UNCLASSIFIED - NO CUI

chore(findings): jfrog/artifactory/artifactory-oss

Summary

jfrog/artifactory/artifactory-oss has 23 new findings discovered during continuous monitoring.

id	source	package
CVE-2021-35515	anchore_cve	commons_compress-1.20
CVE-2021-35515	anchore_cve	commons_compress-1.20
CVE-2021-35516	anchore_cve	commons_compress-1.20
CVE-2021-35516	anchore_cve	commons_compress-1.20
CVE-2021-35517	anchore_cve	commons_compress-1.20
CVE-2021-35517	anchore_cve	commons_compress-1.20
CVE-2021-36090	anchore_cve	commons_compress-1.20
CVE-2021-36090	anchore_cve	commons_compress-1.20
CVE-2021-30129	anchore_cve	sshd-2.6.0
CVE-2021-39139	anchore_cve	xstream-1.4.17
CVE-2021-39140	anchore_cve	xstream-1.4.17
CVE-2021-39141	anchore_cve	xstream-1.4.17
CVE-2021-39144	anchore_cve	xstream-1.4.17
CVE-2021-39145	anchore_cve	xstream-1.4.17
CVE-2021-39146	anchore_cve	xstream-1.4.17
CVE-2021-39147	anchore_cve	xstream-1.4.17
CVE-2021-39148	anchore_cve	xstream-1.4.17
CVE-2021-39149	anchore_cve	xstream-1.4.17
CVE-2021-39150	anchore_cve	xstream-1.4.17
CVE-2021-39151	anchore_cve	xstream-1.4.17
CVE-2021-39152	anchore_cve	xstream-1.4.17
CVE-2021-39153	anchore_cve	xstream-1.4.17
CVE-2021-39154	anchore_cve	xstream-1.4.17

More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/jfrog/artifactory/artifactory-oss/-/jobs/6060550

Definition of Done

Justifications:

All findings have been justified
Justifications have been provided to the container hardening team

Approval Process:

Findings Approver has reviewed and approved all justifications
Approval request has been sent to Authorizing Official
Approval request has been processed by Authorizing Official

UNCLASSIFIED - NO CUI