Skip to content

ghcr.io/helmfile/helmfile:latest (alpine 3.19.2)

Trivy Image Scan

  • Image: ghcr.io/helmfile/helmfile:latest (alpine 3.19.2)
  • Scan date: 2024-07-25

ghcr.io/helmfile/helmfile:latest (alpine 3.19.2) (alpine)

Package Vulnerability ID Severity Installed Version Fixed Version Links
libcrypto3 CVE-2024-4741 MEDIUM 3.1.5-r0 3.1.6-r0
libcrypto3 CVE-2024-5535 MEDIUM 3.1.5-r0 3.1.6-r0
libssl3 CVE-2024-4741 MEDIUM 3.1.5-r0 3.1.6-r0
libssl3 CVE-2024-5535 MEDIUM 3.1.5-r0 3.1.6-r0
openssh-client-common CVE-2024-6387 HIGH 9.6_p1-r0 9.6_p1-r1
openssh-client-default CVE-2024-6387 HIGH 9.6_p1-r0 9.6_p1-r1
openssh-keygen CVE-2024-6387 HIGH 9.6_p1-r0 9.6_p1-r1
No Misconfigurations found

Node.js (node-pkg)

No Vulnerabilities found
No Misconfigurations found

helm/.local/share/helm/plugins/helm-diff/bin/diff (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2024-24790 CRITICAL 1.22.2 1.21.11, 1.22.4
stdlib CVE-2024-24788 HIGH 1.22.2 1.22.3
stdlib CVE-2024-24789 MEDIUM 1.22.2 1.21.11, 1.22.4
stdlib CVE-2024-24791 MEDIUM 1.22.2 1.21.12, 1.22.5
No Misconfigurations found

helm/.local/share/helm/plugins/helm-s3.git/bin/helm-s3 (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/containerd/containerd GHSA-7ww5-4wqc-m92c MEDIUM v1.7.6 1.6.26, 1.7.11
github.com/docker/docker CVE-2024-24557 MEDIUM v24.0.7+incompatible 24.0.9, 25.0.2
golang.org/x/crypto CVE-2023-48795 MEDIUM v0.14.0 0.17.0
golang.org/x/net CVE-2023-45288 MEDIUM v0.17.0 0.23.0
google.golang.org/protobuf CVE-2024-24786 MEDIUM v1.30.0 1.33.0
helm.sh/helm/v3 CVE-2024-26147 HIGH v3.13.2 3.14.2
helm.sh/helm/v3 CVE-2019-25210 MEDIUM v3.13.2 no fix available
helm.sh/helm/v3 CVE-2024-25620 MEDIUM v3.13.2 3.14.1
stdlib CVE-2024-24790 CRITICAL 1.19.13 1.21.11, 1.22.4
stdlib CVE-2023-39325 HIGH 1.19.13 1.20.10, 1.21.3
stdlib CVE-2023-45283 HIGH 1.19.13 1.20.11, 1.21.4, 1.20.12, 1.21.5
stdlib CVE-2023-45287 HIGH 1.19.13 1.20.0
stdlib CVE-2023-45288 HIGH 1.19.13 1.21.9, 1.22.2
stdlib CVE-2023-39318 MEDIUM 1.19.13 1.20.8, 1.21.1
stdlib CVE-2023-39319 MEDIUM 1.19.13 1.20.8, 1.21.1
stdlib CVE-2023-39326 MEDIUM 1.19.13 1.20.12, 1.21.5
stdlib CVE-2023-45284 MEDIUM 1.19.13 1.20.11, 1.21.4
stdlib CVE-2023-45289 MEDIUM 1.19.13 1.21.8, 1.22.1
stdlib CVE-2023-45290 MEDIUM 1.19.13 1.21.8, 1.22.1
stdlib CVE-2024-24783 MEDIUM 1.19.13 1.21.8, 1.22.1
stdlib CVE-2024-24784 MEDIUM 1.19.13 1.21.8, 1.22.1
stdlib CVE-2024-24785 MEDIUM 1.19.13 1.21.8, 1.22.1
stdlib CVE-2024-24789 MEDIUM 1.19.13 1.21.11, 1.22.4
stdlib CVE-2024-24791 MEDIUM 1.19.13 1.21.12, 1.22.5
No Misconfigurations found

usr/local/bin/age (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
golang.org/x/crypto CVE-2023-48795 MEDIUM v0.4.0 0.17.0
stdlib CVE-2023-24538 CRITICAL 1.19.4 1.19.8, 1.20.3
stdlib CVE-2023-24540 CRITICAL 1.19.4 1.19.9, 1.20.4
stdlib CVE-2024-24790 CRITICAL 1.19.4 1.21.11, 1.22.4
stdlib CVE-2022-41722 HIGH 1.19.4 1.19.6, 1.20.1
stdlib CVE-2022-41723 HIGH 1.19.4 1.19.6, 1.20.1
stdlib CVE-2022-41724 HIGH 1.19.4 1.19.6, 1.20.1
stdlib CVE-2022-41725 HIGH 1.19.4 1.19.6, 1.20.1
stdlib CVE-2023-24534 HIGH 1.19.4 1.19.8, 1.20.3
stdlib CVE-2023-24536 HIGH 1.19.4 1.19.8, 1.20.3
stdlib CVE-2023-24537 HIGH 1.19.4 1.19.8, 1.20.3
stdlib CVE-2023-24539 HIGH 1.19.4 1.19.9, 1.20.4
stdlib CVE-2023-29400 HIGH 1.19.4 1.19.9, 1.20.4
stdlib CVE-2023-29403 HIGH 1.19.4 1.19.10, 1.20.5
stdlib CVE-2023-39325 HIGH 1.19.4 1.20.10, 1.21.3
stdlib CVE-2023-45283 HIGH 1.19.4 1.20.11, 1.21.4, 1.20.12, 1.21.5
stdlib CVE-2023-45287 HIGH 1.19.4 1.20.0
stdlib CVE-2023-45288 HIGH 1.19.4 1.21.9, 1.22.2
stdlib CVE-2023-24532 MEDIUM 1.19.4 1.19.7, 1.20.2
stdlib CVE-2023-29406 MEDIUM 1.19.4 1.19.11, 1.20.6
stdlib CVE-2023-29409 MEDIUM 1.19.4 1.19.12, 1.20.7, 1.21.0-rc.4
stdlib CVE-2023-39318 MEDIUM 1.19.4 1.20.8, 1.21.1
stdlib CVE-2023-39319 MEDIUM 1.19.4 1.20.8, 1.21.1
stdlib CVE-2023-39326 MEDIUM 1.19.4 1.20.12, 1.21.5
stdlib CVE-2023-45284 MEDIUM 1.19.4 1.20.11, 1.21.4
stdlib CVE-2023-45289 MEDIUM 1.19.4 1.21.8, 1.22.1
stdlib CVE-2023-45290 MEDIUM 1.19.4 1.21.8, 1.22.1
stdlib CVE-2024-24783 MEDIUM 1.19.4 1.21.8, 1.22.1
stdlib CVE-2024-24784 MEDIUM 1.19.4 1.21.8, 1.22.1
stdlib CVE-2024-24785 MEDIUM 1.19.4 1.21.8, 1.22.1
stdlib CVE-2024-24789 MEDIUM 1.19.4 1.21.11, 1.22.4
stdlib CVE-2024-24791 MEDIUM 1.19.4 1.21.12, 1.22.5
No Misconfigurations found

usr/local/bin/age-keygen (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
golang.org/x/crypto CVE-2023-48795 MEDIUM v0.4.0 0.17.0
stdlib CVE-2023-24538 CRITICAL 1.19.4 1.19.8, 1.20.3
stdlib CVE-2023-24540 CRITICAL 1.19.4 1.19.9, 1.20.4
stdlib CVE-2024-24790 CRITICAL 1.19.4 1.21.11, 1.22.4
stdlib CVE-2022-41722 HIGH 1.19.4 1.19.6, 1.20.1
stdlib CVE-2022-41723 HIGH 1.19.4 1.19.6, 1.20.1
stdlib CVE-2022-41724 HIGH 1.19.4 1.19.6, 1.20.1
stdlib CVE-2022-41725 HIGH 1.19.4 1.19.6, 1.20.1
stdlib CVE-2023-24534 HIGH 1.19.4 1.19.8, 1.20.3
stdlib CVE-2023-24536 HIGH 1.19.4 1.19.8, 1.20.3
stdlib CVE-2023-24537 HIGH 1.19.4 1.19.8, 1.20.3
stdlib CVE-2023-24539 HIGH 1.19.4 1.19.9, 1.20.4
stdlib CVE-2023-29400 HIGH 1.19.4 1.19.9, 1.20.4
stdlib CVE-2023-29403 HIGH 1.19.4 1.19.10, 1.20.5
stdlib CVE-2023-39325 HIGH 1.19.4 1.20.10, 1.21.3
stdlib CVE-2023-45283 HIGH 1.19.4 1.20.11, 1.21.4, 1.20.12, 1.21.5
stdlib CVE-2023-45287 HIGH 1.19.4 1.20.0
stdlib CVE-2023-45288 HIGH 1.19.4 1.21.9, 1.22.2
stdlib CVE-2023-24532 MEDIUM 1.19.4 1.19.7, 1.20.2
stdlib CVE-2023-29406 MEDIUM 1.19.4 1.19.11, 1.20.6
stdlib CVE-2023-29409 MEDIUM 1.19.4 1.19.12, 1.20.7, 1.21.0-rc.4
stdlib CVE-2023-39318 MEDIUM 1.19.4 1.20.8, 1.21.1
stdlib CVE-2023-39319 MEDIUM 1.19.4 1.20.8, 1.21.1
stdlib CVE-2023-39326 MEDIUM 1.19.4 1.20.12, 1.21.5
stdlib CVE-2023-45284 MEDIUM 1.19.4 1.20.11, 1.21.4
stdlib CVE-2023-45289 MEDIUM 1.19.4 1.21.8, 1.22.1
stdlib CVE-2023-45290 MEDIUM 1.19.4 1.21.8, 1.22.1
stdlib CVE-2024-24783 MEDIUM 1.19.4 1.21.8, 1.22.1
stdlib CVE-2024-24784 MEDIUM 1.19.4 1.21.8, 1.22.1
stdlib CVE-2024-24785 MEDIUM 1.19.4 1.21.8, 1.22.1
stdlib CVE-2024-24789 MEDIUM 1.19.4 1.21.11, 1.22.4
stdlib CVE-2024-24791 MEDIUM 1.19.4 1.21.12, 1.22.5
No Misconfigurations found

usr/local/bin/helm (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2024-24791 MEDIUM 1.22.4 1.21.12, 1.22.5
No Misconfigurations found

usr/local/bin/helmfile (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
google.golang.org/grpc GHSA-xr7q-jx4m-x55m LOW v1.64.0 1.64.1
stdlib CVE-2024-24791 MEDIUM 1.22.4 1.21.12, 1.22.5
No Misconfigurations found

usr/local/bin/kubectl (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2024-24790 CRITICAL 1.21.9 1.21.11, 1.22.4
stdlib CVE-2024-24789 MEDIUM 1.21.9 1.21.11, 1.22.4
stdlib CVE-2024-24791 MEDIUM 1.21.9 1.21.12, 1.22.5
No Misconfigurations found

usr/local/bin/kustomize (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
google.golang.org/protobuf CVE-2024-24786 MEDIUM v1.30.0 1.33.0
stdlib CVE-2024-24790 CRITICAL 1.20.10 1.21.11, 1.22.4
stdlib CVE-2023-45283 HIGH 1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5
stdlib CVE-2023-45288 HIGH 1.20.10 1.21.9, 1.22.2
stdlib CVE-2023-39326 MEDIUM 1.20.10 1.20.12, 1.21.5
stdlib CVE-2023-45284 MEDIUM 1.20.10 1.20.11, 1.21.4
stdlib CVE-2023-45289 MEDIUM 1.20.10 1.21.8, 1.22.1
stdlib CVE-2023-45290 MEDIUM 1.20.10 1.21.8, 1.22.1
stdlib CVE-2024-24783 MEDIUM 1.20.10 1.21.8, 1.22.1
stdlib CVE-2024-24784 MEDIUM 1.20.10 1.21.8, 1.22.1
stdlib CVE-2024-24785 MEDIUM 1.20.10 1.21.8, 1.22.1
stdlib CVE-2024-24789 MEDIUM 1.20.10 1.21.11, 1.22.4
stdlib CVE-2024-24791 MEDIUM 1.20.10 1.21.12, 1.22.5
No Misconfigurations found

usr/local/bin/sops (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/Azure/azure-sdk-for-go/sdk/azidentity CVE-2024-35255 MEDIUM v1.4.0 1.6.0
github.com/cloudflare/circl GHSA-9763-4f94-gfch HIGH v1.3.3 1.3.7
github.com/go-jose/go-jose/v3 CVE-2024-28180 MEDIUM v3.0.0 3.0.3
github.com/go-jose/go-jose/v3 GHSA-2c7c-3mj9-8fqh MEDIUM v3.0.0 3.0.1
github.com/hashicorp/go-retryablehttp CVE-2024-6104 MEDIUM v0.7.1 0.7.7
golang.org/x/crypto CVE-2023-48795 MEDIUM v0.14.0 0.17.0
golang.org/x/net CVE-2023-45288 MEDIUM v0.17.0 0.23.0
google.golang.org/protobuf CVE-2024-24786 MEDIUM v1.31.0 1.33.0
stdlib CVE-2024-24790 CRITICAL 1.20.8 1.21.11, 1.22.4
stdlib CVE-2023-39325 HIGH 1.20.8 1.20.10, 1.21.3
stdlib CVE-2023-45283 HIGH 1.20.8 1.20.11, 1.21.4, 1.20.12, 1.21.5
stdlib CVE-2023-45288 HIGH 1.20.8 1.21.9, 1.22.2
stdlib CVE-2023-39326 MEDIUM 1.20.8 1.20.12, 1.21.5
stdlib CVE-2023-45284 MEDIUM 1.20.8 1.20.11, 1.21.4
stdlib CVE-2023-45289 MEDIUM 1.20.8 1.21.8, 1.22.1
stdlib CVE-2023-45290 MEDIUM 1.20.8 1.21.8, 1.22.1
stdlib CVE-2024-24783 MEDIUM 1.20.8 1.21.8, 1.22.1
stdlib CVE-2024-24784 MEDIUM 1.20.8 1.21.8, 1.22.1
stdlib CVE-2024-24785 MEDIUM 1.20.8 1.21.8, 1.22.1
stdlib CVE-2024-24789 MEDIUM 1.20.8 1.21.11, 1.22.4
stdlib CVE-2024-24791 MEDIUM 1.20.8 1.21.12, 1.22.5
No Misconfigurations found