Pipeline · Ironbank Containers / Opensource / apache / nifi

Merge branch 'renovate-automerge' into 'development'

renovate-automerge

See merge request !35

16 jobs for development in 26 minutes and 33 seconds (queued for 23 minutes and 52 seconds)

8686d828

Status	Job ID	Name
.Pre
passed	#4797862	load-scripts	00:00:09 Jul 14, 2021

Preflight
passed	#4797864	folder-structure	00:00:08 Jul 14, 2021
passed	#4797865	hardening-manifest	00:00:11 Jul 14, 2021
passed	#4797863	trufflehog	00:00:09 Jul 14, 2021

Lint
passed	#4797866	wl-compare-lint	00:00:13 Jul 14, 2021

Import Artifacts
passed	#4797867	import-artifacts	00:03:54 Jul 14, 2021

Scan Artifacts
passed	#4797868	clamav-scan	00:03:52 Jul 14, 2021

Build
passed	#4797869	build	00:05:55 Jul 14, 2021

Scanning
passed	#4797870	anchore-scan	00:04:12 Jul 14, 2021
passed	#4797871 ironbank-dsop-privileged	openscap-compliance	00:02:10 Jul 14, 2021
passed	#4797872	twistlock-scan	00:01:30 Jul 14, 2021

Csv Output
passed	#4797873	csv-output	00:00:30 Jul 14, 2021

Check Cves
failed	#4797874 allowed to fail	check-cves	00:00:23 Jul 14, 2021

Documentation
passed	#4797875	documentation	00:02:45 Jul 14, 2021

S3 Publish
passed	#4797876	upload-to-s3	00:04:05 Jul 14, 2021

Vat
passed	#4797877	vat	00:00:16 Jul 14, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	INFO: Vulnerabilities found in scanning stage: 236 INFO: {Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-logging-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-9488', package='log4j-1.2.17', package_path='/opt/nifi/nifi-toolkit-current/lib/log4j-1.2.17.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-s2s-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28163', package='org.eclipse.jetty_jetty-io-9.4.38.v20210224', package_path=None), Finding(scan_source='anchore_comp', cve_id='463a9a24225c26f7a5bf3f38908e5cb3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8908', package='guava-1.0', package_path='/opt/nifi/nifi-toolkit-current/lib/curator-client-4.2.0.jar:listenablefuture'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-5421', package='spring-core_spring-core-4.3.19', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257084', package='commons-compress-1.20', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-compress-1.20.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-expression-language-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-web-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82472-2', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82979-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28164', package='jetty-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-http-9.4.38.v20210224.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2009-1523', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-server-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.26', package_path='/opt/nifi/nifi-toolkit-current/lib/jersey-client-2.26.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-261158', package='okhttp-4.9.1', package_path='/opt/nifi/nifi-current/lib/bootstrap/okhttp-4.9.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-properties-1.13.2.jar'), Finding(scan_source='anchore_comp', cve_id='c4ad80832b361f81df2a31e5b6b09864', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-site-to-site-client-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-15945', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20445', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21409', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-bootstrap-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-web-security-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-components-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-gwrp-pvrq-jmwv', package='commons-io-2.5', package_path='/opt/nifi/nifi-toolkit-current/lib/velocity-engine-core-2.0.jar:commons-io'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3572', package='python3-pip-wheel-9.0.3-19.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-m6cp-vxjx-65j6', package='jetty-server-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-server-9.4.38.v20210224.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29582', package='kotlin-stdlib_kotlin-stdlib-1.4.10', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3580', package='nettle-3.4.1-4.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82473-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-87160', package='commons-httpclient-3.1', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-httpclient-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-nar-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-security-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-site-to-site-1.13.2.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82949-9', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-17571', package='log4j_log4j-1.2.17', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2009-5049', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-parameter-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2015-5262', package='commons-httpclient-3.1', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-httpclient-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28164', package='jetty-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-util-9.4.38.v20210224.