UNCLASSIFIED - NO CUI

Skip to content

chore(findings): nextgen-federal/mistk/mistk-python

Summary

nextgen-federal/mistk/mistk-python has 249 new findings discovered during continuous monitoring.

Layer: redhat/ubi/ubi8:8.8 is EOL, please update if possible

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=nextgen-federal/mistk/mistk-python&tag=1.0.2.1-3.8&branch=master

EPSS (Exploit Prediction Scoring System) provides an estimate of the likelihood that a vulnerability will be exploited in the wild.

KEV (Known Exploited Vulnerabilities) indicates whether a vulnerability is actively being exploited according to CISA.

id source severity package impact workaround epss_score kev
CVE-2023-2650 Anchore CVE Medium openssl-1:1.1.1k-14.el8_6 0.88208 false
CVE-2023-2650 Anchore CVE Medium openssl-libs-1:1.1.1k-14.el8_6 0.88208 false
CVE-2023-32681 Twistlock CVE Medium requests-2.20.0 Requires that deployment or integration of requests is being used to a connect to untrusted hosts b is connecting over HTTPS and c is using proxies to do so. 0.06121 false
CVE-2019-9936 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.04627 false
CVE-2019-9937 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.04078 false
CVE-2022-23990 Anchore CVE Medium expat-2.2.5-17.el8_10 0.03519 false
CVE-2024-33655 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.03458 false
CVE-2024-33655 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.03458 false
CVE-2005-2541 Anchore CVE Medium tar-2:1.30-11.el8_10 0.03250 false
CVE-2024-56433 Anchore CVE Low shadow-utils-2:4.6-22.el8 0.02806 false
CVE-2024-7264 Anchore CVE Low curl-7.61.1-34.el8_10.3 0.02574 false
CVE-2024-7264 Anchore CVE Low libcurl-7.61.1-34.el8_10.3 0.02574 false
CVE-2018-20225 Anchore CVE Low platform-python-pip-9.0.3-24.el8 0.02537 false
CVE-2018-20225 Anchore CVE Low python3-pip-wheel-9.0.3-24.el8 0.02537 false
CVE-2024-2511 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.02023 false
CVE-2024-2511 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.02023 false
CVE-2024-6232 Anchore CVE High python-3.8.17 0.01519 false
CVE-2024-6232 Anchore CVE High python-3.8.17 0.01519 false
CVE-2024-6232 Twistlock CVE High python-3.8.17 0.01519 false
CVE-2023-0464 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.01370 false
CVE-2023-0464 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.01370 false
CVE-2019-16866 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.01248 false
CVE-2019-16866 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.01248 false
CVE-2019-9674 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.01198 false
CVE-2019-9674 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.01198 false
CVE-2018-1000880 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.01184 false
CVE-2020-21674 Anchore CVE Medium libarchive-3.3.3-6.el8_10 0.00915 false
CVE-2024-4032 Anchore CVE High python-3.8.17 0.00735 false
CVE-2024-4032 Anchore CVE High python-3.8.17 0.00735 false
CVE-2025-0938 Anchore CVE Medium python-3.8.17 0.00715 false
CVE-2025-0938 Anchore CVE Medium python-3.8.17 0.00715 false
CVE-2025-0938 Anchore CVE Medium python3-libs-3.6.8-71.el8_10 0.00715 false
CVE-2025-0938 Anchore CVE Medium platform-python-3.6.8-71.el8_10 0.00715 false
CVE-2018-20839 Anchore CVE Medium systemd-libs-239-82.el8_10.5 0.00668 false
CVE-2018-20839 Anchore CVE Medium systemd-pam-239-82.el8_10.5 0.00668 false
CVE-2018-20839 Anchore CVE Medium systemd-239-82.el8_10.5 0.00668 false
CVE-2019-11236 Twistlock CVE Medium urllib3-1.24.2 Its unlikely for an attacker to control an URL. Reject queries with rn or encode those characters. 0.00636 false
CVE-2019-20916 Twistlock CVE High pip-9.0.3 Passing untrusted URLs to pip is not an intended usage pattern. 0.00622 false
CVE-2024-49767 Twistlock CVE High werkzeug-3.0.1 Assuming the other conditions listed are met, then it is possible to exploit this. Configure Request.maxcontentlength. 0.00602 false
CVE-2022-0235 Anchore CVE Medium python3-syspurpose-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium python3-cloud-what-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium python3-subscription-manager-rhsm-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium subscription-manager-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium dnf-plugin-subscription-manager-1.28.44-1.el8_10 0.00512 false
CVE-2023-0466 Anchore CVE Medium openssl-libs-1:1.1.1k-14.el8_6 0.00508 false
CVE-2023-0466 Anchore CVE Medium openssl-1:1.1.1k-14.el8_6 0.00508 false
CVE-2018-1000879 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00493 false
CVE-2023-43804 Twistlock CVE High urllib3-1.24.2 Usage of the Cookie header is rare with urllib3. This is more common and useful in browsers. Redirections to another origin are also not the common case. 0.00485 false
CVE-2024-7592 Anchore CVE High python-3.8.17 0.00468 false
CVE-2024-7592 Anchore CVE High python-3.8.17 0.00468 false
CVE-2024-7592 Twistlock CVE High python-3.8.17 0.00468 false
CVE-2024-7592 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.00468 false
CVE-2024-7592 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.00468 false
CVE-2018-19217 Anchore CVE Medium ncurses-libs-6.1-10.20180224.el8 0.00404 false
CVE-2018-19217 Anchore CVE Medium ncurses-base-6.1-10.20180224.el8 0.00404 false
CVE-2019-9923 Anchore CVE Low tar-2:1.30-11.el8_10 0.00367 false
CVE-2023-0465 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00337 false
CVE-2023-0465 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00337 false
CVE-2024-0727 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00332 false
CVE-2024-0727 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00332 false
CVE-2022-40897 Twistlock CVE Medium setuptools-39.2.0 Code path is deprecated. 0.00318 false
CVE-2024-2236 Anchore CVE Medium libgcrypt-1.8.5-7.el8_6 0.00310 false
CVE-2024-11053 Anchore CVE Low curl-7.61.1-34.el8_10.3 0.00288 false
CVE-2024-11053 Anchore CVE Low libcurl-7.61.1-34.el8_10.3 0.00288 false
CVE-2018-19211 Anchore CVE Low ncurses-libs-6.1-10.20180224.el8 0.00278 false
CVE-2018-19211 Anchore CVE Low ncurses-base-6.1-10.20180224.el8 0.00278 false
CVE-2023-40217 Twistlock CVE Medium python-3.8.17 0.00266 false
CVE-2024-11168 Anchore CVE Medium python-3.8.17 0.00257 false
CVE-2024-11168 Anchore CVE Medium python-3.8.17 0.00257 false
CVE-2019-19244 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.00256 false
CVE-2024-0397 Anchore CVE High python-3.8.17 0.00226 false
CVE-2024-0397 Anchore CVE High python-3.8.17 0.00226 false
CVE-2024-0397 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.00226 false
CVE-2024-0397 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.00226 false
CVE-2019-12904 Anchore CVE Medium libgcrypt-1.8.5-7.el8_6 0.00210 false
CVE-2024-34459 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00208 false
CVE-2024-34459 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00208 false
CVE-2025-1153 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00185 false
CVE-2025-1795 Anchore CVE Low python-3.8.17 0.00184 false
CVE-2025-1795 Anchore CVE Low python-3.8.17 0.00184 false
CVE-2025-1795 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.00184 false
CVE-2025-1795 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.00184 false
CVE-2023-32636 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00179 false
CVE-2018-20657 Anchore CVE Low libgcc-8.5.0-28.el8_10 0.00174 false
CVE-2018-20657 Anchore CVE Low libstdc++-8.5.0-28.el8_10 0.00174 false
CVE-2024-0450 Anchore CVE Medium python-3.8.17 0.00173 false
CVE-2024-0450 Anchore CVE Medium python-3.8.17 0.00173 false
