chore(deps): update github-actions #489

renovate · 2024-11-23T23:14:21Z

This PR contains the following updates:

Package	Type	Update	Change
aquasecurity/trivy-action	action	minor	`0.28.0` -> `0.29.0`
chgl/.github	action	patch	`v1.8.4` -> `v1.8.5`
github/codeql-action	action	patch	`v3.27.0` -> `v3.27.5`
lycheeverse/lychee-action	action	minor	`v2.0.2` -> `v2.1.0`

Release Notes

aquasecurity/trivy-action (aquasecurity/trivy-action)

chgl/.github (chgl/.github)

`v1.8.5`

Compare Source

Miscellaneous Chores

deps: update all non-major dependencies (#118) (bc38fca)

github/codeql-action (github/codeql-action)

`v3.27.5`

Compare Source

`v3.27.4`

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.4 - 14 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

`v3.27.3`

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.3 - 12 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

`v3.27.2`

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.2 - 12 Nov 2024

Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". #2590

See the full CHANGELOG.md for more information.

`v3.27.1`

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.1 - 08 Nov 2024

The CodeQL Action now downloads bundles compressed using Zstandard on GitHub Enterprise Server when using Linux or macOS runners. This speeds up the installation of the CodeQL tools. This feature is already available to GitHub.com users. #2573
Update default CodeQL bundle version to 2.19.3. #2576

See the full CHANGELOG.md for more information.

lycheeverse/lychee-action (lycheeverse/lychee-action)

`v2.1.0`: Version 2.1.0

Compare Source

What's Changed

Add missing argument failIfEmpty by @LitoMore in https://github.com/lycheeverse/lychee-action/pull/261
Fix bugs about the exit code by @YDX-2147483647 in https://github.com/lycheeverse/lychee-action/pull/262
Bump lychee version to 0.17.0 by @mre in https://github.com/lycheeverse/lychee-action/pull/263

New Contributors

@LitoMore made their first contribution in https://github.com/lycheeverse/lychee-action/pull/261
@YDX-2147483647 made their first contribution in https://github.com/lycheeverse/lychee-action/pull/262

Full Changelog: lycheeverse/lychee-action@v2...v2.1.0

Configuration

📅 Schedule: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions · 2024-11-23T23:17:04Z

🦙 MegaLinter status: ❌ ERROR

Descriptor	Linter	Files	Errors	Elapsed time
✅ ACTION	actionlint	4	0	0.1s
✅ BASH	bash-exec	4	0	0.1s
✅ BASH	shellcheck	4	0	0.9s
✅ BASH	shfmt	4	0	0.02s
✅ DOCKERFILE	hadolint	1	0	1.32s
✅ EDITORCONFIG	editorconfig-checker	47	0	0.08s
✅ JSON	jsonlint	4	0	0.22s
✅ JSON	npm-package-json-lint	yes	no	0.54s
✅ JSON	prettier	4	0	0.65s
✅ JSON	v8r	4	0	11.78s
⚠️ MARKDOWN	markdownlint	5	9	0.45s
✅ REPOSITORY	checkov	yes	no	21.3s
✅ REPOSITORY	devskim	yes	no	1.38s
✅ REPOSITORY	gitleaks	yes	no	0.44s
✅ REPOSITORY	git_diff	yes	no	0.01s
❌ REPOSITORY	grype	yes	2	16.97s
✅ REPOSITORY	kics	yes	no	16.06s
✅ REPOSITORY	secretlint	yes	no	0.85s
✅ REPOSITORY	syft	yes	no	1.37s
❌ REPOSITORY	trivy	yes	1	10.3s
✅ REPOSITORY	trivy-sbom	yes	no	0.13s
✅ REPOSITORY	trufflehog	yes	no	4.23s

See detailed report in MegaLinter reports

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

oxsecurity/megalinter/flavors/[email protected] (83 linters)

MegaLinter is graciously provided by

github-actions · 2024-11-23T23:18:10Z

Trivy image scan report

`ghcr.io/chgl/kube-powertools:pr-489 (ubuntu 22.04)`

125 known vulnerabilities found (MEDIUM: 90 LOW: 35 CRITICAL: 0 HIGH: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`bash`	CVE-2022-3715	MEDIUM	5.1-6ubuntu1	5.1-6ubuntu1.1
`bsdutils`	CVE-2024-28085	MEDIUM	1:2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`curl`	CVE-2024-7264	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.17
`curl`	CVE-2024-8096	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.18
`curl`	CVE-2024-9681	LOW	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.19
`libblkid1`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`libc-bin`	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libc-bin`	CVE-2024-2961	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.7
`libc-bin`	CVE-2024-33599	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc-bin`	CVE-2024-33600	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc-bin`	CVE-2024-33601	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc-bin`	CVE-2024-33602	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc-bin`	CVE-2023-4806	LOW	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libc-bin`	CVE-2023-4813	LOW	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libc6`	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libc6`	CVE-2024-2961	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.7
`libc6`	CVE-2024-33599	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc6`	CVE-2024-33600	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc6`	CVE-2024-33601	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc6`	CVE-2024-33602	MEDIUM	2.35-0ubuntu3.4	2.35-0ubuntu3.8
`libc6`	CVE-2023-4806	LOW	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libc6`	CVE-2023-4813	LOW	2.35-0ubuntu3.4	2.35-0ubuntu3.5
`libcurl3-gnutls`	CVE-2024-7264	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.17
`libcurl3-gnutls`	CVE-2024-8096	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.18
`libcurl3-gnutls`	CVE-2024-9681	LOW	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.19
`libcurl4`	CVE-2024-7264	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.17
`libcurl4`	CVE-2024-8096	MEDIUM	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.18
`libcurl4`	CVE-2024-9681	LOW	7.81.0-1ubuntu1.16	7.81.0-1ubuntu1.19
`libexpat1`	CVE-2024-45490	MEDIUM	2.4.7-1ubuntu0.3	2.4.7-1ubuntu0.4
`libexpat1`	CVE-2024-45491	MEDIUM	2.4.7-1ubuntu0.3	2.4.7-1ubuntu0.4
`libexpat1`	CVE-2024-45492	MEDIUM	2.4.7-1ubuntu0.3	2.4.7-1ubuntu0.4
`libgnutls30`	CVE-2023-5981	MEDIUM	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.3
`libgnutls30`	CVE-2024-0553	MEDIUM	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.4
`libgnutls30`	CVE-2024-0567	MEDIUM	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.4
`libgnutls30`	CVE-2024-28834	MEDIUM	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.5
`libgnutls30`	CVE-2024-28835	MEDIUM	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.5
`libgssapi-krb5-2`	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.3
`libgssapi-krb5-2`	CVE-2024-37370	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libgssapi-krb5-2`	CVE-2024-37371	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libk5crypto3`	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.3
`libk5crypto3`	CVE-2024-37370	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libk5crypto3`	CVE-2024-37371	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libkrb5-3`	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.3
`libkrb5-3`	CVE-2024-37370	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libkrb5-3`	CVE-2024-37371	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libkrb5support0`	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.3
`libkrb5support0`	CVE-2024-37370	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libkrb5support0`	CVE-2024-37371	MEDIUM	1.19.2-2ubuntu0.2	1.19.2-2ubuntu0.4
`libmount1`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`libpam-modules`	CVE-2024-22365	MEDIUM	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4
`libpam-modules-bin`	CVE-2024-22365	MEDIUM	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4
`libpam-runtime`	CVE-2024-22365	MEDIUM	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4
`libpam0g`	CVE-2024-22365	MEDIUM	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4
`libprocps8`	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2	2:3.3.17-6ubuntu2.1
`libpython3.10-minimal`	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-minimal`	CVE-2023-6597	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`libpython3.10-minimal`	CVE-2024-0397	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`libpython3.10-minimal`	CVE-2024-0450	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`libpython3.10-minimal`	CVE-2024-6232	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-minimal`	CVE-2024-6923	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-minimal`	CVE-2024-8088	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-minimal`	CVE-2024-9287	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.7
`libpython3.10-minimal`	CVE-2024-4032	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`libpython3.10-minimal`	CVE-2024-7592	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-stdlib`	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-stdlib`	CVE-2023-6597	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`libpython3.10-stdlib`	CVE-2024-0397	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`libpython3.10-stdlib`	CVE-2024-0450	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`libpython3.10-stdlib`	CVE-2024-6232	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-stdlib`	CVE-2024-6923	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-stdlib`	CVE-2024-8088	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libpython3.10-stdlib`	CVE-2024-9287	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.7
`libpython3.10-stdlib`	CVE-2024-4032	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`libpython3.10-stdlib`	CVE-2024-7592	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`libsmartcols1`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`libssl3`	CVE-2022-40735	MEDIUM	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.16
`libssl3`	CVE-2023-5363	MEDIUM	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12
`libssl3`	CVE-2024-6119	MEDIUM	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.18
`libssl3`	CVE-2023-2975	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12
`libssl3`	CVE-2023-3446	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12
`libssl3`	CVE-2023-3817	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12
`libssl3`	CVE-2023-5678	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.14
`libssl3`	CVE-2023-6129	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.14
`libssl3`	CVE-2023-6237	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.14
`libssl3`	CVE-2024-0727	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.14
`libssl3`	CVE-2024-2511	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.17
`libssl3`	CVE-2024-4603	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.17
`libssl3`	CVE-2024-4741	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.17
`libssl3`	CVE-2024-5535	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.17
`libuuid1`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`login`	CVE-2023-4641	LOW	1:4.8.1-2ubuntu2.1	1:4.8.1-2ubuntu2.2
`mount`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3
`openssl`	CVE-2022-40735	MEDIUM	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.16
`openssl`	CVE-2024-6119	MEDIUM	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.18
`openssl`	CVE-2024-2511	LOW	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.17
`openssl`	CVE-2024-4603	LOW	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.17
`openssl`	CVE-2024-4741	LOW	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.17
`openssl`	CVE-2024-5535	LOW	3.0.2-0ubuntu1.15	3.0.2-0ubuntu1.17
`passwd`	CVE-2023-4641	LOW	1:4.8.1-2ubuntu2.1	1:4.8.1-2ubuntu2.2
`procps`	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2	2:3.3.17-6ubuntu2.1
`python3-pip`	CVE-2024-37891	LOW	22.0.2+dfsg-1ubuntu0.4	22.0.2+dfsg-1ubuntu0.5
`python3-pkg-resources`	CVE-2024-6345	MEDIUM	59.6.0-1.2ubuntu0.22.04.1	59.6.0-1.2ubuntu0.22.04.2
`python3-setuptools`	CVE-2024-6345	MEDIUM	59.6.0-1.2ubuntu0.22.04.1	59.6.0-1.2ubuntu0.22.04.2
`python3.10`	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10`	CVE-2023-6597	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`python3.10`	CVE-2024-0397	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`python3.10`	CVE-2024-0450	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`python3.10`	CVE-2024-6232	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10`	CVE-2024-6923	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10`	CVE-2024-8088	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10`	CVE-2024-9287	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.7
`python3.10`	CVE-2024-4032	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`python3.10`	CVE-2024-7592	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10-minimal`	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10-minimal`	CVE-2023-6597	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`python3.10-minimal`	CVE-2024-0397	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`python3.10-minimal`	CVE-2024-0450	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.4
`python3.10-minimal`	CVE-2024-6232	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10-minimal`	CVE-2024-6923	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10-minimal`	CVE-2024-8088	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`python3.10-minimal`	CVE-2024-9287	MEDIUM	3.10.12-1~22.04.3	3.10.12-1~22.04.7
`python3.10-minimal`	CVE-2024-4032	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.5
`python3.10-minimal`	CVE-2024-7592	LOW	3.10.12-1~22.04.3	3.10.12-1~22.04.6
`tar`	CVE-2023-39804	MEDIUM	1.34+dfsg-1ubuntu0.1.22.04.1	1.34+dfsg-1ubuntu0.1.22.04.2
`util-linux`	CVE-2024-28085	MEDIUM	2.37.2-4ubuntu3	2.37.2-4ubuntu3.3

No Misconfigurations found

`Node.js`

2 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 1 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`cross-spawn`	CVE-2024-21538	HIGH	7.0.3	7.0.5, 6.0.6
`smol-toml`	GHSA-pqhp-25j4-6hq9	MEDIUM	1.3.0	1.3.1

No Misconfigurations found

`Python`

3 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 3 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`aiohttp`	CVE-2024-52303	MEDIUM	3.10.10	3.10.11
`aiohttp`	CVE-2024-52304	MEDIUM	3.10.10	3.10.11
`urllib3`	CVE-2024-37891	MEDIUM	2.0.7	1.26.19, 2.2.2

No Misconfigurations found

`root/.local/share/helm/plugins/helm-local-chart-version/local-chart-version`

24 known vulnerabilities found (HIGH: 6 MEDIUM: 17 LOW: 0 CRITICAL: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`google.golang.org/protobuf`	CVE-2024-24786	MEDIUM	v1.21.0	1.33.0
`k8s.io/apimachinery`	GHSA-74fp-r6jw-h4mp	HIGH	v0.0.0-20180103014849-68f9c3a1feb3	0.0.0-20190927203648-9ce6eca90e73
`k8s.io/apimachinery`	CVE-2020-8559	MEDIUM	v0.0.0-20180103014849-68f9c3a1feb3	0.16.13, 0.17.9, 0.18.7
`stdlib`	CVE-2024-24790	CRITICAL	1.20.4	1.21.11, 1.22.4
`stdlib`	CVE-2023-29403	HIGH	1.20.4	1.19.10, 1.20.5
`stdlib`	CVE-2023-39325	HIGH	1.20.4	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45288	HIGH	1.20.4	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	1.20.4	1.22.7, 1.23.1
`stdlib`	CVE-2023-29406	MEDIUM	1.20.4	1.19.11, 1.20.6
`stdlib`	CVE-2023-29409	MEDIUM	1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4
`stdlib`	CVE-2023-39318	MEDIUM	1.20.4	1.20.8, 1.21.1
`stdlib`	CVE-2023-39319	MEDIUM	1.20.4	1.20.8, 1.21.1
`stdlib`	CVE-2023-39326	MEDIUM	1.20.4	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	1.20.4	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	1.20.4	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	1.20.4	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.20.4	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.20.4	1.22.7, 1.23.1

No Misconfigurations found

`root/.local/share/helm/plugins/helm-push/bin/helm-cm-push`

40 known vulnerabilities found (CRITICAL: 2 HIGH: 9 MEDIUM: 29 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/containerd/containerd`	CVE-2023-25153	MEDIUM	v1.6.15	1.5.18, 1.6.18
`github.com/containerd/containerd`	CVE-2023-25173	MEDIUM	v1.6.15	1.5.18, 1.6.18
`github.com/containerd/containerd`	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.6.15	1.6.26, 1.7.11
`github.com/cyphar/filepath-securejoin`	GHSA-6xv5-86q9-7xr8	MEDIUM	v0.2.3	0.2.4
`github.com/docker/distribution`	CVE-2023-2253	HIGH	v2.8.1+incompatible	2.8.2-beta.1
`github.com/docker/docker`	CVE-2024-41110	CRITICAL	v20.10.24+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6
`github.com/docker/docker`	CVE-2024-24557	MEDIUM	v20.10.24+incompatible	24.0.9, 25.0.2
`github.com/docker/docker`	CVE-2024-29018	MEDIUM	v20.10.24+incompatible	26.0.0-rc3, 25.0.5, 23.0.11
`github.com/docker/docker`	GHSA-jq35-85cj-fj4p	MEDIUM	v20.10.24+incompatible	24.0.7, 23.0.8, 20.10.27
`golang.org/x/crypto`	CVE-2023-48795	MEDIUM	v0.5.0	0.17.0
`golang.org/x/net`	CVE-2023-39325	HIGH	v0.9.0	0.17.0
`golang.org/x/net`	CVE-2023-3978	MEDIUM	v0.9.0	0.13.0
`golang.org/x/net`	CVE-2023-44487	MEDIUM	v0.9.0	0.17.0
`golang.org/x/net`	CVE-2023-45288	MEDIUM	v0.9.0	0.23.0
`google.golang.org/grpc`	GHSA-m425-mq94-257g	HIGH	v1.49.0	1.56.3, 1.57.1, 1.58.3
`google.golang.org/grpc`	CVE-2023-44487	MEDIUM	v1.49.0	1.58.3, 1.57.1, 1.56.3
`google.golang.org/protobuf`	CVE-2024-24786	MEDIUM	v1.28.1	1.33.0
`helm.sh/helm/v3`	CVE-2024-26147	HIGH	v3.11.2	3.14.2
`helm.sh/helm/v3`	CVE-2024-25620	MEDIUM	v3.11.2	3.14.1
`stdlib`	CVE-2024-24790	CRITICAL	1.20.4	1.21.11, 1.22.4
`stdlib`	CVE-2023-29403	HIGH	1.20.4	1.19.10, 1.20.5
`stdlib`	CVE-2023-39325	HIGH	1.20.4	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45288	HIGH	1.20.4	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	1.20.4	1.22.7, 1.23.1
`stdlib`	CVE-2023-29406	MEDIUM	1.20.4	1.19.11, 1.20.6
`stdlib`	CVE-2023-29409	MEDIUM	1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4
`stdlib`	CVE-2023-39318	MEDIUM	1.20.4	1.20.8, 1.21.1
`stdlib`	CVE-2023-39319	MEDIUM	1.20.4	1.20.8, 1.21.1
`stdlib`	CVE-2023-39326	MEDIUM	1.20.4	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	1.20.4	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	1.20.4	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	1.20.4	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	1.20.4	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.20.4	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.20.4	1.22.7, 1.23.1

No Misconfigurations found

`root/.local/share/helm/plugins/helm-schema-gen/bin/helm-schema-gen`

30 known vulnerabilities found (CRITICAL: 3 HIGH: 11 MEDIUM: 16 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`gopkg.in/yaml.v2`	CVE-2019-11254	MEDIUM	v2.2.7	2.2.8
`stdlib`	CVE-2023-24538	CRITICAL	1.19.7	1.19.8, 1.20.3
`stdlib`	CVE-2023-24540	CRITICAL	1.19.7	1.19.9, 1.20.4
`stdlib`	CVE-2024-24790	CRITICAL	1.19.7	1.21.11, 1.22.4
`stdlib`	CVE-2023-24534	HIGH	1.19.7	1.19.8, 1.20.3
`stdlib`	CVE-2023-24536	HIGH	1.19.7	1.19.8, 1.20.3
`stdlib`	CVE-2023-24537	HIGH	1.19.7	1.19.8, 1.20.3
`stdlib`	CVE-2023-24539	HIGH	1.19.7	1.19.9, 1.20.4
`stdlib`	CVE-2023-29400	HIGH	1.19.7	1.19.9, 1.20.4
`stdlib`	CVE-2023-29403	HIGH	1.19.7	1.19.10, 1.20.5
`stdlib`	CVE-2023-39325	HIGH	1.19.7	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	1.19.7	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45287	HIGH	1.19.7	1.20.0
`stdlib`	CVE-2023-45288	HIGH	1.19.7	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	1.19.7	1.22.7, 1.23.1
`stdlib`	CVE-2023-29406	MEDIUM	1.19.7	1.19.11, 1.20.6
`stdlib`	CVE-2023-29409	MEDIUM	1.19.7	1.19.12, 1.20.7, 1.21.0-rc.4
`stdlib`	CVE-2023-39318	MEDIUM	1.19.7	1.20.8, 1.21.1
`stdlib`	CVE-2023-39319	MEDIUM	1.19.7	1.20.8, 1.21.1
`stdlib`	CVE-2023-39326	MEDIUM	1.19.7	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	1.19.7	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	1.19.7	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	1.19.7	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	1.19.7	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	1.19.7	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	1.19.7	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	1.19.7	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	1.19.7	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.19.7	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.19.7	1.22.7, 1.23.1

No Misconfigurations found

`root/gcrane`

3 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 2 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-34156	HIGH	1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.21.12	1.22.7, 1.23.1

No Misconfigurations found

`root/krane`

4 known vulnerabilities found (LOW: 1 CRITICAL: 0 HIGH: 1 MEDIUM: 2)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/golang-jwt/jwt/v4`	CVE-2024-51744	LOW	v4.5.0	4.5.1
`stdlib`	CVE-2024-34156	HIGH	1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.21.12	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/ah`

1 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 0 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/golang-jwt/jwt/v4`	CVE-2024-51744	LOW	v4.5.0	4.5.1

No Misconfigurations found

`usr/local/bin/chart-doc-gen`

17 known vulnerabilities found (MEDIUM: 12 LOW: 0 CRITICAL: 1 HIGH: 4)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`google.golang.org/protobuf`	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0
`stdlib`	CVE-2024-24790	CRITICAL	1.21.2	1.21.11, 1.22.4
`stdlib`	CVE-2023-39325	HIGH	1.21.2	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	1.21.2	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45288	HIGH	1.21.2	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	1.21.2	1.22.7, 1.23.1
`stdlib`	CVE-2023-39326	MEDIUM	1.21.2	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	1.21.2	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	1.21.2	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	1.21.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	1.21.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	1.21.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	1.21.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	1.21.2	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	1.21.2	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.21.2	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.21.2	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/conftest`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/container-structure-test`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/cosign`

1 known vulnerabilities found (HIGH: 0 MEDIUM: 0 LOW: 1 CRITICAL: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/golang-jwt/jwt/v4`	CVE-2024-51744	LOW	v4.5.0	4.5.1

No Misconfigurations found

`usr/local/bin/crane`

3 known vulnerabilities found (LOW: 0 CRITICAL: 0 HIGH: 1 MEDIUM: 2)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-34156	HIGH	1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	1.21.12	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.21.12	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/ct`

8 known vulnerabilities found (LOW: 0 CRITICAL: 1 HIGH: 2 MEDIUM: 5)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/hashicorp/go-retryablehttp`	CVE-2024-6104	MEDIUM	v0.7.5	0.7.7
`stdlib`	CVE-2024-24790	CRITICAL	1.22.2	1.21.11, 1.22.4
`stdlib`	CVE-2024-24788	HIGH	1.22.2	1.22.3
`stdlib`	CVE-2024-34156	HIGH	1.22.2	1.22.7, 1.23.1
`stdlib`	CVE-2024-24789	MEDIUM	1.22.2	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	1.22.2	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.22.2	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.22.2	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/gomplate`

5 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 3 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`google.golang.org/grpc`	GHSA-xr7q-jx4m-x55m	LOW	v1.64.0	1.64.1
`stdlib`	CVE-2024-34156	HIGH	1.22.4	1.22.7, 1.23.1
`stdlib`	CVE-2024-24791	MEDIUM	1.22.4	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.22.4	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.22.4	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/helm`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/helm-docs`

8 known vulnerabilities found (CRITICAL: 1 HIGH: 3 MEDIUM: 4 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-24790	CRITICAL	1.22.1	1.21.11, 1.22.4
`stdlib`	CVE-2023-45288	HIGH	1.22.1	1.21.9, 1.22.2
`stdlib`	CVE-2024-24788	HIGH	1.22.1	1.22.3
`stdlib`	CVE-2024-34156	HIGH	1.22.1	1.22.7, 1.23.1
`stdlib`	CVE-2024-24789	MEDIUM	1.22.1	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	1.22.1	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.22.1	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.22.1	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/kube-linter`

18 known vulnerabilities found (HIGH: 4 MEDIUM: 12 LOW: 0 CRITICAL: 2)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/docker/docker`	CVE-2024-41110	CRITICAL	v24.0.7+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6
`github.com/docker/docker`	CVE-2024-24557	MEDIUM	v24.0.7+incompatible	24.0.9, 25.0.2
`golang.org/x/net`	CVE-2023-45288	MEDIUM	v0.20.0	0.23.0
`google.golang.org/protobuf`	CVE-2024-24786	MEDIUM	v1.32.0	1.33.0
`helm.sh/helm/v3`	CVE-2024-26147	HIGH	v3.14.1	3.14.2
`stdlib`	CVE-2024-24790	CRITICAL	1.22.0	1.21.11, 1.22.4
`stdlib`	CVE-2023-45288	HIGH	1.22.0	1.21.9, 1.22.2
`stdlib`	CVE-2024-24788	HIGH	1.22.0	1.22.3
`stdlib`	CVE-2024-34156	HIGH	1.22.0	1.22.7, 1.23.1
`stdlib`	CVE-2023-45289	MEDIUM	1.22.0	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	1.22.0	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	1.22.0	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	1.22.0	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	1.22.0	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	1.22.0	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	1.22.0	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.22.0	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.22.0	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/kube-score`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/kubeconform`

3 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 2 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-34156	HIGH	1.22.5	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	1.22.5	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.22.5	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/kubectl`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/kubent`

6 known vulnerabilities found (MEDIUM: 4 LOW: 0 CRITICAL: 0 HIGH: 2)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/open-policy-agent/opa`	CVE-2024-8260	MEDIUM	v0.67.1	0.68.0
`helm.sh/helm/v3`	CVE-2024-26147	HIGH	v3.13.3	3.14.2
`helm.sh/helm/v3`	CVE-2024-25620	MEDIUM	v3.13.3	3.14.1
`stdlib`	CVE-2024-34156	HIGH	1.23.0	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	1.23.0	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.23.0	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/kubepug`

17 known vulnerabilities found (CRITICAL: 1 HIGH: 3 MEDIUM: 13 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`golang.org/x/net`	CVE-2023-45288	MEDIUM	v0.17.0	0.23.0
`google.golang.org/protobuf`	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0
`stdlib`	CVE-2024-24790	CRITICAL	1.21.3	1.21.11, 1.22.4
`stdlib`	CVE-2023-45283	HIGH	1.21.3	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45288	HIGH	1.21.3	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	1.21.3	1.22.7, 1.23.1
`stdlib`	CVE-2023-39326	MEDIUM	1.21.3	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	1.21.3	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	1.21.3	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	1.21.3	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	1.21.3	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	1.21.3	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	1.21.3	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	1.21.3	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	1.21.3	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.21.3	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.21.3	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/kubescape`

1 known vulnerabilities found (HIGH: 0 MEDIUM: 0 LOW: 1 CRITICAL: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/golang-jwt/jwt/v4`	CVE-2024-51744	LOW	v4.5.0	4.5.1

No Misconfigurations found

`usr/local/bin/kubesec`

3 known vulnerabilities found (LOW: 0 CRITICAL: 0 HIGH: 1 MEDIUM: 2)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-34156	HIGH	1.23.0	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	1.23.0	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.23.0	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/kubeval`

77 known vulnerabilities found (CRITICAL: 4 HIGH: 44 MEDIUM: 28 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`golang.org/x/sys`	CVE-2022-29526	MEDIUM	v0.0.0-20200223170610-d5e6a3e2c0ae	0.0.0-20220412211240-33da011f77ad
`golang.org/x/text`	CVE-2021-38561	HIGH	v0.3.2	0.3.7
`golang.org/x/text`	CVE-2022-32149	HIGH	v0.3.2	0.3.8
`golang.org/x/text`	CVE-2020-14040	MEDIUM	v0.3.2	0.3.3
`stdlib`	CVE-2022-23806	CRITICAL	1.16.2	1.16.14, 1.17.7
`stdlib`	CVE-2023-24538	CRITICAL	1.16.2	1.19.8, 1.20.3
`stdlib`	CVE-2023-24540	CRITICAL	1.16.2	1.19.9, 1.20.4
`stdlib`	CVE-2024-24790	CRITICAL	1.16.2	1.21.11, 1.22.4
`stdlib`	CVE-2021-33195	HIGH	1.16.2	1.15.13, 1.16.5
`stdlib`	CVE-2021-33196	HIGH	1.16.2	1.15.13, 1.16.5
`stdlib`	CVE-2021-33198	HIGH	1.16.2	1.15.13, 1.16.5
`stdlib`	CVE-2021-39293	HIGH	1.16.2	1.16.8, 1.17.1
`stdlib`	CVE-2021-41771	HIGH	1.16.2	1.16.10, 1.17.3
`stdlib`	CVE-2021-41772	HIGH	1.16.2	1.16.10, 1.17.3
`stdlib`	CVE-2021-44716	HIGH	1.16.2	1.16.12, 1.17.5
`stdlib`	CVE-2022-23772	HIGH	1.16.2	1.16.14, 1.17.7
`stdlib`	CVE-2022-24675	HIGH	1.16.2	1.17.9, 1.18.1
`stdlib`	CVE-2022-24921	HIGH	1.16.2	1.16.15, 1.17.8
`stdlib`	CVE-2022-27664	HIGH	1.16.2	1.18.6, 1.19.1
`stdlib`	CVE-2022-28131	HIGH	1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-28327	HIGH	1.16.2	1.17.9, 1.18.1
`stdlib`	CVE-2022-2879	HIGH	1.16.2	1.18.7, 1.19.2
`stdlib`	CVE-2022-2880	HIGH	1.16.2	1.18.7, 1.19.2
`stdlib`	CVE-2022-29804	HIGH	1.16.2	1.17.11, 1.18.3
`stdlib`	CVE-2022-30580	HIGH	1.16.2	1.17.11, 1.18.3
`stdlib`	CVE-2022-30630	HIGH	1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-30631	HIGH	1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-30632	HIGH	1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-30633	HIGH	1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-30634	HIGH	1.16.2	1.17.11, 1.18.3
`stdlib`	CVE-2022-30635	HIGH	1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-32189	HIGH	1.16.2	1.17.13, 1.18.5
`stdlib`	CVE-2022-41715	HIGH	1.16.2	1.18.7, 1.19.2
`stdlib`	CVE-2022-41716	HIGH	1.16.2	1.18.8, 1.19.3
`stdlib`	CVE-2022-41720	HIGH	1.16.2	1.18.9, 1.19.4
`stdlib`	CVE-2022-41722	HIGH	1.16.2	1.19.6, 1.20.1
`stdlib`	CVE-2022-41723	HIGH	1.16.2	1.19.6, 1.20.1
`stdlib`	CVE-2022-41724	HIGH	1.16.2	1.19.6, 1.20.1
`stdlib`	CVE-2022-41725	HIGH	1.16.2	1.19.6, 1.20.1
`stdlib`	CVE-2023-24534	HIGH	1.16.2	1.19.8, 1.20.3
`stdlib`	CVE-2023-24536	HIGH	1.16.2	1.19.8, 1.20.3
`stdlib`	CVE-2023-24537	HIGH	1.16.2	1.19.8, 1.20.3
`stdlib`	CVE-2023-24539	HIGH	1.16.2	1.19.9, 1.20.4
`stdlib`	CVE-2023-29400	HIGH	1.16.2	1.19.9, 1.20.4
`stdlib`	CVE-2023-29403	HIGH	1.16.2	1.19.10, 1.20.5
`stdlib`	CVE-2023-39325	HIGH	1.16.2	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	1.16.2	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45287	HIGH	1.16.2	1.20.0
`stdlib`	CVE-2023-45288	HIGH	1.16.2	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	1.16.2	1.22.7, 1.23.1
`stdlib`	CVE-2021-31525	MEDIUM	1.16.2	1.15.12, 1.16.4
`stdlib`	CVE-2021-33197	MEDIUM	1.16.2	1.15.13, 1.16.5
`stdlib`	CVE-2021-34558	MEDIUM	1.16.2	1.15.14, 1.16.6
`stdlib`	CVE-2021-36221	MEDIUM	1.16.2	1.15.15, 1.16.7
`stdlib`	CVE-2021-44717	MEDIUM	1.16.2	1.16.12, 1.17.5
`stdlib`	CVE-2022-1705	MEDIUM	1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-1962	MEDIUM	1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-29526	MEDIUM	1.16.2	1.17.10, 1.18.2
`stdlib`	CVE-2022-32148	MEDIUM	1.16.2	1.17.12, 1.18.4
`stdlib`	CVE-2022-41717	MEDIUM	1.16.2	1.18.9, 1.19.4
`stdlib`	CVE-2023-24532	MEDIUM	1.16.2	1.19.7, 1.20.2
`stdlib`	CVE-2023-29406	MEDIUM	1.16.2	1.19.11, 1.20.6
`stdlib`	CVE-2023-29409	MEDIUM	1.16.2	1.19.12, 1.20.7, 1.21.0-rc.4
`stdlib`	CVE-2023-39318	MEDIUM	1.16.2	1.20.8, 1.21.1
`stdlib`	CVE-2023-39319	MEDIUM	1.16.2	1.20.8, 1.21.1
`stdlib`	CVE-2023-39326	MEDIUM	1.16.2	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	1.16.2	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	1.16.2	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	1.16.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	1.16.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	1.16.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	1.16.2	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	1.16.2	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	1.16.2	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.16.2	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.16.2	1.22.7, 1.23.1
`stdlib`	CVE-2022-30629	LOW	1.16.2	1.17.11, 1.18.3

No Misconfigurations found

`usr/local/bin/kustomize`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/kyverno`

2 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 1 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/golang-jwt/jwt/v4`	CVE-2024-51744	LOW	v4.5.0	4.5.1
`github.com/open-policy-agent/opa`	CVE-2024-8260	MEDIUM	v0.67.1	0.68.0

No Misconfigurations found

`usr/local/bin/nova`

2 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 2 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`golang.org/x/net`	CVE-2023-45288	MEDIUM	v0.17.0	0.23.0
`google.golang.org/protobuf`	CVE-2024-24786	MEDIUM	v1.31.0	1.33.0

No Misconfigurations found

`usr/local/bin/pluto`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/polaris`

No Vulnerabilities found

No Misconfigurations found

`usr/local/bin/s5cmd`

16 known vulnerabilities found (MEDIUM: 11 LOW: 0 CRITICAL: 1 HIGH: 4)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-24790	CRITICAL	1.20.8	1.21.11, 1.22.4
`stdlib`	CVE-2023-39325	HIGH	1.20.8	1.20.10, 1.21.3
`stdlib`	CVE-2023-45283	HIGH	1.20.8	1.20.11, 1.21.4, 1.20.12, 1.21.5
`stdlib`	CVE-2023-45288	HIGH	1.20.8	1.21.9, 1.22.2
`stdlib`	CVE-2024-34156	HIGH	1.20.8	1.22.7, 1.23.1
`stdlib`	CVE-2023-39326	MEDIUM	1.20.8	1.20.12, 1.21.5
`stdlib`	CVE-2023-45284	MEDIUM	1.20.8	1.20.11, 1.21.4
`stdlib`	CVE-2023-45289	MEDIUM	1.20.8	1.21.8, 1.22.1
`stdlib`	CVE-2023-45290	MEDIUM	1.20.8	1.21.8, 1.22.1
`stdlib`	CVE-2024-24783	MEDIUM	1.20.8	1.21.8, 1.22.1
`stdlib`	CVE-2024-24784	MEDIUM	1.20.8	1.21.8, 1.22.1
`stdlib`	CVE-2024-24785	MEDIUM	1.20.8	1.21.8, 1.22.1
`stdlib`	CVE-2024-24789	MEDIUM	1.20.8	1.21.11, 1.22.4
`stdlib`	CVE-2024-24791	MEDIUM	1.20.8	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.20.8	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.20.8	1.22.7, 1.23.1

No Misconfigurations found

`usr/local/bin/trivy`

1 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 0 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`github.com/golang-jwt/jwt/v4`	CVE-2024-51744	LOW	v4.5.0	4.5.1

No Misconfigurations found

`usr/local/bin/yq`

3 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 2 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-34156	HIGH	1.22.5	1.22.7, 1.23.1
`stdlib`	CVE-2024-34155	MEDIUM	1.22.5	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.22.5	1.22.7, 1.23.1

No Misconfigurations found

## [2.3.31](v2.3.30...v2.3.31) (2024-11-25) ### Miscellaneous Chores * **deps:** update all non-major dependencies ([#488](#488)) ([88f2b85](88f2b85)) * **deps:** update docker.io/bitnami/kubectl:1.31.2 docker digest to 0eab9ec ([#486](#486)) ([a76866f](a76866f)) * **deps:** update docker.io/nginxinc/nginx-unprivileged:1.27.2 docker digest to d2ce7dc ([#487](#487)) ([15df337](15df337)) * **deps:** update github-actions ([#489](#489)) ([759c5f2](759c5f2)) ### CI/CD * fix runs-on ([5c5898b](5c5898b)) * use releaser app instead of PAT ([b68ba32](b68ba32))

github-actions · 2024-11-25T11:52:29Z

🎉 This PR is included in version 2.3.31 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

chore(deps): update github-actions

20c5741

chgl merged commit 759c5f2 into master Nov 24, 2024
11 of 12 checks passed

renovate bot deleted the renovate/github-actions branch November 24, 2024 00:46

github-actions bot added the released label Nov 25, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update github-actions #489

chore(deps): update github-actions #489

renovate bot commented Nov 23, 2024

github-actions bot commented Nov 23, 2024

github-actions bot commented Nov 23, 2024

github-actions bot commented Nov 25, 2024

chore(deps): update github-actions #489

chore(deps): update github-actions #489

Conversation

renovate bot commented Nov 23, 2024

Release Notes

v0.29.0

What's Changed

New Contributors

v1.8.5

Miscellaneous Chores

v3.27.5

v3.27.4

CodeQL Action Changelog

3.27.4 - 14 Nov 2024

v3.27.3

CodeQL Action Changelog

3.27.3 - 12 Nov 2024

v3.27.2

CodeQL Action Changelog

3.27.2 - 12 Nov 2024

v3.27.1

CodeQL Action Changelog

3.27.1 - 08 Nov 2024

v2.1.0: Version 2.1.0

What's Changed

New Contributors

Configuration

github-actions bot commented Nov 23, 2024

🦙 MegaLinter status: ❌ ERROR

github-actions bot commented Nov 23, 2024

Trivy image scan report

ghcr.io/chgl/kube-powertools:pr-489 (ubuntu 22.04)

125 known vulnerabilities found (MEDIUM: 90 LOW: 35 CRITICAL: 0 HIGH: 0)

No Misconfigurations found

Node.js

2 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 1 LOW: 0)

No Misconfigurations found

Python

3 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 3 LOW: 0)

No Misconfigurations found

root/.local/share/helm/plugins/helm-local-chart-version/local-chart-version

24 known vulnerabilities found (HIGH: 6 MEDIUM: 17 LOW: 0 CRITICAL: 1)

No Misconfigurations found

root/.local/share/helm/plugins/helm-push/bin/helm-cm-push

40 known vulnerabilities found (CRITICAL: 2 HIGH: 9 MEDIUM: 29 LOW: 0)

No Misconfigurations found

root/.local/share/helm/plugins/helm-schema-gen/bin/helm-schema-gen

30 known vulnerabilities found (CRITICAL: 3 HIGH: 11 MEDIUM: 16 LOW: 0)

No Misconfigurations found

root/gcrane

3 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 2 LOW: 0)

No Misconfigurations found

root/krane

4 known vulnerabilities found (LOW: 1 CRITICAL: 0 HIGH: 1 MEDIUM: 2)

No Misconfigurations found

usr/local/bin/ah

1 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 0 LOW: 1)

No Misconfigurations found

usr/local/bin/chart-doc-gen

17 known vulnerabilities found (MEDIUM: 12 LOW: 0 CRITICAL: 1 HIGH: 4)

No Misconfigurations found

usr/local/bin/conftest

No Vulnerabilities found

No Misconfigurations found

usr/local/bin/container-structure-test

No Vulnerabilities found

No Misconfigurations found

usr/local/bin/cosign

1 known vulnerabilities found (HIGH: 0 MEDIUM: 0 LOW: 1 CRITICAL: 0)

No Misconfigurations found

usr/local/bin/crane

3 known vulnerabilities found (LOW: 0 CRITICAL: 0 HIGH: 1 MEDIUM: 2)

No Misconfigurations found

usr/local/bin/ct

8 known vulnerabilities found (LOW: 0 CRITICAL: 1 HIGH: 2 MEDIUM: 5)

No Misconfigurations found

usr/local/bin/gomplate

5 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 3 LOW: 1)

No Misconfigurations found

usr/local/bin/helm

`v0.29.0`

`v1.8.5`

`v3.27.5`

`v3.27.4`

`v3.27.3`

`v3.27.2`

`v3.27.1`

`v2.1.0`: Version 2.1.0

`ghcr.io/chgl/kube-powertools:pr-489 (ubuntu 22.04)`

`Node.js`

`Python`

`root/.local/share/helm/plugins/helm-local-chart-version/local-chart-version`

`root/.local/share/helm/plugins/helm-push/bin/helm-cm-push`

`root/.local/share/helm/plugins/helm-schema-gen/bin/helm-schema-gen`

`root/gcrane`

`root/krane`

`usr/local/bin/ah`

`usr/local/bin/chart-doc-gen`

`usr/local/bin/conftest`

`usr/local/bin/container-structure-test`

`usr/local/bin/cosign`

`usr/local/bin/crane`

`usr/local/bin/ct`

`usr/local/bin/gomplate`

`usr/local/bin/helm`

`usr/local/bin/helm-docs`

`usr/local/bin/kube-linter`

`usr/local/bin/kube-score`

`usr/local/bin/kubeconform`

`usr/local/bin/kubectl`

`usr/local/bin/kubent`

`usr/local/bin/kubepug`

`usr/local/bin/kubescape`

`usr/local/bin/kubesec`

`usr/local/bin/kubeval`

`usr/local/bin/kustomize`

`usr/local/bin/kyverno`

`usr/local/bin/nova`

`usr/local/bin/pluto`

`usr/local/bin/polaris`

`usr/local/bin/s5cmd`

`usr/local/bin/trivy`

`usr/local/bin/yq`