UNCLASSIFIED - NO CUI

chore(findings): opensource/canastawiki/canasta

Summary

opensource/canastawiki/canasta has 383 new findings discovered during continuous monitoring.

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=opensource/canastawiki/canasta&tag=1.39.8&branch=master

id source severity package impact workaround
CVE-2024-7531 Twistlock CVE Medium nss-2:3.61-1+deb11u3
CVE-2022-36289 Twistlock CVE Medium intel-mediasdk-21.1.0-1
CVE-2022-35883 Twistlock CVE Medium intel-mediasdk-21.1.0-1
CVE-2022-37454 Twistlock CVE Low python3.9-3.9.2-1
CVE-2021-29921 Twistlock CVE Low python3.9-3.9.2-1
CVE-2017-2820 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2017-2818 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2017-2814 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2023-5535 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-4751 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-4750 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-4735 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-4734 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-4733 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-3896 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2022-47024 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2022-42919 Twistlock CVE Low python3.9-3.9.2-1
CVE-2022-3491 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2022-31782 Twistlock CVE Low freetype-2.10.4+dfsg-1+deb11u1
CVE-2022-24106 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2024-6239 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2022-3705 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2017-17740 Twistlock CVE Low openldap-2.4.57+dfsg-3+deb11u1
CVE-2015-3276 Twistlock CVE Low openldap-2.4.57+dfsg-3+deb11u1
CVE-2023-1175 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2021-3782 Twistlock CVE Low wayland-1.18.0-2~exp1.1
CVE-2023-37769 Twistlock CVE Low pixman-0.40.0-1.1~deb11u1
CVE-2022-40090 Twistlock CVE Low tiff-4.2.0-1+deb11u5
CVE-2022-38349 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2022-37052 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2022-37051 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2022-37050 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2021-3733 Twistlock CVE Low python3.9-3.9.2-1
CVE-2021-22922 Twistlock CVE Low curl-7.74.0-1.3+deb11u13
CVE-2020-36023 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2020-22038 Twistlock CVE Low ffmpeg-7:4.3.7-0+deb11u1
CVE-2017-9083 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2021-31879 Twistlock CVE Low wget-1.21-1+deb11u1
CVE-2023-28320 Twistlock CVE Low curl-7.74.0-1.3+deb11u13
CVE-2021-3426 Twistlock CVE Low python3.9-3.9.2-1
CVE-2023-5441 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-46246 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-30775 Twistlock CVE Low tiff-4.2.0-1+deb11u5
CVE-2022-33068 Twistlock CVE Low harfbuzz-2.7.4-1
CVE-2022-2476 Twistlock CVE Low wavpack-5.4.0-1
CVE-2022-1122 Twistlock CVE Low openjpeg2-2.4.0-3
CVE-2022-1056 Twistlock CVE Low tiff-4.2.0-1+deb11u5
CVE-2021-46822 Twistlock CVE Low libjpeg-turbo-1:2.0.6-4
CVE-2021-44269 Twistlock CVE Low wavpack-5.4.0-1
CVE-2021-33294 Twistlock CVE Low elfutils-0.183-1
CVE-2021-29338 Twistlock CVE Low openjpeg2-2.4.0-3
CVE-2020-36024 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2024-41957 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2021-4189 Twistlock CVE Low python3.9-3.9.2-1
CVE-2021-22923 Twistlock CVE Low curl-7.74.0-1.3+deb11u13
CVE-2015-9019 Twistlock CVE Low libxslt-1.1.34-4+deb11u1
CVE-2023-48706 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2017-14159 Twistlock CVE Low openldap-2.4.57+dfsg-3+deb11u1
CVE-2023-48237 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-48236 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-48235 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-48234 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-48233 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-48232 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-48231 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2024-41965 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2020-15719 Twistlock CVE Low openldap-2.4.57+dfsg-3+deb11u1
CVE-2023-2602 Twistlock CVE Low libcap2-1:2.44-1
CVE-2021-4217 Twistlock CVE Low unzip-6.0-26+deb11u1
CVE-2024-8088 Twistlock CVE Low python3.9-3.9.2-1
CVE-2024-7055 Twistlock CVE Low ffmpeg-7:4.3.7-0+deb11u1
CVE-2024-6923 Twistlock CVE Low python3.9-3.9.2-1
CVE-2024-43802 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2024-43790 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2024-43374 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2024-4032 Twistlock CVE Low python3.9-3.9.2-1
CVE-2024-5642 Anchore CVE Low python3.9-3.9.2-1
CVE-2023-3896 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2024-43802 Anchore CVE Medium vim-2:8.2.2434-3+deb11u1
CVE-2023-48235 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-48706 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2023-48234 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2021-3426 Anchore CVE Low libpython3.9-minimal-3.9.2-1
CVE-2024-43374 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-4734 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2024-43374 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2020-36023 Anchore CVE Medium poppler-utils-20.09.0-3.1+deb11u1
CVE-2023-45913 Anchore CVE Low libglx-mesa0-20.3.5-1
CVE-2023-48236 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2024-4032 Anchore CVE Low python3.9-minimal-3.9.2-1
CVE-2020-22038 Anchore CVE Low libavformat58-7:4.3.7-0+deb11u1
CVE-2023-46219 Anchore CVE Medium libcurl3-gnutls-7.74.0-1.3+deb11u13
CVE-2023-45931 Anchore CVE Low libgbm1-20.3.5-1
CVE-2023-2602 Anchore CVE Low libcap2-bin-1:2.44-1
CVE-2024-43790 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2023-48231 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2022-47024 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-3896 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2020-22038 Anchore CVE Low libavutil56-7:4.3.7-0+deb11u1
CVE-2024-41957 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-4735 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-45918 Anchore CVE Low libncurses6-6.2+20201114-2+deb11u2
CVE-2017-17740 Anchore CVE Low libldap-2.4-2-2.4.57+dfsg-3+deb11u1
CVE-2017-2814 Anchore CVE Low libpoppler102-20.09.0-3.1+deb11u1
CVE-2023-4750 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2022-3705 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2024-6923 Anchore CVE Medium libpython3.9-stdlib-3.9.2-1
CVE-2022-3491 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2023-46219 Anchore CVE Medium libcurl4-7.74.0-1.3+deb11u13
CVE-2013-0340 Anchore CVE Low libexpat1-2.2.10-2+deb11u6
CVE-2024-7055 Anchore CVE Medium libavutil56-7:4.3.7-0+deb11u1
CVE-2024-7055 Anchore CVE Medium libavfilter7-7:4.3.7-0+deb11u1
CVE-2023-45913 Anchore CVE Low libglapi-mesa-20.3.5-1
CVE-2021-22923 Anchore CVE Low libcurl3-gnutls-7.74.0-1.3+deb11u13
CVE-2023-45922 Anchore CVE Low libglapi-mesa-20.3.5-1
CVE-2021-3733 Anchore CVE Medium python3.9-minimal-3.9.2-1
CVE-2023-48236 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2021-3426 Anchore CVE Low libpython3.9-stdlib-3.9.2-1
CVE-2022-3705 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2021-4189 Anchore CVE Medium python3.9-minimal-3.9.2-1
CVE-2019-9543 Anchore CVE Low poppler-utils-20.09.0-3.1+deb11u1
CVE-2013-4472 Anchore CVE Low poppler-utils-20.09.0-3.1+deb11u1
CVE-2023-28320 Anchore CVE Low curl-7.74.0-1.3+deb11u13
CVE-2024-43790 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-45913 Anchore CVE Low libgbm1-20.3.5-1
CVE-2023-48232 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2020-22038 Anchore CVE Low libpostproc55-7:4.3.7-0+deb11u1
CVE-2021-40145 Anchore CVE Low libgd3-2.3.3-12+020240711.16+debian111.gbpd0ea70
CVE-2023-1175 Anchore CVE Medium vim-common-2:8.2.2434-3+deb11u1
CVE-2022-37052 Anchore CVE Medium libpoppler102-20.09.0-3.1+deb11u1
CVE-2024-8088 Anchore CVE Low libpython3.9-stdlib-3.9.2-1
CVE-2021-38115 Anchore CVE Medium libgd3-2.3.3-12+020240711.16+debian111.gbpd0ea70
CVE-2022-35883 Anchore CVE Medium libmfx1-21.1.0-1
CVE-2023-48235 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2023-48235 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2021-28861 Anchore CVE Low python3.9-3.9.2-1
CVE-2023-48234 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2020-22038 Anchore CVE Low libavresample4-7:4.3.7-0+deb11u1
CVE-2022-42919 Anchore CVE Low python3.9-3.9.2-1
CVE-2022-38349 Anchore CVE Medium poppler-utils-20.09.0-3.1+deb11u1
CVE-2024-4032 Anchore CVE Low libpython3.9-stdlib-3.9.2-1
CVE-2023-48237 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2022-3705 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-37769 Anchore CVE Low libpixman-1-0-0.40.0-1.1~deb11u1
CVE-2024-41965 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2021-29921 Anchore CVE Low libpython3.9-stdlib-3.9.2-1
CVE-2023-28320 Anchore CVE Low libcurl3-gnutls-7.74.0-1.3+deb11u13
CVE-2023-46246 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2024-4032 Anchore CVE Low libpython3.9-minimal-3.9.2-1
CVE-2021-33294 Anchore CVE Low libelf1-0.183-1
CVE-2023-45322 Anchore CVE Medium libxml2-2.9.10+dfsg-6.7+deb11u5
CVE-2024-8088 Anchore CVE Low python3.9-minimal-3.9.2-1
CVE-2023-5388 Twistlock CVE Low nss-2:3.61-1+deb11u3
CVE-2023-49582 Twistlock CVE Low apr-1.7.0-6+deb11u2
CVE-2023-48727 Twistlock CVE Low intel-mediasdk-21.1.0-1
CVE-2023-48368 Twistlock CVE Low intel-mediasdk-21.1.0-1
CVE-2023-47282 Twistlock CVE Low intel-mediasdk-21.1.0-1
CVE-2023-47169 Twistlock CVE Low intel-mediasdk-21.1.0-1
CVE-2023-45221 Twistlock CVE Low intel-mediasdk-21.1.0-1
CVE-2013-4472 Twistlock CVE Low poppler-20.09.0-3.1+deb11u1
CVE-2023-48237 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2021-45346 Anchore CVE Low libsqlite3-0-3.34.1-3+deb11u1
CVE-2024-6239 Anchore CVE Low libpoppler102-20.09.0-3.1+deb11u1
CVE-2023-48236 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2022-37454 Anchore CVE Low python3.9-minimal-3.9.2-1
CVE-2022-24106 Anchore CVE Low poppler-utils-20.09.0-3.1+deb11u1
CVE-2023-35789 Anchore CVE Medium librabbitmq4-0.10.0-1
CVE-2022-37052 Anchore CVE Medium poppler-utils-20.09.0-3.1+deb11u1
CVE-2017-2820 Anchore CVE Low libpoppler102-20.09.0-3.1+deb11u1
CVE-2023-4751 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2023-45922 Anchore CVE Low libgl1-mesa-dri-20.3.5-1
CVE-2022-37051 Anchore CVE Medium libpoppler102-20.09.0-3.1+deb11u1
CVE-2021-3782 Anchore CVE Medium libwayland-cursor0-1.18.0-2~exp1.1
CVE-2021-3782 Anchore CVE Medium libwayland-server0-1.18.0-2~exp1.1
CVE-2021-4189 Anchore CVE Medium python3.9-3.9.2-1
CVE-2023-23915 Anchore CVE Medium curl-7.74.0-1.3+deb11u13
CVE-2023-28320 Anchore CVE Low libcurl4-7.74.0-1.3+deb11u13
CVE-2022-35737 Anchore CVE Low libsqlite3-0-3.34.1-3+deb11u1
CVE-2021-40812 Anchore CVE Medium libgd3-2.3.3-12+020240711.16+debian111.gbpd0ea70
CVE-2023-45922 Anchore CVE Low libgbm1-20.3.5-1
CVE-2020-22038 Anchore CVE Low libavcodec58-7:4.3.7-0+deb11u1
CVE-2017-2818 Anchore CVE Low libpoppler102-20.09.0-3.1+deb11u1
CVE-2017-2814 Anchore CVE Low poppler-utils-20.09.0-3.1+deb11u1
CVE-2023-4750 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2022-37454 Anchore CVE Low python3.9-3.9.2-1
CVE-2023-50495 Anchore CVE Medium libncursesw6-6.2+20201114-2+deb11u2
CVE-2023-4751 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2020-15719 Anchore CVE Low libldap-2.4-2-2.4.57+dfsg-3+deb11u1
CVE-2022-37051 Anchore CVE Medium poppler-utils-20.09.0-3.1+deb11u1
CVE-2023-4733 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2023-49582 Anchore CVE Medium libapr1-1.7.0-6+deb11u2
CVE-2023-30775 Anchore CVE Low libtiff5-4.2.0-1+deb11u5
CVE-2024-7055 Anchore CVE Medium libavcodec58-7:4.3.7-0+deb11u1
CVE-2023-3896 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-2602 Anchore CVE Low libcap2-1:2.44-1
CVE-2021-4189 Anchore CVE Medium libpython3.9-stdlib-3.9.2-1
CVE-2024-7055 Anchore CVE Medium libswresample3-7:4.3.7-0+deb11u1
CVE-2019-6129 Anchore CVE Low libpng16-16-1.6.37-3
CVE-2023-4733 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2022-2476 Anchore CVE Medium libwavpack1-5.4.0-1
CVE-2024-41965 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2023-48233 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2017-14159 Anchore CVE Low libldap-2.4-2-2.4.57+dfsg-3+deb11u1
CVE-2023-48231 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-48234 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2022-37454 Anchore CVE Low libpython3.9-stdlib-3.9.2-1
CVE-2024-43802 Anchore CVE Medium xxd-2:8.2.2434-3+deb11u1
CVE-2021-22923 Anchore CVE Low libcurl4-7.74.0-1.3+deb11u13
CVE-2024-6239 Anchore CVE Low poppler-utils-20.09.0-3.1+deb11u1
CVE-2023-6135 Anchore CVE Medium libnss3-2:3.61-1+deb11u3
CVE-2023-45931 Anchore CVE Low libglx-mesa0-20.3.5-1
CVE-2023-48232 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2022-42919 Anchore CVE Low libpython3.9-stdlib-3.9.2-1
CVE-2023-1175 Anchore CVE Medium vim-2:8.2.2434-3+deb11u1
CVE-2023-5441 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-48233 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2024-5642 Anchore CVE Low libpython3.9-minimal-3.9.2-1
CVE-2024-5642 Anchore CVE Low python3.9-minimal-3.9.2-1
CVE-2023-46219 Anchore CVE Medium curl-7.74.0-1.3+deb11u13
CVE-2023-48727 Anchore CVE Low libmfx1-21.1.0-1
CVE-2024-43374 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-48235 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2024-7055 Anchore CVE Medium libavdevice58-7:4.3.7-0+deb11u1
CVE-2021-28861 Anchore CVE Low libpython3.9-stdlib-3.9.2-1
CVE-2024-41957 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2017-2820 Anchore CVE Low poppler-utils-20.09.0-3.1+deb11u1
CVE-2024-4032 Anchore CVE Low python3.9-3.9.2-1
CVE-2023-48232 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2022-37454 Anchore CVE Low libpython3.9-minimal-3.9.2-1
CVE-2023-4750 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2023-47282 Anchore CVE Low libmfx1-21.1.0-1
CVE-2024-43790 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2024-32020 Anchore CVE Low git-man-1:2.30.2-1+deb11u3
CVE-2023-46246 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2020-22038 Anchore CVE Low libavfilter7-7:4.3.7-0+deb11u1
CVE-2023-4733 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-45931 Anchore CVE Low libglapi-mesa-20.3.5-1
CVE-2023-47169 Anchore CVE Low libmfx1-21.1.0-1
CVE-2023-48231 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-31486 Anchore CVE Low perl-5.32.1-4+deb11u3
CVE-2019-9545 Anchore CVE Low poppler-utils-20.09.0-3.1+deb11u1
CVE-2021-29921 Anchore CVE Low python3.9-minimal-3.9.2-1
CVE-2021-22922 Anchore CVE Low curl-7.74.0-1.3+deb11u13
CVE-2022-3491 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2022-47024 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2024-6923 Anchore CVE Medium libpython3.9-minimal-3.9.2-1
CVE-2020-22038 Anchore CVE Low libswresample3-7:4.3.7-0+deb11u1
CVE-2021-44269 Anchore CVE Low libwavpack1-5.4.0-1
CVE-2021-28861 Anchore CVE Low libpython3.9-minimal-3.9.2-1
CVE-2024-6923 Anchore CVE Medium python3.9-3.9.2-1
CVE-2023-48231 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2022-37050 Anchore CVE Medium libpoppler102-20.09.0-3.1+deb11u1
CVE-2021-29338 Anchore CVE Medium libopenjp2-7-2.4.0-3
CVE-2024-43374 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2024-43802 Anchore CVE Medium vim-common-2:8.2.2434-3+deb11u1
CVE-2019-9545 Anchore CVE Low libpoppler102-20.09.0-3.1+deb11u1
CVE-2017-2818 Anchore CVE Low poppler-utils-20.09.0-3.1+deb11u1
CVE-2023-4039 Anchore CVE Medium libatomic1-10.2.1-6
CVE-2024-32228 Anchore CVE Medium libavresample4-7:4.3.7-0+deb11u1
CVE-2022-38349 Anchore CVE Medium libpoppler102-20.09.0-3.1+deb11u1
CVE-2023-5535 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2021-3782 Anchore CVE Medium libwayland-client0-1.18.0-2~exp1.1
CVE-2021-3426 Anchore CVE Low python3.9-minimal-3.9.2-1
CVE-2024-7055 Anchore CVE Medium libavformat58-7:4.3.7-0+deb11u1
CVE-2022-3705 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2021-22922 Anchore CVE Low libcurl3-gnutls-7.74.0-1.3+deb11u13
CVE-2023-5535 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2021-4189 Anchore CVE Medium libpython3.9-minimal-3.9.2-1
CVE-2023-4750 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2022-24106 Anchore CVE Low libpoppler102-20.09.0-3.1+deb11u1
CVE-2024-41957 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2023-4735 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2015-9019 Anchore CVE Low libxslt1.1-1.1.34-4+deb11u1
CVE-2023-4733 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2022-42919 Anchore CVE Low python3.9-minimal-3.9.2-1
CVE-2023-23915 Anchore CVE Medium libcurl3-gnutls-7.74.0-1.3+deb11u13
CVE-2023-5441 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2022-41409 Anchore CVE Low libpcre2-8-0-10.40-1+020220713.16+debian111.gbpb6cec5
CVE-2021-22922 Anchore CVE Low libcurl4-7.74.0-1.3+deb11u13
CVE-2023-5441 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2021-29921 Anchore CVE Low libpython3.9-minimal-3.9.2-1
CVE-2023-23915 Anchore CVE Medium libcurl4-7.74.0-1.3+deb11u13
CVE-2023-45919 Anchore CVE Low libglapi-mesa-20.3.5-1
CVE-2022-3491 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2023-4735 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2022-1122 Anchore CVE Medium libopenjp2-7-2.4.0-3
CVE-2020-36024 Anchore CVE Medium libpoppler102-20.09.0-3.1+deb11u1
CVE-2020-36023 Anchore CVE Medium libpoppler102-20.09.0-3.1+deb11u1
CVE-2021-29921 Anchore CVE Low python3.9-3.9.2-1
CVE-2023-45918 Anchore CVE Low libncursesw6-6.2+20201114-2+deb11u2
CVE-2024-8088 Anchore CVE Low libpython3.9-minimal-3.9.2-1
CVE-2024-32020 Anchore CVE Low git-1:2.30.2-1+deb11u3
CVE-2022-31782 Anchore CVE Low libfreetype6-2.10.4+dfsg-1+deb11u1
CVE-2023-48237 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2021-28861 Anchore CVE Low python3.9-minimal-3.9.2-1
CVE-2024-41965 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-45913 Anchore CVE Low libgl1-mesa-dri-20.3.5-1
CVE-2020-36024 Anchore CVE Medium poppler-utils-20.09.0-3.1+deb11u1
CVE-2022-3491 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-4734 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2022-33068 Anchore CVE Medium libharfbuzz0b-2.7.4-1
CVE-2021-22923 Anchore CVE Low curl-7.74.0-1.3+deb11u13
CVE-2023-46246 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2023-4751 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-1175 Anchore CVE Medium xxd-2:8.2.2434-3+deb11u1
CVE-2023-45922 Anchore CVE Low libglx-mesa0-20.3.5-1
CVE-2023-48234 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2022-47024 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2023-50495 Anchore CVE Medium libncurses6-6.2+20201114-2+deb11u2
CVE-2024-7055 Anchore CVE Medium libswscale5-7:4.3.7-0+deb11u1
CVE-2023-48706 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-39615 Anchore CVE Medium libxml2-2.9.10+dfsg-6.7+deb11u5
CVE-2024-34459 Anchore CVE Low libxml2-2.9.10+dfsg-6.7+deb11u5
CVE-2021-31879 Anchore CVE Medium wget-1.21-1+deb11u1
CVE-2024-7055 Anchore CVE Medium libpostproc55-7:4.3.7-0+deb11u1
CVE-2019-9543 Anchore CVE Low libpoppler102-20.09.0-3.1+deb11u1
CVE-2023-48236 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2023-45919 Anchore CVE Low libglx-mesa0-20.3.5-1
CVE-2023-5388 Anchore CVE Low libnss3-2:3.61-1+deb11u3
CVE-2023-31439 Anchore CVE Low systemd-247.3-7+deb11u6
CVE-2024-8088 Anchore CVE Low python3.9-3.9.2-1
CVE-2021-3733 Anchore CVE Medium python3.9-3.9.2-1
CVE-2024-7531 Anchore CVE Medium libnss3-2:3.61-1+deb11u3
CVE-2024-43802 Anchore CVE Medium vim-runtime-2:8.2.2434-3+deb11u1
CVE-2024-41965 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2023-4735 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2024-6923 Anchore CVE Medium python3.9-minimal-3.9.2-1
CVE-2023-48706 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2021-3782 Anchore CVE Medium libwayland-egl1-1.18.0-2~exp1.1
CVE-2023-45919 Anchore CVE Low libgbm1-20.3.5-1
CVE-2023-31437 Anchore CVE Low systemd-247.3-7+deb11u6
CVE-2020-22038 Anchore CVE Low ffmpeg-7:4.3.7-0+deb11u1
CVE-2021-3426 Anchore CVE Low python3.9-3.9.2-1
CVE-2023-4734 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2024-7055 Anchore CVE Medium ffmpeg-7:4.3.7-0+deb11u1
CVE-2023-4016 Anchore CVE Low libprocps8-2:3.3.17-5
CVE-2020-22038 Anchore CVE Low libswscale5-7:4.3.7-0+deb11u1
CVE-2024-43790 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2022-40090 Anchore CVE Medium libtiff5-4.2.0-1+deb11u5
CVE-2023-48233 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-4734 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2013-4472 Anchore CVE Low libpoppler102-20.09.0-3.1+deb11u1
CVE-2017-9083 Anchore CVE Low libpoppler102-20.09.0-3.1+deb11u1
CVE-2023-48237 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2022-36289 Anchore CVE Medium libmfx1-21.1.0-1
CVE-2023-1175 Anchore CVE Medium vim-runtime-2:8.2.2434-3+deb11u1
CVE-2024-7055 Anchore CVE Medium libavresample4-7:4.3.7-0+deb11u1
CVE-2022-1056 Anchore CVE Low libtiff5-4.2.0-1+deb11u5
CVE-2023-48706 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-5535 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-3896 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2023-31438 Anchore CVE Low systemd-247.3-7+deb11u6
CVE-2024-41957 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2023-45919 Anchore CVE Low libgl1-mesa-dri-20.3.5-1
CVE-2015-3276 Anchore CVE Low libldap-2.4-2-2.4.57+dfsg-3+deb11u1
CVE-2023-46246 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2022-47024 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2023-4751 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2023-45931 Anchore CVE Low libgl1-mesa-dri-20.3.5-1
CVE-2021-46822 Anchore CVE Medium libjpeg62-turbo-1:2.0.6-4
CVE-2021-3733 Anchore CVE Medium libpython3.9-stdlib-3.9.2-1
CVE-2017-9083 Anchore CVE Low poppler-utils-20.09.0-3.1+deb11u1
CVE-2023-5535 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2021-4217 Anchore CVE Low unzip-6.0-26+deb11u1
CVE-2022-42919 Anchore CVE Low libpython3.9-minimal-3.9.2-1
CVE-2020-22038 Anchore CVE Low libavdevice58-7:4.3.7-0+deb11u1
CVE-2021-3733 Anchore CVE Medium libpython3.9-minimal-3.9.2-1
CVE-2022-37050 Anchore CVE Medium poppler-utils-20.09.0-3.1+deb11u1
CVE-2023-45221 Anchore CVE Medium libmfx1-21.1.0-1
CVE-2023-5441 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-48233 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2023-48232 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2024-5642 Anchore CVE Low libpython3.9-stdlib-3.9.2-1
GHSA-r8w8-74ww-j4wh Anchore CVE Medium phpoffice/phpspreadsheet-1.19.0
GHSA-5gpr-w2p5-6m37 Anchore CVE High phpoffice/phpspreadsheet-1.19.0
GHSA-6hwr-6v2f-3m88 Anchore CVE High phpoffice/phpspreadsheet-1.19.0
GHSA-w9xv-qf98-ccq4 Anchore CVE Medium phpoffice/phpspreadsheet-1.19.0
GHSA-v66g-p9x6-v98p Anchore CVE Medium phpoffice/phpspreadsheet-1.19.0
CVE-2024-47814 Anchore CVE Low xxd-2:8.2.2434-3+deb11u1
CVE-2024-47814 Anchore CVE Low vim-common-2:8.2.2434-3+deb11u1
CVE-2024-47814 Anchore CVE Low vim-2:8.2.2434-3+deb11u1
CVE-2024-47814 Anchore CVE Low vim-runtime-2:8.2.2434-3+deb11u1
CVE-2024-47814 Twistlock CVE Low vim-2:8.2.2434-3+deb11u1

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=opensource/canastawiki/canasta&tag=1.39.8&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by Ghost User
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI