Search:
| Image | Mirrored | Release | Binary/Package | Dependency | Vulnerability ID (CVE) | Severity | Status | Justification (for status not affected) | Type (language or OS) |
|---|---|---|---|---|---|---|---|---|---|
| rancher/hardened-coredns:v1.13.1-build20251204 | false | RKE2 v1.33.7 | coredns | github.com/expr-lang/expr@v1.17.6 | CVE-2025-68156 | HIGH | affected | gobinary | |
| rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.6.5 | true | RKE2 v1.33.7 | kube-webhook-certgen | stdlib@v1.25.4 | CVE-2025-61729 | HIGH | affected | gobinary | |
| rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.6.5 | true | RKE2 v1.33.7 | kube-webhook-certgen | stdlib@v1.25.4 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.33.7 | snapshot-controller | stdlib@v1.23.1 | CVE-2025-61729 | HIGH | affected | gobinary | |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.33.7 | snapshot-controller | stdlib@v1.23.1 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.33.7 | snapshot-controller | stdlib@v1.23.1 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.33.7 | snapshot-controller | stdlib@v1.23.1 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-cloud-provider:v1.33.7-0.20251210094413-291666bcc1a4-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/rke2-cloud-provider | github.com/expr-lang/expr@v1.17.6 | CVE-2025-68156 | HIGH | affected | gobinary | |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/containerd | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/containerd | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/containerd-shim-runc-v2 | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/containerd-shim-runc-v2 | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/ctr | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/ctr | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/hardened-addon-resizer:1.8.23-build20251204 | false | RKE2 v1.33.7 | pod_nanny | golang.org/x/net@v0.33.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-addon-resizer:1.8.23-build20251204 | false | RKE2 v1.33.7 | pod_nanny | golang.org/x/net@v0.33.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-addon-resizer:1.8.23-build20251204 | false | RKE2 v1.33.7 | pod_nanny | golang.org/x/oauth2@v0.24.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.31.2-build20251205 | false | RKE2 v1.33.7 | calicoctl | golang.org/x/crypto@v0.43.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.31.2-build20251205 | false | RKE2 v1.33.7 | calicoctl | golang.org/x/crypto@v0.43.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.31.2-build20251205 | false | RKE2 v1.33.7 | opt/cni/bin/calico | golang.org/x/crypto@v0.43.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.31.2-build20251205 | false | RKE2 v1.33.7 | opt/cni/bin/calico | golang.org/x/crypto@v0.43.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.31.2-build20251205 | false | RKE2 v1.33.7 | opt/cni/bin/calico-ipam | golang.org/x/crypto@v0.43.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.31.2-build20251205 | false | RKE2 v1.33.7 | opt/cni/bin/calico-ipam | golang.org/x/crypto@v0.43.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.31.2-build20251205 | false | RKE2 v1.33.7 | opt/cni/bin/tap | github.com/opencontainers/selinux@v1.12.0 | CVE-2025-52881 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-calico:v3.31.2-build20251205 | false | RKE2 v1.33.7 | usr/bin/calico-node | golang.org/x/crypto@v0.43.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.31.2-build20251205 | false | RKE2 v1.33.7 | usr/bin/calico-node | golang.org/x/crypto@v0.43.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.31.2-build20251205 | false | RKE2 v1.33.7 | usr/bin/kube-controllers | golang.org/x/crypto@v0.43.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.31.2-build20251205 | false | RKE2 v1.33.7 | usr/bin/kube-controllers | golang.org/x/crypto@v0.43.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-cluster-autoscaler:v1.10.2-build20251204 | false | RKE2 v1.33.7 | cluster-proportional-autoscaler | golang.org/x/net@v0.36.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-cluster-autoscaler:v1.10.2-build20251204 | false | RKE2 v1.33.7 | cluster-proportional-autoscaler | golang.org/x/oauth2@v0.23.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-coredns:v1.13.1-build20251204 | false | RKE2 v1.33.7 | coredns | github.com/quic-go/quic-go@v0.55.0 | CVE-2025-64702 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-coredns:v1.13.1-build20251204 | false | RKE2 v1.33.7 | coredns | golang.org/x/crypto@v0.42.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-coredns:v1.13.1-build20251204 | false | RKE2 v1.33.7 | coredns | golang.org/x/crypto@v0.42.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-dns-node-cache:1.26.7-build20251204 | false | RKE2 v1.33.7 | node-cache | github.com/quic-go/quic-go@v0.55.0 | CVE-2025-64702 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-dns-node-cache:1.26.7-build20251204 | false | RKE2 v1.33.7 | node-cache | golang.org/x/crypto@v0.43.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-dns-node-cache:1.26.7-build20251204 | false | RKE2 v1.33.7 | node-cache | golang.org/x/crypto@v0.43.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.5.25-k3s1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/etcd | golang.org/x/crypto@v0.36.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.5.25-k3s1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/etcd | golang.org/x/crypto@v0.36.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.5.25-k3s1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/etcdctl | golang.org/x/crypto@v0.36.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.5.25-k3s1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/etcdctl | golang.org/x/crypto@v0.36.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-flannel:v0.27.4-build20251204 | false | RKE2 v1.33.7 | opt/bin/flanneld | golang.org/x/crypto@v0.36.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-flannel:v0.27.4-build20251204 | false | RKE2 v1.33.7 | opt/bin/flanneld | golang.org/x/crypto@v0.36.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-k8s-metrics-server:v0.8.0-build20251204 | false | RKE2 v1.33.7 | metrics-server | golang.org/x/crypto@v0.38.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-k8s-metrics-server:v0.8.0-build20251204 | false | RKE2 v1.33.7 | metrics-server | golang.org/x/crypto@v0.38.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kube-apiserver | github.com/opencontainers/selinux@v1.11.1 | CVE-2025-52881 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kube-apiserver | golang.org/x/crypto@v0.36.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kube-apiserver | golang.org/x/crypto@v0.36.0 | CVE-2025-58181 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kube-controller-manager | github.com/opencontainers/selinux@v1.11.1 | CVE-2025-52881 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kube-controller-manager | golang.org/x/crypto@v0.36.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kube-controller-manager | golang.org/x/crypto@v0.36.0 | CVE-2025-58181 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kube-proxy | golang.org/x/crypto@v0.36.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kube-proxy | golang.org/x/crypto@v0.36.0 | CVE-2025-58181 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kube-scheduler | golang.org/x/crypto@v0.36.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kube-scheduler | golang.org/x/crypto@v0.36.0 | CVE-2025-58181 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kubelet | github.com/opencontainers/selinux@v1.11.1 | CVE-2025-52881 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kubelet | go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0 | CVE-2023-45142 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kubelet | golang.org/x/crypto@v0.36.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-kubernetes:v1.33.7-rke2r1-build20251210 | false | RKE2 v1.33.7 | usr/local/bin/kubelet | golang.org/x/crypto@v0.36.0 | CVE-2025-58181 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.33.7 | snapshot-controller | golang.org/x/net@v0.31.0 | CVE-2025-22870 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.33.7 | snapshot-controller | golang.org/x/net@v0.31.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.33.7 | snapshot-controller | golang.org/x/oauth2@v0.24.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.33.7 | snapshot-controller | stdlib@v1.23.1 | CVE-2025-47907 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.33.7 | snapshot-controller | stdlib@v1.23.1 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-sig-storage-snapshot-controller:v8.2.0 | true | RKE2 v1.33.7 | snapshot-controller | stdlib@v1.23.1 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/containerd | github.com/containerd/containerd/v2@v2.1.5-k3s1 | CVE-2024-25621 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/containerd | github.com/opencontainers/selinux@v1.12.0 | CVE-2025-52881 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/containerd | golang.org/x/crypto@v0.36.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/containerd | golang.org/x/crypto@v0.36.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/containerd-shim-runc-v2 | github.com/containerd/containerd/v2@v2.1.5-k3s1 | CVE-2024-25621 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/ctr | github.com/containerd/containerd/v2@v2.1.5-k3s1 | CVE-2024-25621 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/ctr | github.com/opencontainers/selinux@v1.12.0 | CVE-2025-52881 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/kubelet | github.com/opencontainers/selinux@v1.11.1 | CVE-2025-52881 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/kubelet | go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0 | CVE-2023-45142 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/kubelet | golang.org/x/crypto@v0.36.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-runtime:v1.33.7-rke2r1 | false | RKE2 v1.33.7 | bin/kubelet | golang.org/x/crypto@v0.36.0 | CVE-2025-58181 | none | not affected | vulnerable code not in execute path | gobinary |