UNCLASSIFIED - NO CUI

Skip to content

chore(findings): aperio-global/russel/database

Summary

aperio-global/russel/database has 198 new findings discovered during continuous monitoring.

Layer: opensource/mongodb/mongodb_7.x:7.0.11 is EOL, please update if possible

Layer: redhat/ubi/ubi9:9.4 is EOL, please update if possible

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=aperio-global/russel/database&tag=1.0&branch=master

EPSS (Exploit Prediction Scoring System) provides an estimate of the likelihood that a vulnerability will be exploited in the wild.

KEV (Known Exploited Vulnerabilities) indicates whether a vulnerability is actively being exploited according to CISA.

id source severity package impact workaround epss_score kev
CVE-2024-3596 Anchore CVE High krb5-libs-1.21.1-1.el9 0.29718 false
CVE-2024-3596 Twistlock CVE High krb5-1.21.1-1.el9 0.29718 false
CVE-2020-11023 Anchore CVE Medium libgcc-11.4.1-3.el9 0.21547 true
CVE-2020-11023 Anchore CVE Medium libstdc++-11.4.1-3.el9 0.21547 true
CVE-2020-11023 Anchore CVE Medium libgomp-11.4.1-3.el9 0.21547 true
CVE-2020-11023 Twistlock CVE Medium gcc-11.4.1-3.el9 0.21547 true
CVE-2024-6345 Anchore CVE High python3-setuptools-wheel-53.0.0-12.el9 0.10079 false
CVE-2024-6345 Anchore CVE High python3-setuptools-53.0.0-12.el9 0.10079 false
CVE-2024-6345 Twistlock CVE High python-setuptools-53.0.0-12.el9 0.10079 false
CVE-2024-7264 Anchore CVE Low libcurl-minimal-7.76.1-29.el9_4 0.07100 false
CVE-2024-7264 Anchore CVE Low curl-minimal-7.76.1-29.el9_4 0.07100 false
CVE-2024-7264 Twistlock CVE Low curl-7.76.1-29.el9_4 0.07100 false
CVE-2024-56433 Anchore CVE Low shadow-utils-2:4.9-8.el9 0.02806 false
CVE-2024-2398 Twistlock CVE Medium curl-7.76.1-29.el9_4 0.01962 false
CVE-2024-37371 Twistlock CVE Medium krb5-1.21.1-1.el9 0.01935 false
CVE-2024-52533 Anchore CVE Medium glib2-2.68.4-14.el9 0.01786 false
CVE-2024-52533 Twistlock CVE Medium glib2-2.68.4-14.el9 0.01786 false
CVE-2024-6232 Anchore CVE Medium python3-3.9.18-3.el9_4.1 0.01519 false
CVE-2024-6232 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.1 0.01519 false
CVE-2024-6232 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.1 0.01519 false
CVE-2015-1609 Twistlock CVE Medium mongos-1.3.6 0.01347 false
CVE-2025-0938 Anchore CVE Medium python3-3.9.18-3.el9_4.1 0.00801 false
CVE-2025-0938 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.1 0.00801 false
CVE-2025-0938 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.1 0.00801 false
CVE-2024-4032 Anchore CVE Low python3-libs-3.9.18-3.el9_4.1 0.00735 false
CVE-2024-4032 Anchore CVE Low python3-3.9.18-3.el9_4.1 0.00735 false
CVE-2024-4032 Twistlock CVE Low python3.9-3.9.18-3.el9_4.1 0.00735 false
CVE-2024-9681 Anchore CVE Low curl-minimal-7.76.1-29.el9_4 0.00571 false
CVE-2024-9681 Anchore CVE Low libcurl-minimal-7.76.1-29.el9_4 0.00571 false
CVE-2024-9681 Twistlock CVE Low curl-7.76.1-29.el9_4 0.00571 false
CVE-2024-8176 Anchore CVE Medium expat-2.5.0-2.el9_4 0.00505 false
CVE-2024-8176 Twistlock CVE Medium expat-2.5.0-2.el9_4 0.00505 false
CVE-2024-7592 Anchore CVE Low python3-libs-3.9.18-3.el9_4.1 0.00468 false
CVE-2024-7592 Anchore CVE Low python3-3.9.18-3.el9_4.1 0.00468 false
CVE-2024-7592 Twistlock CVE Low python3.9-3.9.18-3.el9_4.1 0.00468 false
CVE-2024-11053 Anchore CVE Low libcurl-minimal-7.76.1-29.el9_4 0.00361 false
CVE-2024-11053 Anchore CVE Low curl-minimal-7.76.1-29.el9_4 0.00361 false
CVE-2024-11053 Twistlock CVE Low curl-7.76.1-29.el9_4 0.00361 false
CVE-2025-0395 Anchore CVE Medium glibc-minimal-langpack-2.34-100.el9_4.2 0.00348 false
CVE-2025-0395 Anchore CVE Medium glibc-2.34-100.el9_4.2 0.00348 false
CVE-2025-0395 Anchore CVE Medium glibc-common-2.34-100.el9_4.2 0.00348 false
CVE-2025-0395 Twistlock CVE Medium glibc-2.34-100.el9_4.2 0.00348 false
CVE-2024-11168 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.1 0.00327 false
CVE-2024-11168 Anchore CVE Medium python3-3.9.18-3.el9_4.1 0.00327 false
CVE-2024-11168 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.1 0.00327 false
CVE-2024-37370 Twistlock CVE Medium krb5-1.21.1-1.el9 0.00305 false
CVE-2024-12797 Anchore CVE High openssl-1:3.0.7-27.el9 0.00259 false
CVE-2024-12797 Anchore CVE High openssl-libs-1:3.0.7-27.el9 0.00259 false
CVE-2024-12797 Twistlock CVE High openssl-3.0.7-27.el9 0.00259 false
CVE-2021-3572 Twistlock CVE Low python-pip-21.2.3-8.el9 0.00240 false
CVE-2024-0397 Anchore CVE Low python3-3.9.18-3.el9_4.1 0.00226 false
CVE-2024-0397 Anchore CVE Low python3-libs-3.9.18-3.el9_4.1 0.00226 false
CVE-2024-0397 Twistlock CVE Low python3.9-3.9.18-3.el9_4.1 0.00226 false
CVE-2025-1153 Anchore CVE Low gdb-gdbserver-10.2-13.el9 0.00212 false
CVE-2025-1153 Twistlock CVE Low gdb-10.2-13.el9 0.00212 false
CVE-2024-26458 Twistlock CVE Low krb5-1.21.1-1.el9 0.00206 false
CVE-2025-1795 Anchore CVE Low python3-3.9.18-3.el9_4.1 0.00184 false
CVE-2025-1795 Anchore CVE Low python3-libs-3.9.18-3.el9_4.1 0.00184 false
CVE-2025-1795 Twistlock CVE Low python3.9-3.9.18-3.el9_4.1 0.00184 false
CVE-2023-32636 Anchore CVE Low glib2-2.68.4-14.el9 0.00179 false
CVE-2023-32636 Twistlock CVE Low glib2-2.68.4-14.el9 0.00179 false
CVE-2024-41996 Anchore CVE Low openssl-libs-1:3.0.7-27.el9 0.00166 false
CVE-2024-41996 Anchore CVE Low openssl-1:3.0.7-27.el9 0.00166 false
CVE-2024-41996 Twistlock CVE Low openssl-3.0.7-27.el9 0.00166 false
CVE-2025-4517 Twistlock CVE High python3.9-3.9.18-3.el9_4.1 0.00146 false
CVE-2025-4517 Anchore CVE High python3-3.9.18-3.el9_4.1 0.00146 false
CVE-2025-4517 Anchore CVE High python3-libs-3.9.18-3.el9_4.1 0.00146 false
CVE-2024-37891 Twistlock CVE Medium python-urllib3-1.26.5-5.el9 0.00142 false
CVE-2025-47273 Twistlock CVE Medium python-setuptools-53.0.0-12.el9 0.00139 false
CVE-2025-47273 Anchore CVE Medium python3-setuptools-wheel-53.0.0-12.el9 0.00139 false
CVE-2025-47273 Anchore CVE Medium python3-setuptools-53.0.0-12.el9 0.00139 false
CVE-2025-4330 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.1 0.00120 false
CVE-2025-4330 Anchore CVE Medium python3-3.9.18-3.el9_4.1 0.00120 false
CVE-2025-4330 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.1 0.00120 false
CVE-2025-4373 Anchore CVE Medium glib2-2.68.4-14.el9 0.00107 false
CVE-2025-4373 Twistlock CVE Medium glib2-2.68.4-14.el9 0.00107 false
CVE-2025-4138 Twistlock CVE High python3.9-3.9.18-3.el9_4.1 0.00100 false
CVE-2025-4138 Anchore CVE High python3-libs-3.9.18-3.el9_4.1 0.00100 false
CVE-2025-4138 Anchore CVE High python3-3.9.18-3.el9_4.1 0.00100 false
CVE-2024-12718 Twistlock CVE High python3.9-3.9.18-3.el9_4.1 0.00097 false
CVE-2024-12718 Anchore CVE High python3-3.9.18-3.el9_4.1 0.00097 false
CVE-2024-12718 Anchore CVE High python3-libs-3.9.18-3.el9_4.1 0.00097 false
CVE-2025-8194 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.1 0.00096 false
CVE-2025-8194 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.1 0.00096 false
CVE-2025-8194 Anchore CVE Medium python3-3.9.18-3.el9_4.1 0.00096 false
CVE-2025-1152 Anchore CVE Low gdb-gdbserver-10.2-13.el9 0.00093 false
CVE-2025-1152 Twistlock CVE Low gdb-10.2-13.el9 0.00093 false
CVE-2025-1150 Anchore CVE Low gdb-gdbserver-10.2-13.el9 0.00093 false
CVE-2025-1150 Twistlock CVE Low gdb-10.2-13.el9 0.00093 false
CVE-2024-8088 Anchore CVE Medium python3-3.9.18-3.el9_4.1 0.00091 false
CVE-2024-8088 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.1 0.00091 false
CVE-2024-8088 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.1 0.00091 false
CVE-2025-6069 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.1 0.00090 false
CVE-2025-6069 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.1 0.00090 false
CVE-2025-6069 Anchore CVE Medium python3-3.9.18-3.el9_4.1 0.00090 false
CVE-2024-6923 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.1 0.00089 false
CVE-2024-6923 Anchore CVE Medium python3-3.9.18-3.el9_4.1 0.00089 false
CVE-2024-6923 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.1 0.00089 false
CVE-2025-1151 Anchore CVE Low gdb-gdbserver-10.2-13.el9 0.00086 false
CVE-2025-1151 Twistlock CVE Low gdb-10.2-13.el9 0.00086 false
CVE-2025-48060 Anchore CVE High jq-1.6 0.00081 false
CVE-2024-26461 Twistlock CVE Low krb5-1.21.1-1.el9 0.00081 false
CVE-2024-13176 Anchore CVE Low openssl-1:3.0.7-27.el9 0.00080 false
CVE-2024-13176 Anchore CVE Low openssl-libs-1:3.0.7-27.el9 0.00080 false
CVE-2024-13176 Twistlock CVE Low openssl-3.0.7-27.el9 0.00080 false
CVE-2016-6494 Twistlock CVE Low mongos-1.3.6 0.00080 false
CVE-2024-50602 Anchore CVE Medium expat-2.5.0-2.el9_4 0.00068 false
CVE-2024-50602 Twistlock CVE Medium expat-2.5.0-2.el9_4 0.00068 false
CVE-2025-4435 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.1 0.00067 false
CVE-2025-4435 Anchore CVE Medium python3-3.9.18-3.el9_4.1 0.00067 false
CVE-2025-4435 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.1 0.00067 false
CVE-2025-1377 Anchore CVE Low elfutils-default-yama-scope-0.190-2.el9 0.00065 false
CVE-2025-1377 Anchore CVE Low elfutils-libs-0.190-2.el9 0.00065 false
CVE-2025-1377 Anchore CVE Low elfutils-libelf-0.190-2.el9 0.00065 false
CVE-2025-1377 Twistlock CVE Low elfutils-0.190-2.el9 0.00065 false
CVE-2025-5702 Twistlock CVE Medium glibc-2.34-100.el9_4.2 0.00055 false
CVE-2025-5702 Anchore CVE Medium glibc-2.34-100.el9_4.2 0.00055 false
CVE-2025-5702 Anchore CVE Medium glibc-minimal-langpack-2.34-100.el9_4.2 0.00055 false
CVE-2025-5702 Anchore CVE Medium glibc-common-2.34-100.el9_4.2 0.00055 false
CVE-2024-23337 Anchore CVE Medium jq-1.6 0.00055 false
CVE-2025-3360 Anchore CVE Low glib2-2.68.4-14.el9 0.00052 false
CVE-2025-3360 Twistlock CVE Low glib2-2.68.4-14.el9 0.00052 false
CVE-2025-7039 Twistlock CVE Low glib2-2.68.4-14.el9 0.00050 false
CVE-2022-27943 Twistlock CVE Low gcc-11.4.1-3.el9 0.00050 false
CVE-2025-1376 Anchore CVE Low elfutils-libs-0.190-2.el9 0.00048 false
CVE-2025-1376 Anchore CVE Low elfutils-default-yama-scope-0.190-2.el9 0.00048 false
CVE-2025-1376 Anchore CVE Low elfutils-libelf-0.190-2.el9 0.00048 false
CVE-2025-1376 Twistlock CVE Low elfutils-0.190-2.el9 0.00048 false
CVE-2024-9287 Anchore CVE Medium python3-3.9.18-3.el9_4.1 0.00048 false
CVE-2024-9287 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.1 0.00048 false
CVE-2024-9287 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.1 0.00048 false
CVE-2025-3576 Anchore CVE Medium krb5-libs-1.21.1-1.el9 0.00047 false
CVE-2025-3576 Twistlock CVE Medium krb5-1.21.1-1.el9 0.00047 false
CVE-2025-45582 Twistlock CVE Medium tar-1.34-6.el9_1 0.00042 false
CVE-2025-45582 Anchore CVE Medium tar-2:1.34-6.el9_1 0.00042 false
CVE-2025-4598 Twistlock CVE Medium systemd-252-32.el9_4 0.00037 false
CVE-2025-4598 Anchore CVE Medium systemd-252-32.el9_4 0.00037 false
CVE-2025-4598 Anchore CVE Medium systemd-libs-252-32.el9_4 0.00037 false
CVE-2025-4598 Anchore CVE Medium systemd-rpm-macros-252-32.el9_4 0.00037 false
CVE-2025-4598 Anchore CVE Medium systemd-pam-252-32.el9_4 0.00037 false
CVE-2025-1371 Anchore CVE Low elfutils-libelf-0.190-2.el9 0.00029 false
CVE-2025-1371 Anchore CVE Low elfutils-default-yama-scope-0.190-2.el9 0.00029 false
CVE-2025-1371 Anchore CVE Low elfutils-libs-0.190-2.el9 0.00029 false
CVE-2025-1371 Twistlock CVE Low elfutils-0.190-2.el9 0.00029 false
CVE-2025-6020 Twistlock CVE High pam-1.5.1-19.el9 0.00026 false
CVE-2025-6020 Anchore CVE High pam-1.5.1-19.el9 0.00026 false
CVE-2025-8941 Twistlock CVE High pam-1.5.1-19.el9 0.00024 false
CVE-2025-8941 Anchore CVE High pam-1.5.1-19.el9 0.00024 false
CVE-2024-57360 Anchore CVE Low gdb-gdbserver-10.2-13.el9 0.00024 false
CVE-2024-57360 Twistlock CVE Low gdb-10.2-13.el9 0.00024 false
CVE-2024-26462 Twistlock CVE Medium krb5-1.21.1-1.el9 0.00024 false
CVE-2025-5245 Twistlock CVE Medium gdb-10.2-13.el9 0.00022 false
CVE-2025-5245 Anchore CVE Medium gdb-gdbserver-10.2-13.el9 0.00022 false
CVE-2025-4516 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.1 0.00021 false
CVE-2025-4516 Anchore CVE Medium python3-3.9.18-3.el9_4.1 0.00021 false
CVE-2025-4516 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.1 0.00021 false
CVE-2025-8058 Twistlock CVE Medium glibc-2.34-100.el9_4.2 0.00018 false
CVE-2025-8058 Anchore CVE Medium glibc-2.34-100.el9_4.2 0.00018 false
CVE-2025-8058 Anchore CVE Medium glibc-common-2.34-100.el9_4.2 0.00018 false
CVE-2025-8058 Anchore CVE Medium glibc-minimal-langpack-2.34-100.el9_4.2 0.00018 false
CVE-2025-5278 Twistlock CVE Medium coreutils-8.32-35.el9 0.00018 false
CVE-2025-5278 Anchore CVE Medium coreutils-single-8.32-35.el9 0.00018 false
CVE-2025-50181 Twistlock CVE Medium python-pip-21.2.3-8.el9 0.00015 false
CVE-2025-50181 Anchore CVE Medium python3-pip-wheel-21.2.3-8.el9 0.00015 false
CVE-2024-25260 Twistlock CVE Low elfutils-0.190-2.el9 0.00014 false
CVE-2022-47011 Twistlock CVE Low gdb-10.2-13.el9 0.00014 false
CVE-2022-47010 Twistlock CVE Low gdb-10.2-13.el9 0.00014 false
CVE-2022-47007 Twistlock CVE Low gdb-10.2-13.el9 0.00014 false
CVE-2025-50182 Twistlock CVE Medium python-pip-21.2.3-8.el9 0.00013 false
CVE-2025-50182 Anchore CVE Medium python3-pip-wheel-21.2.3-8.el9 0.00013 false
CVE-2024-53427 Anchore CVE High jq-1.6 0.00012 false
CVE-2025-3198 Anchore CVE Low gdb-gdbserver-10.2-13.el9 0.00011 false
CVE-2025-3198 Twistlock CVE Low gdb-10.2-13.el9 0.00011 false
CVE-2025-4802 Twistlock CVE Medium glibc-2.34-100.el9_4.2 0.00008 false
CVE-2025-4802 Anchore CVE Medium glibc-common-2.34-100.el9_4.2 0.00008 false
CVE-2025-4802 Anchore CVE Medium glibc-2.34-100.el9_4.2 0.00008 false
CVE-2025-4802 Anchore CVE Medium glibc-minimal-langpack-2.34-100.el9_4.2 0.00008 false
CVE-2025-24528 Anchore CVE Medium krb5-libs-1.21.1-1.el9 N/A false
CVE-2025-24528 Twistlock CVE Medium krb5-1.21.1-1.el9 N/A false
RHSA-2024:9474 OSCAP Compliance Low N/A N/A
RHSA-2024:9468 OSCAP Compliance Low N/A N/A
RHSA-2024:9404 OSCAP Compliance Low N/A N/A
RHSA-2024:9371 OSCAP Compliance Low N/A N/A
RHSA-2024:9333 OSCAP Compliance Low N/A N/A
RHSA-2024:9331 OSCAP Compliance Low N/A N/A
RHSA-2024:8446 OSCAP Compliance Low N/A N/A
RHSA-2024:6783 OSCAP Compliance Low N/A N/A
RHSA-2024:6754 OSCAP Compliance Low N/A N/A
RHSA-2024:6464 OSCAP Compliance Low N/A N/A
RHSA-2024:6166 OSCAP Compliance Low N/A N/A
RHSA-2024:6163 OSCAP Compliance Low N/A N/A
RHSA-2024:6162 OSCAP Compliance Low N/A N/A
RHSA-2024:5534 OSCAP Compliance Low N/A N/A
RHSA-2024:5529 OSCAP Compliance Low N/A N/A
RHSA-2024:4779 OSCAP Compliance Low N/A N/A
RHBA-2024:6679 OSCAP Compliance Low N/A N/A
RHBA-2024:5691 OSCAP Compliance Low N/A N/A
CCE-83623-9 OSCAP Compliance Medium N/A N/A

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=aperio-global/russel/database&tag=1.0&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by CHORE_TOKEN
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI