Closed stamak closed 4 days ago
Plugin helm plugin install https://github.com/databus23/helm-diff --version v3.9.11 Reported by Trivy scanning tool
helm plugin install https://github.com/databus23/helm-diff --version v3.9.11
root/.local/share/helm/plugins/helm-diff/bin/diff (gobinary) 18:06:59 [5/19294] Total: 4 (UNKNOWN: 0, LOW: 0, MEDIUM: 3, HIGH: 1, CRITICAL: 0) ┌─────────┬────────────────┬──────────┬────────┬───────────────────┬─────────────────┬──────────────────────────────────────────────────────────── ─┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├─────────┼────────────────┼──────────┼────────┼───────────────────┼─────────────────┼──────────────────────────────────────────────────────────── ─┤ │ stdlib │ CVE-2024-34156 │ HIGH │ fixed │ 1.22.4 │ 1.22.7, 1.23.1 │ encoding/gob: golang: Calling Decoder.Decode on a message │ │ │ │ │ │ │ │ which contains deeply nested structures... │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-34156 │ │ ├────────────────┼──────────┤ │ ├─────────────────┼──────────────────────────────────────────────────────────── ─┤ │ │ CVE-2024-24791 │ MEDIUM │ │ │ 1.21.12, 1.22.5 │ net/http: Denial of service due to improper 100-continue │ │ │ │ │ │ │ │ handling in net/http │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-24791 │ │ ├────────────────┤ │ │ ├─────────────────┼──────────────────────────────────────────────────────────── ─┤ │ │ CVE-2024-34155 │ │ │ │ 1.22.7, 1.23.1 │ go/parser: golang: Calling any of the Parse functions │ │ │ │ │ │ │ │ containing deeply nested literals... │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-34155 │ │ ├────────────────┤ │ │ │ ├──────────────────────────────────────────────────────────── ─┤ │ │ CVE-2024-34158 │ │ │ │ │ go/build/constraint: golang: Calling Parse on a "// +build" │ │ │ │ │ │ │ │ build tag line with... │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-34158 │ └─────────┴────────────────┴──────────┴────────┴───────────────────┴─────────────────┴──────────────────────────────────────────────────────────── ─┘
@stamak thanks.
Plugin
helm plugin install https://github.com/databus23/helm-diff --version v3.9.11
Reported by Trivy scanning tool