bright-farmer-78407
01/09/2023, 7:02 PMcreamy-pencil-82913
01/09/2023, 7:03 PMbright-farmer-78407
01/09/2023, 7:22 PMcreamy-pencil-82913
01/09/2023, 7:24 PMbright-farmer-78407
01/09/2023, 7:29 PM<http://docker.io/rancher/hardened-kubernetes:v1.26.0-rke2r1-build20221209|docker.io/rancher/hardened-kubernetes:v1.26.0-rke2r1-build20221209>
represents ?creamy-pencil-82913
01/09/2023, 7:35 PMbright-farmer-78407
01/09/2023, 7:37 PMcreamy-pencil-82913
01/09/2023, 7:37 PMbright-farmer-78407
01/09/2023, 7:58 PMTesting <http://docker.io/rancher/hardened-kubernetes:v1.26.0-rke2r1-build20221209|docker.io/rancher/hardened-kubernetes:v1.26.0-rke2r1-build20221209>...
✗ Medium severity vulnerability found in <http://k8s.io/legacy-cloud-providers/vsphere|k8s.io/legacy-cloud-providers/vsphere>
Description: Improper Output Neutralization for Logs
Info: <https://security.snyk.io/vuln/SNYK-GOLANG-K8SIOLEGACYCLOUDPROVIDERSVSPHERE-1018868>
Introduced through: <http://k8s.io/legacy-cloud-providers/vsphere@v0.0.0|k8s.io/legacy-cloud-providers/vsphere@v0.0.0>
From: <http://k8s.io/legacy-cloud-providers/vsphere@v0.0.0|k8s.io/legacy-cloud-providers/vsphere@v0.0.0>
Fixed in: 1.20.0-alpha.2
✗ Medium severity vulnerability found in <http://k8s.io/apiserver/pkg/server|k8s.io/apiserver/pkg/server>
Description: Denial of Service (DoS)
Info: <https://security.snyk.io/vuln/SNYK-GOLANG-K8SIOAPISERVERPKGSERVER-561502>
Introduced through: <http://k8s.io/apiserver/pkg/server@v0.0.0|k8s.io/apiserver/pkg/server@v0.0.0>
From: <http://k8s.io/apiserver/pkg/server@v0.0.0|k8s.io/apiserver/pkg/server@v0.0.0>
Fixed in: 0.15.10, 0.16.7, 0.17.3
✗ Medium severity vulnerability found in <http://k8s.io/apimachinery/pkg/util/proxy|k8s.io/apimachinery/pkg/util/proxy>
Description: Privilege Escalation
Info: <https://security.snyk.io/vuln/SNYK-GOLANG-K8SIOAPIMACHINERYPKGUTILPROXY-590104>
Introduced through: <http://k8s.io/apimachinery/pkg/util/proxy@v0.0.0|k8s.io/apimachinery/pkg/util/proxy@v0.0.0>
From: <http://k8s.io/apimachinery/pkg/util/proxy@v0.0.0|k8s.io/apimachinery/pkg/util/proxy@v0.0.0>
Fixed in: 0.19.0-rc.1
✗ Medium severity vulnerability found in <http://golang.org/x/net/http2|golang.org/x/net/http2>
Description: Denial of Service (DoS)
Info: <https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2-3160322>
Introduced through: <http://golang.org/x/net/http2@v0.3.1-0.20221206200815-1e63c2f08a10|golang.org/x/net/http2@v0.3.1-0.20221206200815-1e63c2f08a10>
From: <http://golang.org/x/net/http2@v0.3.1-0.20221206200815-1e63c2f08a10|golang.org/x/net/http2@v0.3.1-0.20221206200815-1e63c2f08a10>
Fixed in: 0.4.0
creamy-pencil-82913
01/09/2023, 8:18 PMIntroduced through: <http://k8s.io/apiserver/pkg/server@v0.0.0|k8s.io/apiserver/pkg/server@v0.0.0>
From: <http://k8s.io/apiserver/pkg/server@v0.0.0|k8s.io/apiserver/pkg/server@v0.0.0>
bright-farmer-78407
01/09/2023, 8:56 PM✗ Medium severity vulnerability found in <http://golang.org/x/net/http2|golang.org/x/net/http2>
Description: Denial of Service (DoS)
Info: <https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2-3160322>
Introduced through: <http://golang.org/x/net/http2@v0.3.1-0.20221206200815-1e63c2f08a10|golang.org/x/net/http2@v0.3.1-0.20221206200815-1e63c2f08a10>
From: <http://golang.org/x/net/http2@v0.3.1-0.20221206200815-1e63c2f08a10|golang.org/x/net/http2@v0.3.1-0.20221206200815-1e63c2f08a10>
Fixed in: 0.4.0
creamy-pencil-82913
01/09/2023, 9:34 PMbright-farmer-78407
01/09/2023, 10:08 PM