chore(findings): opensource/ceph/ceph-csi
Summary
opensource/ceph/ceph-csi has 309 new findings discovered during continuous monitoring.
id | source | severity | package |
---|---|---|---|
85567da27ab943cdfb6f54ec28a6fb7d | Anchore Compliance | Critical | |
a695123c73c7b3616fe77a88cd8a465a | Anchore Compliance | Critical | |
953dfbea1b1e9d5829fbed2e390bd3af | Anchore Compliance | Critical | |
addbb93c22e9b0988b8b40392a4538cb | Anchore Compliance | Low | |
CVE-2022-29187 | Anchore CVE | Medium | git-core-2.31.1-3.el8_7 |
GHSA-6p56-wp2h-9hxr | Anchore CVE | Medium | numpy-1.14.3 |
CVE-2022-39253 | Anchore CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2019-6446 | Anchore CVE | Critical | numpy-1.14.3 |
CVE-2022-24765 | Anchore CVE | Medium | perl-Git-2.31.1-3.el8_7 |
GHSA-5545-2q6w-2gh6 | Anchore CVE | High | numpy-1.14.3 |
CVE-2022-29187 | Anchore CVE | Medium | git-core-doc-2.31.1-3.el8_7 |
CVE-2022-39260 | Anchore CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2022-24765 | Anchore CVE | Medium | git-core-doc-2.31.1-3.el8_7 |
CVE-2022-24765 | Anchore CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2022-39253 | Anchore CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2022-4285 | Anchore CVE | Medium | binutils-2.30-117.el8 |
GHSA-fpfv-jqm9-f5jm | Anchore CVE | Medium | numpy-1.14.3 |
CVE-2022-24765 | Anchore CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2022-29187 | Anchore CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2022-39260 | Anchore CVE | Medium | git-core-doc-2.31.1-3.el8_7 |
CVE-2022-29187 | Anchore CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2018-18700 | Anchore CVE | Low | binutils-2.30-117.el8 |
CVE-2022-39253 | Anchore CVE | Medium | git-core-doc-2.31.1-3.el8_7 |
CVE-2022-39260 | Anchore CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2020-13092 | Anchore CVE | Critical | scikit-learn-0.19.1 |
GHSA-f7c7-j99h-c22f | Anchore CVE | Medium | numpy-1.14.3 |
CVE-2022-39260 | Anchore CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2022-41316 | Anchore CVE | Medium | github.com/hashicorp/vault-v1.4.2 |
CVE-2022-39253 | Anchore CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2023-24999 | Anchore CVE | High | github.com/hashicorp/vault-v1.4.2 |
CVE-2023-0464 | Anchore CVE | Low | openssl-1:1.1.1k-9.el8_7 |
CVE-2023-0465 | Anchore CVE | Low | openssl-1:1.1.1k-9.el8_7 |
CVE-2023-0466 | Anchore CVE | Low | openssl-1:1.1.1k-9.el8_7 |
GHSA-v3hp-mcj5-pg39 | Anchore CVE | Medium | github.com/hashicorp/vault-v1.4.2 |
CVE-2021-46778 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-28388 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-43975 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2019-19530 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2020-27171 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-1263 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-1789 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-0590 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-23454 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-28464 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-30594 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-0045 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-28693 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2020-14390 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3628 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-23455 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-1462 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-28972 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-45934 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-28466 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-47929 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2020-10741 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3028 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2020-27170 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-38206 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1195 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1095 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-3923 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1838 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-29657 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-36402 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1073 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-38457 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-38198 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-35477 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-21233 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2020-3702 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-4159 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2020-29374 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3619 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-0171 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-39188 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-26341 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-2663 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-36879 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-28328 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-0886 | Anchore CVE | High | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-3178 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3522 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2019-15213 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-3444 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-42721 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-39189 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2020-35501 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-36280 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2019-15219 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-1679 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-3714 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-41858 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-3896 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-25265 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2019-20095 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-20566 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-3428 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-38166 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-0394 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-28327 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1118 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3545 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-2196 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-20154 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-34556 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3565 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-42722 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-43750 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-22998 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2020-28097 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-0597 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-42720 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-4135 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-0047 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3625 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1252 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2020-14416 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3524 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1382 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-1972 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3567 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1281 | Anchore CVE | High | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-33656 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-42703 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2020-25645 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1637 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1582 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-34981 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-38096 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3707 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-41674 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1380 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-3655 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-4662 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3594 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-20141 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3640 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-23824 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-34693 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3623 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3566 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-42896 | Anchore CVE | High | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-33655 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1513 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-42895 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-2503 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2020-36311 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3564 | Anchore CVE | High | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-40133 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-4001 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-45869 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-33624 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-3239 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-1665 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-41218 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-4129 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1855 | Anchore CVE | Low | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-26545 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
GHSA-hwc3-3qh6-r4gg | Anchore CVE | Medium | github.com/hashicorp/vault-v1.4.2 |
GHSA-vq4h-9ghm-qmrr | Anchore CVE | Medium | github.com/hashicorp/vault-v1.4.2 |
CVE-2023-1989 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1079 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-1998 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-2166 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-2162 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-2176 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-2124 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-2194 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2023-2222 | Anchore CVE | Medium | binutils-2.30-117.el8 |
CVE-2023-25652 | Anchore CVE | High | git-core-2.31.1-3.el8_7 |
CVE-2023-2269 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2022-48338 | Anchore CVE | Medium | emacs-filesystem-1:26.1-7.el8_7.1 |
CVE-2023-29007 | Anchore CVE | High | git-core-2.31.1-3.el8_7 |
CVE-2023-22490 | Anchore CVE | Medium | git-core-doc-2.31.1-3.el8_7 |
CVE-2023-25652 | Anchore CVE | High | git-core-doc-2.31.1-3.el8_7 |
CVE-2022-48337 | Anchore CVE | Medium | emacs-filesystem-1:26.1-7.el8_7.1 |
CVE-2023-25815 | Anchore CVE | Medium | git-core-doc-2.31.1-3.el8_7 |
CVE-2023-25815 | Anchore CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2023-29007 | Anchore CVE | High | git-core-doc-2.31.1-3.el8_7 |
CVE-2023-25652 | Anchore CVE | High | git-2.31.1-3.el8_7 |
CVE-2023-22490 | Anchore CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2023-29007 | Anchore CVE | High | git-2.31.1-3.el8_7 |
CVE-2022-48339 | Anchore CVE | Medium | emacs-filesystem-1:26.1-7.el8_7.1 |
CVE-2023-23946 | Anchore CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2022-45939 | Anchore CVE | Medium | emacs-filesystem-1:26.1-7.el8_7.1 |
CVE-2023-23946 | Anchore CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2023-29007 | Anchore CVE | High | perl-Git-2.31.1-3.el8_7 |
CVE-2023-23946 | Anchore CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2023-25815 | Anchore CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2023-22490 | Anchore CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2023-22490 | Anchore CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2023-23946 | Anchore CVE | Medium | git-core-doc-2.31.1-3.el8_7 |
CVE-2023-25815 | Anchore CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2023-25652 | Anchore CVE | High | perl-Git-2.31.1-3.el8_7 |
CVE-2023-30456 | Anchore CVE | Medium | kernel-headers-4.18.0-425.19.2.el8_7 |
CVE-2021-43998 | Twistlock CVE | Critical | github.com/hashicorp/vault-v1.4.2 |
CVE-2021-38553 | Twistlock CVE | Critical | github.com/hashicorp/vault-v1.4.2 |
CVE-2020-16250 | Twistlock CVE | Critical | github.com/hashicorp/vault-v1.4.2 |
PRISMA-2022-0227 | Twistlock CVE | High | github.com/emicklei/go-restful/v3-v3.9.0 |
CVE-2021-32923 | Twistlock CVE | High | github.com/hashicorp/vault-v1.4.2 |
CVE-2022-39260 | Twistlock CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2022-39260 | Twistlock CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2022-39260 | Twistlock CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2022-29187 | Twistlock CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2022-29187 | Twistlock CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2022-29187 | Twistlock CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2022-24765 | Twistlock CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2022-24765 | Twistlock CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2022-24765 | Twistlock CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2021-45078 | Twistlock CVE | Medium | binutils-2.30-117.el8 |
CVE-2018-1000876 | Twistlock CVE | Medium | binutils-2.30-117.el8 |
CVE-2021-40330 | Twistlock CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2021-40330 | Twistlock CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2021-40330 | Twistlock CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2021-21300 | Twistlock CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2021-21300 | Twistlock CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2021-21300 | Twistlock CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2023-23946 | Twistlock CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2023-23946 | Twistlock CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2023-23946 | Twistlock CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2023-22490 | Twistlock CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2023-22490 | Twistlock CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2023-22490 | Twistlock CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2022-4285 | Twistlock CVE | Medium | binutils-2.30-117.el8 |
CVE-2022-39253 | Twistlock CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2022-39253 | Twistlock CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2022-39253 | Twistlock CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2021-39537 | Twistlock CVE | Medium | ncurses-6.1-9.20180224.el8 |
CVE-2019-9077 | Twistlock CVE | Medium | binutils-2.30-117.el8 |
CVE-2019-9075 | Twistlock CVE | Medium | binutils-2.30-117.el8 |
CVE-2019-9074 | Twistlock CVE | Medium | binutils-2.30-117.el8 |
CVE-2018-20671 | Twistlock CVE | Medium | binutils-2.30-117.el8 |
CVE-2018-20623 | Twistlock CVE | Medium | binutils-2.30-117.el8 |
CVE-2018-1000021 | Twistlock CVE | Medium | git-2.31.1-3.el8_7 |
CVE-2018-1000021 | Twistlock CVE | Medium | perl-Git-2.31.1-3.el8_7 |
CVE-2018-1000021 | Twistlock CVE | Medium | git-core-2.31.1-3.el8_7 |
CVE-2021-38554 | Twistlock CVE | Medium | github.com/hashicorp/vault-v1.4.2 |
CVE-2021-3826 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2023-25584 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2020-35494 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2022-38533 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2022-27943 | Twistlock CVE | Low | cpp-8.5.0-16.el8_7 |
CVE-2022-27943 | Twistlock CVE | Low | gcc-8.5.0-16.el8_7 |
CVE-2022-27943 | Twistlock CVE | Low | libgomp-8.5.0-16.el8_7 |
CVE-2020-35507 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2020-35496 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2020-35495 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2020-35493 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2019-12972 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-12934 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-20673 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-15919 | Twistlock CVE | Low | openssh-clients-8.0p1-17.el8_7 |
CVE-2023-25588 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2023-25585 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-19211 | Twistlock CVE | Low | ncurses-6.1-9.20180224.el8 |
CVE-2018-17985 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-18701 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-18700 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-18484 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-18483 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2019-9071 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2019-14250 | Twistlock CVE | Low | libgomp-8.5.0-16.el8_7 |
CVE-2019-14250 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2019-14250 | Twistlock CVE | Low | cpp-8.5.0-16.el8_7 |
CVE-2019-14250 | Twistlock CVE | Low | gcc-8.5.0-16.el8_7 |
CVE-2018-6872 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-20657 | Twistlock CVE | Low | cpp-8.5.0-16.el8_7 |
CVE-2018-20657 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-20657 | Twistlock CVE | Low | libgomp-8.5.0-16.el8_7 |
CVE-2018-20657 | Twistlock CVE | Low | gcc-8.5.0-16.el8_7 |
CVE-2018-20651 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-20002 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-19932 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-18607 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-18606 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-18605 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-18309 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-17794 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-17360 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-12699 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-12698 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-12697 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2018-12641 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2019-6110 | Twistlock CVE | Low | openssh-clients-8.0p1-17.el8_7 |
CVE-2021-41802 | Twistlock CVE | Low | github.com/hashicorp/vault-v1.4.2 |
CVE-2022-41725 | Twistlock CVE | High | go-1.19.5 |
CVE-2022-41724 | Twistlock CVE | High | go-1.19.5 |
CVE-2022-41723 | Twistlock CVE | High | go-1.19.5 |
CVE-2023-24532 | Twistlock CVE | Medium | go-1.19.5 |
CVE-2023-1579 | Twistlock CVE | Medium | binutils-2.30-117.el8 |
CVE-2023-0464 | Twistlock CVE | Low | openssl-1.1.1k-9.el8_7 |
CVE-2023-0620 | Twistlock CVE | Medium | github.com/hashicorp/vault-v1.4.2 |
CVE-2023-0466 | Twistlock CVE | Low | openssl-1.1.1k-9.el8_7 |
CVE-2023-0465 | Twistlock CVE | Low | openssl-1.1.1k-9.el8_7 |
CVE-2023-25000 | Twistlock CVE | Medium | github.com/hashicorp/vault-v1.4.2 |
CVE-2023-0665 | Twistlock CVE | Medium | github.com/hashicorp/vault-v1.4.2 |
CVE-2023-1972 | Twistlock CVE | Low | binutils-2.30-117.el8 |
CVE-2021-34141 | Twistlock CVE | Medium | numpy-1.14.3 |
PRISMA-2021-0037 | Twistlock CVE | Medium | scikit-learn-0.19.1 |
CVE-2023-24537 | Twistlock CVE | High | go-1.19.5 |
CVE-2023-24538 | Twistlock CVE | Critical | go-1.19.5 |
CVE-2023-24536 | Twistlock CVE | High | go-1.19.5 |
CVE-2023-24534 | Twistlock CVE | High | go-1.19.5 |
CVE-2023-28617 | Twistlock CVE | Critical | emacs-filesystem-26.1-7.el8_7.1 |
CVE-2022-48339 | Twistlock CVE | Medium | emacs-filesystem-26.1-7.el8_7.1 |
CVE-2022-45939 | Twistlock CVE | Medium | emacs-filesystem-26.1-7.el8_7.1 |
CVE-2022-48338 | Twistlock CVE | Medium | emacs-filesystem-26.1-7.el8_7.1 |
CVE-2022-48337 | Twistlock CVE | Medium | emacs-filesystem-26.1-7.el8_7.1 |
VAT: https://vat.dso.mil/vat/image?imageName=opensource/ceph/ceph-csi&tag=v3.8.0&branch=master
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/opensource/ceph/ceph-csi/-/jobs/19769400
Tasks
Contributor:
-
Provide justifications for findings in the VAT (docs) -
Apply the ~"Hardening::Approval" label to this issue and wait for feedback
Iron Bank:
-
Review findings and justifications -
Send approval request to Authorizing Official -
Close issue after approval from Authorizing Official
Note: If the above approval process is rejected for any reason, the
Approval
label will be removed and the issue will be sent back toOpen
. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add theApproval
label.
Questions?
Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding
.
Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.