CVE-2024-41996 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00166 false
CVE-2024-41996 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00166 false
CVE-2021-4209 Anchore CVE Low gnutls-3.6.16-8.el8_10.3 0.00148 false
CVE-2025-4517 Anchore CVE Critical python-3.8.17 0.00146 false
CVE-2025-4517 Anchore CVE Critical python-3.8.17 0.00146 false
CVE-2019-14250 Anchore CVE Low libgcc-8.5.0-28.el8_10 0.00144 false
CVE-2019-14250 Anchore CVE Low libstdc++-8.5.0-28.el8_10 0.00144 false
CVE-2025-1632 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00136 false
CVE-2020-12413 Anchore CVE Low nss-softokn-freebl-3.101.0-11.el8_8 0.00124 false
CVE-2020-12413 Anchore CVE Low nss-sysinit-3.101.0-11.el8_8 0.00124 false
CVE-2020-12413 Anchore CVE Low nss-3.101.0-11.el8_8 0.00124 false
CVE-2020-12413 Anchore CVE Low nss-util-3.101.0-11.el8_8 0.00124 false
CVE-2020-12413 Anchore CVE Low nss-softokn-3.101.0-11.el8_8 0.00124 false
CVE-2025-4330 Anchore CVE High python-3.8.17 0.00120 false
CVE-2025-4330 Anchore CVE High python-3.8.17 0.00120 false
CVE-2023-29499 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00120 false
CVE-2018-1000654 Anchore CVE Low libtasn1-4.13-5.el8_10 0.00120 false
CVE-2024-7531 Anchore CVE Low nss-softokn-3.101.0-11.el8_8 0.00112 false
CVE-2024-7531 Anchore CVE Low nss-sysinit-3.101.0-11.el8_8 0.00112 false
CVE-2024-7531 Anchore CVE Low nss-util-3.101.0-11.el8_8 0.00112 false
CVE-2024-7531 Anchore CVE Low nss-softokn-freebl-3.101.0-11.el8_8 0.00112 false
CVE-2024-7531 Anchore CVE Low nss-3.101.0-11.el8_8 0.00112 false
CVE-2024-4741 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00107 false
CVE-2024-4741 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00107 false
CVE-2019-8905 Anchore CVE Medium file-libs-5.33-26.el8 0.00105 false
CVE-2025-3360 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00102 false
CVE-2025-4138 Anchore CVE High python-3.8.17 0.00100 false
CVE-2025-4138 Anchore CVE High python-3.8.17 0.00100 false
CVE-2023-27534 Anchore CVE Low libcurl-7.61.1-34.el8_10.3 0.00100 false
CVE-2023-27534 Anchore CVE Low curl-7.61.1-34.el8_10.3 0.00100 false
CVE-2021-20193 Anchore CVE Medium tar-2:1.30-11.el8_10 0.00100 false
CVE-2024-12718 Anchore CVE Medium python-3.8.17 0.00097 false
CVE-2024-12718 Anchore CVE Medium python-3.8.17 0.00097 false
CVE-2024-5642 Anchore CVE Medium python-3.8.17 0.00095 false
CVE-2024-5642 Anchore CVE Medium python-3.8.17 0.00095 false
CVE-2024-8088 Anchore CVE High python-3.8.17 0.00091 false
CVE-2024-8088 Anchore CVE High python-3.8.17 0.00091 false
CVE-2025-6069 Anchore CVE Medium python-3.8.17 0.00090 false
CVE-2025-6069 Anchore CVE Medium python-3.8.17 0.00090 false
CVE-2025-6069 Anchore CVE Medium platform-python-3.6.8-71.el8_10 0.00090 false
CVE-2025-6069 Anchore CVE Medium python3-libs-3.6.8-71.el8_10 0.00090 false
CVE-2019-8906 Anchore CVE Low file-libs-5.33-26.el8 0.00090 false
CVE-2024-6923 Anchore CVE Medium python-3.8.17 0.00089 false
CVE-2024-6923 Anchore CVE Medium python-3.8.17 0.00089 false
CVE-2025-8194 Anchore CVE High python-3.8.17 0.00088 false
CVE-2025-8194 Anchore CVE High python-3.8.17 0.00088 false
CVE-2022-4899 Anchore CVE Medium libzstd-1.4.4-1.el8 0.00086 false
CVE-2025-1152 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00081 false
CVE-2025-1150 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00081 false
CVE-2024-13176 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00080 false
CVE-2024-13176 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00080 false
CVE-2023-6597 Anchore CVE High python-3.8.17 0.00079 false
CVE-2023-6597 Anchore CVE High python-3.8.17 0.00079 false
CVE-2023-45322 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00076 false
CVE-2023-45322 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00076 false
