chore(findings): opensource/canastawiki/canasta
Summary
opensource/canastawiki/canasta has 383 new findings discovered during continuous monitoring.
More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=opensource/canastawiki/canasta&tag=1.39.8&branch=master
id | source | severity | package | impact | workaround |
---|---|---|---|---|---|
CVE-2024-7531 | Twistlock CVE | Medium | nss-2:3.61-1+deb11u3 | ||
CVE-2022-36289 | Twistlock CVE | Medium | intel-mediasdk-21.1.0-1 | ||
CVE-2022-35883 | Twistlock CVE | Medium | intel-mediasdk-21.1.0-1 | ||
CVE-2022-37454 | Twistlock CVE | Low | python3.9-3.9.2-1 | ||
CVE-2021-29921 | Twistlock CVE | Low | python3.9-3.9.2-1 | ||
CVE-2017-2820 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2017-2818 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2017-2814 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2023-5535 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4751 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4750 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4735 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4734 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4733 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-3896 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2022-47024 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2022-42919 | Twistlock CVE | Low | python3.9-3.9.2-1 | ||
CVE-2022-3491 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2022-31782 | Twistlock CVE | Low | freetype-2.10.4+dfsg-1+deb11u1 | ||
CVE-2022-24106 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2024-6239 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2022-3705 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2017-17740 | Twistlock CVE | Low | openldap-2.4.57+dfsg-3+deb11u1 | ||
CVE-2015-3276 | Twistlock CVE | Low | openldap-2.4.57+dfsg-3+deb11u1 | ||
CVE-2023-1175 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2021-3782 | Twistlock CVE | Low | wayland-1.18.0-2~exp1.1 | ||
CVE-2023-37769 | Twistlock CVE | Low | pixman-0.40.0-1.1~deb11u1 | ||
CVE-2022-40090 | Twistlock CVE | Low | tiff-4.2.0-1+deb11u5 | ||
CVE-2022-38349 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2022-37052 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2022-37051 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2022-37050 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2021-3733 | Twistlock CVE | Low | python3.9-3.9.2-1 | ||
CVE-2021-22922 | Twistlock CVE | Low | curl-7.74.0-1.3+deb11u13 | ||
CVE-2020-36023 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2020-22038 | Twistlock CVE | Low | ffmpeg-7:4.3.7-0+deb11u1 | ||
CVE-2017-9083 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2021-31879 | Twistlock CVE | Low | wget-1.21-1+deb11u1 | ||
CVE-2023-28320 | Twistlock CVE | Low | curl-7.74.0-1.3+deb11u13 | ||
CVE-2021-3426 | Twistlock CVE | Low | python3.9-3.9.2-1 | ||
CVE-2023-5441 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-46246 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-30775 | Twistlock CVE | Low | tiff-4.2.0-1+deb11u5 | ||
CVE-2022-33068 | Twistlock CVE | Low | harfbuzz-2.7.4-1 | ||
CVE-2022-2476 | Twistlock CVE | Low | wavpack-5.4.0-1 | ||
CVE-2022-1122 | Twistlock CVE | Low | openjpeg2-2.4.0-3 | ||
CVE-2022-1056 | Twistlock CVE | Low | tiff-4.2.0-1+deb11u5 | ||
CVE-2021-46822 | Twistlock CVE | Low | libjpeg-turbo-1:2.0.6-4 | ||
CVE-2021-44269 | Twistlock CVE | Low | wavpack-5.4.0-1 | ||
CVE-2021-33294 | Twistlock CVE | Low | elfutils-0.183-1 | ||
CVE-2021-29338 | Twistlock CVE | Low | openjpeg2-2.4.0-3 | ||
CVE-2020-36024 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2024-41957 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2021-4189 | Twistlock CVE | Low | python3.9-3.9.2-1 | ||
CVE-2021-22923 | Twistlock CVE | Low | curl-7.74.0-1.3+deb11u13 | ||
CVE-2015-9019 | Twistlock CVE | Low | libxslt-1.1.34-4+deb11u1 | ||
CVE-2023-48706 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2017-14159 | Twistlock CVE | Low | openldap-2.4.57+dfsg-3+deb11u1 | ||
CVE-2023-48237 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48236 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48235 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48234 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48233 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48232 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48231 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2024-41965 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2020-15719 | Twistlock CVE | Low | openldap-2.4.57+dfsg-3+deb11u1 | ||
CVE-2023-2602 | Twistlock CVE | Low | libcap2-1:2.44-1 | ||
CVE-2021-4217 | Twistlock CVE | Low | unzip-6.0-26+deb11u1 | ||
CVE-2024-8088 | Twistlock CVE | Low | python3.9-3.9.2-1 | ||
CVE-2024-7055 | Twistlock CVE | Low | ffmpeg-7:4.3.7-0+deb11u1 | ||
CVE-2024-6923 | Twistlock CVE | Low | python3.9-3.9.2-1 | ||
CVE-2024-43802 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2024-43790 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2024-43374 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2024-4032 | Twistlock CVE | Low | python3.9-3.9.2-1 | ||
CVE-2024-5642 | Anchore CVE | Low | python3.9-3.9.2-1 | ||
CVE-2023-3896 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2024-43802 | Anchore CVE | Medium | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48235 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48706 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48234 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2021-3426 | Anchore CVE | Low | libpython3.9-minimal-3.9.2-1 | ||
CVE-2024-43374 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4734 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2024-43374 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2020-36023 | Anchore CVE | Medium | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2023-45913 | Anchore CVE | Low | libglx-mesa0-20.3.5-1 | ||
CVE-2023-48236 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2024-4032 | Anchore CVE | Low | python3.9-minimal-3.9.2-1 | ||
CVE-2020-22038 | Anchore CVE | Low | libavformat58-7:4.3.7-0+deb11u1 | ||
CVE-2023-46219 | Anchore CVE | Medium | libcurl3-gnutls-7.74.0-1.3+deb11u13 | ||
CVE-2023-45931 | Anchore CVE | Low | libgbm1-20.3.5-1 | ||
CVE-2023-2602 | Anchore CVE | Low | libcap2-bin-1:2.44-1 | ||
CVE-2024-43790 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48231 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2022-47024 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-3896 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2020-22038 | Anchore CVE | Low | libavutil56-7:4.3.7-0+deb11u1 | ||
CVE-2024-41957 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4735 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-45918 | Anchore CVE | Low | libncurses6-6.2+20201114-2+deb11u2 | ||
CVE-2017-17740 | Anchore CVE | Low | libldap-2.4-2-2.4.57+dfsg-3+deb11u1 | ||
CVE-2017-2814 | Anchore CVE | Low | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2023-4750 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2022-3705 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2024-6923 | Anchore CVE | Medium | libpython3.9-stdlib-3.9.2-1 | ||
CVE-2022-3491 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2023-46219 | Anchore CVE | Medium | libcurl4-7.74.0-1.3+deb11u13 | ||
CVE-2013-0340 | Anchore CVE | Low | libexpat1-2.2.10-2+deb11u6 | ||
CVE-2024-7055 | Anchore CVE | Medium | libavutil56-7:4.3.7-0+deb11u1 | ||
CVE-2024-7055 | Anchore CVE | Medium | libavfilter7-7:4.3.7-0+deb11u1 | ||
CVE-2023-45913 | Anchore CVE | Low | libglapi-mesa-20.3.5-1 | ||
CVE-2021-22923 | Anchore CVE | Low | libcurl3-gnutls-7.74.0-1.3+deb11u13 | ||
CVE-2023-45922 | Anchore CVE | Low | libglapi-mesa-20.3.5-1 | ||
CVE-2021-3733 | Anchore CVE | Medium | python3.9-minimal-3.9.2-1 | ||
CVE-2023-48236 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2021-3426 | Anchore CVE | Low | libpython3.9-stdlib-3.9.2-1 | ||
CVE-2022-3705 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2021-4189 | Anchore CVE | Medium | python3.9-minimal-3.9.2-1 | ||
CVE-2019-9543 | Anchore CVE | Low | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2013-4472 | Anchore CVE | Low | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2023-28320 | Anchore CVE | Low | curl-7.74.0-1.3+deb11u13 | ||
CVE-2024-43790 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-45913 | Anchore CVE | Low | libgbm1-20.3.5-1 | ||
CVE-2023-48232 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2020-22038 | Anchore CVE | Low | libpostproc55-7:4.3.7-0+deb11u1 | ||
CVE-2021-40145 | Anchore CVE | Low | libgd3-2.3.3-12+0 |
||
CVE-2023-1175 | Anchore CVE | Medium | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2022-37052 | Anchore CVE | Medium | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2024-8088 | Anchore CVE | Low | libpython3.9-stdlib-3.9.2-1 | ||
CVE-2021-38115 | Anchore CVE | Medium | libgd3-2.3.3-12+0 |
||
CVE-2022-35883 | Anchore CVE | Medium | libmfx1-21.1.0-1 | ||
CVE-2023-48235 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48235 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2021-28861 | Anchore CVE | Low | python3.9-3.9.2-1 | ||
CVE-2023-48234 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2020-22038 | Anchore CVE | Low | libavresample4-7:4.3.7-0+deb11u1 | ||
CVE-2022-42919 | Anchore CVE | Low | python3.9-3.9.2-1 | ||
CVE-2022-38349 | Anchore CVE | Medium | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2024-4032 | Anchore CVE | Low | libpython3.9-stdlib-3.9.2-1 | ||
CVE-2023-48237 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2022-3705 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-37769 | Anchore CVE | Low | libpixman-1-0-0.40.0-1.1~deb11u1 | ||
CVE-2024-41965 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2021-29921 | Anchore CVE | Low | libpython3.9-stdlib-3.9.2-1 | ||
CVE-2023-28320 | Anchore CVE | Low | libcurl3-gnutls-7.74.0-1.3+deb11u13 | ||
CVE-2023-46246 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2024-4032 | Anchore CVE | Low | libpython3.9-minimal-3.9.2-1 | ||
CVE-2021-33294 | Anchore CVE | Low | libelf1-0.183-1 | ||
CVE-2023-45322 | Anchore CVE | Medium | libxml2-2.9.10+dfsg-6.7+deb11u5 | ||
CVE-2024-8088 | Anchore CVE | Low | python3.9-minimal-3.9.2-1 | ||
CVE-2023-5388 | Twistlock CVE | Low | nss-2:3.61-1+deb11u3 | ||
CVE-2023-49582 | Twistlock CVE | Low | apr-1.7.0-6+deb11u2 | ||
CVE-2023-48727 | Twistlock CVE | Low | intel-mediasdk-21.1.0-1 | ||
CVE-2023-48368 | Twistlock CVE | Low | intel-mediasdk-21.1.0-1 | ||
CVE-2023-47282 | Twistlock CVE | Low | intel-mediasdk-21.1.0-1 | ||
CVE-2023-47169 | Twistlock CVE | Low | intel-mediasdk-21.1.0-1 | ||
CVE-2023-45221 | Twistlock CVE | Low | intel-mediasdk-21.1.0-1 | ||
CVE-2013-4472 | Twistlock CVE | Low | poppler-20.09.0-3.1+deb11u1 | ||
CVE-2023-48237 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2021-45346 | Anchore CVE | Low | libsqlite3-0-3.34.1-3+deb11u1 | ||
CVE-2024-6239 | Anchore CVE | Low | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2023-48236 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2022-37454 | Anchore CVE | Low | python3.9-minimal-3.9.2-1 | ||
CVE-2022-24106 | Anchore CVE | Low | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2023-35789 | Anchore CVE | Medium | librabbitmq4-0.10.0-1 | ||
CVE-2022-37052 | Anchore CVE | Medium | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2017-2820 | Anchore CVE | Low | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2023-4751 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2023-45922 | Anchore CVE | Low | libgl1-mesa-dri-20.3.5-1 | ||
CVE-2022-37051 | Anchore CVE | Medium | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2021-3782 | Anchore CVE | Medium | libwayland-cursor0-1.18.0-2~exp1.1 | ||
CVE-2021-3782 | Anchore CVE | Medium | libwayland-server0-1.18.0-2~exp1.1 | ||
CVE-2021-4189 | Anchore CVE | Medium | python3.9-3.9.2-1 | ||
CVE-2023-23915 | Anchore CVE | Medium | curl-7.74.0-1.3+deb11u13 | ||
CVE-2023-28320 | Anchore CVE | Low | libcurl4-7.74.0-1.3+deb11u13 | ||
CVE-2022-35737 | Anchore CVE | Low | libsqlite3-0-3.34.1-3+deb11u1 | ||
CVE-2021-40812 | Anchore CVE | Medium | libgd3-2.3.3-12+0 |
||
CVE-2023-45922 | Anchore CVE | Low | libgbm1-20.3.5-1 | ||
CVE-2020-22038 | Anchore CVE | Low | libavcodec58-7:4.3.7-0+deb11u1 | ||
CVE-2017-2818 | Anchore CVE | Low | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2017-2814 | Anchore CVE | Low | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2023-4750 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2022-37454 | Anchore CVE | Low | python3.9-3.9.2-1 | ||
CVE-2023-50495 | Anchore CVE | Medium | libncursesw6-6.2+20201114-2+deb11u2 | ||
CVE-2023-4751 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2020-15719 | Anchore CVE | Low | libldap-2.4-2-2.4.57+dfsg-3+deb11u1 | ||
CVE-2022-37051 | Anchore CVE | Medium | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2023-4733 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2023-49582 | Anchore CVE | Medium | libapr1-1.7.0-6+deb11u2 | ||
CVE-2023-30775 | Anchore CVE | Low | libtiff5-4.2.0-1+deb11u5 | ||
CVE-2024-7055 | Anchore CVE | Medium | libavcodec58-7:4.3.7-0+deb11u1 | ||
CVE-2023-3896 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-2602 | Anchore CVE | Low | libcap2-1:2.44-1 | ||
CVE-2021-4189 | Anchore CVE | Medium | libpython3.9-stdlib-3.9.2-1 | ||
CVE-2024-7055 | Anchore CVE | Medium | libswresample3-7:4.3.7-0+deb11u1 | ||
CVE-2019-6129 | Anchore CVE | Low | libpng16-16-1.6.37-3 | ||
CVE-2023-4733 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2022-2476 | Anchore CVE | Medium | libwavpack1-5.4.0-1 | ||
CVE-2024-41965 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48233 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2017-14159 | Anchore CVE | Low | libldap-2.4-2-2.4.57+dfsg-3+deb11u1 | ||
CVE-2023-48231 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48234 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2022-37454 | Anchore CVE | Low | libpython3.9-stdlib-3.9.2-1 | ||
CVE-2024-43802 | Anchore CVE | Medium | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2021-22923 | Anchore CVE | Low | libcurl4-7.74.0-1.3+deb11u13 | ||
CVE-2024-6239 | Anchore CVE | Low | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2023-6135 | Anchore CVE | Medium | libnss3-2:3.61-1+deb11u3 | ||
CVE-2023-45931 | Anchore CVE | Low | libglx-mesa0-20.3.5-1 | ||
CVE-2023-48232 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2022-42919 | Anchore CVE | Low | libpython3.9-stdlib-3.9.2-1 | ||
CVE-2023-1175 | Anchore CVE | Medium | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-5441 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48233 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2024-5642 | Anchore CVE | Low | libpython3.9-minimal-3.9.2-1 | ||
CVE-2024-5642 | Anchore CVE | Low | python3.9-minimal-3.9.2-1 | ||
CVE-2023-46219 | Anchore CVE | Medium | curl-7.74.0-1.3+deb11u13 | ||
CVE-2023-48727 | Anchore CVE | Low | libmfx1-21.1.0-1 | ||
CVE-2024-43374 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48235 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2024-7055 | Anchore CVE | Medium | libavdevice58-7:4.3.7-0+deb11u1 | ||
CVE-2021-28861 | Anchore CVE | Low | libpython3.9-stdlib-3.9.2-1 | ||
