chore(findings): kubeflow/common/centraldashboard-v0.7.0-rc.5-15-g62d91774
Summary
kubeflow/common/centraldashboard-v0.7.0-rc.5-15-g62d91774 has 50 new findings discovered during continuous monitoring.
id | source | package |
---|---|---|
CVE-2021-3807 | twistlock_cve | ansi-regex-3.0.0 |
PRISMA-2021-0096 | twistlock_cve | tar-4.4.8 |
PRISMA-2021-0096 | twistlock_cve | tar-4.4.13 |
CVE-2021-3807 | twistlock_cve | ansi-regex-4.1.0 |
CVE-2021-32640 | twistlock_cve | ws-6.2.1 |
CVE-2021-3807 | anchore_cve | ansi-regex-3.0.0 |
CVE-2021-32640 | anchore_cve | ws-6.2.1 |
CVE-2021-3807 | anchore_cve | ansi-regex-4.1.0 |
CVE-2021-3807 | anchore_cve | ansi-regex-4.1.0 |
CVE-2021-23343 | anchore_cve | path-parse-1.0.6 |
CVE-2021-3807 | anchore_cve | ansi-regex-4.1.0 |
CCE-80788-3 | oscap_comp | none |
CCE-83478-8 | oscap_comp | none |
CCE-83480-4 | oscap_comp | none |
CCE-80668-7 | oscap_comp | none |
CCE-80654-7 | oscap_comp | none |
CCE-82046-4 | oscap_comp | none |
CCE-80656-2 | oscap_comp | none |
CCE-80647-1 | oscap_comp | none |
CCE-80648-9 | oscap_comp | none |
CCE-80652-1 | oscap_comp | none |
CCE-84037-1 | oscap_comp | none |
CCE-81036-6 | oscap_comp | none |
CCE-82888-9 | oscap_comp | none |
CCE-86519-6 | oscap_comp | none |
CCE-80806-3 | oscap_comp | none |
CCE-80809-7 | oscap_comp | none |
CVE-2020-7768 | twistlock_cve | grpc-1.20.3 |
CVE-2021-32803 | twistlock_cve | tar-4.4.8 |
CVE-2021-32804 | twistlock_cve | tar-4.4.8 |
CVE-2021-37713 | twistlock_cve | tar-4.4.8 |
CVE-2021-37712 | twistlock_cve | tar-4.4.8 |
CVE-2021-37701 | twistlock_cve | tar-4.4.8 |
CVE-2021-32803 | twistlock_cve | tar-4.4.13 |
CVE-2021-32804 | twistlock_cve | tar-4.4.13 |
CVE-2021-37713 | twistlock_cve | tar-4.4.13 |
CVE-2021-37712 | twistlock_cve | tar-4.4.13 |
CVE-2021-37701 | twistlock_cve | tar-4.4.13 |
GHSA-3jfq-g458-7qm9 | anchore_cve | tar-4.4.8 |
GHSA-qq89-hq3f-393p | anchore_cve | tar-4.4.13 |
GHSA-r628-mhmh-qjhw | anchore_cve | tar-4.4.13 |
GHSA-9r2w-394v-53qc | anchore_cve | tar-4.4.13 |
GHSA-5955-9wpr-37jh | anchore_cve | tar-4.4.8 |
GHSA-pp75-xfpw-37g9 | anchore_cve | grpc-1.20.3 |
GHSA-qq89-hq3f-393p | anchore_cve | tar-4.4.8 |
GHSA-9r2w-394v-53qc | anchore_cve | tar-4.4.8 |
VULNDB-260430 | anchore_cve | node-forge-0.10.0 |
GHSA-3jfq-g458-7qm9 | anchore_cve | tar-4.4.13 |
GHSA-5955-9wpr-37jh | anchore_cve | tar-4.4.13 |
GHSA-r628-mhmh-qjhw | anchore_cve | tar-4.4.8 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/kubeflow/common/centraldashboard/-/jobs/7570769
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official
Edited by Colton Freeman