Pipeline · Ironbank Containers / Confluent / Confluent Component Operator / cp-enterprise-replicator-operator-5.5.x

Merge branch 'scottstroud-development-patch-23439' into 'development'

diffutils install

See merge request !8

18 jobs for development in 24 minutes and 30 seconds (queued for 21 minutes and 16 seconds)

c1c3db43

Status	Job ID	Name
.Pre
passed	#2332691 ironbank	load scripts	00:00:11 Mar 12, 2021

Preflight
passed	#2332692 ironbank	folder structure	00:00:07 Mar 12, 2021
passed	#2332693 ironbank	hardening_manifest	00:00:15 Mar 12, 2021

Lint
passed	#2332694 ironbank	wl compare lint	00:00:20 Mar 12, 2021

Import Artifacts
passed	#2332695 ironbank	import artifacts	00:00:12 Mar 12, 2021

Scan Artifacts
passed	#2332696 ironbank	clamav scan	00:00:44 Mar 12, 2021

Build
passed	#2332697 ironbank-isolated	build	00:05:24 Mar 12, 2021

Scanning
passed	#2332701 ironbank	anchore scan	00:07:48 Mar 12, 2021
passed	#2332698 ironbank	openscap compliance	00:02:16 Mar 12, 2021
passed	#2332699 ironbank	openscap cve	00:07:25 Mar 12, 2021
passed	#2332700 ironbank	twistlock scan	00:02:27 Mar 12, 2021

Csv Output
passed	#2332702 ironbank	csv output	00:01:53 Mar 12, 2021

Check Cves
failed	#2332703 ironbank allowed to fail	check cves	00:00:21 Mar 12, 2021

Documentation
passed	#2332704 ironbank	sign image	00:02:05 Mar 12, 2021
passed	#2332705 ironbank	sign manifest	00:00:48 Mar 12, 2021
passed	#2332706 ironbank	write json documentation	00:01:00 Mar 12, 2021

Publish
passed	#2332707 ironbank	upload to s3	00:04:41 Mar 12, 2021

Vat
passed	#2332708 ironbank	vat	00:00:29 Mar 12, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check cves	Check Cves
	INFO: {Finding(scan_source='twistlock_cve', cve_id='CVE-2020-36242', package='cryptography-2.7', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-util'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/confluent-security/schema-registry/httpclient-4.5.3.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/javax-websocket-client-impl-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-xml'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/confluent-security/kafka-rest/httpclient-4.5.3.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-243350', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-security/kafka-rest/protobuf-java-3.13.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-servlets'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-jaas'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23336', package='python3-libs-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2018-20200', package='okhttp-3.9.0', package_path='/usr/share/java/acl/acl-5.5.3.jar:okhttp'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-10001', package='cups-libs-2.2.6-38.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:javax-websocket-server-impl'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-annotations-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/websocket-common-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-util'), Finding(scan_source='oscap_comp', cve_id='CCE-82494-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-23841', package='openssl-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8284', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-continuation'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-plus-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35512', package='dbus-libs-1.12.8-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12399', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-annotations'), Finding(scan_source='oscap_comp', cve_id='CCE-82472-2', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82473-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/websocket-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.9', package_path='/usr/share/java/kafka/httpclient-4.5.9.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27618', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:websocket-servlet'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-jmx-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-jaas-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29362', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-metadata-service/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-jmx-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-jmx'), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.25', package_path='/usr/share/java/confluent-hub-client/jersey-guava-2.25.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-243351', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-security/kafka-rest/protobuf-java-util-3.13.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/websocket-api-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/confluent-rebalancer/httpclient-4.5.3.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/schema-registry/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-28.0-android', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-annotations-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8284', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29363', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/acl/acl-5.5.3.jar:flatbuffers-java'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/javax-websocket-server-impl-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:websocket-client'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27619', package='python3-libs-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-control-center/jetty-proxy-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/websocket-client-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:websocket-common'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29363', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8285', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-243350', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-security/kafka-rest/protobuf-java-util-3.13.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3326', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-annotations'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-webapp-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-servlets'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/confluent-rebalancer/flatbuffers-java-1.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/javax-websocket-client-impl-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82220-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-servlet'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:websocket-common'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-26.0-jre', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-webapp-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82949-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-xml-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-24.1.1-jre', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-28.1-jre', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-25013', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.10', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-jndi'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.11', package_path='/usr/share/java/kafka/httpclient-4.5.11.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-plus'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82474-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-243351', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-rebalancer/protobuf-java-util-3.13.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:websocket-client'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/confluent-control-center/httpclient-4.5.3.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-plus'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-config-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/kafka-connect-replicator/flatbuffers-java-1.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-annotations-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-proxy'), Finding(scan_source='oscap_comp', cve_id='CCE-82985-3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2018-20200', package='okhttp-3.9.0', package_path='/usr/share/java/confluent-control-center/okhttp-3.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/websocket-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3326', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-15358', package='sqlite-libs-3.26.0-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/confluent-security/kafka-rest/flatbuffers-java-1.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82267-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-http'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-xml-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-xml'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/websocket-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:javax-websocket-client-impl'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-28.1-android', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-all-4.1.50.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-client'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-xml-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82214-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23336', package='platform-python-3.6.8-31.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82880-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82360-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/confluent-control-center/flatbuffers-java-1.9.0.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-27218', package='org.eclipse.jetty_jetty-io-9.4.33.v20201020', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29362', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-12399', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-codec-4.1.47.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-security'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12399', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/websocket-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:websocket-server'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-36242', package='cryptography-2.7', package_path='/usr/local/lib64/python3.8/site-packages/cryptography'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-27618', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-codec-4.1.48.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-io'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/websocket-server-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.11', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13434', package='sqlite-libs-3.26.0-11.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82168-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-12401', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3177', package='platform-python-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-plus-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-metadata-service/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82979-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/websocket-api-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-jmx'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13776', package='systemd-libs-239-41.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/javax-websocket-server-impl-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/websocket-common-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/websocket-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29361', package='p11-kit-trust-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-26137', package='urllib3-1.24.2', package_path='/usr/lib/python3.6/site-packages/urllib3'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8286', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/acl/acl-5.5.3.jar:httpclient'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-codec-4.1.50.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:websocket-api'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:flatbuffers-java'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29582', package='kotlin-stdlib_kotlin-stdlib-1.4.0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8285', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.9', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8927', package='brotli-1.0.6-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29361', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-server'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-27223', package='org.eclipse.jetty_jetty-io-9.4.33.v20201020', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3177', package='python3-libs-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3326', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8231', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35512', package='dbus-1.12.8-12.el8_3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80935-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:javax-websocket-server-impl'), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-25013', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-14343', package='pyyaml-5.3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-webapp'), Finding(scan_source='oscap_comp', cve_id='CCE-80784-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/websocket-api-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8231', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/confluent-security/schema-registry/flatbuffers-java-1.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-28196', package='krb5-libs-1.18.2-5.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-security'), Finding(scan_source='anchore_cve', cve_id='GHSA-hggm-jpg3-v476', package='cryptography-2.7', package_path='/usr/local/lib64/python3.8/site-packages/cryptography'), Finding(scan_source='oscap_comp', cve_id='CCE-82368-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-metadata-service/jetty-proxy-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35512', package='dbus-tools-1.12.8-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/websocket-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-115884', package='urllib3-1.24.2', package_path='/usr/lib/python3.6/site-packages/urllib3'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-jmx-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-83401-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-25013', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8231', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27618', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.10', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:httpclient'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35512', package='dbus-common-1.12.8-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-http'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:javax-websocket-client-impl'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-jaas-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8284', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-28493', package='Jinja2-2.11.2', package_path='/usr/local/lib/python3.8/site-packages/jinja2'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-io'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-23840', package='openssl-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12399', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-jaas-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-jndi-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-jaas'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-webapp'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27619', package='platform-python-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:websocket-api'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:websocket-servlet'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12399', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/kafka/flatbuffers-java-1.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8286', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82959-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24977', package='libxml2-2.9.7-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/javax-websocket-server-impl-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-plus-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2018-20200', package='com.squareup.okhttp3_okhttp-3.9.0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3326', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.25', package_path='/usr/share/java/confluent-hub-client/jersey-common-2.25.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-control-center/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29363', package='p11-kit-trust-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-243351', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-security/kafka-rest/protobuf-java-3.13.0.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-28493', package='jinja2-2.11.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8927', package='brotli-1.0.6-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-jndi'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29361', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-93555', package='httpclient-4.5.10', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:httpclient'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-27.1-jre', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/confluent-security/ksql/httpclient-4.5.3.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-1971', package='cryptography-2.7', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-jndi-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29362', package='p11-kit-trust-0.23.14-5.el8_0', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82395-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-continuation'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35512', package='dbus-daemon-1.12.8-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13776', package='systemd-pam-239-41.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-jndi-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-243350', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-rebalancer/protobuf-java-util-3.13.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-client'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.9', package_path='/usr/share/java/kafka-connect-replicator/httpclient-4.5.9.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/websocket-common-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24977', package='python3-libxml2-2.9.7-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27618', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-servlet'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12399', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/javax-websocket-client-impl-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2019-25013', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-server'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8286', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-webapp-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/websocket-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-control-center/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13776', package='systemd-239-41.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:websocket-server'), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.25', package_path='/usr/share/java/confluent-hub-client/jersey-client-2.25.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8285', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13776', package='systemd-239-41.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None)} ERROR: NON-WHITELISTED VULNERABILITIES FOUND ERROR: Number of non-whitelisted vulnerabilities: 2 ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: twistlock_cve CVE-2020-36242 cryptography-2.7 ERROR: twistlock_cve CVE-2020-27223 org.eclipse.jetty_jetty-io-9.4.33.v20201020 Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check cves

Check Cves

INFO: {Finding(scan_source='twistlock_cve', cve_id='CVE-2020-36242', package='cryptography-2.7', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-util'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/confluent-security/schema-registry/httpclient-4.5.3.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/javax-websocket-client-impl-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-xml'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/confluent-security/kafka-rest/httpclient-4.5.3.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-243350', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-security/kafka-rest/protobuf-java-3.13.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-servlets'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-jaas'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23336', package='python3-libs-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2018-20200', package='okhttp-3.9.0', package_path='/usr/share/java/acl/acl-5.5.3.jar:okhttp'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-10001', package='cups-libs-2.2.6-38.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:javax-websocket-server-impl'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-annotations-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/websocket-common-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-util'), Finding(scan_source='oscap_comp', cve_id='CCE-82494-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-23841', package='openssl-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8284', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-continuation'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-plus-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35512', package='dbus-libs-1.12.8-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12399', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-annotations'), Finding(scan_source='oscap_comp', cve_id='CCE-82472-2', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82473-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/websocket-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.9', package_path='/usr/share/java/kafka/httpclient-4.5.9.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27618', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:websocket-servlet'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-jmx-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-jaas-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29362', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-metadata-service/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-jmx-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-jmx'), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.25', package_path='/usr/share/java/confluent-hub-client/jersey-guava-2.25.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-243351', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-security/kafka-rest/protobuf-java-util-3.13.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/websocket-api-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/confluent-rebalancer/httpclient-4.5.3.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/schema-registry/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-28.0-android', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-annotations-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8284', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29363', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/acl/acl-5.5.3.jar:flatbuffers-java'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/javax-websocket-server-impl-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:websocket-client'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27619', package='python3-libs-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-control-center/jetty-proxy-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/websocket-client-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:websocket-common'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29363', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8285', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-243350', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-security/kafka-rest/protobuf-java-util-3.13.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3326', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-annotations'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-webapp-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-servlets'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/confluent-rebalancer/flatbuffers-java-1.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/javax-websocket-client-impl-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82220-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-servlet'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:websocket-common'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-26.0-jre', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-webapp-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82949-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-xml-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-24.1.1-jre', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-28.1-jre', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-25013', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.10', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-jndi'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.11', package_path='/usr/share/java/kafka/httpclient-4.5.11.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-plus'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82474-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-243351', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-rebalancer/protobuf-java-util-3.13.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:websocket-client'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/confluent-control-center/httpclient-4.5.3.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-plus'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-config-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/kafka-connect-replicator/flatbuffers-java-1.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-annotations-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-proxy'), Finding(scan_source='oscap_comp', cve_id='CCE-82985-3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2018-20200', package='okhttp-3.9.0', package_path='/usr/share/java/confluent-control-center/okhttp-3.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/websocket-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3326', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-15358', package='sqlite-libs-3.26.0-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/confluent-security/kafka-rest/flatbuffers-java-1.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82267-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-http'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-xml-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-xml'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/websocket-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:javax-websocket-client-impl'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-28.1-android', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-all-4.1.50.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-client'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-xml-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82214-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23336', package='platform-python-3.6.8-31.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82880-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82360-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/confluent-control-center/flatbuffers-java-1.9.0.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-27218', package='org.eclipse.jetty_jetty-io-9.4.33.v20201020', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29362', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-12399', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-codec-4.1.47.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-security'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12399', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/websocket-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:websocket-server'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-36242', package='cryptography-2.7', package_path='/usr/local/lib64/python3.8/site-packages/cryptography'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-27618', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-codec-4.1.48.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-io'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/websocket-server-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.11', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13434', package='sqlite-libs-3.26.0-11.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82168-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-12401', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3177', package='platform-python-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-plus-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-metadata-service/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82979-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/websocket-api-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-jmx'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13776', package='systemd-libs-239-41.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/javax-websocket-server-impl-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/websocket-common-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/websocket-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29361', package='p11-kit-trust-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-26137', package='urllib3-1.24.2', package_path='/usr/lib/python3.6/site-packages/urllib3'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8286', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/acl/acl-5.5.3.jar:httpclient'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-codec-4.1.50.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:websocket-api'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:flatbuffers-java'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29582', package='kotlin-stdlib_kotlin-stdlib-1.4.0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8285', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.9', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-http-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8927', package='brotli-1.0.6-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29361', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-server'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-continuation-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-27223', package='org.eclipse.jetty_jetty-io-9.4.33.v20201020', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3177', package='python3-libs-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3326', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8231', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35512', package='dbus-1.12.8-12.el8_3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80935-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:javax-websocket-server-impl'), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-25013', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-14343', package='pyyaml-5.3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-webapp'), Finding(scan_source='oscap_comp', cve_id='CCE-80784-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/websocket-api-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8231', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/confluent-security/schema-registry/flatbuffers-java-1.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-28196', package='krb5-libs-1.18.2-5.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-security'), Finding(scan_source='anchore_cve', cve_id='GHSA-hggm-jpg3-v476', package='cryptography-2.7', package_path='/usr/local/lib64/python3.8/site-packages/cryptography'), Finding(scan_source='oscap_comp', cve_id='CCE-82368-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-metadata-service/jetty-proxy-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35512', package='dbus-tools-1.12.8-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/websocket-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-115884', package='urllib3-1.24.2', package_path='/usr/lib/python3.6/site-packages/urllib3'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-jmx-9.4.33.v20201020.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-83401-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-25013', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8231', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27618', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.10', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:httpclient'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35512', package='dbus-common-1.12.8-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-http'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:javax-websocket-client-impl'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-jaas-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/kafka-rest/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8284', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-28493', package='Jinja2-2.11.2', package_path='/usr/local/lib/python3.8/site-packages/jinja2'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-io'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-23840', package='openssl-1.1.1g-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12399', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-jaas-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/jetty-jndi-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-jaas'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-webapp'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27619', package='platform-python-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:websocket-api'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:websocket-servlet'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12399', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35864', package='flatbuffers-1.9.0', package_path='/usr/share/java/kafka/flatbuffers-java-1.9.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-servlet-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8286', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82959-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24977', package='libxml2-2.9.7-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/javax-websocket-server-impl-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-plus-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2018-20200', package='com.squareup.okhttp3_okhttp-3.9.0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3326', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.25', package_path='/usr/share/java/confluent-hub-client/jersey-common-2.25.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-control-center/jetty-client-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29363', package='p11-kit-trust-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-243351', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-security/kafka-rest/protobuf-java-3.13.0.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-28493', package='jinja2-2.11.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8927', package='brotli-1.0.6-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-jndi'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29361', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-93555', package='httpclient-4.5.10', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:httpclient'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-27.1-jre', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.3', package_path='/usr/share/java/confluent-security/ksql/httpclient-4.5.3.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-security-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-1971', package='cryptography-2.7', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-jndi-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka/jetty-servlets-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29362', package='p11-kit-trust-0.23.14-5.el8_0', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82395-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-continuation'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35512', package='dbus-daemon-1.12.8-12.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13776', package='systemd-pam-239-41.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-jndi-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-243350', package='protobuf-3.13.0', package_path='/usr/share/java/confluent-rebalancer/protobuf-java-util-3.13.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-client'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13956', package='httpclient-4.5.9', package_path='/usr/share/java/kafka-connect-replicator/httpclient-4.5.9.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/rest-utils/websocket-common-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24977', package='python3-libxml2-2.9.7-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27618', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:jetty-servlet'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-rebalancer/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12399', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/javax-websocket-client-impl-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2019-25013', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/verifier-5.5.3.jar:jetty-server'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8286', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-io-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-security/connect/jetty-webapp-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/kafka-connect-replicator/websocket-server-9.4.33.v20201020.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/confluent-control-center/jetty-util-9.4.33.v20201020.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13776', package='systemd-239-41.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27223', package='jetty-9.4.33.v20201020', package_path='/usr/share/java/acl/acl-5.5.3.jar:websocket-server'), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.25', package_path='/usr/share/java/confluent-hub-client/jersey-client-2.25.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8285', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13776', package='systemd-239-41.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None)}
ERROR: NON-WHITELISTED VULNERABILITIES FOUND
ERROR: Number of non-whitelisted vulnerabilities: 2
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: twistlock_cve                 CVE-2020-36242                cryptography-2.7                                            
ERROR: twistlock_cve                 CVE-2020-27223                org.eclipse.jetty_jetty-io-9.4.33.v20201020                                  
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1