Running with gitlab-runner 13.8.0 (775dd39d)  on dsop-shared-gitlab-runner-f887cbcbd-srgz6 E82_g8RG section_start:1628805051:resolve_secrets Resolving secrets section_end:1628805051:resolve_secrets section_start:1628805051:prepare_executor Preparing the "kubernetes" executor Using Kubernetes namespace: gitlab-runner-ironbank-dsop WARNING: Pulling GitLab Runner helper image from Docker Hub. Helper image is migrating to registry.gitlab.com, for more information see https://docs.gitlab.com/runner/configuration/advanced-configuration.html#migrating-helper-image-to-registrygitlabcom Using Kubernetes executor with image registry1.dso.mil/ironbank/ironbank-pipelines/pipeline-runner:0.3 ... section_end:1628805051:prepare_executor section_start:1628805051:prepare_script Preparing environment Waiting for pod gitlab-runner-ironbank-dsop/runner-e82g8rg-project-6370-concurrent-0lxlmn to be running, status is Pending Waiting for pod gitlab-runner-ironbank-dsop/runner-e82g8rg-project-6370-concurrent-0lxlmn to be running, status is Pending ContainersNotReady: "containers with unready status: [build helper istio-proxy]" ContainersNotReady: "containers with unready status: [build helper istio-proxy]" Running on runner-e82g8rg-project-6370-concurrent-0lxlmn via dsop-shared-gitlab-runner-f887cbcbd-srgz6... section_end:1628805058:prepare_script section_start:1628805058:get_sources Getting source from Git repository $ until [ $(curl --fail --silent --output /dev/stderr --write-out "%{http_code}" localhost:15020/healthz/ready) -eq 200 ]; do echo Waiting for Sidecar; sleep 3 ; done ; echo Sidecar available; Sidecar available Fetching changes with git depth set to 50... Initialized empty Git repository in /builds/dsop/opensource/jenkins/jenkinsfile-runner/.git/ Created fresh repository. Checking out 574ceb17 as development... Skipping object checkout, Git LFS is not installed. Skipping Git submodules setup section_end:1628805058:get_sources section_start:1628805058:download_artifacts Downloading artifacts Downloading artifacts for anchore-scan (5604159)... Downloading artifacts from coordinator... ok  id=5604159 responseStatus=200 OK token=xWUkSKbZ WARNING: ci-artifacts/scan-results/anchore/: lchown ci-artifacts/scan-results/anchore/: operation not permitted (suppressing repeats) Downloading artifacts for hardening-manifest (5604154)... Downloading artifacts from coordinator... ok  id=5604154 responseStatus=200 OK token=4DFyUeKz WARNING: ci-artifacts/preflight/: lchown ci-artifacts/preflight/: operation not permitted (suppressing repeats) Downloading artifacts for load-scripts (5604151)... Downloading artifacts from coordinator... ok  id=5604151 responseStatus=200 OK token=KksiRoqF WARNING: ci-artifacts/[MASKED]/: lchown ci-artifacts/[MASKED]/: operation not permitted (suppressing repeats) Downloading artifacts for openscap-compliance (5604160)... Downloading artifacts from coordinator... ok  id=5604160 responseStatus=200 OK token=3FBrqJCK WARNING: ci-artifacts/scan-results/openscap/: lchown ci-artifacts/scan-results/openscap/: operation not permitted (suppressing repeats) Downloading artifacts for twistlock-scan (5604161)... Downloading artifacts from coordinator... ok  id=5604161 responseStatus=200 OK token=hvprNaNQ Downloading artifacts for wl-compare-lint (5604155)... WARNING: ci-artifacts/scan-results/twistlock/: lchown ci-artifacts/scan-results/twistlock/: operation not permitted (suppressing repeats) Downloading artifacts from coordinator... ok  id=5604155 responseStatus=200 OK token=bkWknd22 WARNING: ci-artifacts/lint/: lchown ci-artifacts/lint/: operation not permitted (suppressing repeats) section_end:1628805059:download_artifacts section_start:1628805059:step_script Executing "step_script" stage of the job script $ pip3 install jsonschema # collapsed multi-line command Requirement already satisfied: jsonschema in /usr/local/lib/python3.9/site-packages (3.2.0) Requirement already satisfied: pyrsistent>=0.14.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (0.17.3) Requirement already satisfied: setuptools in /usr/local/lib/python3.9/site-packages (from jsonschema) (56.1.0) Requirement already satisfied: six>=1.11.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (1.15.0) Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (21.2.0) WARNING: Running pip as root will break packages and permissions. You should install packages reliably by using venv: https://pip.pypa.io/warnings/venv WARNING: You are using pip version 21.1.1; however, version 21.2.4 is available. You should consider upgrading via the '/usr/local/bin/python3.9 -m pip install --upgrade pip' command. INFO: Log level set to info INFO: Number of whitelisted vulnerabilities: 137 INFO: Whitelisted vulnerabilities: {Finding(scan_source='oscap_comp', cve_id='CCE-80935-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_comp', cve_id='bcd159901fe47efddae5c095b4b0d7fd', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82949-9', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82979-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='libuuid-2.32.1-27.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36084', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36222', package='krb5-libs-1.18.2-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='libblkid-2.32.1-27.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22924', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82368-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-83401-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82474-8', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-17541', package='libjpeg-turbo-1.5.3-10.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22922', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22922', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='platform-python-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36087', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='libsmartcols-2.32.1-27.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82880-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82267-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3580', package='nettle-3.4.1-4.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22925', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22924', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82360-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3580', package='nettle-3.4.1-4.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_comp', cve_id='addbb93c22e9b0988b8b40392a4538cb', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82985-3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-10001', package='cups-libs-2.2.6-38.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22923', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='320a97c6816565eedf3545833df99dd0', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-config-0.9.4-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22922', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-35942', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='python3-libs-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-17541', package='libjpeg-turbo-1.5.3-10.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3572', package='python3-pip-wheel-9.0.3-19.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='463a9a24225c26f7a5bf3f38908e5cb3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22923', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c4ad80832b361f81df2a31e5b6b09864', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82395-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82494-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82472-2', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='abb121e9621abdd452f65844954cf1c1', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22923', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='3456a263793066e9b5063ada6e47917d', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82214-8', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36085', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82473-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_comp', cve_id='3e5fad1c039f3ecfd1dcdc94d2f1f9a0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22925', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22924', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36086', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36085', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36084', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82959-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4.1', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='libfdisk-2.32.1-27.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82220-5', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='34de21e516c0ca50a96e5386f163f8bf', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='libmount-2.32.1-27.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82168-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-hawkey-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36086', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='util-linux-2.32.1-27.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='e7573262736ef52353cde3bae2617782', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36087', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-37600', package='util-linux-2.32.1-27.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c2e44319ae5b3b040044d8ae116d1c2f', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='639f6f1177735759703e928c14714a59', package=None, package_path=None)} INFO: Vulnerabilities found in scanning stage: 193 INFO: {Finding(scan_source='oscap_comp', cve_id='CCE-80935-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-crv7-7245-f45f', package='commons-compress-1.19', package_path='/app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar'), Finding(scan_source='anchore_comp', cve_id='bcd159901fe47efddae5c095b4b0d7fd', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-mc84-pj99-q6hh', package='commons-compress-1.19', package_path='/app/jenkins/WEB-INF/lib/commons-compress-1.19.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82949-9', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82979-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='libuuid-2.32.1-27.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36084', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-35522', package='libtiff-4.0.9-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36222', package='krb5-libs-1.18.2-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35516', package='commons-compress-1.19', package_path='/app/jenkins/WEB-INF/lib/commons-compress-1.19.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='libblkid-2.32.1-27.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35524', package='libtiff-4.0.9-18.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22924', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-gchq-9r68-6jwv', package='credentials-2.3.15', package_path='/usr/share/jenkins/ref/plugins/credentials.hpi'), Finding(scan_source='oscap_comp', cve_id='CCE-82368-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-mc84-pj99-q6hh', package='commons-compress-1.19', package_path='/app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-83401-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82474-8', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-17541', package='libjpeg-turbo-1.5.3-10.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35516', package='commons-compress-1.19', package_path='/app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22922', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22922', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='platform-python-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36087', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-35515', package='org.apache.commons_commons-compress-1.19', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='libsmartcols-2.32.1-27.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-34428', package='org.eclipse.jetty_jetty-io-9.4.39.v20210325', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-35492', package='cairo-1.15.12-3.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35515', package='commons-compress-1.19', package_path='/app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-xqfj-vm6h-2x34', package='commons-compress-1.19', package_path='/app/jenkins/WEB-INF/lib/commons-compress-1.19.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82880-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82267-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28169', package='org.eclipse.jetty_jetty-io-9.4.39.v20210325', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3580', package='nettle-3.4.1-4.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-106409', package='commons_digester-2.1', package_path='/app/jenkins/WEB-INF/lib/commons-digester-2.1.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-31535', package='libX11-1.6.8-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22925', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-gchq-9r68-6jwv', package='credentials-2.3.15', package_path='/usr/share/jenkins/ref/plugins/credentials.hpi:WEB-INF/lib/credentials.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-vjv5-gp2w-65vm', package='jetty-webapp-9.4.39.v20210325', package_path='/app/repo/org/eclipse/jetty/jetty-webapp/9.4.39.v20210325/jetty-webapp-9.4.39.v20210325.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22924', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82360-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3580', package='nettle-3.4.1-4.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-26926', package='jasper-libs-2.0.14-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-xqfj-vm6h-2x34', package='commons-compress-1.19', package_path='/app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82985-3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-10001', package='cups-libs-2.2.6-38.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='addbb93c22e9b0988b8b40392a4538cb', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-31535', package='libX11-1.6.8-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36374', package='ant-1.10.9', package_path='/app/jenkins/WEB-INF/lib/ant-1.10.9.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-264109', package='xstream-1.4.17', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.17.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22923', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='320a97c6816565eedf3545833df99dd0', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-config-0.9.4-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21670', package='org.jenkins-ci.main_jenkins-core-2.277.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-26927', package='jasper-libs-2.0.14-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-31535', package='libX11-common-1.6.8-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35515', package='commons-compress-1.19', package_path='/app/jenkins/WEB-INF/lib/commons-compress-1.19.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35521', package='libtiff-4.0.9-18.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-35942', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22922', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36374', package='ant-1.10.9', package_path='/app/repo/org/apache/ant/ant/1.10.9/ant-1.10.9.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-106409', package='commons_digester-2.1', package_path='/app/repo/commons-digester/commons-digester/2.1/commons-digester-2.1.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-35523', package='libtiff-4.0.9-18.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='python3-libs-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-17541', package='libjpeg-turbo-1.5.3-10.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3572', package='python3-pip-wheel-9.0.3-19.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35523', package='libtiff-4.0.9-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36373', package='ant-1.10.9', package_path='/app/jenkins/WEB-INF/lib/ant-1.10.9.