Search:
Image | Mirrored | Release | Binary/Package | Dependency | Vulnerability ID (CVE) | Severity | Status | Justification (for status not affected) | Type (language or OS) |
---|---|---|---|---|---|---|---|---|---|
rancher/hardened-calico:v3.30.1-build20250611 | false | RKE2 v1.30.14 | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
rancher/hardened-calico:v3.30.1-build20250611 | false | RKE2 v1.30.14 | libssh-config | libssh-config@0.9.8-150600.9.1 | SUSE-SU-2025:02229-1 | HIGH | affected | sles | |
rancher/hardened-calico:v3.30.1-build20250611 | false | RKE2 v1.30.14 | libssh4 | libssh4@0.9.8-150600.9.1 | SUSE-SU-2025:02229-1 | HIGH | affected | sles | |
rancher/hardened-flannel:v0.27.0-build20250611 | false | RKE2 v1.30.14 | glib2-tools | glib2-tools@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
rancher/hardened-flannel:v0.27.0-build20250611 | false | RKE2 v1.30.14 | libgio-2_0-0 | libgio-2_0-0@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
rancher/hardened-flannel:v0.27.0-build20250611 | false | RKE2 v1.30.14 | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
rancher/hardened-flannel:v0.27.0-build20250611 | false | RKE2 v1.30.14 | libgmodule-2_0-0 | libgmodule-2_0-0@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
rancher/hardened-flannel:v0.27.0-build20250611 | false | RKE2 v1.30.14 | libgobject-2_0-0 | libgobject-2_0-0@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
rancher/hardened-flannel:v0.27.0-build20250611 | false | RKE2 v1.30.14 | libssh-config | libssh-config@0.9.8-150600.9.1 | SUSE-SU-2025:02229-1 | HIGH | affected | sles | |
rancher/hardened-flannel:v0.27.0-build20250611 | false | RKE2 v1.30.14 | libssh4 | libssh4@0.9.8-150600.9.1 | SUSE-SU-2025:02229-1 | HIGH | affected | sles | |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | libssh-config | libssh-config@0.9.8-150400.3.6.1 | SUSE-SU-2025:02278-1 | HIGH | affected | sles | |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | libssh4 | libssh4@0.9.8-150400.3.6.1 | SUSE-SU-2025:02278-1 | HIGH | affected | sles | |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-controller-manager | github.com/opencontainers/runc@v1.1.12 | CVE-2024-45310 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-proxy | github.com/opencontainers/runc@v1.1.12 | CVE-2024-45310 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kubelet | github.com/opencontainers/runc@v1.1.12 | CVE-2024-45310 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
rancher/klipper-helm:v0.9.7-build20250616 | false | RKE2 v1.30.14 | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | helm.sh/helm/v3@v3.18.3 | CVE-2025-53547 | HIGH | affected | gobinary | |
rancher/klipper-helm:v0.9.7-build20250616 | false | RKE2 v1.30.14 | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | helm.sh/helm/v3@v3.18.3 | CVE-2025-53547 | HIGH | affected | gobinary | |
rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.5.3 | true | RKE2 v1.30.14 | kube-webhook-certgen | stdlib@v1.24.2 | CVE-2025-22874 | HIGH | affected | gobinary | |
rancher/nginx-ingress-controller:v1.12.2-hardened2 | false | RKE2 v1.30.14 | glib2-tools | glib2-tools@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
rancher/nginx-ingress-controller:v1.12.2-hardened2 | false | RKE2 v1.30.14 | libgio-2_0-0 | libgio-2_0-0@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
rancher/nginx-ingress-controller:v1.12.2-hardened2 | false | RKE2 v1.30.14 | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
rancher/nginx-ingress-controller:v1.12.2-hardened2 | false | RKE2 v1.30.14 | libgmodule-2_0-0 | libgmodule-2_0-0@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
rancher/nginx-ingress-controller:v1.12.2-hardened2 | false | RKE2 v1.30.14 | libgobject-2_0-0 | libgobject-2_0-0@2.78.6-150600.4.11.1 | SUSE-SU-2025:02167-1 | HIGH | affected | sles | |
rancher/nginx-ingress-controller:v1.12.2-hardened2 | false | RKE2 v1.30.14 | libssh-config | libssh-config@0.9.8-150600.9.1 | SUSE-SU-2025:02229-1 | HIGH | affected | sles | |
rancher/nginx-ingress-controller:v1.12.2-hardened2 | false | RKE2 v1.30.14 | libssh4 | libssh4@0.9.8-150600.9.1 | SUSE-SU-2025:02229-1 | HIGH | affected | sles | |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/kubelet | github.com/opencontainers/runc@v1.1.12 | CVE-2024-45310 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
rancher/hardened-addon-resizer:1.8.23-build20250612 | false | RKE2 v1.30.14 | pod_nanny | golang.org/x/net@v0.33.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-addon-resizer:1.8.23-build20250612 | false | RKE2 v1.30.14 | pod_nanny | golang.org/x/net@v0.33.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-calico:v3.30.1-build20250611 | false | RKE2 v1.30.14 | pam | pam@1.3.0-150000.6.76.1 | SUSE-SU-2025:02013-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
rancher/hardened-cluster-autoscaler:v1.10.2-build20250611 | false | RKE2 v1.30.14 | cluster-proportional-autoscaler | golang.org/x/net@v0.36.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-flannel:v0.27.0-build20250611 | false | RKE2 v1.30.14 | pam | pam@1.3.0-150000.6.76.1 | SUSE-SU-2025:02013-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
rancher/hardened-flannel:v0.27.0-build20250611 | false | RKE2 v1.30.14 | pam-config | pam-config@1.1-150600.16.3.1 | SUSE-SU-2025:02080-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
rancher/hardened-k8s-metrics-server:v0.7.2-build20250612 | false | RKE2 v1.30.14 | metrics-server | golang.org/x/crypto@v0.26.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-k8s-metrics-server:v0.7.2-build20250612 | false | RKE2 v1.30.14 | metrics-server | golang.org/x/crypto@v0.26.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-k8s-metrics-server:v0.7.2-build20250612 | false | RKE2 v1.30.14 | metrics-server | golang.org/x/net@v0.28.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-k8s-metrics-server:v0.7.2-build20250612 | false | RKE2 v1.30.14 | metrics-server | golang.org/x/net@v0.28.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | pam | pam@1.3.0-150000.6.76.1 | SUSE-SU-2025:02013-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-apiserver | go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 | CVE-2023-47108 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-apiserver | golang.org/x/crypto@v0.21.0 | CVE-2024-45337 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-apiserver | golang.org/x/crypto@v0.21.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-apiserver | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-apiserver | gopkg.in/square/go-jose.v2@v2.6.0 | CVE-2024-28180 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-controller-manager | go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 | CVE-2023-47108 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-controller-manager | golang.org/x/crypto@v0.21.0 | CVE-2024-45337 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-controller-manager | golang.org/x/crypto@v0.21.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-controller-manager | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-controller-manager | gopkg.in/square/go-jose.v2@v2.6.0 | CVE-2024-28180 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-proxy | go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 | CVE-2023-47108 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-proxy | golang.org/x/crypto@v0.21.0 | CVE-2024-45337 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-proxy | golang.org/x/crypto@v0.21.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-proxy | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-scheduler | go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 | CVE-2023-47108 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-scheduler | golang.org/x/crypto@v0.21.0 | CVE-2024-45337 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-scheduler | golang.org/x/crypto@v0.21.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kube-scheduler | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kubectl | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kubelet | go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0 | CVE-2023-45142 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kubelet | go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 | CVE-2023-47108 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kubelet | golang.org/x/crypto@v0.21.0 | CVE-2024-45337 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kubelet | golang.org/x/crypto@v0.21.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
rancher/hardened-kubernetes:v1.30.14-rke2r1-build20250618 | false | RKE2 v1.30.14 | usr/local/bin/kubelet | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.30.14 | snapshot-controller | golang.org/x/net@v0.31.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.30.14 | snapshot-controller | golang.org/x/net@v0.31.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
rancher/nginx-ingress-controller:v1.12.2-hardened2 | false | RKE2 v1.30.14 | pam | pam@1.3.0-150000.6.76.1 | SUSE-SU-2025:02013-1 | none | not affected | vulnerable code cannot be controlled by adversary | sles |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/containerd | github.com/go-jose/go-jose/v3@v3.0.3 | CVE-2025-27144 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/containerd | go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.45.0 | CVE-2023-47108 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/containerd | golang.org/x/crypto@v0.31.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/containerd | golang.org/x/net@v0.33.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/containerd | golang.org/x/net@v0.33.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/containerd-shim-runc-v2 | golang.org/x/net@v0.33.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/containerd-shim-runc-v2 | golang.org/x/net@v0.33.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/crictl | go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 | CVE-2023-47108 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/crictl | golang.org/x/net@v0.24.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/crictl | golang.org/x/net@v0.24.0 | CVE-2025-22872 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/ctr | golang.org/x/net@v0.33.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/ctr | golang.org/x/net@v0.33.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/kubectl | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/kubelet | go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0 | CVE-2023-45142 | none | not affected | vulnerable code not present | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/kubelet | go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 | CVE-2023-47108 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/kubelet | golang.org/x/crypto@v0.21.0 | CVE-2024-45337 | none | not affected | vulnerable code not in execute path | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/kubelet | golang.org/x/crypto@v0.21.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
rancher/rke2-runtime:v1.30.14-rke2r1 | false | RKE2 v1.30.14 | bin/kubelet | golang.org/x/net@v0.23.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |