chore(findings): opensource/istio-1.5/mixer-1.5
Summary
opensource/istio-1.5/mixer-1.5 has 41 new findings discovered during continuous monitoring.
id | source | package |
---|---|---|
CVE-2021-42694 | twistlock_cve | libgcc-8.5.0-4.el8_5 |
CVE-2021-3974 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
CVE-2020-17049 | twistlock_cve | krb5-libs-1.18.2-14.el8 |
CVE-2021-3733 | twistlock_cve | python3-libs-3.6.8-41.el8 |
CVE-2021-3733 | twistlock_cve | platform-python-3.6.8-41.el8 |
CVE-2021-43618 | twistlock_cve | gmp-6.1.2-10.el8 |
CVE-2021-3984 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
CVE-2021-4019 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
CVE-2020-12401 | twistlock_cve | nss-util-3.67.0-7.el8_5 |
CVE-2020-12413 | twistlock_cve | nss-util-3.67.0-7.el8_5 |
CVE-2020-12401 | twistlock_cve | nss-softokn-3.67.0-7.el8_5 |
CVE-2020-12413 | twistlock_cve | nss-softokn-3.67.0-7.el8_5 |
CVE-2020-12401 | twistlock_cve | nss-3.67.0-7.el8_5 |
CVE-2020-12413 | twistlock_cve | nss-3.67.0-7.el8_5 |
CVE-2020-12401 | twistlock_cve | nss-softokn-freebl-3.67.0-7.el8_5 |
CVE-2020-12413 | twistlock_cve | nss-softokn-freebl-3.67.0-7.el8_5 |
CVE-2020-12401 | twistlock_cve | nss-sysinit-3.67.0-7.el8_5 |
CVE-2020-12413 | twistlock_cve | nss-sysinit-3.67.0-7.el8_5 |
CVE-2020-12401 | anchore_cve | nss-3.67.0-7.el8_5 |
CVE-2020-12401 | anchore_cve | nss-sysinit-3.67.0-7.el8_5 |
CVE-2020-12401 | anchore_cve | nss-softokn-3.67.0-7.el8_5 |
CVE-2020-12401 | anchore_cve | nss-util-3.67.0-7.el8_5 |
CVE-2020-12401 | anchore_cve | nss-softokn-freebl-3.67.0-7.el8_5 |
CVE-2018-20839 | twistlock_cve | systemd-pam-239-51.el8_5.3 |
CVE-2018-20839 | twistlock_cve | systemd-libs-239-51.el8_5.3 |
CVE-2018-20839 | twistlock_cve | systemd-239-51.el8_5.3 |
CVE-2019-20386 | twistlock_cve | systemd-239-51.el8_5.3 |
CVE-2021-23177 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2021-31566 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2021-23177 | anchore_cve | libarchive-3.3.3-1.el8 |
CVE-2021-31566 | anchore_cve | libarchive-3.3.3-1.el8 |
CVE-2021-3712 | twistlock_cve | openssl-libs-1.1.1k-5.el8_5 |
CVE-2021-23841 | twistlock_cve | openssl-libs-1.1.1k-5.el8_5 |
CVE-2021-3712 | twistlock_cve | openssl-1.1.1k-5.el8_5 |
CVE-2021-23841 | twistlock_cve | openssl-1.1.1k-5.el8_5 |
CVE-2021-4166 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
CVE-2021-4189 | twistlock_cve | python3-libs-3.6.8-41.el8 |
CVE-2021-4189 | twistlock_cve | platform-python-3.6.8-41.el8 |
CVE-2021-4189 | anchore_cve | platform-python-3.6.8-41.el8 |
CVE-2021-4189 | anchore_cve | python3-libs-3.6.8-41.el8 |
CVE-2020-1712 | twistlock_cve | systemd-239-51.el8_5.3 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/opensource/istio-1.5/mixer-1.5/-/jobs/9127901
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official