chore(findings): cloudbees/core/core-oc
Summary
cloudbees/core/core-oc has 14 new findings discovered during continuous monitoring.
| id | source | package |
|---|---|---|
| CVE-2021-36373 | anchore_cve | ant-1.10.9 |
| CVE-2021-36374 | anchore_cve | ant-1.10.9 |
| CVE-2021-35515 | anchore_cve | commons-compress-1.20 |
| CVE-2021-35516 | anchore_cve | commons-compress-1.20 |
| CVE-2021-35517 | anchore_cve | commons-compress-1.20 |
| CVE-2021-36090 | anchore_cve | commons-compress-1.20 |
| GHSA-vjv5-gp2w-65vm | anchore_cve | jetty-webapp-9.4.41.v20210516 |
| CVE-2021-30129 | anchore_cve | sshd-2.5.1 |
| CVE-2021-30129 | anchore_cve | sshd-2.5.1 |
| CVE-2021-35515 | twistlock_cve | org.apache.commons_commons-compress-1.20 |
| CVE-2021-35516 | twistlock_cve | org.apache.commons_commons-compress-1.20 |
| CVE-2021-35517 | twistlock_cve | org.apache.commons_commons-compress-1.20 |
| CVE-2021-36090 | twistlock_cve | org.apache.commons_commons-compress-1.20 |
| CVE-2021-34429 | twistlock_cve | org.eclipse.jetty_jetty-io-9.4.41.v20210516 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/cloudbees/core/core-oc/-/jobs/5213100
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official