chore(findings): confluent/confluent-component-operator/cp-server-connect-operator-5.5.x
Summary
confluent/confluent-component-operator/cp-server-connect-operator-5.5.x has 69 new findings discovered during continuous monitoring.
id | source | package |
---|---|---|
CVE-2021-27218 | anchore_cve | glib2-2.56.4-9.el8 |
CVE-2021-27219 | anchore_cve | glib2-2.56.4-9.el8 |
CVE-2021-28153 | anchore_cve | glib2-2.56.4-9.el8 |
CVE-2021-3516 | anchore_cve | libxml2-2.9.7-9.el8 |
CVE-2021-3517 | anchore_cve | libxml2-2.9.7-9.el8 |
CVE-2021-3518 | anchore_cve | libxml2-2.9.7-9.el8 |
CVE-2021-3537 | anchore_cve | libxml2-2.9.7-9.el8 |
CVE-2021-3541 | anchore_cve | libxml2-2.9.7-9.el8 |
CVE-2021-3520 | anchore_cve | lz4-libs-1.8.3-2.el8 |
CVE-2021-3516 | anchore_cve | python3-libxml2-2.9.7-9.el8 |
CVE-2021-3517 | anchore_cve | python3-libxml2-2.9.7-9.el8 |
CVE-2021-3518 | anchore_cve | python3-libxml2-2.9.7-9.el8 |
CVE-2021-3537 | anchore_cve | python3-libxml2-2.9.7-9.el8 |
CVE-2021-3541 | anchore_cve | python3-libxml2-2.9.7-9.el8 |
CVE-2021-20266 | anchore_cve | python3-rpm-4.14.3-13.el8 |
CVE-2021-20271 | anchore_cve | python3-rpm-4.14.3-13.el8 |
CVE-2021-3421 | anchore_cve | python3-rpm-4.14.3-13.el8 |
CVE-2021-35937 | anchore_cve | python3-rpm-4.14.3-13.el8 |
CVE-2021-35938 | anchore_cve | python3-rpm-4.14.3-13.el8 |
CVE-2021-35939 | anchore_cve | python3-rpm-4.14.3-13.el8 |
CVE-2021-20266 | anchore_cve | rpm-4.14.3-13.el8 |
CVE-2021-20271 | anchore_cve | rpm-4.14.3-13.el8 |
CVE-2021-3421 | anchore_cve | rpm-4.14.3-13.el8 |
CVE-2021-35937 | anchore_cve | rpm-4.14.3-13.el8 |
CVE-2021-35938 | anchore_cve | rpm-4.14.3-13.el8 |
CVE-2021-35939 | anchore_cve | rpm-4.14.3-13.el8 |
CVE-2021-20266 | anchore_cve | rpm-build-libs-4.14.3-13.el8 |
CVE-2021-20271 | anchore_cve | rpm-build-libs-4.14.3-13.el8 |
CVE-2021-3421 | anchore_cve | rpm-build-libs-4.14.3-13.el8 |
CVE-2021-35937 | anchore_cve | rpm-build-libs-4.14.3-13.el8 |
CVE-2021-35938 | anchore_cve | rpm-build-libs-4.14.3-13.el8 |
CVE-2021-35939 | anchore_cve | rpm-build-libs-4.14.3-13.el8 |
CVE-2021-20266 | anchore_cve | rpm-libs-4.14.3-13.el8 |
CVE-2021-20271 | anchore_cve | rpm-libs-4.14.3-13.el8 |
CVE-2021-3421 | anchore_cve | rpm-libs-4.14.3-13.el8 |
CVE-2021-35937 | anchore_cve | rpm-libs-4.14.3-13.el8 |
CVE-2021-35938 | anchore_cve | rpm-libs-4.14.3-13.el8 |
CVE-2021-35939 | anchore_cve | rpm-libs-4.14.3-13.el8 |
CVE-2021-33503 | anchore_cve | urllib3-1.26.4 |
GHSA-q2q7-5pp4-w6pg | anchore_cve | urllib3-1.26.4 |
CVE-2020-25649 | anchore_cve | zookeeper-3.5.8 |
CVE-2020-25649 | anchore_cve | zookeeper-3.5.8 |
CVE-2020-27216 | anchore_cve | zookeeper-3.5.8 |
CVE-2020-27216 | anchore_cve | zookeeper-3.5.8 |
CVE-2020-27218 | anchore_cve | zookeeper-3.5.8 |
CVE-2020-27218 | anchore_cve | zookeeper-3.5.8 |
CVE-2021-29425 | twistlock_cve | commons-io_commons-io-2.5 |
CVE-2021-27218 | twistlock_cve | glib2-2.56.4-9.el8 |
CVE-2021-27219 | twistlock_cve | glib2-2.56.4-9.el8 |
CVE-2021-28153 | twistlock_cve | glib2-2.56.4-9.el8 |
CVE-2021-3516 | twistlock_cve | libxml2-2.9.7-9.el8 |
CVE-2021-3517 | twistlock_cve | libxml2-2.9.7-9.el8 |
CVE-2021-3518 | twistlock_cve | libxml2-2.9.7-9.el8 |
CVE-2021-3537 | twistlock_cve | libxml2-2.9.7-9.el8 |
CVE-2021-3541 | twistlock_cve | libxml2-2.9.7-9.el8 |
CVE-2021-3520 | twistlock_cve | lz4-libs-1.8.3-2.el8 |
CVE-2021-28169 | twistlock_cve | org.eclipse.jetty_jetty-io-9.4.39.v20210325 |
CVE-2021-34428 | twistlock_cve | org.eclipse.jetty_jetty-io-9.4.39.v20210325 |
CVE-2021-3516 | twistlock_cve | python3-libxml2-2.9.7-9.el8 |
CVE-2021-3517 | twistlock_cve | python3-libxml2-2.9.7-9.el8 |
CVE-2021-3518 | twistlock_cve | python3-libxml2-2.9.7-9.el8 |
CVE-2021-3537 | twistlock_cve | python3-libxml2-2.9.7-9.el8 |
CVE-2021-3541 | twistlock_cve | python3-libxml2-2.9.7-9.el8 |
CVE-2021-20271 | twistlock_cve | python3-rpm-4.14.3-13.el8 |
CVE-2021-20266 | twistlock_cve | rpm-4.14.3-13.el8 |
CVE-2021-20271 | twistlock_cve | rpm-4.14.3-13.el8 |
CVE-2021-3421 | twistlock_cve | rpm-4.14.3-13.el8 |
CVE-2021-20271 | twistlock_cve | rpm-build-libs-4.14.3-13.el8 |
CVE-2021-20271 | twistlock_cve | rpm-libs-4.14.3-13.el8 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/confluent/confluent-component-operator/cp-server-connect-operator-5.5.x/-/jobs/4609027
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official