CVE-2025-1151 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00075 false
CVE-2025-32990 Anchore CVE Medium gnutls-3.6.16-8.el8_10.3 0.00072 false
CVE-2024-50602 Anchore CVE Medium python-3.8.17 0.00068 false
CVE-2024-50602 Anchore CVE Medium python-3.8.17 0.00068 false
CVE-2025-4435 Anchore CVE High python-3.8.17 0.00067 false
CVE-2025-4435 Anchore CVE High python-3.8.17 0.00067 false
CVE-2022-41409 Anchore CVE Low pcre2-10.32-3.el8_6 0.00061 false
CVE-2023-32665 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00059 false
CVE-2025-6395 Anchore CVE Medium gnutls-3.6.16-8.el8_10.3 0.00057 false
CVE-2025-32988 Anchore CVE Medium gnutls-3.6.16-8.el8_10.3 0.00056 false
CVE-2023-45803 Twistlock CVE Medium urllib3-1.24.2 No exploits from real world were reported Disable redirects for services that you arent expecting to respond with redirects with redirectsFalse.Disable automatic redirects with redirectsFalse and handle 303 redirects manually by stripping the HTTP request body. 0.00056 false
CVE-2025-27113 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00055 false
CVE-2025-27113 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00055 false
CVE-2025-5987 Anchore CVE Medium libssh-0.9.6-14.el8 0.00050 false
CVE-2025-5987 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00050 false
CVE-2025-5372 Anchore CVE Medium libssh-0.9.6-14.el8 0.00048 false
CVE-2025-5372 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00048 false
CVE-2024-9287 Anchore CVE High python-3.8.17 0.00048 false
CVE-2024-9287 Anchore CVE High python-3.8.17 0.00048 false
CVE-2024-9287 Twistlock CVE High python-3.8.17 0.00048 false
CVE-2025-5318 Anchore CVE Medium libssh-0.9.6-14.el8 0.00047 false
CVE-2025-5318 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00047 false
CVE-2022-27943 Anchore CVE Low libstdc++-8.5.0-28.el8_10 0.00044 false
CVE-2022-27943 Anchore CVE Low libgcc-8.5.0-28.el8_10 0.00044 false
CVE-2025-45582 Anchore CVE Medium tar-2:1.30-11.el8_10 0.00039 false
CVE-2023-39804 Anchore CVE Low tar-2:1.30-11.el8_10 0.00039 false
CVE-2021-3997 Anchore CVE Medium systemd-239-82.el8_10.5 0.00038 false
CVE-2021-3997 Anchore CVE Medium systemd-pam-239-82.el8_10.5 0.00038 false
CVE-2021-3997 Anchore CVE Medium systemd-libs-239-82.el8_10.5 0.00038 false
CVE-2023-32611 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00037 false
CVE-2024-43167 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.00035 false
CVE-2024-43167 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.00035 false
CVE-2025-5351 Anchore CVE Medium libssh-0.9.6-14.el8 0.00034 false
CVE-2025-5351 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00034 false
CVE-2024-43168 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.00033 false
CVE-2024-43168 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.00033 false
CVE-2023-4156 Anchore CVE Low gawk-4.2.1-4.el8 0.00031 false
CVE-2025-7458 Anchore CVE Medium sqlite-libs-3.26.0-20.el8_10 0.00029 false
CVE-2025-32989 Anchore CVE Medium gnutls-3.6.16-8.el8_10.3 0.00026 false
CVE-2025-8941 Anchore CVE High pam-1.3.1-38.el8_10 0.00025 false
CVE-2024-57360 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00024 false
CVE-2025-5245 Anchore CVE Medium gdb-gdbserver-8.2-20.el8 0.00022 false
CVE-2025-6170 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00021 false
CVE-2025-6170 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00021 false
CVE-2025-4516 Anchore CVE Medium python-3.8.17 0.00021 false
CVE-2025-4516 Anchore CVE Medium python-3.8.17 0.00021 false
CVE-2025-4516 Anchore CVE Medium python3-libs-3.6.8-71.el8_10 0.00021 false
CVE-2025-4516 Anchore CVE Medium platform-python-3.6.8-71.el8_10 0.00021 false
CVE-2025-3198 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00021 false
CVE-2021-24032 Anchore CVE Low libzstd-1.4.4-1.el8 0.00020 false
CVE-2025-5918 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00018 false
CVE-2025-5278 Anchore CVE Medium coreutils-single-8.30-15.el8 0.00018 false
CVE-2024-0232 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.00018 false
CVE-2025-5916 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00017 false
CVE-2025-30258 Anchore CVE Low gnupg2-2.2.20-3.el8_6 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-libs-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-common-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-tools-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-daemon-1:1.12.8-27.el8_10 0.00017 false
CVE-2025-25724 Anchore CVE Medium libarchive-3.3.3-6.el8_10 0.00016 false
CVE-2025-8114 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00015 false
CVE-2025-8114 Anchore CVE Medium libssh-0.9.6-14.el8 0.00015 false
CVE-2025-5917 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00015 false
CVE-2025-50181 Anchore CVE Medium platform-python-pip-9.0.3-24.el8 0.00015 false
CVE-2025-50181 Anchore CVE Medium python3-pip-wheel-9.0.3-24.el8 0.00015 false
CVE-2025-4878 Anchore CVE Low libssh-0.9.6-14.el8 0.00015 false
CVE-2025-4878 Anchore CVE Low libssh-config-0.9.6-14.el8 0.00015 false
CVE-2025-5915 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00014 false
CVE-2025-4598 Anchore CVE Medium systemd-libs-239-82.el8_10.5 0.00014 false
CVE-2025-4598 Anchore CVE Medium systemd-pam-239-82.el8_10.5 0.00014 false
CVE-2025-4598 Anchore CVE Medium systemd-239-82.el8_10.5 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-debuginfod-client-0.190-2.el8 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-default-yama-scope-0.190-2.el8 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-libelf-0.190-2.el8 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-libs-0.190-2.el8 0.00014 false
CVE-2025-50182 Anchore CVE Medium platform-python-pip-9.0.3-24.el8 0.00013 false
CVE-2025-50182 Anchore CVE Medium python3-pip-wheel-9.0.3-24.el8 0.00013 false
CVE-2024-57970 Anchore CVE Medium libarchive-3.3.3-6.el8_10 0.00012 false
CVE-2022-3219 Anchore CVE Low gnupg2-2.2.20-3.el8_6 0.00012 false
CVE-2021-33294 Anchore CVE Medium elfutils-libs-0.190-2.el8 0.00006 false
CVE-2021-33294 Anchore CVE Medium elfutils-libelf-0.190-2.el8 0.00006 false
CVE-2021-33294 Anchore CVE Medium elfutils-default-yama-scope-0.190-2.el8 0.00006 false
CVE-2021-33294 Anchore CVE Medium elfutils-debuginfod-client-0.190-2.el8 0.00006 false
addbb93c22e9b0988b8b40392a4538cb Anchore Compliance Low N/A N/A
GHSA-q34m-jh98-gwm2 Anchore CVE Medium werkzeug-3.0.1 N/A N/A
GHSA-pq67-6m6q-mj2v Anchore CVE Medium urllib3-2.2.3 N/A N/A
GHSA-f9vj-2wh5-fj8j Anchore CVE Medium werkzeug-3.0.1 N/A N/A
GHSA-cx63-2mw6-8hw5 Anchore CVE High setuptools-68.0.0 N/A N/A
GHSA-5rjg-fvgr-3xxf Anchore CVE High setuptools-68.0.0 N/A N/A
GHSA-48p4-8xcf-vxj5 Anchore CVE Medium urllib3-2.2.3 N/A N/A
GHSA-2g68-c3qc-8985 Anchore CVE High Werkzeug-3.0.1 N/A N/A
CCE-89707-4 OSCAP Compliance Medium N/A N/A
CCE-86473-6 OSCAP Compliance Medium N/A N/A
CCE-86106-2 OSCAP Compliance Medium N/A N/A
CCE-84255-9 OSCAP Compliance Medium N/A N/A
CCE-84254-2 OSCAP Compliance Medium N/A N/A
CCE-82730-3 OSCAP Compliance Medium N/A N/A
CCE-81044-0 OSCAP Compliance Low N/A N/A
CCE-80854-3 OSCAP Compliance Low N/A N/A
CCE-80853-5 OSCAP Compliance Low N/A N/A
CCE-80852-7 OSCAP Compliance Low N/A N/A
CCE-80851-9 OSCAP Compliance Low N/A N/A
CCE-80839-4 OSCAP Compliance Medium N/A N/A
CCE-80838-6 OSCAP Compliance Medium N/A N/A
CCE-80837-8 OSCAP Compliance Medium N/A N/A
CCE-80664-6 OSCAP Compliance Medium N/A N/A

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=nextgen-federal/mistk/mistk-python&tag=1.0.2.1-3.8&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by CHORE_TOKEN
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI