Open jreisinger opened 1 year ago
Also noticed the same thing with some other KHVs:
https://avd.aquasec.com/kube-hunter/khv043 https://avd.aquasec.com/kube-hunter/khv052
The links above listed these as high severity
But output in the CLI for both vulnerabilities are low
(for KHV043) and medium
(for KHV052)
What happened
I scanned a remote CLUSTER and got an output, where
.vulnerabilities[0].severity
(high) does not match severity at.vulnerabilities[0].avd_reference
(low).Expected behavior
I would expect vulnerability severity in kube-hunter output to match the severity at https://avd.aquasec.com.