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='463a9a24225c26f7a5bf3f38908e5cb3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-gchq-9r68-6jwv', package='credentials-2.3.15', package_path='/app/repo/org/jenkins-ci/plugins/credentials/2.3.15/credentials-2.3.15.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-35524', package='libtiff-4.0.9-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22923', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36090', package='commons-compress-1.19', package_path='/app/jenkins/WEB-INF/lib/commons-compress-1.19.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-264109', package='xstream-1.4.17', package_path='/app/repo/com/thoughtworks/xstream/xstream/1.4.17/xstream-1.4.17.jar'), Finding(scan_source='anchore_comp', cve_id='c4ad80832b361f81df2a31e5b6b09864', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-35517', package='org.apache.commons_commons-compress-1.19', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82395-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36373', package='ant-1.10.9', package_path='/app/repo/org/apache/ant/ant/1.10.9/ant-1.10.9.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82494-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82472-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27828', package='jasper-libs-2.0.14-4.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='abb121e9621abdd452f65844954cf1c1', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22923', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36085', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82214-8', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='3456a263793066e9b5063ada6e47917d', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-7hfm-57qf-j43q', package='commons-compress-1.19', package_path='/app/jenkins/WEB-INF/lib/commons-compress-1.19.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82473-0', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-35521', package='libtiff-4.0.9-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36090', package='commons-compress-1.19', package_path='/app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22925', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35522', package='libtiff-4.0.9-18.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='3e5fad1c039f3ecfd1dcdc94d2f1f9a0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22924', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36090', package='org.apache.commons_commons-compress-1.19', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35517', package='commons-compress-1.19', package_path='/app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36086', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36085', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36084', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-7hfm-57qf-j43q', package='commons-compress-1.19', package_path='/app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-34429', package='org.eclipse.jetty_jetty-io-9.4.39.v20210325', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82959-8', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='libfdisk-2.32.1-27.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82220-5', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='34de21e516c0ca50a96e5386f163f8bf', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='41cb7cdf04850e33a11f80c42bf660b3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3272', package='jasper-libs-2.0.14-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='libmount-2.32.1-27.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82168-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21671', package='org.jenkins-ci.main_jenkins-core-2.277.2', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-35516', package='org.apache.commons_commons-compress-1.19', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-hawkey-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36086', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37600', package='util-linux-2.32.1-27.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='e7573262736ef52353cde3bae2617782', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35517', package='commons-compress-1.19', package_path='/app/jenkins/WEB-INF/lib/commons-compress-1.19.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-crv7-7245-f45f', package='commons-compress-1.19', package_path='/app/jenkins/WEB-INF/lib/commons-compress-1.19.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36087', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-37600', package='util-linux-2.32.1-27.