277 lines
15 KiB
HTML
277 lines
15 KiB
HTML
|
<!DOCTYPE html>
|
||
|
<html>
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
||
|
<style>
|
||
|
* {
|
||
|
font-family: Arial, Helvetica, sans-serif;
|
||
|
}
|
||
|
h1 {
|
||
|
text-align: center;
|
||
|
}
|
||
|
.group-header th {
|
||
|
font-size: 200%;
|
||
|
background-color: #E4E4E4;
|
||
|
}
|
||
|
.sub-header th {
|
||
|
font-size: 150%;
|
||
|
}
|
||
|
table, th, td {
|
||
|
border: 1px solid black;
|
||
|
border-collapse: collapse;
|
||
|
padding: .3em;
|
||
|
}
|
||
|
table {
|
||
|
margin: 0 auto;
|
||
|
}
|
||
|
.severity {
|
||
|
text-align: center;
|
||
|
font-weight: bold;
|
||
|
color: #fafafa;
|
||
|
}
|
||
|
.severity-LOW .severity { background-color: #5fbb31; }
|
||
|
.severity-MEDIUM .severity { background-color: #e9c600; }
|
||
|
.severity-HIGH .severity { background-color: #ff8800; }
|
||
|
.severity-CRITICAL .severity { background-color: #e40000; }
|
||
|
.severity-UNKNOWN .severity { background-color: #747474; }
|
||
|
.severity-LOW { background-color: #5fbb3160; }
|
||
|
.severity-MEDIUM { background-color: #e9c60060; }
|
||
|
.severity-HIGH { background-color: #ff880060; }
|
||
|
.severity-CRITICAL { background-color: #e4000060; }
|
||
|
.severity-UNKNOWN { background-color: #74747430; }
|
||
|
table tr td:first-of-type {
|
||
|
font-weight: bold;
|
||
|
}
|
||
|
.links a,
|
||
|
.links[data-more-links=on] a {
|
||
|
display: block;
|
||
|
}
|
||
|
.links[data-more-links=off] a:nth-of-type(1n+5) {
|
||
|
display: none;
|
||
|
}
|
||
|
a.toggle-more-links { cursor: pointer; }
|
||
|
</style>
|
||
|
<title>localhost/jenkins-podman:v0.2.4-3 (alpine 3.15.0) - Trivy Report - 2022-01-25T13:58:07.832142733Z</title>
|
||
|
<script>
|
||
|
window.onload = function() {
|
||
|
document.querySelectorAll('td.links').forEach(function(linkCell) {
|
||
|
var links = [].concat.apply([], linkCell.querySelectorAll('a'));
|
||
|
[].sort.apply(links, function(a, b) {
|
||
|
return a.href > b.href ? 1 : -1;
|
||
|
});
|
||
|
links.forEach(function(link, idx) {
|
||
|
if (links.length > 3 && 3 === idx) {
|
||
|
var toggleLink = document.createElement('a');
|
||
|
toggleLink.innerText = "Toggle more links";
|
||
|
toggleLink.href = "#toggleMore";
|
||
|
toggleLink.setAttribute("class", "toggle-more-links");
|
||
|
linkCell.appendChild(toggleLink);
|
||
|
}
|
||
|
linkCell.appendChild(link);
|
||
|
});
|
||
|
});
|
||
|
document.querySelectorAll('a.toggle-more-links').forEach(function(toggleLink) {
|
||
|
toggleLink.onclick = function() {
|
||
|
var expanded = toggleLink.parentElement.getAttribute("data-more-links");
|
||
|
toggleLink.parentElement.setAttribute("data-more-links", "on" === expanded ? "off" : "on");
|
||
|
return false;
|
||
|
};
|
||
|
});
|
||
|
};
|
||
|
</script>
|
||
|
</head>
|
||
|
<body>
|
||
|
<h1><img src="https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png" style="padding-right:10px";>
|
||
|
Trivy Report - 2022-01-25T13:58:07.832152637Z</h1>
|
||
|
<table>
|
||
|
<tr class="group-header"><th colspan="7">localhost/jenkins-podman:v0.2.4-3 (alpine 3.15.0)(alpine)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">Java(jar)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/bin/buildah(gobinary)</th></tr>
|
||
|
<tr class="sub-header">
|
||
|
<th>Package</th>
|
||
|
<th>Vulnerability ID</th>
|
||
|
<th>Severity</th>
|
||
|
<th>Installed Version</th>
|
||
|
<th>Fixed Version</th>
|
||
|
<th>Title</th>
|
||
|
<th>Links</th>
|
||
|
</tr>
|
||
|
<tr class="severity-HIGH">
|
||
|
<td class="pkg-name">github.com/containerd/containerd</td>
|
||
|
<td>CVE-2021-41103</td>
|
||
|
<td class="severity">HIGH</td>
|
||
|
<td class="pkg-version">v1.5.5</td>
|
||
|
<td>v1.4.11, v1.5.7</td>
|
||
|
<td>containerd: insufficiently restricted permissions on container root and plugin directories</td>
|
||
|
<td class="links" data-more-links="off">
|
||
|
<a href="https://avd.aquasec.com/nvd/cve-2021-41103" target="_blank" rel="noopener noreferrer">https://avd.aquasec.com/nvd/cve-2021-41103</a>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr class="severity-UNKNOWN">
|
||
|
<td class="pkg-name">github.com/opencontainers/image-spec</td>
|
||
|
<td>GMS-2021-101</td>
|
||
|
<td class="severity">UNKNOWN</td>
|
||
|
<td class="pkg-version">v1.0.2-0.20210819154149-5ad6f50d6283</td>
|
||
|
<td>1.0.2</td>
|
||
|
<td>Clarify `mediaType` handling</td>
|
||
|
<td class="links" data-more-links="off">
|
||
|
<a href="https://github.com/advisories/GHSA-77vh-xpmg-72qh" target="_blank" rel="noopener noreferrer">https://github.com/advisories/GHSA-77vh-xpmg-72qh</a>
|
||
|
<a href="https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m</a>
|
||
|
<a href="https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c</a>
|
||
|
<a href="https://github.com/opencontainers/image-spec/releases/tag/v1.0.2" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/image-spec/releases/tag/v1.0.2</a>
|
||
|
<a href="https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh</a>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr class="severity-UNKNOWN">
|
||
|
<td class="pkg-name">golang.org/x/text</td>
|
||
|
<td>CVE-2021-38561</td>
|
||
|
<td class="severity">UNKNOWN</td>
|
||
|
<td class="pkg-version">v0.3.6</td>
|
||
|
<td>0.3.7</td>
|
||
|
<td></td>
|
||
|
<td class="links" data-more-links="off">
|
||
|
<a href="https://avd.aquasec.com/nvd/cve-2021-38561" target="_blank" rel="noopener noreferrer">https://avd.aquasec.com/nvd/cve-2021-38561</a>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/bin/git-lfs(gobinary)</th></tr>
|
||
|
<tr class="sub-header">
|
||
|
<th>Package</th>
|
||
|
<th>Vulnerability ID</th>
|
||
|
<th>Severity</th>
|
||
|
<th>Installed Version</th>
|
||
|
<th>Fixed Version</th>
|
||
|
<th>Title</th>
|
||
|
<th>Links</th>
|
||
|
</tr>
|
||
|
<tr class="severity-HIGH">
|
||
|
<td class="pkg-name">golang.org/x/crypto</td>
|
||
|
<td>CVE-2020-29652</td>
|
||
|
<td class="severity">HIGH</td>
|
||
|
<td class="pkg-version">v0.0.0-20201112155050-0c6587e931a9</td>
|
||
|
<td>v0.0.0-20201216223049-8b5274cf687f</td>
|
||
|
<td>golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference</td>
|
||
|
<td class="links" data-more-links="off">
|
||
|
<a href="https://avd.aquasec.com/nvd/cve-2020-29652" target="_blank" rel="noopener noreferrer">https://avd.aquasec.com/nvd/cve-2020-29652</a>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr class="severity-UNKNOWN">
|
||
|
<td class="pkg-name">golang.org/x/text</td>
|
||
|
<td>CVE-2021-38561</td>
|
||
|
<td class="severity">UNKNOWN</td>
|
||
|
<td class="pkg-version">v0.3.5</td>
|
||
|
<td>0.3.7</td>
|
||
|
<td></td>
|
||
|
<td class="links" data-more-links="off">
|
||
|
<a href="https://avd.aquasec.com/nvd/cve-2021-38561" target="_blank" rel="noopener noreferrer">https://avd.aquasec.com/nvd/cve-2021-38561</a>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/bin/podman(gobinary)</th></tr>
|
||
|
<tr class="sub-header">
|
||
|
<th>Package</th>
|
||
|
<th>Vulnerability ID</th>
|
||
|
<th>Severity</th>
|
||
|
<th>Installed Version</th>
|
||
|
<th>Fixed Version</th>
|
||
|
<th>Title</th>
|
||
|
<th>Links</th>
|
||
|
</tr>
|
||
|
<tr class="severity-UNKNOWN">
|
||
|
<td class="pkg-name">github.com/opencontainers/image-spec</td>
|
||
|
<td>GMS-2021-101</td>
|
||
|
<td class="severity">UNKNOWN</td>
|
||
|
<td class="pkg-version">v1.0.2-0.20210819154149-5ad6f50d6283</td>
|
||
|
<td>1.0.2</td>
|
||
|
<td>Clarify `mediaType` handling</td>
|
||
|
<td class="links" data-more-links="off">
|
||
|
<a href="https://github.com/advisories/GHSA-77vh-xpmg-72qh" target="_blank" rel="noopener noreferrer">https://github.com/advisories/GHSA-77vh-xpmg-72qh</a>
|
||
|
<a href="https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m</a>
|
||
|
<a href="https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c</a>
|
||
|
<a href="https://github.com/opencontainers/image-spec/releases/tag/v1.0.2" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/image-spec/releases/tag/v1.0.2</a>
|
||
|
<a href="https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh</a>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/bin/trivy(gobinary)</th></tr>
|
||
|
<tr class="sub-header">
|
||
|
<th>Package</th>
|
||
|
<th>Vulnerability ID</th>
|
||
|
<th>Severity</th>
|
||
|
<th>Installed Version</th>
|
||
|
<th>Fixed Version</th>
|
||
|
<th>Title</th>
|
||
|
<th>Links</th>
|
||
|
</tr>
|
||
|
<tr class="severity-UNKNOWN">
|
||
|
<td class="pkg-name">github.com/opencontainers/image-spec</td>
|
||
|
<td>GMS-2021-101</td>
|
||
|
<td class="severity">UNKNOWN</td>
|
||
|
<td class="pkg-version">v1.0.2-0.20190823105129-775207bd45b6</td>
|
||
|
<td>1.0.2</td>
|
||
|
<td>Clarify `mediaType` handling</td>
|
||
|
<td class="links" data-more-links="off">
|
||
|
<a href="https://github.com/advisories/GHSA-77vh-xpmg-72qh" target="_blank" rel="noopener noreferrer">https://github.com/advisories/GHSA-77vh-xpmg-72qh</a>
|
||
|
<a href="https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m</a>
|
||
|
<a href="https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c</a>
|
||
|
<a href="https://github.com/opencontainers/image-spec/releases/tag/v1.0.2" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/image-spec/releases/tag/v1.0.2</a>
|
||
|
<a href="https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh" target="_blank" rel="noopener noreferrer">https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh</a>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/bandwidth(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/bridge(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/dhcp(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/firewall(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/host-device(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/host-local(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/ipvlan(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/loopback(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/macvlan(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/portmap(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/ptp(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/sbr(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/static(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/tuning(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/vlan(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
<tr class="group-header"><th colspan="7">usr/libexec/cni/vrf(gobinary)</th></tr>
|
||
|
<tr><th colspan="7">No Vulnerabilities found</th></tr>
|
||
|
<tr><th colspan="7">No Misconfigurations found</th></tr>
|
||
|
</table>
|
||
|
</body>
|
||
|
</html>
|