CVE-2024-41957 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2017-2820 | Anchore CVE | Low | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2024-4032 | Anchore CVE | Low | python3.9-3.9.2-1 | ||
CVE-2023-48232 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2022-37454 | Anchore CVE | Low | libpython3.9-minimal-3.9.2-1 | ||
CVE-2023-4750 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2023-47282 | Anchore CVE | Low | libmfx1-21.1.0-1 | ||
CVE-2024-43790 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2024-32020 | Anchore CVE | Low | git-man-1:2.30.2-1+deb11u3 | ||
CVE-2023-46246 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2020-22038 | Anchore CVE | Low | libavfilter7-7:4.3.7-0+deb11u1 | ||
CVE-2023-4733 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-45931 | Anchore CVE | Low | libglapi-mesa-20.3.5-1 | ||
CVE-2023-47169 | Anchore CVE | Low | libmfx1-21.1.0-1 | ||
CVE-2023-48231 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-31486 | Anchore CVE | Low | perl-5.32.1-4+deb11u3 | ||
CVE-2019-9545 | Anchore CVE | Low | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2021-29921 | Anchore CVE | Low | python3.9-minimal-3.9.2-1 | ||
CVE-2021-22922 | Anchore CVE | Low | curl-7.74.0-1.3+deb11u13 | ||
CVE-2022-3491 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2022-47024 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2024-6923 | Anchore CVE | Medium | libpython3.9-minimal-3.9.2-1 | ||
CVE-2020-22038 | Anchore CVE | Low | libswresample3-7:4.3.7-0+deb11u1 | ||
CVE-2021-44269 | Anchore CVE | Low | libwavpack1-5.4.0-1 | ||
CVE-2021-28861 | Anchore CVE | Low | libpython3.9-minimal-3.9.2-1 | ||
CVE-2024-6923 | Anchore CVE | Medium | python3.9-3.9.2-1 | ||
CVE-2023-48231 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2022-37050 | Anchore CVE | Medium | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2021-29338 | Anchore CVE | Medium | libopenjp2-7-2.4.0-3 | ||
CVE-2024-43374 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2024-43802 | Anchore CVE | Medium | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2019-9545 | Anchore CVE | Low | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2017-2818 | Anchore CVE | Low | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2023-4039 | Anchore CVE | Medium | libatomic1-10.2.1-6 | ||
CVE-2024-32228 | Anchore CVE | Medium | libavresample4-7:4.3.7-0+deb11u1 | ||
CVE-2022-38349 | Anchore CVE | Medium | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2023-5535 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2021-3782 | Anchore CVE | Medium | libwayland-client0-1.18.0-2~exp1.1 | ||
CVE-2021-3426 | Anchore CVE | Low | python3.9-minimal-3.9.2-1 | ||
CVE-2024-7055 | Anchore CVE | Medium | libavformat58-7:4.3.7-0+deb11u1 | ||
CVE-2022-3705 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2021-22922 | Anchore CVE | Low | libcurl3-gnutls-7.74.0-1.3+deb11u13 | ||
CVE-2023-5535 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2021-4189 | Anchore CVE | Medium | libpython3.9-minimal-3.9.2-1 | ||
CVE-2023-4750 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2022-24106 | Anchore CVE | Low | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2024-41957 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4735 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2015-9019 | Anchore CVE | Low | libxslt1.1-1.1.34-4+deb11u1 | ||
CVE-2023-4733 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2022-42919 | Anchore CVE | Low | python3.9-minimal-3.9.2-1 | ||
CVE-2023-23915 | Anchore CVE | Medium | libcurl3-gnutls-7.74.0-1.3+deb11u13 | ||
CVE-2023-5441 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2022-41409 | Anchore CVE | Low | libpcre2-8-0-10.40-1+0 |
||
CVE-2021-22922 | Anchore CVE | Low | libcurl4-7.74.0-1.3+deb11u13 | ||
CVE-2023-5441 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2021-29921 | Anchore CVE | Low | libpython3.9-minimal-3.9.2-1 | ||
CVE-2023-23915 | Anchore CVE | Medium | libcurl4-7.74.0-1.3+deb11u13 | ||
CVE-2023-45919 | Anchore CVE | Low | libglapi-mesa-20.3.5-1 | ||
CVE-2022-3491 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4735 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2022-1122 | Anchore CVE | Medium | libopenjp2-7-2.4.0-3 | ||
CVE-2020-36024 | Anchore CVE | Medium | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2020-36023 | Anchore CVE | Medium | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2021-29921 | Anchore CVE | Low | python3.9-3.9.2-1 | ||
CVE-2023-45918 | Anchore CVE | Low | libncursesw6-6.2+20201114-2+deb11u2 | ||
CVE-2024-8088 | Anchore CVE | Low | libpython3.9-minimal-3.9.2-1 | ||
CVE-2024-32020 | Anchore CVE | Low | git-1:2.30.2-1+deb11u3 | ||
CVE-2022-31782 | Anchore CVE | Low | libfreetype6-2.10.4+dfsg-1+deb11u1 | ||
CVE-2023-48237 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2021-28861 | Anchore CVE | Low | python3.9-minimal-3.9.2-1 | ||
CVE-2024-41965 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-45913 | Anchore CVE | Low | libgl1-mesa-dri-20.3.5-1 | ||
CVE-2020-36024 | Anchore CVE | Medium | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2022-3491 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4734 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2022-33068 | Anchore CVE | Medium | libharfbuzz0b-2.7.4-1 | ||
CVE-2021-22923 | Anchore CVE | Low | curl-7.74.0-1.3+deb11u13 | ||
CVE-2023-46246 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4751 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-1175 | Anchore CVE | Medium | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2023-45922 | Anchore CVE | Low | libglx-mesa0-20.3.5-1 | ||
CVE-2023-48234 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2022-47024 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2023-50495 | Anchore CVE | Medium | libncurses6-6.2+20201114-2+deb11u2 | ||
CVE-2024-7055 | Anchore CVE | Medium | libswscale5-7:4.3.7-0+deb11u1 | ||
CVE-2023-48706 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-39615 | Anchore CVE | Medium | libxml2-2.9.10+dfsg-6.7+deb11u5 | ||
CVE-2024-34459 | Anchore CVE | Low | libxml2-2.9.10+dfsg-6.7+deb11u5 | ||
CVE-2021-31879 | Anchore CVE | Medium | wget-1.21-1+deb11u1 | ||
CVE-2024-7055 | Anchore CVE | Medium | libpostproc55-7:4.3.7-0+deb11u1 | ||
CVE-2019-9543 | Anchore CVE | Low | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2023-48236 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2023-45919 | Anchore CVE | Low | libglx-mesa0-20.3.5-1 | ||
CVE-2023-5388 | Anchore CVE | Low | libnss3-2:3.61-1+deb11u3 | ||
CVE-2023-31439 | Anchore CVE | Low | systemd-247.3-7+deb11u6 | ||
CVE-2024-8088 | Anchore CVE | Low | python3.9-3.9.2-1 | ||
CVE-2021-3733 | Anchore CVE | Medium | python3.9-3.9.2-1 | ||
CVE-2024-7531 | Anchore CVE | Medium | libnss3-2:3.61-1+deb11u3 | ||
CVE-2024-43802 | Anchore CVE | Medium | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2024-41965 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4735 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2024-6923 | Anchore CVE | Medium | python3.9-minimal-3.9.2-1 | ||
CVE-2023-48706 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2021-3782 | Anchore CVE | Medium | libwayland-egl1-1.18.0-2~exp1.1 | ||
CVE-2023-45919 | Anchore CVE | Low | libgbm1-20.3.5-1 | ||
CVE-2023-31437 | Anchore CVE | Low | systemd-247.3-7+deb11u6 | ||
CVE-2020-22038 | Anchore CVE | Low | ffmpeg-7:4.3.7-0+deb11u1 | ||
CVE-2021-3426 | Anchore CVE | Low | python3.9-3.9.2-1 | ||
CVE-2023-4734 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2024-7055 | Anchore CVE | Medium | ffmpeg-7:4.3.7-0+deb11u1 | ||
CVE-2023-4016 | Anchore CVE | Low | libprocps8-2:3.3.17-5 | ||
CVE-2020-22038 | Anchore CVE | Low | libswscale5-7:4.3.7-0+deb11u1 | ||
CVE-2024-43790 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2022-40090 | Anchore CVE | Medium | libtiff5-4.2.0-1+deb11u5 | ||
CVE-2023-48233 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4734 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2013-4472 | Anchore CVE | Low | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2017-9083 | Anchore CVE | Low | libpoppler102-20.09.0-3.1+deb11u1 | ||
CVE-2023-48237 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2022-36289 | Anchore CVE | Medium | libmfx1-21.1.0-1 | ||
CVE-2023-1175 | Anchore CVE | Medium | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2024-7055 | Anchore CVE | Medium | libavresample4-7:4.3.7-0+deb11u1 | ||
CVE-2022-1056 | Anchore CVE | Low | libtiff5-4.2.0-1+deb11u5 | ||
CVE-2023-48706 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-5535 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-3896 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2023-31438 | Anchore CVE | Low | systemd-247.3-7+deb11u6 | ||
CVE-2024-41957 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2023-45919 | Anchore CVE | Low | libgl1-mesa-dri-20.3.5-1 | ||
CVE-2015-3276 | Anchore CVE | Low | libldap-2.4-2-2.4.57+dfsg-3+deb11u1 | ||
CVE-2023-46246 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2022-47024 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2023-4751 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2023-45931 | Anchore CVE | Low | libgl1-mesa-dri-20.3.5-1 | ||
CVE-2021-46822 | Anchore CVE | Medium | libjpeg62-turbo-1:2.0.6-4 | ||
CVE-2021-3733 | Anchore CVE | Medium | libpython3.9-stdlib-3.9.2-1 | ||
CVE-2017-9083 | Anchore CVE | Low | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2023-5535 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2021-4217 | Anchore CVE | Low | unzip-6.0-26+deb11u1 | ||
CVE-2022-42919 | Anchore CVE | Low | libpython3.9-minimal-3.9.2-1 | ||
CVE-2020-22038 | Anchore CVE | Low | libavdevice58-7:4.3.7-0+deb11u1 | ||
CVE-2021-3733 | Anchore CVE | Medium | libpython3.9-minimal-3.9.2-1 | ||
CVE-2022-37050 | Anchore CVE | Medium | poppler-utils-20.09.0-3.1+deb11u1 | ||
CVE-2023-45221 | Anchore CVE | Medium | libmfx1-21.1.0-1 | ||
CVE-2023-5441 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48233 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2023-48232 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2024-5642 | Anchore CVE | Low | libpython3.9-stdlib-3.9.2-1 | ||
GHSA-r8w8-74ww-j4wh | Anchore CVE | Medium | phpoffice/phpspreadsheet-1.19.0 | ||
GHSA-5gpr-w2p5-6m37 | Anchore CVE | High | phpoffice/phpspreadsheet-1.19.0 | ||
GHSA-6hwr-6v2f-3m88 | Anchore CVE | High | phpoffice/phpspreadsheet-1.19.0 | ||
GHSA-w9xv-qf98-ccq4 | Anchore CVE | Medium | phpoffice/phpspreadsheet-1.19.0 | ||
GHSA-v66g-p9x6-v98p | Anchore CVE | Medium | phpoffice/phpspreadsheet-1.19.0 | ||
CVE-2024-47814 | Anchore CVE | Low | xxd-2:8.2.2434-3+deb11u1 | ||
CVE-2024-47814 | Anchore CVE | Low | vim-common-2:8.2.2434-3+deb11u1 | ||
CVE-2024-47814 | Anchore CVE | Low | vim-2:8.2.2434-3+deb11u1 | ||
CVE-2024-47814 | Anchore CVE | Low | vim-runtime-2:8.2.2434-3+deb11u1 | ||
CVE-2024-47814 | Twistlock CVE | Low | vim-2:8.2.2434-3+deb11u1 |
More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=opensource/canastawiki/canasta&tag=1.39.8&branch=master
Tasks
Contributor:
-
Provide justifications for findings in the VAT (docs) -
Apply the StatusVerification label to this issue and wait for feedback
Iron Bank:
-
Review findings and justifications
Note: If the above process is rejected for any reason, the
Verification
label will be removed and the issue will be sent back toOpen
. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add theVerification
label.
Questions?
Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding
.
Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.