fix(deps): update all non-major dependencies #495

renovate · 2024-12-02T02:16:23Z

This PR contains the following updates:

Package	Type	Update	Change
aquasecurity/trivy		minor	`0.57.1` -> `0.58.0`
armosec/kubescape		patch	`3.0.21` -> `3.0.22`
checkov		patch	`==3.2.322` -> `==3.2.334`
docker.io/bitnami/kubectl (source)	final	patch	`1.31.3` -> `1.31.4`
kyverno/kyverno		patch	`1.13.1` -> `1.13.2`
mikefarah/yq		patch	`4.44.5` -> `4.44.6`
prettier (source)	dependencies	patch	`3.4.1` -> `3.4.2`

Release Notes

aquasecurity/trivy (aquasecurity/trivy)

`v0.58.0`

Compare Source

Features

add workspaceRelationship (#7889) (d622ca2)
add cvss v4 score and vector in scan response (#7968) (e0f2054)
go: construct dependencies in the parser (#7973) (bcdc0bb)
go: construct dependencies of go.mod main module in the parser (#7977) (5448ba2)
k8s: add default commands for unknown platform (#7863) (b1c7f55)
misconf: log causes of HCL file parsing errors (#7634) (e9a899a)
oracle: add flavors support (#7858) (b9b383e)
secret: Add built-in secrets rules for Private Packagist (#7826) (132d9df)
suse: Align SUSE/OpenSUSE OS Identifiers (#7965) (45d3b40)
Update registry fallbacks (#7679) (5ba9a83)

Bug Fixes

alpine: add UID for removed packages (#7887) (07915da)
aws: change CPU and Memory type of ContainerDefinition to a string (#7995) (aeeba70)
cli: Handle empty ignore files more gracefully (#7962) (4cfb2a9)
debian: infinite loop (#7928) (d982e6a)
fs: add missing defered Cleanup() call to post analyzer fs (#7882) (ab32297)
Improve version comparisons when build identifiers are present (#7873) (eda4d76)
k8s: check all results for vulnerabilities (#7946) (797b36f)
misconf: do not erase variable type for child modules (#7941) (de3b7ea)
misconf: handle null properties in CloudFormation templates (#7813) (99b2db3)
misconf: load full Terraform module (#7925) (fbc42a0)
misconf: properly resolve local Terraform cache (#7983) (fe3a897)
misconf: Update trivy-checks default repo to mirror.gcr.io (#7953) (9988147)
misconf: wrap AWS EnvVar to iac types (#7407) (54130dc)
redhat: don't return error if root/buildinfo/content_manifests/ contains files that are not contentSets files (#7912) (38775a5)
report: handle [email protected] schema for misconfigs in sarif report (#7898) (19aea4b)
sbom: Fixes for Programming Language Vulnerabilities and SBOM Package Maintainer Details (#7871) (461a68a)
terraform: set null value as fallback for missing variables (#7669) (611558e)

armosec/kubescape (armosec/kubescape)

`v3.0.22`

Compare Source

What's Changed

Implementing capability to print out the "print" statements of the rego by @slashben in https://github.com/kubescape/kubescape/pull/1760
Update governance files by @slashben in https://github.com/kubescape/kubescape/pull/1763
use distroless static for kubescape-cli image by @matthyx in https://github.com/kubescape/kubescape/pull/1767
chore: fix some function name in comment by @needsure in https://github.com/kubescape/kubescape/pull/1769
add debug log on resource fetch with count by @matthyx in https://github.com/kubescape/kubescape/pull/1773

Full Changelog: kubescape/kubescape@v3.0.21...v3.0.22

bridgecrewio/checkov (checkov)

`v3.2.334`

Compare Source

Feature

serverless: Serverless graph vertices - #6894

Bug Fix

secrets: fix indentation to remove duplications - #6626

`v3.2.333`

Compare Source

`v3.2.332`

Compare Source

Feature

terraform: Add multi skip inline suppression - #6860
terraform: New bedrock check - #6892

Bug Fix

kubernetes: fix json file parsing - #6891
terraform: Fix CKV2_AZURE_31 - #6893

Feature

serverless: Serverless refactor for graph implementation - #6885

Documentation

general: docs flags update - #6888

`v3.2.327`

Compare Source

Bug Fix

terraform: Convert to graph check - #6875

`v3.2.326`

Compare Source

Feature

general: add new CIDR operator - #6877

Bug Fix

arm: Fix resource ID generation to use variables - #6884

`v3.2.325`

Compare Source

`v3.2.324`

Compare Source

Bug Fix

terraform_plan: run post_runner after get_enriched_resources for terraform_plan - #6883

kyverno/kyverno (kyverno/kyverno)

`v1.13.2`

Compare Source

❗ Important Notice ❗

Fixed the breaking change in the Kyverno Helm chart by adding the conversion function regarding the config.webhooks field (#11651)

✨ Added ✨

Added manifestIndex to ImageRegistry context (#9883)
Added a new field patchedResources in the test results to specify patched resources (#11297, #11686)
Supported label selector context variable in the mutate existing rule (#11608)

Helm

Added allowExistingViolations option in kyverno-policies chart (#11656,#11714)

🐛 Fixed 🐛

Fixed webhook reconciliation by the policy type (#11580)
Used generate name for background scan reports (#11586)
Added missing error check for the generate rule(#11587)
Returned nil error when trigger resource of a generate rule is not found for a subresource (#11594)
Opened the mutated resources file in append mode to allow additions to it (#11619)
Fixed the issue to print generate output in CLI (#11634)
Properly verified precondition in old object validation (#11644, #11591)
Fixed metrics-server Helm installation in Makefile (#11717)

Helm

Fixed global image registry bug in 3.3.3 (#11604)
Fixed the merging of policyExclude customizations to avoid wrong overrides in kyverno-policies chart (#11653)

🔧 Others 🔧

Set the UserAgent in client-go based calls to kube-apiserver (#11569)
Tested upgrade conformance in CI (#11498, #11602)
Reduced logging for URs (#11616)
Fixed API call chainsaw tests (#11682)

mikefarah/yq (mikefarah/yq)

`v4.44.6`

Compare Source

Fixed deleting items in array bug #2027, #2172; Thanks @jandubois
- Docker image for armv7 / raspberry pi3, Thanks @brianegge
- Fixed no-colors regression #2218
- Fixed various panic scenarios #2211
- Bumped dependencies

prettier/prettier (prettier)

`v3.4.2`

Compare Source

diff

Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796 by @tats-u)

Prettier doesn't treat U+30A0 & U+30FB as Japanese. U+30FB is commonly used in Japanese to represent the delimitation of first and last names of non-Japanese people or “and”. The following “C言語・C++・Go・Rust” means “C language & C++ & Go & Rust” in Japanese.

<!-- Input (--prose-wrap=never) -->

C言
語
・
C++
・
Go
・
Rust

<!-- Prettier 3.4.1 -->
C言語・ C++ ・ Go ・ Rust

<!-- Prettier 3.4.2 -->
C言語・C++・Go・Rust

U+30A0 can be used as the replacement of the - in non-Japanese names (e.g. “Saint-Saëns” (Charles Camille Saint-Saëns) can be represented as “サン゠サーンス” in Japanese), but substituted by ASCII hyphen (U+002D) or U+FF1D (full width hyphen) in many cases (e.g. “サン=サーンス” or “サン＝サーンス”).

Fix comments print on class methods with decorators (#16891 by @fisker)

// Input
class A {
  @&#8203;decorator
  /** 
   * The method description
   *
  */
  async method(foo: Foo, bar: Bar) {
    console.log(foo);
  }
}

// Prettier 3.4.1
class A {
  @&#8203;decorator
  async /**
   * The method description
   *
   */
  method(foo: Foo, bar: Bar) {
    console.log(foo);
  }
}

// Prettier 3.4.2
class A {
  @&#8203;decorator
  /**
   * The method description
   *
   */
  async method(foo: Foo, bar: Bar) {
    console.log(foo);
  }
}

Fix non-idempotent formatting (#16899 by @seiyab)

This bug fix is not language-specific. You may see similar change in any languages. This fixes regression in 3.4.0 so change caused by it should yield same formatting as 3.3.3.

// Input
<div>
  foo
  <span>longlonglonglonglonglonglonglonglonglonglonglonglonglonglongl foo</span>
  , abc
</div>;

// Prettier 3.4.1 (first)
<div>
  foo
  <span>
    longlonglonglonglonglonglonglonglonglonglonglonglonglonglongl foo
  </span>, abc
</div>;

// Prettier 3.4.1 (second)
<div>
  foo
  <span>longlonglonglonglonglonglonglonglonglonglonglonglonglonglongl foo</span>
  , abc
</div>;

// Prettier 3.4.2
<div>
  foo
  <span>longlonglonglonglonglonglonglonglonglonglonglonglonglonglongl foo</span>
  , abc
</div>;

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions · 2024-12-02T02:19:20Z

🦙 MegaLinter status: ❌ ERROR

Descriptor	Linter	Files	Errors	Elapsed time
✅ ACTION	actionlint	4	0	0.02s
✅ BASH	bash-exec	4	0	0.02s
✅ BASH	shellcheck	4	0	0.11s
✅ BASH	shfmt	4	0	0.01s
✅ DOCKERFILE	hadolint	1	0	1.25s
✅ EDITORCONFIG	editorconfig-checker	47	0	0.06s
✅ JSON	jsonlint	4	0	1.33s
✅ JSON	npm-package-json-lint	yes	no	0.43s
✅ JSON	prettier	4	0	0.42s
✅ JSON	v8r	4	0	14.47s
⚠️ MARKDOWN	markdownlint	5	9	0.45s
❌ REPOSITORY	checkov	yes	2	23.95s
✅ REPOSITORY	devskim	yes	no	1.32s
✅ REPOSITORY	gitleaks	yes	no	0.1s
✅ REPOSITORY	git_diff	yes	no	0.01s
❌ REPOSITORY	grype	yes	1	15.86s
✅ REPOSITORY	kics	yes	no	14.28s
✅ REPOSITORY	secretlint	yes	no	1.05s
✅ REPOSITORY	syft	yes	no	2.45s
❌ REPOSITORY	trivy	yes	1	7.52s
✅ REPOSITORY	trivy-sbom	yes	no	0.15s
✅ REPOSITORY	trufflehog	yes	no	2.53s

See detailed report in MegaLinter reports

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

oxsecurity/megalinter/flavors/[email protected] (83 linters)

MegaLinter is graciously provided by

github-actions · 2024-12-11T12:32:15Z

Trivy image scan report

`ghcr.io/chgl/kube-powertools:pr-495 (ubuntu 22.04)`

125 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 90 LOW: 35)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`bash`	CVE-2022-3715	MEDIUM	5.1-6ubuntu1	5.1-6ubuntu1.1
`bsdutils`	CVE-2024-28085	MEDIUM	1:2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`curl`	CVE-2024-7264	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.17
`curl`	CVE-2024-8096	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.18
`curl`	CVE-2024-9681	LOW	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.19
`libblkid1`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`libc-bin`	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libc-bin`	CVE-2024-2961	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.7
`libc-bin`	CVE-2024-33599	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc-bin`	CVE-2024-33600	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc-bin`	CVE-2024-33601	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc-bin`	CVE-2024-33602	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc-bin`	CVE-2023-4806	LOW	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libc-bin`	CVE-2023-4813	LOW	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libc6`	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libc6`	CVE-2024-2961	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.7
`libc6`	CVE-2024-33599	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc6`	CVE-2024-33600	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc6`	CVE-2024-33601	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc6`	CVE-2024-33602	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc6`	CVE-2023-4806	LOW	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libc6`	CVE-2023-4813	LOW	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libcurl3-gnutls`	CVE-2024-7264	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.17
`libcurl3-gnutls`	CVE-2024-8096	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.18
`libcurl3-gnutls`	CVE-2024-9681	LOW	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.19
`libcurl4`	CVE-2024-7264	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.17
`libcurl4`	CVE-2024-8096	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.18
`libcurl4`	CVE-2024-9681	LOW	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.19
`libexpat1`	CVE-2024-45490	MEDIUM	2.4.7-1ubuntu0.3	2.4.7-1ubuntu0.4
`libexpat1`	CVE-2024-45491	MEDIUM	2.4.7-1ubuntu0.3	2.4.7-1ubuntu0.4
`libexpat1`	CVE-2024-45492	MEDIUM	2.4.7-1ubuntu0.3	2.4.7-1ubuntu0.4
`libgnutls30`	CVE-2023-5981	MEDIUM	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.3
`libgnutls30`	CVE-2024-0553	MEDIUM	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.4
`libgnutls30`	CVE-2024-0567	MEDIUM	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.4
`libgnutls30`	CVE-2024-28834	MEDIUM	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.5
`libgnutls30`	CVE-2024-28835	MEDIUM	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.5
`libgssapi-krb5-2`	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.3
`libgssapi-krb5-2`	CVE-2024-37370	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libgssapi-krb5-2`	CVE-2024-37371	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libk5crypto3`	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.3
`libk5crypto3`	CVE-2024-37370	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libk5crypto3`	CVE-2024-37371	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libkrb5-3`	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.3
`libkrb5-3`	CVE-2024-37370	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libkrb5-3`	CVE-2024-37371	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libkrb5support0`	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.3
`libkrb5support0`	CVE-2024-37370	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libkrb5support0`	CVE-2024-37371	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libmount1`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`libpam-modules`	CVE-2024-22365	MEDIUM	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4
`libpam-modules-bin`	CVE-2024-22365	MEDIUM	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4
`libpam-runtime`	CVE-2024-22365	MEDIUM	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4
`libpam0g`	CVE-2024-22365	MEDIUM	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4
`libprocps8`	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2	2:3.3.17-6ubuntu2.1
`libpython3.10-minimal`	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-minimal`	CVE-2023-6597	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`libpython3.10-minimal`	CVE-2024-0397	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`libpython3.10-minimal`	CVE-2024-0450	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`libpython3.10-minimal`	CVE-2024-6232	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-minimal`	CVE-2024-6923	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-minimal`	CVE-2024-8088	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-minimal`	CVE-2024-9287	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.7
`libpython3.10-minimal`	CVE-2024-4032	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`libpython3.10-minimal`	CVE-2024-7592	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-stdlib`	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-stdlib`	CVE-2023-6597	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`libpython3.10-stdlib`	CVE-2024-0397	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`libpython3.10-stdlib`	CVE-2024-0450	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`libpython3.10-stdlib`	CVE-2024-6232	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-stdlib`	CVE-2024-6923	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-stdlib`	CVE-2024-8088	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-stdlib`	CVE-2024-9287	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.7
`libpython3.10-stdlib`	CVE-2024-4032	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`libpython3.10-stdlib`	CVE-2024-7592	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libsmartcols1`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`libssl3`	CVE-2022-40735	MEDIUM	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.16
`libssl3`	CVE-2023-5363	MEDIUM	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12
`libssl3`	CVE-2024-6119	MEDIUM	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.18
`libssl3`	CVE-2023-2975	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12
`libssl3`	CVE-2023-3446	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12
`libssl3`	CVE-2023-3817	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12
`libssl3`	CVE-2023-5678	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.14
`libssl3`	CVE-2023-6129	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.14
`libssl3`	CVE-2023-6237	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.14
`libssl3`	CVE-2024-0727	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.14
`libssl3`	CVE-2024-2511	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.17
`libssl3`	CVE-2024-4603	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.17
`libssl3`	CVE-2024-4741	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.17
`libssl3`	CVE-2024-5535	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.17
`libuuid1`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`login`	CVE-2023-4641	LOW	1:4.8.1-2ubuntu2.1	1:4.8.1-2ubuntu2.2
`mount`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`openssl`	CVE-2022-40735	MEDIUM	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.16
`openssl`	CVE-2024-6119	MEDIUM	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.18
`openssl`	CVE-2024-2511	LOW	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.17
`openssl`	CVE-2024-4603	LOW	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.17
`openssl`	CVE-2024-4741	LOW	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.17
`openssl`	CVE-2024-5535	LOW	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.17
`passwd`	CVE-2023-4641	LOW	1:4.8.1-2ubuntu2.1	1:4.8.1-2ubuntu2.2
`procps`	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2	2:3.3.17-6ubuntu2.1
`python3-pip`	CVE-2024-37891	LOW	22.0.2+dfsg-1ubuntu0.4	22.0.2+dfsg-1ubuntu0.5
`python3-pkg-resources`	CVE-2024-6345	MEDIUM	59.6.0-1.2ubuntu0.22.04.1	59.6.0-1.2ubuntu0.22.04.2
`python3-setuptools`	CVE-2024-6345	MEDIUM	59.6.0-1.2ubuntu0.22.04.1	59.6.0-1.2ubuntu0.22.04.2
`python3.10`	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10`	CVE-2023-6597	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`python3.10`	CVE-2024-0397	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`python3.10`	CVE-2024-0450	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`python3.10`	CVE-2024-6232	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10`	CVE-2024-6923	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10`	CVE-2024-8088	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10`	CVE-2024-9287	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.7
`python3.10`	CVE-2024-4032	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`python3.10`	CVE-2024-7592	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10-minimal`	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10-minimal`	CVE-2023-6597	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`python3.10-minimal`	CVE-2024-0397	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`python3.10-minimal`	CVE-2024-0450	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`python3.10-minimal`	CVE-2024-6232	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10-minimal`	CVE-2024-6923	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10-minimal`	CVE-2024-8088	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10-minimal`	CVE-2024-9287	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.7
`python3.10-minimal`	CVE-2024-4032	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`python3.10-minimal`	CVE-2024-7592	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`tar`	CVE-2023-39804	MEDIUM	1.34+dfsg-1ubuntu0.1.22.04.1	1.34+dfsg-1ubuntu0.1.22.04.2
`util-linux`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3

No Misconfigurations found

`Node.js`

1 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 0 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`cross-spawn`	CVE-2024-21538	HIGH	7.0.3	7.0.5, 6.0.6

No Misconfigurations found

`Python`

No Vulnerabilities found

No Misconfigurations found

`root/.local/share/helm/plugins/helm-local-chart-version/local-chart-version`

24 known vulnerabilities found (CRITICAL: 1 HIGH: 6 MEDIUM: 17 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`google.golang.org/protobuf`	CVE-2024-24786	MEDIUM	v1.21.0	1.33.0
`k8s.io/apimachinery`	GHSA-74fp-r6jw-h4mp	HIGH	v0.0.0-20180103014849-68f9c3a1feb3	0.0.0-20190927203648-9ce6eca90e73
`k8s.io/apimachinery`	CVE-2020-8559	MEDIUM	v0.0.0-20180103014849-68f9c3a1feb3	0.16.13, 0.17.9, 0.18.7
`stdlib`	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4
`stdlib`	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5
`stdlib`	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1
`stdlib`	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6
`stdlib`	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4
`stdlib`	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1
`stdlib`	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1
`stdlib`	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1

No Misconfigurations found

`root/.local/share/helm/plugins/helm-push/bin/helm-cm-push`

40 known vulnerabilities found (HIGH: 9 MEDIUM: 29 LOW: 0 CRITICAL: 2)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/containerd/containerd`	CVE-2023-25153	MEDIUM	v1.6.15	1.5.18, 1.6.18
`github.com/containerd/containerd`	CVE-2023-25173	MEDIUM	v1.6.15	1.5.18, 1.6.18
`github.com/containerd/containerd`	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.6.15	1.6.26, 1.7.11
`github.com/cyphar/filepath-securejoin`	GHSA-6xv5-86q9-7xr8	MEDIUM	v0.2.3	0.2.4
`github.com/docker/distribution`	CVE-2023-2253	HIGH	v2.8.1+incompatible	2.8.2-beta.1
`github.com/docker/docker`	CVE-2024-41110	CRITICAL	v20.10.24+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6
`github.com/docker/docker`	CVE-2024-24557	MEDIUM	v20.10.24+incompatible	24.0.9, 25.0.2
`github.com/docker/docker`	CVE-2024-29018	MEDIUM	v20.10.24+incompatible	26.0.0-rc3, 25.0.5, 23.0.11
`github.com/docker/docker`	GHSA-jq35-85cj-fj4p	MEDIUM	v20.10.24+incompatible	24.0.7, 23.0.8, 20.10.27
`golang.org/x/crypto`	CVE-2023-48795	MEDIUM	v0.5.0	0.17.0
`golang.org/x/net`	CVE-2023-39325	HIGH	v0.9.0	0.17.0
`golang.org/x/net`	CVE-2023-3978	MEDIUM	v0.9.0	0.13.0
`golang.org/x/net`	CVE-2023-44487	MEDIUM	v0.9.0	0.17.0
`golang.org/x/net`	CVE-2023-45288	MEDIUM	v0.9.0	0.23.0
`google.golang.org/grpc`	GHSA-m425-mq94-257g	HIGH	v1.49.0	1.56.3, 1.57.1, 1.58.3
`google.golang.org/grpc`	CVE-2023-44487	MEDIUM	v1.49.0	1.58.3, 1.57.1, 1.56.3
`google.golang.org/protobuf`	CVE-2024-24786	MEDIUM	v1.28.1	1.33.0
`helm.sh/helm/v3`	CVE-2024-26147	HIGH	v3.11.2	3.14.2
`helm.sh/helm/v3`	CVE-2024-25620	MEDIUM	v3.11.2	3.14.1
`stdlib`	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4
`stdlib`	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5
`stdlib`	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1
`stdlib`	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6
`stdlib`	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4
`stdlib`	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1
`stdlib`	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1
`stdlib`	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1

No Misconfigurations found

`root/.local/share/helm/plugins/helm-schema-gen/bin/helm-schema-gen`

30 known vulnerabilities found (CRITICAL: 3 HIGH: 11 MEDIUM: 16 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`gopkg.in/yaml.v2`	CVE-2019-11254	MEDIUM	v2.2.7	2.2.8
`stdlib`	CVE-2023-24538	CRITICAL	v1.19.7	1.19.8, 1.20.3
`stdlib`	CVE-2023-24540	CRITICAL	v1.19.7	1.19.9, 1.20.4
`stdlib`	CVE-2024-24790	CRITICAL	v1.19.7	1.21.11, 1.22.4
`stdlib`	CVE-2023-24534	HIGH	v1.19.7	1.19.8, 1.20.3
`stdlib`	CVE-2023-24536	HIGH	v1.19.7	1.19.8, 1.20.3
`stdlib`	CVE-2023-24537	HIGH	v1.19.7	1.19.8, 1.20.3
`stdlib`	CVE-2023-24539	HIGH	v1.19.7	1.19.9, 1.20.4
`stdlib`	CVE-2023-29400	HIGH	v1.19.7	1.19.9, 1.20.4
`stdlib`	CVE-2023-29403	HIGH	v1.19.7	1.19.10, 1.20.5
`stdlib`	CVE-2023-39325	HIGH	v1.19.7	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	v1.19.7	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45287	HIGH	v1.19.7	1.20.0
`stdlib`	CVE-2023-45288	HIGH	v1.19.7	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	v1.19.7	1.22.7, 1.23.1
`stdlib`	CVE-2023-29406	MEDIUM	v1.19.7	1.19.11, 1.20.6
`stdlib`	CVE-2023-29409	MEDIUM	v1.19.7	1.19.12, 1.20.7, 1.21.0-rc.4
`stdlib`	CVE-2023-39318	MEDIUM	v1.19.7	1.20.8, 1.21.1
`stdlib`	CVE-2023-39319	MEDIUM	v1.19.7	1.20.8, 1.21.1
`stdlib`	CVE-2023-39326	MEDIUM	v1.19.7	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	v1.19.7	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	v1.19.7	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	v1.19.7	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	v1.19.7	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	v1.19.7	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	v1.19.7	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	v1.19.7	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	v1.19.7	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	v1.19.7	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.19.7	1.22.7, 1.23.1

No Misconfigurations found

`root/gcrane`

3 known vulnerabilities found (MEDIUM: 2 LOW: 0 CRITICAL: 0 HIGH: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-34156	HIGH	v1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	v1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.21.12	1.22.7, 1.23.1

No Misconfigurations found

`root/krane`

4 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 2 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/golang-jwt/jwt/v4`	CVE-2024-51744	LOW	v4.5.0	4.5.1
`stdlib`	CVE-2024-34156	HIGH	v1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	v1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.21.12	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/ah`

1 known vulnerabilities found (HIGH: 0 MEDIUM: 0 LOW: 1 CRITICAL: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/golang-jwt/jwt/v4`	CVE-2024-51744	LOW	v4.5.0	4.5.1

No Misconfigurations found

`usr/local/bin/chart-doc-gen`

17 known vulnerabilities found (CRITICAL: 1 HIGH: 4 MEDIUM: 12 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`google.golang.org/protobuf`	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0
`stdlib`	CVE-2024-24790	CRITICAL	v1.21.2	1.21.11, 1.22.4
`stdlib`	CVE-2023-39325	HIGH	v1.21.2	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	v1.21.2	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45288	HIGH	v1.21.2	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	v1.21.2	1.22.7, 1.23.1
`stdlib`	CVE-2023-39326	MEDIUM	v1.21.2	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	v1.21.2	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	v1.21.2	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	v1.21.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	v1.21.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	v1.21.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	v1.21.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	v1.21.2	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	v1.21.2	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	v1.21.2	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.21.2	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/conftest`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/container-structure-test`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/cosign`

1 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 0 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/golang-jwt/jwt/v4`	CVE-2024-51744	LOW	v4.5.0	4.5.1

No Misconfigurations found

`usr/local/bin/crane`

3 known vulnerabilities found (HIGH: 1 MEDIUM: 2 LOW: 0 CRITICAL: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-34156	HIGH	v1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	v1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.21.12	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/ct`

8 known vulnerabilities found (LOW: 0 CRITICAL: 1 HIGH: 2 MEDIUM: 5)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/hashicorp/go-retryablehttp`	CVE-2024-6104	MEDIUM	v0.7.5	0.7.7
`stdlib`	CVE-2024-24790	CRITICAL	v1.22.2	1.21.11, 1.22.4
`stdlib`	CVE-2024-24788	HIGH	v1.22.2	1.22.3
`stdlib`	CVE-2024-34156	HIGH	v1.22.2	1.22.7, 1.23.1
`stdlib`	CVE-2024-24789	MEDIUM	v1.22.2	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	v1.22.2	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	v1.22.2	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.22.2	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/gomplate`

3 known vulnerabilities found (LOW: 0 CRITICAL: 0 HIGH: 1 MEDIUM: 2)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-34156	HIGH	v1.22.5	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	v1.22.5	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.22.5	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/helm`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/helm-docs`

8 known vulnerabilities found (CRITICAL: 1 HIGH: 3 MEDIUM: 4 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-24790	CRITICAL	v1.22.1	1.21.11, 1.22.4
`stdlib`	CVE-2023-45288	HIGH	v1.22.1	1.21.9, 1.22.2
`stdlib`	CVE-2024-24788	HIGH	v1.22.1	1.22.3
`stdlib`	CVE-2024-34156	HIGH	v1.22.1	1.22.7, 1.23.1
`stdlib`	CVE-2024-24789	MEDIUM	v1.22.1	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	v1.22.1	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	v1.22.1	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.22.1	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/kube-linter`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/kube-score`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/kubeconform`

3 known vulnerabilities found (HIGH: 1 MEDIUM: 2 LOW: 0 CRITICAL: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-34156	HIGH	v1.22.5	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	v1.22.5	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.22.5	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/kubectl`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/kubent`

6 known vulnerabilities found (HIGH: 2 MEDIUM: 4 LOW: 0 CRITICAL: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/open-policy-agent/opa`	CVE-2024-8260	MEDIUM	v0.67.1	0.68.0
`helm.sh/helm/v3`	CVE-2024-26147	HIGH	v3.13.3	3.14.2
`helm.sh/helm/v3`	CVE-2024-25620	MEDIUM	v3.13.3	3.14.1
`stdlib`	CVE-2024-34156	HIGH	v1.23.0	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	v1.23.0	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.23.0	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/kubepug`

17 known vulnerabilities found (MEDIUM: 13 LOW: 0 CRITICAL: 1 HIGH: 3)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`golang.org/x/net`	CVE-2023-45288	MEDIUM	v0.17.0	0.23.0
`google.golang.org/protobuf`	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0
`stdlib`	CVE-2024-24790	CRITICAL	v1.21.3	1.21.11, 1.22.4
`stdlib`	CVE-2023-45283	HIGH	v1.21.3	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45288	HIGH	v1.21.3	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	v1.21.3	1.22.7, 1.23.1
`stdlib`	CVE-2023-39326	MEDIUM	v1.21.3	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	v1.21.3	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	v1.21.3	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	v1.21.3	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	v1.21.3	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	v1.21.3	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	v1.21.3	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	v1.21.3	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	v1.21.3	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	v1.21.3	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.21.3	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/kubescape`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/kubesec`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/kubeval`

77 known vulnerabilities found (MEDIUM: 28 LOW: 1 CRITICAL: 4 HIGH: 44)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`golang.org/x/sys`	CVE-2022-29526	MEDIUM	v0.0.0-20200223170610-d5e6a3e2c0ae	0.0.0-20220412211240-33da011f77ad
`golang.org/x/text`	CVE-2021-38561	HIGH	v0.3.2	0.3.7
`golang.org/x/text`	CVE-2022-32149	HIGH	v0.3.2	0.3.8
`golang.org/x/text`	CVE-2020-14040	MEDIUM	v0.3.2	0.3.3
`stdlib`	CVE-2022-23806	CRITICAL	v1.16.2	1.16.14, 1.17.7
`stdlib`	CVE-2023-24538	CRITICAL	v1.16.2	1.19.8, 1.20.3
`stdlib`	CVE-2023-24540	CRITICAL	v1.16.2	1.19.9, 1.20.4
`stdlib`	CVE-2024-24790	CRITICAL	v1.16.2	1.21.11, 1.22.4
`stdlib`	CVE-2021-33195	HIGH	v1.16.2	1.15.13, 1.16.5
`stdlib`	CVE-2021-33196	HIGH	v1.16.2	1.15.13, 1.16.5
`stdlib`	CVE-2021-33198	HIGH	v1.16.2	1.15.13, 1.16.5
`stdlib`	CVE-2021-39293	HIGH	v1.16.2	1.16.8, 1.17.1
`stdlib`	CVE-2021-41771	HIGH	v1.16.2	1.16.10, 1.17.3
`stdlib`	CVE-2021-41772	HIGH	v1.16.2	1.16.10, 1.17.3
`stdlib`	CVE-2021-44716	HIGH	v1.16.2	1.16.12, 1.17.5
`stdlib`	CVE-2022-23772	HIGH	v1.16.2	1.16.14, 1.17.7
`stdlib`	CVE-2022-24675	HIGH	v1.16.2	1.17.9, 1.18.1
`stdlib`	CVE-2022-24921	HIGH	v1.16.2	1.16.15, 1.17.8
`stdlib`	CVE-2022-27664	HIGH	v1.16.2	1.18.6, 1.19.1
`stdlib`	CVE-2022-28131	HIGH	v1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-28327	HIGH	v1.16.2	1.17.9, 1.18.1
`stdlib`	CVE-2022-2879	HIGH	v1.16.2	1.18.7, 1.19.2
`stdlib`	CVE-2022-2880	HIGH	v1.16.2	1.18.7, 1.19.2
`stdlib`	CVE-2022-29804	HIGH	v1.16.2	1.17.11, 1.18.3
`stdlib`	CVE-2022-30580	HIGH	v1.16.2	1.17.11, 1.18.3
`stdlib`	CVE-2022-30630	HIGH	v1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-30631	HIGH	v1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-30632	HIGH	v1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-30633	HIGH	v1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-30634	HIGH	v1.16.2	1.17.11, 1.18.3
`stdlib`	CVE-2022-30635	HIGH	v1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-32189	HIGH	v1.16.2	1.17.13, 1.18.5
`stdlib`	CVE-2022-41715	HIGH	v1.16.2	1.18.7, 1.19.2
`stdlib`	CVE-2022-41716	HIGH	v1.16.2	1.18.8, 1.19.3
`stdlib`	CVE-2022-41720	HIGH	v1.16.2	1.18.9, 1.19.4
`stdlib`	CVE-2022-41722	HIGH	v1.16.2	1.19.6, 1.20.1
`stdlib`	CVE-2022-41723	HIGH	v1.16.2	1.19.6, 1.20.1
`stdlib`	CVE-2022-41724	HIGH	v1.16.2	1.19.6, 1.20.1
`stdlib`	CVE-2022-41725	HIGH	v1.16.2	1.19.6, 1.20.1
`stdlib`	CVE-2023-24534	HIGH	v1.16.2	1.19.8, 1.20.3
`stdlib`	CVE-2023-24536	HIGH	v1.16.2	1.19.8, 1.20.3
`stdlib`	CVE-2023-24537	HIGH	v1.16.2	1.19.8, 1.20.3
`stdlib`	CVE-2023-24539	HIGH	v1.16.2	1.19.9, 1.20.4
`stdlib`	CVE-2023-29400	HIGH	v1.16.2	1.19.9, 1.20.4
`stdlib`	CVE-2023-29403	HIGH	v1.16.2	1.19.10, 1.20.5
`stdlib`	CVE-2023-39325	HIGH	v1.16.2	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	v1.16.2	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45287	HIGH	v1.16.2	1.20.0
`stdlib`	CVE-2023-45288	HIGH	v1.16.2	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	v1.16.2	1.22.7, 1.23.1
`stdlib`	CVE-2021-31525	MEDIUM	v1.16.2	1.15.12, 1.16.4
`stdlib`	CVE-2021-33197	MEDIUM	v1.16.2	1.15.13, 1.16.5
`stdlib`	CVE-2021-34558	MEDIUM	v1.16.2	1.15.14, 1.16.6
`stdlib`	CVE-2021-36221	MEDIUM	v1.16.2	1.15.15, 1.16.7
`stdlib`	CVE-2021-44717	MEDIUM	v1.16.2	1.16.12, 1.17.5
`stdlib`	CVE-2022-1705	MEDIUM	v1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-1962	MEDIUM	v1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-29526	MEDIUM	v1.16.2	1.17.10, 1.18.2
`stdlib`	CVE-2022-32148	MEDIUM	v1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-41717	MEDIUM	v1.16.2	1.18.9, 1.19.4
`stdlib`	CVE-2023-24532	MEDIUM	v1.16.2	1.19.7, 1.20.2
`stdlib`	CVE-2023-29406	MEDIUM	v1.16.2	1.19.11, 1.20.6
`stdlib`	CVE-2023-29409	MEDIUM	v1.16.2	1.19.12, 1.20.7, 1.21.0-rc.4
`stdlib`	CVE-2023-39318	MEDIUM	v1.16.2	1.20.8, 1.21.1
`stdlib`	CVE-2023-39319	MEDIUM	v1.16.2	1.20.8, 1.21.1
`stdlib`	CVE-2023-39326	MEDIUM	v1.16.2	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	v1.16.2	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	v1.16.2	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	v1.16.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	v1.16.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	v1.16.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	v1.16.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	v1.16.2	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	v1.16.2	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	v1.16.2	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.16.2	1.22.7, 1.23.1
`stdlib`	CVE-2022-30629	LOW	v1.16.2	1.17.11, 1.18.3

No Misconfigurations found

`usr/local/bin/kustomize`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/kyverno`

2 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 1 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/golang-jwt/jwt/v4`	CVE-2024-51744	LOW	v4.5.0	4.5.1
`github.com/open-policy-agent/opa`	CVE-2024-8260	MEDIUM	v0.67.1	0.68.0

No Misconfigurations found

`usr/local/bin/nova`

2 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 2 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`golang.org/x/net`	CVE-2023-45288	MEDIUM	v0.17.0	0.23.0
`google.golang.org/protobuf`	CVE-2024-24786	MEDIUM	v1.31.0	1.33.0

No Misconfigurations found

`usr/local/bin/pluto`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/polaris`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/s5cmd`

16 known vulnerabilities found (MEDIUM: 11 LOW: 0 CRITICAL: 1 HIGH: 4)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-24790	CRITICAL	v1.20.8	1.21.11, 1.22.4
`stdlib`	CVE-2023-39325	HIGH	v1.20.8	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	v1.20.8	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45288	HIGH	v1.20.8	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	v1.20.8	1.22.7, 1.23.1
`stdlib`	CVE-2023-39326	MEDIUM	v1.20.8	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	v1.20.8	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	v1.20.8	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	v1.20.8	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	v1.20.8	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	v1.20.8	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	v1.20.8	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	v1.20.8	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	v1.20.8	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	v1.20.8	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	v1.20.8	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/trivy`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/yq`

No Vulnerabilities found

No Misconfigurations found

renovate bot changed the title ~~chore(deps): update dependency checkov to v3.2.324~~ chore(deps): update dependency checkov to v3.2.325 Dec 2, 2024

renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from f52bbbd to d219617 Compare December 2, 2024 23:25

renovate bot changed the title ~~chore(deps): update dependency checkov to v3.2.325~~ chore(deps): update dependency checkov to v3.2.326 Dec 2, 2024

renovate bot force-pushed the renovate/all-minor-patch branch from d219617 to 6e7798e Compare December 3, 2024 10:47

renovate bot changed the title ~~chore(deps): update dependency checkov to v3.2.326~~ chore(deps): update dependency checkov to v3.2.327 Dec 3, 2024

renovate bot force-pushed the renovate/all-minor-patch branch from 6e7798e to 44a7309 Compare December 3, 2024 23:34

renovate bot changed the title ~~chore(deps): update dependency checkov to v3.2.327~~ chore(deps): update all non-major dependencies Dec 3, 2024

renovate bot force-pushed the renovate/all-minor-patch branch 9 times, most recently from 1fb034a to 01eb4aa Compare December 10, 2024 13:58

renovate bot changed the title ~~chore(deps): update all non-major dependencies~~ fix(deps): update all non-major dependencies Dec 10, 2024

renovate bot force-pushed the renovate/all-minor-patch branch from 01eb4aa to 8c860e1 Compare December 10, 2024 23:14

fix(deps): update all non-major dependencies

4fdd4f7

renovate bot force-pushed the renovate/all-minor-patch branch from 8c860e1 to 4fdd4f7 Compare December 11, 2024 12:29

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(deps): update all non-major dependencies #495

fix(deps): update all non-major dependencies #495

renovate bot commented Dec 2, 2024 •

edited

Loading

github-actions bot commented Dec 2, 2024 •

edited

Loading

github-actions bot commented Dec 11, 2024

fix(deps): update all non-major dependencies #495

Are you sure you want to change the base?

fix(deps): update all non-major dependencies #495

Conversation

renovate bot commented Dec 2, 2024 • edited Loading

Release Notes

Features

Bug Fixes

What's Changed

Feature

Bug Fix

Feature

Bug Fix

Feature

Documentation

Bug Fix

Feature

Bug Fix

Bug Fix

❗ Important Notice ❗

✨ Added ✨

Helm

🐛 Fixed 🐛

Helm

🔧 Others 🔧

Treat U+30A0 & U+30FB in Katakana Block as CJK (#​16796 by @​tats-u)

Fix comments print on class methods with decorators (#​16891 by @​fisker)

Fix non-idempotent formatting (#​16899 by @​seiyab)

Configuration

github-actions bot commented Dec 2, 2024 • edited Loading

🦙 MegaLinter status: ❌ ERROR

github-actions bot commented Dec 11, 2024

Trivy image scan report

ghcr.io/chgl/kube-powertools:pr-495 (ubuntu 22.04)

125 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 90 LOW: 35)

No Misconfigurations found

Node.js

1 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 0 LOW: 0)

No Misconfigurations found

Python

No Vulnerabilities found

No Misconfigurations found

root/.local/share/helm/plugins/helm-local-chart-version/local-chart-version

24 known vulnerabilities found (CRITICAL: 1 HIGH: 6 MEDIUM: 17 LOW: 0)

No Misconfigurations found

root/.local/share/helm/plugins/helm-push/bin/helm-cm-push

40 known vulnerabilities found (HIGH: 9 MEDIUM: 29 LOW: 0 CRITICAL: 2)

No Misconfigurations found

root/.local/share/helm/plugins/helm-schema-gen/bin/helm-schema-gen

30 known vulnerabilities found (CRITICAL: 3 HIGH: 11 MEDIUM: 16 LOW: 0)

No Misconfigurations found

root/gcrane

3 known vulnerabilities found (MEDIUM: 2 LOW: 0 CRITICAL: 0 HIGH: 1)

No Misconfigurations found

root/krane

4 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 2 LOW: 1)

No Misconfigurations found

usr/local/bin/ah

1 known vulnerabilities found (HIGH: 0 MEDIUM: 0 LOW: 1 CRITICAL: 0)

No Misconfigurations found

usr/local/bin/chart-doc-gen

17 known vulnerabilities found (CRITICAL: 1 HIGH: 4 MEDIUM: 12 LOW: 0)

No Misconfigurations found

usr/local/bin/conftest

No Vulnerabilities found

No Misconfigurations found

usr/local/bin/container-structure-test

No Vulnerabilities found

No Misconfigurations found

usr/local/bin/cosign

1 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 0 LOW: 1)

No Misconfigurations found

usr/local/bin/crane

3 known vulnerabilities found (HIGH: 1 MEDIUM: 2 LOW: 0 CRITICAL: 0)

No Misconfigurations found

usr/local/bin/ct

8 known vulnerabilities found (LOW: 0 CRITICAL: 1 HIGH: 2 MEDIUM: 5)

No Misconfigurations found

usr/local/bin/gomplate

3 known vulnerabilities found (LOW: 0 CRITICAL: 0 HIGH: 1 MEDIUM: 2)

renovate bot commented Dec 2, 2024 •

edited

Loading

Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796 by @tats-u)

Fix comments print on class methods with decorators (#16891 by @fisker)

Fix non-idempotent formatting (#16899 by @seiyab)

github-actions bot commented Dec 2, 2024 •

edited

Loading

`ghcr.io/chgl/kube-powertools:pr-495 (ubuntu 22.04)`

`Node.js`

`Python`

`root/.local/share/helm/plugins/helm-local-chart-version/local-chart-version`

`root/.local/share/helm/plugins/helm-push/bin/helm-cm-push`

`root/.local/share/helm/plugins/helm-schema-gen/bin/helm-schema-gen`

`root/gcrane`

`root/krane`

`usr/local/bin/ah`

`usr/local/bin/chart-doc-gen`

`usr/local/bin/conftest`

`usr/local/bin/container-structure-test`

`usr/local/bin/cosign`

`usr/local/bin/crane`

`usr/local/bin/ct`

`usr/local/bin/gomplate`

`usr/local/bin/helm`

`usr/local/bin/helm-docs`

`usr/local/bin/kube-linter`

`usr/local/bin/kube-score`

`usr/local/bin/kubeconform`

`usr/local/bin/kubectl`

`usr/local/bin/kubent`

`usr/local/bin/kubepug`

`usr/local/bin/kubescape`

`usr/local/bin/kubesec`

`usr/local/bin/kubeval`

`usr/local/bin/kustomize`

`usr/local/bin/kyverno`

`usr/local/bin/nova`

`usr/local/bin/pluto`

`usr/local/bin/polaris`