UNCLASSIFIED - NO CUI

chore(findings): mitekanalytics/worker

Summary

mitekanalytics/worker has 195 new findings discovered during continuous monitoring.

Layer: mitekanalytics/matlab-runtime:v0.12.0-2024-07-07-sha-05f444c is EOL, please update if possible

Layer: redhat/ubi/ubi9:9.4 is EOL, please update if possible

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=mitekanalytics/worker&tag=v3.7.2-2024-07-23-sha-2e256be-release-10050700864&branch=master

id source severity package impact workaround
GHSA-c5q2-7r4c-mv6g Anchore CVE Medium gopkg.in/square/go-jose.v2-v2.6.0
CVE-2024-34158 Anchore CVE High stdlib-go1.21.12
CVE-2024-34158 Anchore CVE High stdlib-go1.21.6
CVE-2024-34155 Anchore CVE Medium stdlib-go1.21.12
CVE-2024-34158 Anchore CVE High stdlib-go1.21.6
CVE-2024-34156 Anchore CVE High stdlib-go1.21.12
CVE-2024-34155 Anchore CVE Medium stdlib-go1.21.6
CVE-2024-34156 Anchore CVE High stdlib-go1.21.6
CVE-2024-34155 Anchore CVE Medium stdlib-go1.21.6
CVE-2024-34156 Anchore CVE High stdlib-go1.21.6
CVE-2023-32636 Anchore CVE Low glib2-2.68.4-14.el9
CVE-2024-23271 Anchore CVE Medium webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-27851 Anchore CVE High webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-27838 Anchore CVE Medium webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-27820 Anchore CVE High webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-40866 Anchore CVE Medium webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-44187 Anchore CVE Medium webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-47175 Anchore CVE High cups-libs-1:2.3.3op2-27.el9_4
GHSA-78wr-2p64-hpwj Anchore CVE High commons-io-2.8.0
CVE-2024-41996 Anchore CVE Low openssl-libs-1:3.0.7-27.el9
CVE-2024-41996 Anchore CVE Low openssl-1:3.0.7-27.el9
CVE-2024-21235 Anchore CVE Medium java-11-openjdk-devel-1:11.0.24.0.8-2.el9
CVE-2024-21210 Anchore CVE Medium java-11-openjdk-1:11.0.24.0.8-2.el9
CVE-2024-21235 Anchore CVE Medium java-11-openjdk-headless-1:11.0.24.0.8-2.el9
CVE-2024-21235 Anchore CVE Medium java-11-openjdk-1:11.0.24.0.8-2.el9
CVE-2024-21208 Anchore CVE Medium java-11-openjdk-devel-1:11.0.24.0.8-2.el9
CVE-2024-21208 Anchore CVE Medium java-11-openjdk-headless-1:11.0.24.0.8-2.el9
RHSA-2024:6464 OSCAP Compliance Low
RHSA-2024:6783 OSCAP Compliance Low
RHSA-2024:6754 OSCAP Compliance Low
CVE-2024-34156 Twistlock CVE Low encoding/gob-1.21.12
CVE-2023-32636 Twistlock CVE Low glib2-2.68.4-14.el9
CVE-2024-47554 Twistlock CVE High commons-io_commons-io-2.8.0
CVE-2024-41996 Twistlock CVE Low openssl-3.0.7-27.el9
CVE-2024-21217 Anchore CVE Medium java-11-openjdk-headless-1:11.0.24.0.8-2.el9
CVE-2024-21210 Anchore CVE Medium java-11-openjdk-devel-1:11.0.24.0.8-2.el9
CVE-2024-21217 Anchore CVE Medium java-11-openjdk-1:11.0.24.0.8-2.el9
CVE-2024-21217 Anchore CVE Medium java-11-openjdk-devel-1:11.0.24.0.8-2.el9
CVE-2024-21210 Anchore CVE Medium java-11-openjdk-headless-1:11.0.24.0.8-2.el9
CVE-2024-21208 Anchore CVE Medium java-11-openjdk-1:11.0.24.0.8-2.el9
CVE-2024-4558 Anchore CVE High webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-3661 Anchore CVE Medium NetworkManager-libnm-1:1.46.0-19.el9_4
CVE-2024-50602 Anchore CVE Medium expat-2.5.0-2.el9_4
CVE-2024-50613 Anchore CVE Medium libsndfile-1.0.31-8.el9
CVE-2024-44185 Anchore CVE High webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-44296 Anchore CVE Medium webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-44244 Anchore CVE Medium webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-52532 Anchore CVE Medium libsoup-2.72.0-8.el9
CVE-2024-52533 Anchore CVE Medium glib2-2.68.4-14.el9
CVE-2024-52530 Anchore CVE High libsoup-2.72.0-8.el9
CVE-2024-52531 Anchore CVE Low libsoup-2.72.0-8.el9
CVE-2024-11168 Anchore CVE Medium python3-3.9.18-3.el9_4.5
CVE-2024-11168 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.5
CVE-2024-3596 Anchore CVE High krb5-libs-1.21.1-2.el9_4
CVE-2024-9681 Anchore CVE Low libcurl-minimal-7.76.1-29.el9_4.1
CVE-2024-52616 Anchore CVE Medium avahi-libs-0.8-20.el9
CVE-2024-9681 Anchore CVE Low curl-minimal-7.76.1-29.el9_4.1
CVE-2024-52615 Anchore CVE Medium avahi-libs-0.8-20.el9
CVE-2024-44309 Anchore CVE High webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-50612 Anchore CVE Medium libsndfile-1.0.31-8.el9
GHSA-v778-237x-gjrc Anchore CVE Critical golang.org/x/crypto-v0.24.0
CVE-2024-47607 Anchore CVE High gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-47541 Anchore CVE Medium gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-11053 Anchore CVE Low libcurl-minimal-7.76.1-29.el9_4.1
CVE-2024-9287 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.5
CVE-2024-47542 Anchore CVE Medium gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-47538 Anchore CVE High gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-9287 Anchore CVE Medium python3-3.9.18-3.el9_4.5
CVE-2024-47835 Anchore CVE Medium gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-11053 Anchore CVE Low curl-minimal-7.76.1-29.el9_4.1
CVE-2024-47615 Anchore CVE High gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-47600 Anchore CVE Medium gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-56378 Anchore CVE Medium poppler-glib-21.01.0-19.el9
CVE-2024-56378 Anchore CVE Medium poppler-21.01.0-19.el9
CVE-2024-54479 Anchore CVE High webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-54502 Anchore CVE Medium webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-54508 Anchore CVE Medium webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-54534 Anchore CVE High webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-54505 Anchore CVE High webkit2gtk3-jsc-2.42.5-1.el9
CVE-2024-56431 Anchore CVE Low libtheora-1:1.1.1-31.el9
CVE-2024-56433 Anchore CVE Low shadow-utils-2:4.9-8.el9
CVE-2024-56827 Anchore CVE Medium openjpeg2-2.4.0-7.el9
CVE-2024-56826 Anchore CVE Medium openjpeg2-2.4.0-7.el9
RHSA-2024:8180 OSCAP Compliance Low
RHSA-2024:8121 OSCAP Compliance Low
RHSA-2024:8446 OSCAP Compliance Low
RHSA-2024:8914 OSCAP Compliance Low
RHSA-2024:9474 OSCAP Compliance Low
RHSA-2024:9470 OSCAP Compliance Low
RHSA-2024:9468 OSCAP Compliance Low
RHSA-2024:9404 OSCAP Compliance Low
RHSA-2024:9371 OSCAP Compliance Low
RHSA-2024:9333 OSCAP Compliance Low
RHSA-2024:9331 OSCAP Compliance Low
RHSA-2024:9317 OSCAP Compliance Low
RHSA-2024:9184 OSCAP Compliance Low
RHSA-2024:9167 OSCAP Compliance Low
RHSA-2024:9144 OSCAP Compliance Low
RHSA-2024:9559 OSCAP Compliance Low
RHSA-2024:9553 OSCAP Compliance Low
RHSA-2024:9541 OSCAP Compliance Low
RHSA-2025:0146 OSCAP Compliance Low
RHSA-2025:0377 OSCAP Compliance Low
CVE-2024-21235 Twistlock CVE Medium java-11-openjdk-11.0.24.0.8-2.el9
CVE-2024-21217 Twistlock CVE Medium java-11-openjdk-11.0.24.0.8-2.el9
CVE-2024-21210 Twistlock CVE Medium java-11-openjdk-11.0.24.0.8-2.el9
CVE-2024-21208 Twistlock CVE Medium java-11-openjdk-11.0.24.0.8-2.el9
CVE-2024-50613 Twistlock CVE Medium libsndfile-1.0.31-8.el9
CVE-2024-50602 Twistlock CVE Medium expat-2.5.0-2.el9_4
CVE-2024-50612 Twistlock CVE Medium libsndfile-1.0.31-8.el9
CVE-2024-52530 Twistlock CVE High libsoup-2.72.0-8.el9
CVE-2024-52532 Twistlock CVE Medium libsoup-2.72.0-8.el9
CVE-2024-52533 Twistlock CVE Medium glib2-2.68.4-14.el9
CVE-2024-52531 Twistlock CVE Low libsoup-2.72.0-8.el9
CVE-2024-3596 Twistlock CVE High krb5-1.21.1-2.el9_4
CVE-2024-47538 Twistlock CVE High gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-27851 Twistlock CVE High webkit2gtk3-2.42.5-1.el9
CVE-2024-27820 Twistlock CVE High webkit2gtk3-2.42.5-1.el9
CVE-2024-23226 Twistlock CVE High webkit2gtk3-2.42.5-1.el9
CVE-2023-42950 Twistlock CVE High webkit2gtk3-2.42.5-1.el9
CVE-2024-47615 Twistlock CVE High gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-47607 Twistlock CVE High gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-4558 Twistlock CVE High webkit2gtk3-2.42.5-1.el9
CVE-2024-44309 Twistlock CVE High webkit2gtk3-2.42.5-1.el9
CVE-2024-44185 Twistlock CVE High webkit2gtk3-2.42.5-1.el9
CVE-2024-3661 Twistlock CVE Medium NetworkManager-1.46.0-19.el9_4
CVE-2024-6232 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.5
CVE-2024-26462 Twistlock CVE Medium krb5-1.21.1-2.el9_4
CVE-2023-4504 Twistlock CVE Medium cups-2.3.3op2-27.el9_4
CVE-2021-3782 Twistlock CVE Medium wayland-1.21.0-1.el9
CVE-2024-44187 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-40866 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-40789 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-40782 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-40780 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-40779 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-27838 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-23284 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-23280 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-23263 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-23254 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2023-42956 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2022-37052 Twistlock CVE Medium poppler-21.01.0-19.el9
CVE-2024-9287 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.5
CVE-2024-47542 Twistlock CVE Medium gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-47541 Twistlock CVE Medium gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-1931 Twistlock CVE Medium unbound-1.16.2-3.el9_3.5
CVE-2021-23336 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.5
CVE-2024-35195 Twistlock CVE Medium python-requests-2.25.1-8.el9
CVE-2024-47835 Twistlock CVE Medium gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-44296 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2023-42843 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-8508 Twistlock CVE Medium unbound-1.16.2-3.el9_3.5
CVE-2024-8088 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.5
CVE-2024-52616 Twistlock CVE Medium avahi-0.8-20.el9
CVE-2024-52615 Twistlock CVE Medium avahi-0.8-20.el9
CVE-2024-47600 Twistlock CVE Medium gstreamer1-plugins-base-1.22.1-2.el9
CVE-2024-23271 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-44244 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-40776 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-11168 Twistlock CVE Medium python3.9-3.9.18-3.el9_4.5
CVE-2024-47175 Twistlock CVE Low cups-2.3.3op2-27.el9_4
CVE-2022-4899 Twistlock CVE Low zstd-1.5.1-2.el9
CVE-2023-50495 Twistlock CVE Low ncurses-6.2-10.20210508.el9
CVE-2022-29458 Twistlock CVE Low ncurses-6.2-10.20210508.el9
CVE-2024-26461 Twistlock CVE Low krb5-1.21.1-2.el9_4
CVE-2024-26458 Twistlock CVE Low krb5-1.21.1-2.el9_4
CVE-2024-11053 Twistlock CVE Low curl-7.76.1-29.el9_4.1
CVE-2017-6519 Twistlock CVE Low avahi-0.8-20.el9
CVE-2022-47011 Twistlock CVE Low gdb-10.2-13.el9
CVE-2022-47010 Twistlock CVE Low gdb-10.2-13.el9
CVE-2022-47007 Twistlock CVE Low gdb-10.2-13.el9
CVE-2022-27943 Twistlock CVE Low gcc-11.4.1-3.el9
CVE-2024-7264 Twistlock CVE Low curl-7.76.1-29.el9_4.1
CVE-2024-0397 Twistlock CVE Low python3.9-3.9.18-3.el9_4.5
CVE-2024-43168 Twistlock CVE Low unbound-1.16.2-3.el9_3.5
CVE-2024-0232 Twistlock CVE Low sqlite-3.34.1-7.el9_3
CVE-2021-3572 Twistlock CVE Low python-pip-21.2.3-8.el9
CVE-2024-25260 Twistlock CVE Low elfutils-0.190-2.el9
CVE-2019-12900 Twistlock CVE Medium bzip2-1.0.8-8.el9
CVE-2024-33655 Twistlock CVE Low unbound-1.16.2-3.el9_3.5
CVE-2024-6501 Twistlock CVE Low NetworkManager-1.46.0-19.el9_4
CVE-2024-43167 Twistlock CVE Low unbound-1.16.2-3.el9_3.5
CVE-2024-9681 Twistlock CVE Low curl-7.76.1-29.el9_4.1
CVE-2021-25317 Twistlock CVE Low cups-2.3.3op2-27.el9_4
CVE-2024-54479 Twistlock CVE High webkit2gtk3-2.42.5-1.el9
CVE-2024-56378 Twistlock CVE Medium poppler-21.01.0-19.el9
CVE-2024-54534 Twistlock CVE High webkit2gtk3-2.42.5-1.el9
CVE-2024-54505 Twistlock CVE High webkit2gtk3-2.42.5-1.el9
CVE-2024-54508 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-54502 Twistlock CVE Medium webkit2gtk3-2.42.5-1.el9
CVE-2024-56431 Twistlock CVE Low libtheora-1.1.1-31.el9
CVE-2024-56827 Twistlock CVE Medium openjpeg2-2.4.0-7.el9
CVE-2024-56826 Twistlock CVE Medium openjpeg2-2.4.0-7.el9
CVE-2024-28180 Twistlock CVE Medium gopkg.in/square/go-jose.v2-v2.6.0

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=mitekanalytics/worker&tag=v3.7.2-2024-07-23-sha-2e256be-release-10050700864&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by Ghost User
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI