SUSE Rancher - RKE2 v1.33.1 version - CVE Scans - 2025-06-13

How to use this page

Search:

Image Mirrored Release Binary/Package Dependency Vulnerability ID (CVE) Severity Status Justification (for status not affected) Type (language or OS)
rancher/hardened-dns-node-cache:1.26.0-build20250515 false RKE2 v1.33.1 node-cache github.com/coredns/coredns@v1.11.3 CVE-2025-47950
MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating
 affected gobinary
rancher/hardened-flannel:v0.26.7-build20250515 false RKE2 v1.33.1 libsoup-2_4-1 libsoup-2_4-1@2.74.3-150600.4.6.1 SUSE-SU-2025:01802-1 HIGH affected sles
rancher/hardened-calico:v3.30.0-build20250515 false RKE2 v1.33.1 glibc glibc@2.38-150600.14.29.1 SUSE-SU-2025:01702-1 none not affected vulnerable code cannot be controlled by adversary sles
rancher/hardened-coredns:v1.12.1-build20250507 false RKE2 v1.33.1 glibc glibc@2.38-150600.14.29.1 SUSE-SU-2025:01702-1 none not affected vulnerable code cannot be controlled by adversary sles
rancher/hardened-dns-node-cache:1.26.0-build20250515 false RKE2 v1.33.1 glibc glibc@2.38-150600.14.29.1 SUSE-SU-2025:01702-1 none not affected vulnerable code cannot be controlled by adversary sles
rancher/hardened-flannel:v0.26.7-build20250515 false RKE2 v1.33.1 glibc glibc@2.38-150600.14.29.1 SUSE-SU-2025:01702-1 none not affected vulnerable code cannot be controlled by adversary sles
rancher/hardened-k8s-metrics-server:v0.7.2-build20250507 false RKE2 v1.33.1 metrics-server golang.org/x/crypto@v0.26.0 CVE-2024-45337 none not affected vulnerable code not present gobinary
rancher/hardened-k8s-metrics-server:v0.7.2-build20250507 false RKE2 v1.33.1 metrics-server golang.org/x/crypto@v0.26.0 CVE-2025-22869 none not affected vulnerable code not present gobinary
rancher/hardened-kubernetes:v1.33.1-rke2r1-build20250515 false RKE2 v1.33.1 glibc glibc@2.31-150300.92.1 SUSE-SU-2025:01784-1 none not affected vulnerable code cannot be controlled by adversary sles
rancher/hardened-kubernetes:v1.33.1-rke2r1-build20250515 false RKE2 v1.33.1 usr/local/bin/kubelet go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0 CVE-2023-45142 none not affected vulnerable code not present gobinary
rancher/klipper-helm:v0.9.5-build20250306 false RKE2 v1.33.1 home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis golang.org/x/crypto@v0.26.0 CVE-2024-45337 none not affected vulnerable code not present gobinary
rancher/klipper-helm:v0.9.5-build20250306 false RKE2 v1.33.1 home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis golang.org/x/crypto@v0.26.0 CVE-2025-22869 none not affected vulnerable code not present gobinary
rancher/klipper-helm:v0.9.5-build20250306 false RKE2 v1.33.1 home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status golang.org/x/crypto@v0.25.0 CVE-2024-45337 none not affected vulnerable code not present gobinary
rancher/klipper-helm:v0.9.5-build20250306 false RKE2 v1.33.1 home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status golang.org/x/crypto@v0.25.0 CVE-2025-22869 none not affected vulnerable code not present gobinary
rancher/klipper-helm:v0.9.5-build20250306 false RKE2 v1.33.1 usr/bin/helm golang.org/x/crypto@v0.31.0 CVE-2025-22869 none not affected vulnerable code not present gobinary
rancher/nginx-ingress-controller:v1.12.1-hardened6 false RKE2 v1.33.1 glibc glibc@2.38-150600.14.29.1 SUSE-SU-2025:01702-1 none not affected vulnerable code cannot be controlled by adversary sles
rancher/nginx-ingress-controller:v1.12.1-hardened6 false RKE2 v1.33.1 glibc-devel glibc-devel@2.38-150600.14.29.1 SUSE-SU-2025:01702-1 none not affected vulnerable code cannot be controlled by adversary sles
rancher/rke2-runtime:v1.33.1-rke2r1 false RKE2 v1.33.1 bin/kubelet go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0 CVE-2023-45142 none not affected vulnerable code not present gobinary