chore(findings): hashicorp/secure-secrets-management/vault-enterprise
Summary
hashicorp/secure-secrets-management/vault-enterprise has 55 new findings discovered during continuous monitoring.
id | source | package |
---|---|---|
CVE-2021-22876 | anchore_cve | curl-7.61.1-18.el8 |
CVE-2021-22898 | anchore_cve | curl-7.61.1-18.el8 |
CVE-2021-27218 | anchore_cve | glib2-2.56.4-10.el8_4 |
CVE-2021-28153 | anchore_cve | glib2-2.56.4-10.el8_4 |
CVE-2021-27645 | anchore_cve | glibc-2.28-151.el8 |
CVE-2021-33574 | anchore_cve | glibc-2.28-151.el8 |
CVE-2021-27645 | anchore_cve | glibc-common-2.28-151.el8 |
CVE-2021-33574 | anchore_cve | glibc-common-2.28-151.el8 |
CVE-2021-27645 | anchore_cve | glibc-langpack-en-2.28-151.el8 |
CVE-2021-33574 | anchore_cve | glibc-langpack-en-2.28-151.el8 |
CVE-2021-27645 | anchore_cve | glibc-minimal-langpack-2.28-151.el8 |
CVE-2021-33574 | anchore_cve | glibc-minimal-langpack-2.28-151.el8 |
CVE-2021-22876 | anchore_cve | libcurl-7.61.1-18.el8 |
CVE-2021-22898 | anchore_cve | libcurl-7.61.1-18.el8 |
CVE-2021-3445 | anchore_cve | libdnf-0.55.0-7.el8 |
CVE-2021-33560 | anchore_cve | libgcrypt-1.8.5-4.el8 |
CVE-2021-3200 | anchore_cve | libsolv-0.7.16-2.el8 |
CVE-2021-3580 | anchore_cve | nettle-3.4.1-4.el8_3 |
CVE-2021-3426 | anchore_cve | platform-python-3.6.8-37.el8 |
CVE-2021-3572 | anchore_cve | platform-python-pip-9.0.3-19.el8 |
CVE-2021-3445 | anchore_cve | python3-hawkey-0.55.0-7.el8 |
CVE-2021-3445 | anchore_cve | python3-libdnf-0.55.0-7.el8 |
CVE-2021-3426 | anchore_cve | python3-libs-3.6.8-37.el8 |
CVE-2021-3572 | anchore_cve | python3-pip-wheel-9.0.3-19.el8 |
CVE-2021-20266 | anchore_cve | python3-rpm-4.14.3-14.el8_4 |
CVE-2021-3421 | anchore_cve | python3-rpm-4.14.3-14.el8_4 |
CVE-2021-35937 | anchore_cve | python3-rpm-4.14.3-14.el8_4 |
CVE-2021-35938 | anchore_cve | python3-rpm-4.14.3-14.el8_4 |
CVE-2021-35939 | anchore_cve | python3-rpm-4.14.3-14.el8_4 |
CVE-2021-20266 | anchore_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-3421 | anchore_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-35937 | anchore_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-35938 | anchore_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-35939 | anchore_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-20266 | anchore_cve | rpm-build-libs-4.14.3-14.el8_4 |
CVE-2021-3421 | anchore_cve | rpm-build-libs-4.14.3-14.el8_4 |
CVE-2021-35937 | anchore_cve | rpm-build-libs-4.14.3-14.el8_4 |
CVE-2021-35938 | anchore_cve | rpm-build-libs-4.14.3-14.el8_4 |
CVE-2021-35939 | anchore_cve | rpm-build-libs-4.14.3-14.el8_4 |
CVE-2021-20266 | anchore_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-3421 | anchore_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-35937 | anchore_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-35938 | anchore_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-35939 | anchore_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-22876 | twistlock_cve | curl-7.61.1-18.el8 |
CVE-2021-22898 | twistlock_cve | curl-7.61.1-18.el8 |
CVE-2021-27218 | twistlock_cve | glib2-2.56.4-10.el8_4 |
CVE-2021-28153 | twistlock_cve | glib2-2.56.4-10.el8_4 |
CVE-2021-33574 | twistlock_cve | glibc-2.28-151.el8 |
CVE-2021-3445 | twistlock_cve | libdnf-0.55.0-7.el8 |
CVE-2021-33560 | twistlock_cve | libgcrypt-1.8.5-4.el8 |
CVE-2021-3200 | twistlock_cve | libsolv-0.7.16-2.el8 |
CVE-2020-16135 | twistlock_cve | libssh-0.9.4-2.el8 |
CVE-2021-20266 | twistlock_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-3421 | twistlock_cve | rpm-4.14.3-14.el8_4 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/hashicorp/secure-secrets-management/vault-enterprise/-/jobs/4612394
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official
Edited by Engineering Services