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-34429', package='org.eclipse.jetty_jetty-io-9.4.42.v20210604', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-m6cp-vxjx-65j6', package='jetty-server-9.4.39.v20210325', package_path='/app/repo/org/eclipse/jetty/jetty-server/9.4.39.v20210325/jetty-server-9.4.39.v20210325.jar'), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c2e44319ae5b3b040044d8ae116d1c2f', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='639f6f1177735759703e928c14714a59', package=None, package_path=None)} ERROR: NON-WHITELISTED VULNERABILITIES FOUND ERROR: Number of non-whitelisted vulnerabilities: 56 ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: anchore_comp 41cb7cdf04850e33a11f80c42bf660b3 None None ERROR: anchore_cve CVE-2021-36373 ant-1.10.9 /app/jenkins/WEB-INF/lib/ant-1.10.9.jar ERROR: anchore_cve CVE-2021-36373 ant-1.10.9 /app/repo/org/apache/ant/ant/1.10.9/ant-1.10.9.jar ERROR: anchore_cve CVE-2021-36374 ant-1.10.9 /app/jenkins/WEB-INF/lib/ant-1.10.9.jar ERROR: anchore_cve CVE-2021-36374 ant-1.10.9 /app/repo/org/apache/ant/ant/1.10.9/ant-1.10.9.jar ERROR: anchore_cve CVE-2021-35515 commons-compress-1.19 /app/jenkins/WEB-INF/lib/commons-compress-1.19.jar ERROR: anchore_cve CVE-2021-35515 commons-compress-1.19 /app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar ERROR: anchore_cve CVE-2021-35516 commons-compress-1.19 /app/jenkins/WEB-INF/lib/commons-compress-1.19.jar ERROR: anchore_cve CVE-2021-35516 commons-compress-1.19 /app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar ERROR: anchore_cve CVE-2021-35517 commons-compress-1.19 /app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar ERROR: anchore_cve CVE-2021-35517 commons-compress-1.19 /app/jenkins/WEB-INF/lib/commons-compress-1.19.jar ERROR: anchore_cve CVE-2021-36090 commons-compress-1.19 /app/jenkins/WEB-INF/lib/commons-compress-1.19.jar ERROR: anchore_cve CVE-2021-36090 commons-compress-1.19 /app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar ERROR: anchore_cve GHSA-7hfm-57qf-j43q commons-compress-1.19 /app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar ERROR: anchore_cve GHSA-7hfm-57qf-j43q commons-compress-1.19 /app/jenkins/WEB-INF/lib/commons-compress-1.19.jar ERROR: anchore_cve GHSA-crv7-7245-f45f commons-compress-1.19 /app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar ERROR: anchore_cve GHSA-crv7-7245-f45f commons-compress-1.19 /app/jenkins/WEB-INF/lib/commons-compress-1.19.jar ERROR: anchore_cve GHSA-mc84-pj99-q6hh commons-compress-1.19 /app/jenkins/WEB-INF/lib/commons-compress-1.19.jar ERROR: anchore_cve GHSA-mc84-pj99-q6hh commons-compress-1.19 /app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar ERROR: anchore_cve GHSA-xqfj-vm6h-2x34 commons-compress-1.19 /app/jenkins/WEB-INF/lib/commons-compress-1.19.jar ERROR: anchore_cve GHSA-xqfj-vm6h-2x34 commons-compress-1.19 /app/repo/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar ERROR: anchore_cve VULNDB-106409 commons_digester-2.1 /app/jenkins/WEB-INF/lib/commons-digester-2.1.jar ERROR: anchore_cve VULNDB-106409 commons_digester-2.1 /app/repo/commons-digester/commons-digester/2.1/commons-digester-2.1.jar ERROR: anchore_cve GHSA-gchq-9r68-6jwv credentials-2.3.15 /usr/share/jenkins/ref/plugins/credentials.hpi:WEB-INF/lib/credentials.jar ERROR: anchore_cve GHSA-gchq-9r68-6jwv credentials-2.3.15 /usr/share/jenkins/ref/plugins/credentials.hpi ERROR: anchore_cve GHSA-gchq-9r68-6jwv credentials-2.3.15 /app/repo/org/jenkins-ci/plugins/credentials/2.3.15/credentials-2.3.15.jar ERROR: anchore_cve CVE-2020-27828 jasper-libs-2.0.14-4.el8 None ERROR: anchore_cve CVE-2021-26926 jasper-libs-2.0.14-4.el8 None ERROR: anchore_cve CVE-2021-26927 jasper-libs-2.0.14-4.el8 None ERROR: anchore_cve CVE-2021-3272 jasper-libs-2.0.14-4.el8 None ERROR: anchore_cve GHSA-m6cp-vxjx-65j6 jetty-server-9.4.39.v20210325 /app/repo/org/eclipse/jetty/jetty-server/9.4.39.v20210325/jetty-server-9.4.39.v20210325.jar ERROR: anchore_cve GHSA-vjv5-gp2w-65vm jetty-webapp-9.4.39.v20210325 /app/repo/org/eclipse/jetty/jetty-webapp/9.4.39.v20210325/jetty-webapp-9.4.39.v20210325.jar ERROR: anchore_cve CVE-2021-31535 libX11-1.6.8-4.el8 None ERROR: anchore_cve CVE-2021-31535 libX11-common-1.6.8-4.el8 None ERROR: anchore_cve CVE-2020-35521 libtiff-4.0.9-18.el8 None ERROR: anchore_cve CVE-2020-35522 libtiff-4.0.9-18.el8 None ERROR: anchore_cve CVE-2020-35523 libtiff-4.0.9-18.el8 None ERROR: anchore_cve CVE-2020-35524 libtiff-4.0.9-18.el8 None ERROR: anchore_cve VULNDB-264109 xstream-1.4.17 /app/jenkins/WEB-INF/lib/xstream-1.4.17.jar ERROR: anchore_cve VULNDB-264109 xstream-1.4.17 /app/repo/com/thoughtworks/xstream/xstream/1.4.17/xstream-1.4.17.jar ERROR: twistlock_cve CVE-2020-35492 cairo-1.15.12-3.el8 None ERROR: twistlock_cve CVE-2021-31535 libX11-1.6.8-4.el8 None ERROR: twistlock_cve CVE-2020-35521 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2020-35522 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2020-35523 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2020-35524 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2021-35515 org.apache.commons_commons-compress-1.19 None ERROR: twistlock_cve CVE-2021-35516 org.apache.commons_commons-compress-1.19 None ERROR: twistlock_cve CVE-2021-35517 org.apache.commons_commons-compress-1.19 None ERROR: twistlock_cve CVE-2021-36090 org.apache.commons_commons-compress-1.19 None ERROR: twistlock_cve CVE-2021-28169 org.eclipse.jetty_jetty-io-9.4.39.v20210325 None ERROR: twistlock_cve CVE-2021-34428 org.eclipse.jetty_jetty-io-9.4.39.v20210325 None ERROR: twistlock_cve CVE-2021-34429 org.eclipse.jetty_jetty-io-9.4.39.v20210325 None ERROR: twistlock_cve CVE-2021-34429 org.eclipse.jetty_jetty-io-9.4.42.v20210604 None ERROR: twistlock_cve CVE-2021-21670 org.jenkins-ci.main_jenkins-core-2.277.2 None ERROR: twistlock_cve CVE-2021-21671 org.jenkins-ci.main_jenkins-core-2.277.2 None section_end:1628805063:step_script section_start:1628805063:cleanup_file_variables Cleaning up file based variables section_end:1628805064:cleanup_file_variables ERROR: Job failed: command terminated with exit code 1