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-authorization-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-v528-7hrm-frqp', package='json-smart-1.3.1', package_path='/opt/nifi/nifi-toolkit-current/lib/nimbus-jose-jwt-9.7.jar:json-smart'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-uuid5-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2017-15806', package='mail-1.6.1', package_path='/opt/nifi/nifi-toolkit-current/lib/javax.mail-1.6.1.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-properties-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='platform-python-3.6.8-37.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-nar-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35516', package='commons-compress-1.20', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-compress-1.20.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-parameter-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-core-1.13.2.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82494-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82220-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-10001', package='cups-libs-2.2.6-38.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='python3-libs-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-rocksdb-utils-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-17541', package='libjpeg-turbo-1.5.3-10.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28164', package='jetty-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-io-9.4.38.v20210224.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='3456a263793066e9b5063ada6e47917d', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-mm9x-g8pc-w292', package='netty-handler-4.1.42.Final', package_path='/opt/nifi/nifi-toolkit-current/lib/netty-handler-4.1.42.Final.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-7r82-7xv7-xcpj', package='httpclient-4.5.5', package_path='/opt/nifi/nifi-toolkit-current/lib/httpclient-4.5.5.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-schema-utils-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-28.0-jre', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='abb121e9621abdd452f65844954cf1c1', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-security-utils-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-1945', package='ant-1.9.13', package_path='/opt/nifi/nifi-toolkit-current/lib/ant-1.9.13.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-administration-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-security-utils-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2018-15756', package='spring-core_spring-core-4.3.19', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2011-4461', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20444', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-29425', package='commons-io_commons-io-2.5', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.26', package_path='/opt/nifi/nifi-toolkit-current/lib/jersey-hk2-2.26.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82214-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-29425', package='commons_io-2.6', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-io-2.6.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-write-ahead-log-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-29425', package='commons-io_commons-io-2.6', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-config-0.9.4-2.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82959-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2012-6127', package='commons-httpclient-3.1', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-httpclient-3.1.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-9488', package='log4j_log4j-1.2.17', package_path=None), Finding(scan_source='anchore_comp', cve_id='3e5fad1c039f3ecfd1dcdc94d2f1f9a0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='bcd159901fe47efddae5c095b4b0d7fd', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82880-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.5', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-34428', package='org.eclipse.jetty_jetty-io-9.4.38.v20210224', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-256815', package='commons-compress-1.20', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-compress-1.20.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.26', package_path='/opt/nifi/nifi-toolkit-current/lib/jersey-entity-filtering-2.26.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-5mg8-w23w-74h3', package='guava-28.0-jre', package_path='/opt/nifi/nifi-toolkit-current/lib/guava-28.0-jre.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-171100', package='commons_net-3.6', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-net-3.6.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2005-3747', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28164', package='jetty-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-server-9.4.38.v20210224.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-261158', package='okhttp-4.9.1', package_path='/opt/nifi/nifi-toolkit-current/lib/okhttp-4.9.1.jar'), Finding(scan_source='anchore_comp', cve_id='320a97c6816565eedf3545833df99dd0', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82168-6', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='34de21e516c0ca50a96e5386f163f8bf', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-runtime-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-v528-7hrm-frqp', package='json-smart-2.3', package_path='/opt/nifi/nifi-toolkit-current/lib/json-smart-2.3.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-p2v9-g2qv-p635', package='netty-handler-4.1.42.Final', package_path='/opt/nifi/nifi-toolkit-current/lib/netty-handler-4.1.42.Final.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22112', package='spring-security-core_spring-security-core-4.2.13', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82360-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-core-api-1.13.2.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82267-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-socket-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-17541', package='libjpeg-turbo-1.5.3-10.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-243848', package='commons-httpclient-3.1', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-httpclient-3.1.jar'), Finding(scan_source='anchore_comp', cve_id='e7573262736ef52353cde3bae2617782', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-flowanalyzer-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-uuid5-1.13.2.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82474-8', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2009-5048', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-properties-loader-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-encrypt-config-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-security-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-flowfile-repo-serialization-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2019-17571', package='log4j-1.2.17', package_path='/opt/nifi/nifi-toolkit-current/lib/log4j-1.2.17.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82368-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-framework-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-stateless-bootstrap-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-admin-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-tls-1.13.2.jar'), Finding(scan_source='anchore_comp', cve_id='639f6f1177735759703e928c14714a59', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c2e44319ae5b3b040044d8ae116d1c2f', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.26', package_path='/opt/nifi/nifi-toolkit-current/lib/jersey-media-json-jackson-2.26.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-cqqj-4p63-rrmm', package='netty-handler-4.1.42.Final', package_path='/opt/nifi/nifi-toolkit-current/lib/netty-handler-4.1.42.Final.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2007-5613', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-repository-models-1.13.2.jar'), Finding(scan_source='anchore_comp', cve_id='addbb93c22e9b0988b8b40392a4538cb', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28169', package='org.eclipse.jetty_jetty-io-9.4.38.v20210224', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-stateless-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-zookeeper-migrator-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-29425', package='commons_io-2.5', package_path='/opt/nifi/nifi-toolkit-current/lib/velocity-engine-core-2.0.jar:commons-io'), Finding(scan_source='oscap_comp', cve_id='CCE-80935-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2007-5614', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-properties-loader-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-data-provenance-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-17521', package='groovy-2.5.4', package_path='/opt/nifi/nifi-toolkit-current/lib/groovy-2.5.4.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-authorizer-1.13.2.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82395-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-user-actions-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2009-1524', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82985-3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-24032', package='libzstd-1.4.4-1.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-cluster-protocol-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-hawkey-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.26', package_path='/opt/nifi/nifi-toolkit-current/lib/jersey-common-2.26.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-expression-language-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21295', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-authorization-providers-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-cli-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-v528-7hrm-frqp', package='json-smart-2.3', package_path='/opt/nifi/nifi-current/lib/bootstrap/json-smart-2.3.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-26vr-8j45-3r4w', package='jetty-io-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-io-9.4.38.v20210224.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-11612', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-gwrp-pvrq-jmwv', package='commons-io-2.6', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-io-2.6.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-83401-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-2qrg-x229-3v8q', package='log4j-1.2.17', package_path='/opt/nifi/nifi-toolkit-current/lib/log4j-1.2.17.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-client-dto-1.13.2.jar')} ERROR: NON-WHITELISTED VULNERABILITIES FOUND ERROR: Number of non-whitelisted vulnerabilities: 1 ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: anchore_cve CVE-2021-35516 commons-compress-1.20 /opt/nifi/nifi-toolkit-current/lib/commons-compress-1.20.jar Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

INFO: Vulnerabilities found in scanning stage: 236
INFO: {Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-logging-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-9488', package='log4j-1.2.17', package_path='/opt/nifi/nifi-toolkit-current/lib/log4j-1.2.17.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-s2s-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28163', package='org.eclipse.jetty_jetty-io-9.4.38.v20210224', package_path=None), Finding(scan_source='anchore_comp', cve_id='463a9a24225c26f7a5bf3f38908e5cb3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8908', package='guava-1.0', package_path='/opt/nifi/nifi-toolkit-current/lib/curator-client-4.2.0.jar:listenablefuture'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-5421', package='spring-core_spring-core-4.3.19', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257084', package='commons-compress-1.20', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-compress-1.20.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-expression-language-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-web-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82472-2', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82979-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28164', package='jetty-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-http-9.4.38.v20210224.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2009-1523', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-server-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.26', package_path='/opt/nifi/nifi-toolkit-current/lib/jersey-client-2.26.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-261158', package='okhttp-4.9.1', package_path='/opt/nifi/nifi-current/lib/bootstrap/okhttp-4.9.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-properties-1.13.2.jar'), Finding(scan_source='anchore_comp', cve_id='c4ad80832b361f81df2a31e5b6b09864', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-site-to-site-client-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-15945', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20445', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21409', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-bootstrap-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-web-security-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-components-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-gwrp-pvrq-jmwv', package='commons-io-2.5', package_path='/opt/nifi/nifi-toolkit-current/lib/velocity-engine-core-2.0.jar:commons-io'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3572', package='python3-pip-wheel-9.0.3-19.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-m6cp-vxjx-65j6', package='jetty-server-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-server-9.4.38.v20210224.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29582', package='kotlin-stdlib_kotlin-stdlib-1.4.10', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3580', package='nettle-3.4.1-4.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82473-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-87160', package='commons-httpclient-3.1', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-httpclient-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-nar-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-security-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-site-to-site-1.13.2.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82949-9', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-17571', package='log4j_log4j-1.2.17', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2009-5049', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-parameter-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2015-5262', package='commons-httpclient-3.1', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-httpclient-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28164', package='jetty-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-util-9.4.38.v20210224.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-authorization-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-v528-7hrm-frqp', package='json-smart-1.3.1', package_path='/opt/nifi/nifi-toolkit-current/lib/nimbus-jose-jwt-9.7.jar:json-smart'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-uuid5-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2017-15806', package='mail-1.6.1', package_path='/opt/nifi/nifi-toolkit-current/lib/javax.mail-1.6.1.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-properties-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='platform-python-3.6.8-37.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-nar-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35516', package='commons-compress-1.20', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-compress-1.20.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-parameter-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-core-1.13.2.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82494-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82220-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-10001', package='cups-libs-2.2.6-38.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='python3-libs-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-rocksdb-utils-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-17541', package='libjpeg-turbo-1.5.3-10.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28164', package='jetty-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-io-9.4.38.v20210224.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='3456a263793066e9b5063ada6e47917d', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-mm9x-g8pc-w292', package='netty-handler-4.1.42.Final', package_path='/opt/nifi/nifi-toolkit-current/lib/netty-handler-4.1.42.Final.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-7r82-7xv7-xcpj', package='httpclient-4.5.5', package_path='/opt/nifi/nifi-toolkit-current/lib/httpclient-4.5.5.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-schema-utils-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-28.0-jre', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='abb121e9621abdd452f65844954cf1c1', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-security-utils-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-1945', package='ant-1.9.13', package_path='/opt/nifi/nifi-toolkit-current/lib/ant-1.9.13.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-administration-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-security-utils-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2018-15756', package='spring-core_spring-core-4.3.19', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2011-4461', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20444', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-29425', package='commons-io_commons-io-2.5', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.26', package_path='/opt/nifi/nifi-toolkit-current/lib/jersey-hk2-2.26.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82214-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-29425', package='commons_io-2.6', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-io-2.6.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-write-ahead-log-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-29425', package='commons-io_commons-io-2.6', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-config-0.9.4-2.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82959-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2012-6127', package='commons-httpclient-3.1', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-httpclient-3.1.