UNCLASSIFIED - NO CUI

ATTENTION: Immediate action is required to maintain compatibility with P1 services. Please visit https://p1notifications.dso.mil and see the "DSO.MIL Certificates Renewal" announcement under the "Notifications" section for more details.

chore(findings): aws/aws-controllers-k8s/s3

Summary

aws/aws-controllers-k8s/s3 has 8 new findings discovered during continuous monitoring.

id	source	package
CCE-85987-6	oscap_comp	Uninherited
CVE-2021-34558	twistlock_cve	go-1.15.15
CVE-2021-41772	twistlock_cve	go-1.15.15
CVE-2021-29923	twistlock_cve	go-1.15.15
CVE-2021-44716	twistlock_cve	go-1.15.15
CVE-2021-38297	twistlock_cve	go-1.15.15
CVE-2021-41771	twistlock_cve	go-1.15.15
CVE-2021-39293	twistlock_cve	go-1.15.15

More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/aws/aws-controllers-k8s/s3/-/jobs/9868264

Definition of Done

Justifications:

All findings have been justified
Justifications have been provided to the container hardening team

Approval Process:

Findings Approver has reviewed and approved all justifications
Approval request has been sent to Authorizing Official
Approval request has been processed by Authorizing Official

Edited Feb 16, 2022 by Joe Roberts

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI