus-cni/bin/multus | golang.org/x/net@v0.28.0 | CVE-2025-22872 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-multus-cni:v4.2.1-build20250627 | false | Harvester v1.6.0 | usr/src/multus-cni/bin/multus | golang.org/x/oauth2@v0.10.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-eventrouter:v1.6.0 | false | Harvester v1.6.0 | usr/bin/eventrouter | github.com/golang-jwt/jwt/v4@v4.2.0 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-eventrouter:v1.6.0 | false | Harvester v1.6.0 | usr/bin/eventrouter | golang.org/x/crypto@v0.24.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-eventrouter:v1.6.0 | false | Harvester v1.6.0 | usr/bin/eventrouter | golang.org/x/crypto@v0.24.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-eventrouter:v1.6.0 | false | Harvester v1.6.0 | usr/bin/eventrouter | golang.org/x/net@v0.26.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-eventrouter:v1.6.0 | false | Harvester v1.6.0 | usr/bin/eventrouter | golang.org/x/net@v0.26.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-eventrouter:v1.6.0 | false | Harvester v1.6.0 | usr/bin/eventrouter | golang.org/x/oauth2@v0.21.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-networkfs-manager:v1.6.0 | false | Harvester v1.6.0 | usr/bin/networkfs-manager | golang.org/x/oauth2@v0.23.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-pcidevices:v1.6.0 | false | Harvester v1.6.0 | bin/pcidevices | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-pcidevices:v1.6.0 | false | Harvester v1.6.0 | bin/pcidevices | golang.org/x/net@v0.23.0 | CVE-2025-22872 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-seeder:v1.6.0 | false | Harvester v1.6.0 | bin/manager | golang.org/x/crypto@v0.28.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-seeder:v1.6.0 | false | Harvester v1.6.0 | bin/manager | golang.org/x/crypto@v0.28.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-seeder:v1.6.0 | false | Harvester v1.6.0 | bin/manager | golang.org/x/net@v0.30.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-seeder:v1.6.0 | false | Harvester v1.6.0 | bin/manager | golang.org/x/net@v0.30.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-seeder:v1.6.0 | false | Harvester v1.6.0 | bin/manager | golang.org/x/oauth2@v0.23.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/kubectl | golang.org/x/net@v0.30.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/kubectl | golang.org/x/oauth2@v0.23.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/wharfie | go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 | CVE-2023-47108 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/wharfie | golang.org/x/crypto@v0.21.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/wharfie | golang.org/x/crypto@v0.21.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/wharfie | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/wharfie | golang.org/x/net@v0.23.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-upgrade:v1.6.0 | false | Harvester v1.6.0 | usr/bin/wharfie | golang.org/x/oauth2@v0.10.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-vm-import-controller:v1.6.0 | false | Harvester v1.6.0 | usr/bin/vm-import-controller | github.com/golang/glog@v1.2.2 | CVE-2024-45339 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-vm-import-controller:v1.6.0 | false | Harvester v1.6.0 | usr/bin/vm-import-controller | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-vm-import-controller:v1.6.0 | false | Harvester v1.6.0 | usr/bin/vm-import-controller | golang.org/x/net@v0.23.0 | CVE-2025-22872 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-vm-import-controller:v1.6.0 | false | Harvester v1.6.0 | usr/bin/vm-import-controller | golang.org/x/oauth2@v0.24.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-webhook | github.com/go-jose/go-jose/v3@v3.0.3 | CVE-2025-27144 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-webhook | github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1 | CVE-2019-12274 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-webhook | github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1 | CVE-2021-36775 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-webhook | github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1 | CVE-2019-11881 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-webhook:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester-webhook | github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1 | CVE-2021-25313 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester | github.com/go-jose/go-jose/v3@v3.0.3 | CVE-2025-27144 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester | github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1 | CVE-2019-12274 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester | github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1 | CVE-2021-36775 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester | github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1 | CVE-2019-11881 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester:v1.6.0 | false | Harvester v1.6.0 | usr/bin/harvester | github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1 | CVE-2021-25313 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.9.8-build20250709 | false | Harvester v1.6.0 | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | helm.sh/helm/v3@v3.18.4 | CVE-2025-55198 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/klipper-helm:v0.9.8-build20250709 | false | Harvester v1.6.0 | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | helm.sh/helm/v3@v3.18.4 | CVE-2025-55199 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | golang.org/x/net@v0.19.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/kubectl:v1.29.2 | false | Harvester v1.6.0 | bin/kubectl | golang.org/x/oauth2@v0.10.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/kubectl:v1.32.3 | false | Harvester v1.6.0 | bin/kubectl | golang.org/x/net@v0.30.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/kubectl:v1.32.3 | false | Harvester v1.6.0 | bin/kubectl | golang.org/x/oauth2@v0.23.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | filippo.io/age@v1.1.1 | GHSA-32gq-x56h-299c | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | github.com/golang-jwt/jwt/v4@v4.5.0 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | github.com/golang-jwt/jwt/v5@v5.2.1 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | github.com/getkin/kin-openapi@v0.122.0 | CVE-2025-30153 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | github.com/grafana/grafana-plugin-sdk-go@v0.234.0 | CVE-2024-8986 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | github.com/rs/cors@v1.10.1 | CVE-2025-47908 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | golang.org/x/crypto@v0.24.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | golang.org/x/crypto@v0.24.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-grafana-grafana:11.1.0 | true | Harvester v1.6.0 | usr/share/grafana/bin/grafana | golang.org/x/oauth2@v0.20.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-kube-logging-logging-operator:4.10.0 | true | Harvester v1.6.0 | manager | golang.org/x/net@v0.29.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-logging-logging-operator:4.10.0 | true | Harvester v1.6.0 | manager | golang.org/x/net@v0.29.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-logging-logging-operator:4.10.0 | true | Harvester v1.6.0 | manager | golang.org/x/oauth2@v0.21.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0 | true | Harvester v1.6.0 | adapter | golang.org/x/crypto@v0.22.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0 | true | Harvester v1.6.0 | adapter | golang.org/x/crypto@v0.22.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0 | true | Harvester v1.6.0 | adapter | golang.org/x/net@v0.24.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0 | true | Harvester v1.6.0 | adapter | golang.org/x/net@v0.24.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0 | true | Harvester v1.6.0 | adapter | golang.org/x/oauth2@v0.18.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | golang.org/x/crypto@v0.18.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | golang.org/x/crypto@v0.18.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | golang.org/x/net@v0.20.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | golang.org/x/oauth2@v0.16.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/alertmanager | google.golang.org/protobuf@v1.32.0 | CVE-2024-24786 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | golang.org/x/crypto@v0.18.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | golang.org/x/crypto@v0.18.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | golang.org/x/net@v0.20.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | golang.org/x/oauth2@v0.16.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-alertmanager:v0.27.0 | true | Harvester v1.6.0 | bin/amtool | google.golang.org/protobuf@v1.32.0 | CVE-2024-24786 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-node-exporter:v1.8.2 | true | Harvester v1.6.0 | bin/node_exporter | golang.org/x/crypto@v0.21.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-node-exporter:v1.8.2 | true | Harvester v1.6.0 | bin/node_exporter | golang.org/x/crypto@v0.21.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-node-exporter:v1.8.2 | true | Harvester v1.6.0 | bin/node_exporter | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-prometheus-node-exporter:v1.8.2 | true | Harvester v1.6.0 | bin/node_exporter | golang.org/x/net@v0.23.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-node-exporter:v1.8.2 | true | Harvester v1.6.0 | bin/node_exporter | golang.org/x/oauth2@v0.18.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/prometheus | github.com/docker/docker@v26.1.3+incompatible | CVE-2024-41110 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/prometheus | github.com/golang-jwt/jwt/v5@v5.2.1 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/prometheus | golang.org/x/crypto@v0.24.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/prometheus | golang.org/x/crypto@v0.24.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/prometheus | golang.org/x/net@v0.26.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/prometheus | golang.org/x/oauth2@v0.21.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/promtool | github.com/docker/docker@v26.1.3+incompatible | CVE-2024-41110 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/promtool | github.com/golang-jwt/jwt/v5@v5.2.1 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/promtool | golang.org/x/crypto@v0.24.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/promtool | golang.org/x/crypto@v0.24.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/promtool | golang.org/x/net@v0.26.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-prometheus-prometheus:v2.53.1 | true | Harvester v1.6.0 | bin/promtool | golang.org/x/oauth2@v0.21.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | Harvester v1.6.0 | snapshot-controller | golang.org/x/net@v0.31.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | Harvester v1.6.0 | snapshot-controller | golang.org/x/net@v0.31.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | Harvester v1.6.0 | snapshot-controller | golang.org/x/oauth2@v0.24.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | curl | curl@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | git | git@2.43.0-150600.3.9.1 | SUSE-SU-2025:03012-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | git-core | git-core@2.43.0-150600.3.9.1 | SUSE-SU-2025:03012-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | libcurl4 | libcurl4@8.6.0-150600.4.21.1 | SUSE-SU-2025:03198-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | libsqlite3-0 | libsqlite3-0@3.49.1-150000.3.27.1 | SUSE-SU-2025:02672-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | libxml2-2 | libxml2-2@2.10.3-150500.5.29.1 | SUSE-SU-2025:02758-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | libxml2-tools | libxml2-tools@2.10.3-150500.5.29.1 | SUSE-SU-2025:02758-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/nginx-ingress-controller:v1.12.4-hardened2 | false | Harvester v1.6.0 | perl-Git | perl-Git@2.43.0-150600.3.9.1 | SUSE-SU-2025:03012-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | github.com/golang/glog@v1.2.1 | CVE-2024-45339 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29 | CVE-2024-36621 | none | not affected | vulnerable code not present | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29 | CVE-2024-36623 | none | not affected | vulnerable code not present | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29 | CVE-2021-41091 | none | not affected | vulnerable code not present | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29 | CVE-2024-24557 | none | not affected | vulnerable code not present | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | golang.org/x/crypto@v0.27.0 | CVE-2024-45337 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | golang.org/x/crypto@v0.27.0 | CVE-2025-22869 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | golang.org/x/net@v0.29.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | golang.org/x/net@v0.29.0 | CVE-2025-22872 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | opt/drivers/management-state/bin/docker-machine-driver-harvester | golang.org/x/oauth2@v0.23.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/containerd | github.com/pion/interceptor@v0.1.37 | CVE-2025-49140 | none | not affected | vulnerable code not present | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/k3s | github.com/pion/interceptor@v0.1.37 | CVE-2025-49140 | none | not affected | vulnerable code not present | gobinary |
| rancher/rancher:v2.12.0 | false | Harvester v1.6.0 | usr/bin/rancher-machine | github.com/golang-jwt/jwt/v4@v4.5.0 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/rke2-runtime:v1.33.3-rke2r1 | false | Harvester v1.6.0 | bin/kubelet | go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0 | CVE-2023-45142 | none | not affected | vulnerable code not present | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/helm | golang.org/x/crypto@v0.26.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/helm | golang.org/x/crypto@v0.26.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/helm | golang.org/x/net@v0.26.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/helm | golang.org/x/net@v0.26.0 | CVE-2025-22872 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/helm | golang.org/x/oauth2@v0.21.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | github.com/docker/docker@v26.0.1+incompatible | CVE-2024-41110 | none | not affected | vulnerable code not present | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | golang.org/x/crypto@v0.22.0 | CVE-2024-45337 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | golang.org/x/oauth2@v0.19.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | helm.sh/helm/v3@v3.14.4 | CVE-2025-53547 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | helm.sh/helm/v3@v3.14.4 | CVE-2025-55198 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | helm.sh/helm/v3@v3.14.4 | CVE-2025-55199 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/kubectl | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/shell:v0.3.0 | false | Harvester v1.6.0 | usr/local/bin/kubectl | golang.org/x/oauth2@v0.10.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/shell:v0.5.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | helm.sh/helm/v3@v3.18.4 | CVE-2025-55198 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/shell:v0.5.0 | false | Harvester v1.6.0 | usr/local/bin/k9s | helm.sh/helm/v3@v3.18.4 | CVE-2025-55199 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | boost-license1_66_0 | boost-license1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | libboost_system1_66_0 | libboost_system1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| rancher/support-bundle-kit:v0.0.57 | false | Harvester v1.6.0 | libboost_thread1_66_0 | libboost_thread1_66_0@1.66.0-12.3.1 | SUSE-SU-2025:02536-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | golang.org/x/net@v0.17.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | golang.org/x/net@v0.17.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | golang.org/x/oauth2@v0.11.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 | false | Harvester v1.6.0 | snapshot-controller | google.golang.org/protobuf@v1.31.0 | CVE-2024-24786 | none | not affected | vulnerable code not present | gobinary |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | golang.org/x/net@v0.17.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | golang.org/x/net@v0.17.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | golang.org/x/oauth2@v0.11.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.3.3 | false | Harvester v1.6.0 | snapshot-validation-webhook | google.golang.org/protobuf@v1.31.0 | CVE-2024-24786 | none | not affected | vulnerable code not present | gobinary |