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-9488', package='log4j_log4j-1.2.17', package_path=None), Finding(scan_source='anchore_comp', cve_id='3e5fad1c039f3ecfd1dcdc94d2f1f9a0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='bcd159901fe47efddae5c095b4b0d7fd', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82880-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.5', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-34428', package='org.eclipse.jetty_jetty-io-9.4.38.v20210224', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-256815', package='commons-compress-1.20', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-compress-1.20.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.26', package_path='/opt/nifi/nifi-toolkit-current/lib/jersey-entity-filtering-2.26.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-5mg8-w23w-74h3', package='guava-28.0-jre', package_path='/opt/nifi/nifi-toolkit-current/lib/guava-28.0-jre.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-171100', package='commons_net-3.6', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-net-3.6.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2005-3747', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28164', package='jetty-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-server-9.4.38.v20210224.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-261158', package='okhttp-4.9.1', package_path='/opt/nifi/nifi-toolkit-current/lib/okhttp-4.9.1.jar'), Finding(scan_source='anchore_comp', cve_id='320a97c6816565eedf3545833df99dd0', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82168-6', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='34de21e516c0ca50a96e5386f163f8bf', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-runtime-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-v528-7hrm-frqp', package='json-smart-2.3', package_path='/opt/nifi/nifi-toolkit-current/lib/json-smart-2.3.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-p2v9-g2qv-p635', package='netty-handler-4.1.42.Final', package_path='/opt/nifi/nifi-toolkit-current/lib/netty-handler-4.1.42.Final.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22112', package='spring-security-core_spring-security-core-4.2.13', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82360-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-core-api-1.13.2.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82267-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-socket-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-17541', package='libjpeg-turbo-1.5.3-10.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-243848', package='commons-httpclient-3.1', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-httpclient-3.1.jar'), Finding(scan_source='anchore_comp', cve_id='e7573262736ef52353cde3bae2617782', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-flowanalyzer-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-uuid5-1.13.2.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82474-8', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2009-5048', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-properties-loader-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-encrypt-config-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-security-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-flowfile-repo-serialization-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2019-17571', package='log4j-1.2.17', package_path='/opt/nifi/nifi-toolkit-current/lib/log4j-1.2.17.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82368-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-framework-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-stateless-bootstrap-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-admin-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-tls-1.13.2.jar'), Finding(scan_source='anchore_comp', cve_id='639f6f1177735759703e928c14714a59', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c2e44319ae5b3b040044d8ae116d1c2f', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.26', package_path='/opt/nifi/nifi-toolkit-current/lib/jersey-media-json-jackson-2.26.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-cqqj-4p63-rrmm', package='netty-handler-4.1.42.Final', package_path='/opt/nifi/nifi-toolkit-current/lib/netty-handler-4.1.42.Final.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2007-5613', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-repository-models-1.13.2.jar'), Finding(scan_source='anchore_comp', cve_id='addbb93c22e9b0988b8b40392a4538cb', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28169', package='org.eclipse.jetty_jetty-io-9.4.38.v20210224', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-stateless-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-zookeeper-migrator-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-29425', package='commons_io-2.5', package_path='/opt/nifi/nifi-toolkit-current/lib/velocity-engine-core-2.0.jar:commons-io'), Finding(scan_source='oscap_comp', cve_id='CCE-80935-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2007-5614', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-properties-loader-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-data-provenance-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-17521', package='groovy-2.5.4', package_path='/opt/nifi/nifi-toolkit-current/lib/groovy-2.5.4.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-authorizer-1.13.2.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82395-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-user-actions-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-utils-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2009-1524', package='jetty-3.1', package_path='/opt/nifi/nifi-current/lib/jetty-schemas-3.1.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82985-3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-24032', package='libzstd-1.4.4-1.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-cluster-protocol-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-hawkey-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-190269', package='jersey-2.26', package_path='/opt/nifi/nifi-toolkit-current/lib/jersey-common-2.26.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/bootstrap/nifi-expression-language-1.13.2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21295', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-current/lib/nifi-api-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-framework-authorization-providers-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-toolkit-cli-1.13.2.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-v528-7hrm-frqp', package='json-smart-2.3', package_path='/opt/nifi/nifi-current/lib/bootstrap/json-smart-2.3.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-26vr-8j45-3r4w', package='jetty-io-9.4.38.v20210224', package_path='/opt/nifi/nifi-toolkit-current/lib/jetty-io-9.4.38.v20210224.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-11612', package='io.netty_netty-codec-4.1.42.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-gwrp-pvrq-jmwv', package='commons-io-2.6', package_path='/opt/nifi/nifi-toolkit-current/lib/commons-io-2.6.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-83401-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-2qrg-x229-3v8q', package='log4j-1.2.17', package_path='/opt/nifi/nifi-toolkit-current/lib/log4j-1.2.17.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-257421', package='nifi-1.13.2', package_path='/opt/nifi/nifi-toolkit-current/lib/nifi-client-dto-1.13.2.jar')}
ERROR: NON-WHITELISTED VULNERABILITIES FOUND
ERROR: Number of non-whitelisted vulnerabilities: 1
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: anchore_cve                   CVE-2021-35516                commons-compress-1.20         /opt/nifi/nifi-toolkit-current/lib/commons-compress-1.20.jar    
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1