chore(findings): atlassian/bitbucket-data-center/bitbucket-node
Summary
atlassian/bitbucket-data-center/bitbucket-node has 29 new findings discovered during continuous monitoring.
| id | source | package |
|---|---|---|
| CVE-2021-35515 | anchore_cve | commons_compress-1.19 |
| CVE-2021-35515 | anchore_cve | commons_compress-1.19 |
| CVE-2021-35516 | anchore_cve | commons_compress-1.19 |
| CVE-2021-35516 | anchore_cve | commons_compress-1.19 |
| CVE-2021-35517 | anchore_cve | commons_compress-1.19 |
| CVE-2021-35517 | anchore_cve | commons_compress-1.19 |
| CVE-2021-36090 | anchore_cve | commons_compress-1.19 |
| CVE-2021-36090 | anchore_cve | commons_compress-1.19 |
| GHSA-m72m-mhq2-9p6c | anchore_cve | jsoup-1.8.3 |
| CVE-2021-3712 | anchore_cve | openssl-1.1.1g-15.el8_3 |
| CVE-2021-38593 | anchore_cve | qt5-srpm-macros-5.12.5-3.el8 |
| CVE-2021-30129 | anchore_cve | sshd-2.4.0 |
| CVE-2021-30129 | anchore_cve | sshd-2.4.0 |
| GHSA-2q8x-2p7f-574v | anchore_cve | xstream-1.4.15 |
| GHSA-3ccq-5vw3-2p6x | anchore_cve | xstream-1.4.15 |
| GHSA-64xx-cq4q-mf44 | anchore_cve | xstream-1.4.15 |
| GHSA-6w62-hx7r-mw68 | anchore_cve | xstream-1.4.15 |
| GHSA-6wf9-jmg9-vxcc | anchore_cve | xstream-1.4.15 |
| GHSA-8jrj-525p-826v | anchore_cve | xstream-1.4.15 |
| GHSA-cxfm-5m4g-x7xp | anchore_cve | xstream-1.4.15 |
| GHSA-g5w6-mrj7-75h2 | anchore_cve | xstream-1.4.15 |
| GHSA-h7v4-7xg3-hxcc | anchore_cve | xstream-1.4.15 |
| GHSA-hph2-m3g5-xxv4 | anchore_cve | xstream-1.4.15 |
| GHSA-j9h8-phrw-h4fh | anchore_cve | xstream-1.4.15 |
| GHSA-p8pq-r894-fm8f | anchore_cve | xstream-1.4.15 |
| GHSA-qrx8-8545-4wg2 | anchore_cve | xstream-1.4.15 |
| GHSA-xw4p-crpj-vjx2 | anchore_cve | xstream-1.4.15 |
| CVE-2021-3712 | twistlock_cve | openssl-1.1.1g-15.el8_3 |
| CVE-2021-37714 | twistlock_cve | org.jsoup_jsoup-1.8.3 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/atlassian/bitbucket-data-center/bitbucket-node/-/jobs/6065114
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official