chore(findings): opensource/jaegertracing/jaeger-agent
Summary
opensource/jaegertracing/jaeger-agent has 47 new findings discovered during continuous monitoring.
| id | source | package |
|---|---|---|
| CVE-2019-18276 | twistlock_cve | bash-4.4.19-12.el8 |
| CVE-2019-13012 | twistlock_cve | glib2-2.56.4-8.el8 |
| CVE-2020-13543 | twistlock_cve | glib2-2.56.4-8.el8 |
| CVE-2020-13584 | twistlock_cve | glib2-2.56.4-8.el8 |
| CVE-2020-9948 | twistlock_cve | glib2-2.56.4-8.el8 |
| CVE-2020-9951 | twistlock_cve | glib2-2.56.4-8.el8 |
| CVE-2020-9983 | twistlock_cve | glib2-2.56.4-8.el8 |
| CVE-2016-10228 | twistlock_cve | glibc-2.28-127.el8_3.2 |
| CVE-2019-9169 | twistlock_cve | glibc-2.28-127.el8_3.2 |
| CVE-2016-10228 | twistlock_cve | glibc-common-2.28-127.el8_3.2 |
| CVE-2019-25013 | twistlock_cve | glibc-common-2.28-127.el8_3.2 |
| CVE-2019-9169 | twistlock_cve | glibc-common-2.28-127.el8_3.2 |
| CVE-2020-27618 | twistlock_cve | glibc-common-2.28-127.el8_3.2 |
| CVE-2021-3326 | twistlock_cve | glibc-common-2.28-127.el8_3.2 |
| CVE-2016-10228 | twistlock_cve | glibc-minimal-langpack-2.28-127.el8_3.2 |
| CVE-2019-25013 | twistlock_cve | glibc-minimal-langpack-2.28-127.el8_3.2 |
| CVE-2019-9169 | twistlock_cve | glibc-minimal-langpack-2.28-127.el8_3.2 |
| CVE-2020-27618 | twistlock_cve | glibc-minimal-langpack-2.28-127.el8_3.2 |
| CVE-2021-3326 | twistlock_cve | glibc-minimal-langpack-2.28-127.el8_3.2 |
| CVE-2020-28196 | twistlock_cve | krb5-libs-1.18.2-5.el8 |
| CVE-2020-8231 | twistlock_cve | libcurl-7.61.1-14.el8_3.1 |
| CVE-2020-8284 | twistlock_cve | libcurl-7.61.1-14.el8_3.1 |
| CVE-2020-8285 | twistlock_cve | libcurl-7.61.1-14.el8_3.1 |
| CVE-2020-8286 | twistlock_cve | libcurl-7.61.1-14.el8_3.1 |
| CVE-2019-2708 | twistlock_cve | libdb-5.3.28-39.el8 |
| CVE-2019-2708 | twistlock_cve | libdb-utils-5.3.28-39.el8 |
| CVE-2020-24977 | twistlock_cve | libxml2-2.9.7-8.el8 |
| CVE-2020-29361 | twistlock_cve | p11-kit-trust-0.23.14-5.el8_0 |
| CVE-2020-29362 | twistlock_cve | p11-kit-trust-0.23.14-5.el8_0 |
| CVE-2020-29363 | twistlock_cve | p11-kit-trust-0.23.14-5.el8_0 |
| CVE-2020-26116 | twistlock_cve | platform-python-3.6.8-31.el8 |
| CVE-2020-27619 | twistlock_cve | platform-python-3.6.8-31.el8 |
| CVE-2021-23336 | twistlock_cve | platform-python-3.6.8-31.el8 |
| CVE-2021-3177 | twistlock_cve | platform-python-3.6.8-31.el8 |
| CVE-2020-26116 | twistlock_cve | python3-libs-3.6.8-31.el8 |
| CVE-2020-27619 | twistlock_cve | python3-libs-3.6.8-31.el8 |
| CVE-2021-23336 | twistlock_cve | python3-libs-3.6.8-31.el8 |
| CVE-2021-3177 | twistlock_cve | python3-libs-3.6.8-31.el8 |
| CVE-2020-24977 | twistlock_cve | python3-libxml2-2.9.7-8.el8 |
| CVE-2020-26137 | twistlock_cve | python3-urllib3-1.24.2-4.el8 |
| CVE-2020-13434 | twistlock_cve | sqlite-libs-3.26.0-11.el8 |
| CVE-2020-15358 | twistlock_cve | sqlite-libs-3.26.0-11.el8 |
| CVE-2019-3842 | twistlock_cve | systemd-239-41.el8_3.2 |
| CVE-2019-3842 | twistlock_cve | systemd-libs-239-41.el8_3.2 |
| CVE-2020-13776 | twistlock_cve | systemd-libs-239-41.el8_3.2 |
| CVE-2019-3842 | twistlock_cve | systemd-pam-239-41.el8_3.2 |
| CVE-2020-13776 | twistlock_cve | systemd-pam-239-41.el8_3.2 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/opensource/jaegertracing/jaeger-agent/-/jobs/3426746
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official