UNCLASSIFIED - NO CUI

ATTENTION: Immediate action is required to maintain compatibility with P1 services. Please visit https://p1notifications.dso.mil and see the "DSO.MIL Certificates Renewal" announcement under the "Notifications" section for more details.

chore(findings): opensource/jupyterhub/configurable-http-proxy

Summary

opensource/jupyterhub/configurable-http-proxy has 10 new findings discovered during continuous monitoring.

id	source	package
CCE-80668-7	oscap_comp	Uninherited
CCE-85987-6	oscap_comp	Uninherited
CCE-80667-9	oscap_comp	Uninherited
CCE-80669-5	oscap_comp	Uninherited
CCE-80670-3	oscap_comp	Uninherited
CCE-81037-4	oscap_comp	Uninherited
CCE-81035-8	oscap_comp	Uninherited
CVE-2022-0536	twistlock_cve	follow-redirects-1.13.2
CVE-2022-0155	twistlock_cve	follow-redirects-1.13.2
PRISMA-2022-0039	twistlock_cve	minimatch-3.0.4

More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/opensource/jupyter/jupyterhub-configurable-http-proxy/-/jobs/10469186

Definition of Done

Justifications:

All findings have been justified
Justifications have been provided to the container hardening team

Approval Process:

Findings Approver has reviewed and approved all justifications
Approval request has been sent to Authorizing Official
Approval request has been processed by Authorizing Official

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI