Search:
Image | Mirrored | Release | Binary/Package | Dependency | Vulnerability ID (CVE) | Severity | Status | Justification (for status not affected) | Type (language or OS) |
---|---|---|---|---|---|---|---|---|---|
rancher/mirrored-coredns-coredns:1.12.0 | true | K3s v1.31.7 | coredns | github.com/expr-lang/expr@v1.16.9 | CVE-2025-29786 | HIGH | affected | gobinary | |
rancher/mirrored-metrics-server:v0.7.2 | true | K3s v1.31.7 | metrics-server | stdlib@v1.22.5 | CVE-2024-34156 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
rancher/k3s:v1.31.7-k3s1 | false | K3s v1.31.7 | bin/k3s | github.com/golang-jwt/jwt/v4@v4.5.1 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/k3s:v1.31.7-k3s1 | false | K3s v1.31.7 | bin/k3s | golang.org/x/crypto@v0.24.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
rancher/klipper-helm:v0.9.4-build20250113 | false | K3s v1.31.7 | libcrypto3 | libcrypto3@3.3.2-r4 | CVE-2024-12797 | none | not affected | vulnerable code cannot be controlled by adversary | alpine |
rancher/klipper-helm:v0.9.4-build20250113 | false | K3s v1.31.7 | libssl3 | libssl3@3.3.2-r4 | CVE-2024-12797 | none | not affected | vulnerable code cannot be controlled by adversary | alpine |
rancher/klipper-helm:v0.9.4-build20250113 | false | K3s v1.31.7 | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | golang.org/x/crypto@v0.26.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
rancher/klipper-helm:v0.9.4-build20250113 | false | K3s v1.31.7 | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.25.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
rancher/local-path-provisioner:v0.0.31 | false | K3s v1.31.7 | libcrypto3 | libcrypto3@3.3.2-r4 | CVE-2024-12797 | none | not affected | vulnerable code cannot be controlled by adversary | alpine |
rancher/local-path-provisioner:v0.0.31 | false | K3s v1.31.7 | libssl3 | libssl3@3.3.2-r4 | CVE-2024-12797 | none | not affected | vulnerable code cannot be controlled by adversary | alpine |
rancher/mirrored-coredns-coredns:1.12.0 | true | K3s v1.31.7 | coredns | github.com/golang-jwt/jwt/v4@v4.5.1 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/mirrored-coredns-coredns:1.12.0 | true | K3s v1.31.7 | coredns | golang.org/x/crypto@v0.29.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
rancher/mirrored-library-traefik:2.11.20 | true | K3s v1.31.7 | usr/local/bin/traefik | github.com/golang-jwt/jwt/v4@v4.5.1 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/mirrored-library-traefik:2.11.20 | true | K3s v1.31.7 | usr/local/bin/traefik | github.com/golang-jwt/jwt/v5@v5.2.1 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/mirrored-metrics-server:v0.7.2 | true | K3s v1.31.7 | metrics-server | golang.org/x/crypto@v0.26.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |