chore(findings): cloudbees/core/core-oc
Summary
cloudbees/core/core-oc has 14 new findings discovered during continuous monitoring.
| id | source | package |
|---|---|---|
| CVE-2017-2649 | anchore_cve | active_directory-1.0 |
| CVE-2019-1003009 | anchore_cve | active_directory-1.0 |
| CVE-2020-2299 | anchore_cve | active_directory-1.0 |
| CVE-2020-2300 | anchore_cve | active_directory-1.0 |
| CVE-2020-2301 | anchore_cve | active_directory-1.0 |
| CVE-2020-2302 | anchore_cve | active_directory-1.0 |
| CVE-2020-2303 | anchore_cve | active_directory-1.0 |
| GHSA-m6cp-vxjx-65j6 | anchore_cve | jetty-server-9.4.39.v20210325 |
| GHSA-v528-7hrm-frqp | anchore_cve | json-smart-2.3 |
| GHSA-v528-7hrm-frqp | anchore_cve | json-smart-2.3 |
| CVE-2021-28169 | twistlock_cve | org.eclipse.jetty_jetty-io-9.4.39.v20210325 |
| CVE-2021-34428 | twistlock_cve | org.eclipse.jetty_jetty-io-9.4.39.v20210325 |
| CVE-2021-21670 | twistlock_cve | org.jenkins-ci.main_jenkins-core-2.289.1-cb-6 |
| CVE-2021-21671 | twistlock_cve | org.jenkins-ci.main_jenkins-core-2.289.1-cb-6 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/cloudbees/core/core-oc/-/jobs/4740129
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official