UNCLASSIFIED - NO CUI

Skip to content

chore(findings): google/golang/debian/golang-1.21

Summary

google/golang/debian/golang-1.21 has 112 new findings discovered during continuous monitoring.

id source severity package
9abf4d6ab96f16394847bfa4e2e8f3f9 Anchore Compliance Critical
CVE-2018-6951 Anchore CVE Low patch-2.7.6-7
CVE-2022-24975 Anchore CVE Low git-man-1:2.30.2-1+deb11u2
CVE-2020-15719 Anchore CVE Low libldap-2.4-2-2.4.57+dfsg-3+deb11u1
CVE-2017-14159 Anchore CVE Low libldap-common-2.4.57+dfsg-3+deb11u1
CVE-2017-17740 Anchore CVE Low libldap-common-2.4.57+dfsg-3+deb11u1
CVE-2023-31486 Anchore CVE Low perl-modules-5.32-5.32.1-4+deb11u2
CVE-2018-6952 Anchore CVE Low patch-2.7.6-7
CVE-2010-4651 Anchore CVE Low patch-2.7.6-7
CVE-2021-45261 Anchore CVE Low patch-2.7.6-7
CVE-2013-0340 Anchore CVE Low libexpat1-2.2.10-2+deb11u5
CVE-2011-4116 Anchore CVE Low libperl5.32-5.32.1-4+deb11u2
CVE-2017-17740 Anchore CVE Low libldap-2.4-2-2.4.57+dfsg-3+deb11u1
CVE-2023-31486 Anchore CVE Low libperl5.32-5.32.1-4+deb11u2
CVE-2011-4116 Anchore CVE Low perl-modules-5.32-5.32.1-4+deb11u2
CVE-2018-1000021 Anchore CVE Low git-1:2.30.2-1+deb11u2
CVE-2018-1000021 Anchore CVE Low git-man-1:2.30.2-1+deb11u2
CVE-2020-15719 Anchore CVE Low libldap-common-2.4.57+dfsg-3+deb11u1
CVE-2015-3276 Anchore CVE Low libldap-2.4-2-2.4.57+dfsg-3+deb11u1
CVE-2022-24975 Anchore CVE Low git-1:2.30.2-1+deb11u2
CVE-2015-3276 Anchore CVE Low libldap-common-2.4.57+dfsg-3+deb11u1
CVE-2011-4116 Anchore CVE Low perl-5.32.1-4+deb11u2
CVE-2023-31486 Anchore CVE Low perl-5.32.1-4+deb11u2
CVE-2017-14159 Anchore CVE Low libldap-2.4-2-2.4.57+dfsg-3+deb11u1
CVE-2019-6110 Anchore CVE Low openssh-client-1:8.4p1-5+deb11u2
CVE-2007-2243 Anchore CVE Low openssh-client-1:8.4p1-5+deb11u2
CVE-2020-15778 Anchore CVE Low openssh-client-1:8.4p1-5+deb11u2
CVE-2016-20012 Anchore CVE Low openssh-client-1:8.4p1-5+deb11u2
CVE-2021-36368 Anchore CVE Low openssh-client-1:8.4p1-5+deb11u2
CVE-2018-15919 Anchore CVE Low openssh-client-1:8.4p1-5+deb11u2
CVE-2020-14145 Anchore CVE Low openssh-client-1:8.4p1-5+deb11u2
CVE-2007-2768 Anchore CVE Low openssh-client-1:8.4p1-5+deb11u2
CVE-2008-3234 Anchore CVE Low openssh-client-1:8.4p1-5+deb11u2
CVE-2023-44487 Anchore CVE Low libnghttp2-14-1.43.0-1
CVE-2023-39323 Anchore CVE Critical go-1.21.1
CVE-2023-44487 Anchore CVE High go-1.21.1
CVE-2023-39325 Anchore CVE High go-1.21.1
CVE-2021-22922 Anchore CVE Low libcurl3-gnutls-7.74.0-1.3+deb11u10
CVE-2023-28320 Anchore CVE Low libcurl3-gnutls-7.74.0-1.3+deb11u10
CVE-2021-22923 Anchore CVE Low libcurl3-gnutls-7.74.0-1.3+deb11u10
CVE-2018-1000021 Twistlock CVE Low git-1:2.30.2-1+deb11u2
CVE-2023-29007 Twistlock CVE Low git-1:2.30.2-1+deb11u2
CVE-2023-2953 Twistlock CVE Low openldap-2.4.57+dfsg-3+deb11u1
CVE-2023-25652 Twistlock CVE Low git-1:2.30.2-1+deb11u2
CVE-2022-24975 Twistlock CVE Low git-1:2.30.2-1+deb11u2
CVE-2020-22218 Twistlock CVE Low libssh2-1.9.0-2
CVE-2018-6952 Twistlock CVE Low patch-2.7.6-7
CVE-2018-6951 Twistlock CVE Low patch-2.7.6-7
CVE-2017-17740 Twistlock CVE Low openldap-2.4.57+dfsg-3+deb11u1
CVE-2015-3276 Twistlock CVE Low openldap-2.4.57+dfsg-3+deb11u1
CVE-2013-0340 Twistlock CVE Low expat-2.2.10-2+deb11u5
CVE-2010-4651 Twistlock CVE Low patch-2.7.6-7
CVE-2021-45261 Twistlock CVE Low patch-2.7.6-7
CVE-2017-14159 Twistlock CVE Low openldap-2.4.57+dfsg-3+deb11u1
CVE-2020-15719 Twistlock CVE Low openldap-2.4.57+dfsg-3+deb11u1
CVE-2023-25815 Twistlock CVE Low git-1:2.30.2-1+deb11u2
CVE-2021-41617 Twistlock CVE Low openssh-1:8.4p1-5+deb11u2
CVE-2019-6110 Twistlock CVE Low openssh-1:8.4p1-5+deb11u2
CVE-2008-3234 Twistlock CVE Low openssh-1:8.4p1-5+deb11u2
CVE-2020-14145 Twistlock CVE Low openssh-1:8.4p1-5+deb11u2
CVE-2018-15919 Twistlock CVE Low openssh-1:8.4p1-5+deb11u2
CVE-2007-2243 Twistlock CVE Low openssh-1:8.4p1-5+deb11u2
CVE-2007-2768 Twistlock CVE Low openssh-1:8.4p1-5+deb11u2
CVE-2023-44487 Twistlock CVE High nghttp2-1.43.0-1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39323 Twistlock CVE Critical go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2023-39325 Twistlock CVE High go-1.21.1
CVE-2020-15778 Twistlock CVE Low openssh-1:8.4p1-5+deb11u2
CVE-2016-20012 Twistlock CVE Low openssh-1:8.4p1-5+deb11u2
CVE-2021-36368 Twistlock CVE Low openssh-1:8.4p1-5+deb11u2
CVE-2023-23914 Twistlock CVE Critical curl-7.74.0-1.3+deb11u10
CVE-2022-43551 Twistlock CVE High curl-7.74.0-1.3+deb11u10
CVE-2022-42916 Twistlock CVE High curl-7.74.0-1.3+deb11u10
CVE-2023-23915 Twistlock CVE Medium curl-7.74.0-1.3+deb11u10
CVE-2021-22922 Twistlock CVE Low curl-7.74.0-1.3+deb11u10
CVE-2023-28320 Twistlock CVE Low curl-7.74.0-1.3+deb11u10
CVE-2021-22923 Twistlock CVE Low curl-7.74.0-1.3+deb11u10

VAT: https://vat.dso.mil/vat/image?imageName=google/golang/debian/golang-1.21&tag=1.21.1&branch=master
More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=google/golang/debian/golang-1.21&tag=1.21.1&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by Jeff Weatherford
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI