UNCLASSIFIED - NO CUI

Skip to content

chore(findings): opensource/kubernetes-sigs/aws-encryption-provider

Summary

opensource/kubernetes-sigs/aws-encryption-provider has 380 new findings discovered during continuous monitoring.

id source severity package
cbff271f45d32e78dcc1979dbca9c14d Anchore Compliance Critical
GHSA-2wrh-6pvc-2jm9 Anchore CVE Medium golang.org/x/net-v0.7.0
GHSA-4374-p667-p6c8 Anchore CVE High golang.org/x/net-v0.7.0
GHSA-qppj-fm5r-hxr3 Anchore CVE Medium golang.org/x/net-v0.7.0
GHSA-m425-mq94-257g Anchore CVE High google.golang.org/grpc-v1.49.0
GHSA-qppj-fm5r-hxr3 Anchore CVE Medium google.golang.org/grpc-v1.49.0
CVE-2022-48560 Anchore CVE Medium python3-libs-3.6.8-56.el8_9
CVE-2022-48560 Anchore CVE Medium platform-python-3.6.8-56.el8_9
CVE-2022-48564 Anchore CVE Medium platform-python-3.6.8-56.el8_9
CVE-2022-48564 Anchore CVE Medium python3-libs-3.6.8-56.el8_9
CVE-2023-45803 Anchore CVE Medium python3-urllib3-1.24.2-5.el8
CVE-2023-5981 Anchore CVE Medium gnutls-3.6.16-7.el8
CVE-2023-46218 Anchore CVE Medium curl-7.61.1-33.el8
CVE-2023-46218 Anchore CVE Medium libcurl-7.61.1-33.el8
CVE-2023-3817 Anchore CVE Low openssl-libs-1:1.1.1k-9.el8_7
CVE-2023-7008 Anchore CVE Medium systemd-239-78.el8
CVE-2023-7008 Anchore CVE Medium systemd-libs-239-78.el8
CVE-2023-7008 Anchore CVE Medium systemd-pam-239-78.el8
CVE-2023-7104 Anchore CVE Medium sqlite-libs-3.26.0-18.el8_8
CVE-2023-6135 Anchore CVE Medium nss-3.90.0-3.el8_8
CVE-2023-6135 Anchore CVE Medium nss-util-3.90.0-3.el8_8
CVE-2023-5455 Anchore CVE Medium krb5-libs-1.18.2-26.el8_9
CVE-2023-6135 Anchore CVE Medium nss-sysinit-3.90.0-3.el8_8
CVE-2023-6135 Anchore CVE Medium nss-softokn-freebl-3.90.0-3.el8_8
CVE-2023-6135 Anchore CVE Medium nss-softokn-3.90.0-3.el8_8
CVE-2021-43618 Anchore CVE Medium gmp-1:6.1.2-10.el8
CVE-2024-0553 Anchore CVE Medium gnutls-3.6.16-7.el8
CVE-2024-22365 Anchore CVE Medium pam-1.3.1-27.el8
CVE-2023-32665 Anchore CVE Low glib2-2.56.4-161.el8
CVE-2023-32611 Anchore CVE Low glib2-2.56.4-161.el8
CVE-2023-29499 Anchore CVE Low glib2-2.56.4-161.el8
CVE-2021-35938 Anchore CVE Medium python3-rpm-4.14.3-26.el8
CVE-2021-35939 Anchore CVE Medium rpm-build-libs-4.14.3-26.el8
CVE-2021-35938 Anchore CVE Medium rpm-build-libs-4.14.3-26.el8
CVE-2021-35937 Anchore CVE Medium rpm-build-libs-4.14.3-26.el8
CVE-2021-35937 Anchore CVE Medium python3-rpm-4.14.3-26.el8
CVE-2021-35937 Anchore CVE Medium rpm-libs-4.14.3-26.el8
CVE-2021-35939 Anchore CVE Medium rpm-libs-4.14.3-26.el8
CVE-2021-35937 Anchore CVE Medium rpm-4.14.3-26.el8
CVE-2021-35939 Anchore CVE Medium rpm-4.14.3-26.el8
CVE-2021-35938 Anchore CVE Medium rpm-4.14.3-26.el8
CVE-2021-35939 Anchore CVE Medium python3-rpm-4.14.3-26.el8
CVE-2021-35938 Anchore CVE Medium rpm-libs-4.14.3-26.el8
CVE-2023-52425 Anchore CVE Medium expat-2.2.5-11.el8
CVE-2023-50868 Anchore CVE High unbound-libs-1.16.2-5.el8
CVE-2024-25062 Anchore CVE Medium libxml2-2.9.7-16.el8_8.1
CVE-2023-50387 Anchore CVE High unbound-libs-1.16.2-5.el8
CVE-2023-50868 Anchore CVE High python3-unbound-1.16.2-5.el8
CVE-2024-25062 Anchore CVE Medium python3-libxml2-2.9.7-16.el8_8.1
CVE-2023-50387 Anchore CVE High python3-unbound-1.16.2-5.el8
CVE-2024-1488 Anchore CVE High unbound-libs-1.16.2-5.el8
CVE-2024-1488 Anchore CVE High python3-unbound-1.16.2-5.el8
GHSA-8r3f-844c-mc37 Anchore CVE Medium google.golang.org/protobuf-v1.28.1
CVE-2024-28834 Anchore CVE Medium gnutls-3.6.16-7.el8
CVE-2024-2398 Anchore CVE Medium curl-7.61.1-33.el8
CVE-2024-2398 Anchore CVE Medium libcurl-7.61.1-33.el8
CVE-2024-26458 Anchore CVE Low krb5-libs-1.18.2-26.el8_9
CVE-2023-6004 Anchore CVE Low libssh-config-0.9.6-10.el8_8
CVE-2024-2236 Anchore CVE Medium libgcrypt-1.8.5-7.el8_6
CVE-2023-6918 Anchore CVE Low libssh-0.9.6-10.el8_8
CVE-2023-48795 Anchore CVE Medium libssh-config-0.9.6-10.el8_8
CVE-2023-48795 Anchore CVE Medium libssh-0.9.6-10.el8_8
CVE-2023-6004 Anchore CVE Low libssh-0.9.6-10.el8_8
CVE-2023-6918 Anchore CVE Low libssh-config-0.9.6-10.el8_8
CVE-2024-3205 Anchore CVE Medium libyaml-0.1.7-5.el8
CVE-2024-26461 Anchore CVE Low krb5-libs-1.18.2-26.el8_9
CVE-2024-2511 Anchore CVE Low openssl-libs-1:1.1.1k-9.el8_7
CVE-2024-28182 Anchore CVE Medium libnghttp2-1.33.0-5.el8_9
CVE-2020-17049 Anchore CVE Medium krb5-libs-1.18.2-26.el8_9
CVE-2024-2961 Anchore CVE High glibc-langpack-en-2.28-236.el8.7
CVE-2024-2961 Anchore CVE High glibc-gconv-extra-2.28-236.el8.7
GHSA-4v7x-pqxf-cx7m Anchore CVE Medium golang.org/x/net-v0.7.0
CVE-2024-2961 Anchore CVE High glibc-2.28-236.el8.7
CVE-2024-2961 Anchore CVE High glibc-minimal-langpack-2.28-236.el8.7
CVE-2024-2961 Anchore CVE High glibc-common-2.28-236.el8.7
CVE-2023-6597 Anchore CVE High python3-libs-3.6.8-56.el8_9
CVE-2024-0450 Anchore CVE Medium platform-python-3.6.8-56.el8_9
CVE-2023-2953 Anchore CVE Low openldap-2.4.46-18.el8
CVE-2024-0450 Anchore CVE Medium python3-libs-3.6.8-56.el8_9
CVE-2023-6597 Anchore CVE High platform-python-3.6.8-56.el8_9
CVE-2018-20225 Anchore CVE Low platform-python-pip-9.0.3-23.el8
CVE-2023-50495 Anchore CVE Low ncurses-libs-6.1-10.20180224.el8
CVE-2022-0235 Anchore CVE Medium subscription-manager-1.28.40-1.el8_9
CVE-2023-0465 Anchore CVE Low openssl-libs-1:1.1.1k-9.el8_7
CVE-2020-19189 Anchore CVE Low ncurses-base-6.1-10.20180224.el8
CVE-2024-25260 Anchore CVE Low elfutils-libelf-0.189-3.el8
CVE-2005-2541 Anchore CVE Medium tar-2:1.30-9.el8
CVE-2019-9674 Anchore CVE Low platform-python-3.6.8-56.el8_9
CVE-2019-19244 Anchore CVE Low sqlite-libs-3.26.0-18.el8_8
CVE-2019-12904 Anchore CVE Medium libgcrypt-1.8.5-7.el8_6
CVE-2018-19211 Anchore CVE Low ncurses-libs-6.1-10.20180224.el8
CVE-2019-9937 Anchore CVE Low sqlite-libs-3.26.0-18.el8_8
CVE-2021-42694 Anchore CVE Medium libgcc-8.5.0-20.el8
CVE-2021-20193 Anchore CVE Medium tar-2:1.30-9.el8
CVE-2024-0727 Anchore CVE Low openssl-libs-1:1.1.1k-9.el8_7
CVE-2024-25260 Anchore CVE Low elfutils-libs-0.189-3.el8
CVE-2023-0464 Anchore CVE Low openssl-libs-1:1.1.1k-9.el8_7
CVE-2019-1010022 Anchore CVE Critical glibc-langpack-en-2.28-236.el8.7
CVE-2018-20657 Anchore CVE Low libgcc-8.5.0-20.el8
CVE-2022-3219 Anchore CVE Low gnupg2-2.2.20-3.el8_6
CVE-2019-9936 Anchore CVE Low sqlite-libs-3.26.0-18.el8_8
CVE-2021-33294 Anchore CVE Low elfutils-debuginfod-client-0.189-3.el8
CVE-2021-3997 Anchore CVE Medium systemd-libs-239-78.el8
CVE-2023-39323 Anchore CVE High stdlib-go1.20.8
CVE-2023-27534 Anchore CVE Low curl-7.61.1-33.el8
CVE-2020-35512 Anchore CVE Low dbus-daemon-1:1.12.8-26.el8
CVE-2019-17543 Anchore CVE Medium lz4-libs-1.8.3-3.el8_4
CVE-2018-19217 Anchore CVE Low ncurses-libs-6.1-10.20180224.el8
CVE-2023-2650 Anchore CVE Medium openssl-libs-1:1.1.1k-9.el8_7
CVE-2018-1000879 Anchore CVE Low libarchive-3.3.3-5.el8
CVE-2023-0466 Anchore CVE Low openssl-libs-1:1.1.1k-9.el8_7
CVE-2023-39325 Anchore CVE High stdlib-go1.20.8
CVE-2019-9674 Anchore CVE Low python3-libs-3.6.8-56.el8_9
CVE-2019-16866 Anchore CVE Low python3-unbound-1.16.2-5.el8
CVE-2020-21674 Anchore CVE Medium libarchive-3.3.3-5.el8
CVE-2018-1000654 Anchore CVE Low libtasn1-4.13-4.el8_7
CVE-2022-27943 Anchore CVE Low libstdc++-8.5.0-20.el8
CVE-2022-0235 Anchore CVE Medium dnf-plugin-subscription-manager-1.28.40-1.el8_9
CVE-2023-39326 Anchore CVE Medium stdlib-go1.20.8
CVE-2021-3997 Anchore CVE Medium systemd-pam-239-78.el8
CVE-2024-25260 Anchore CVE Low elfutils-default-yama-scope-0.189-3.el8
CVE-2021-3997 Anchore CVE Medium systemd-239-78.el8
CVE-2022-0235 Anchore CVE Medium python3-syspurpose-1.28.40-1.el8_9
CVE-2023-45322 Anchore CVE Low python3-libxml2-2.9.7-16.el8_8.1
CVE-2019-9923 Anchore CVE Low tar-2:1.30-9.el8
CVE-2020-35512 Anchore CVE Low dbus-1:1.12.8-26.el8
CVE-2023-39804 Anchore CVE Low tar-2:1.30-9.el8
CVE-2022-27943 Anchore CVE Low libgcc-8.5.0-20.el8
CVE-2020-12413 Anchore CVE Low nss-util-3.90.0-3.el8_8
CVE-2020-19189 Anchore CVE Low ncurses-libs-6.1-10.20180224.el8
CVE-2020-35512 Anchore CVE Low dbus-tools-1:1.12.8-26.el8
CVE-2023-4156 Anchore CVE Low gawk-4.2.1-4.el8
CVE-2022-4899 Anchore CVE Low libzstd-1.4.4-1.el8
CVE-2018-19217 Anchore CVE Low ncurses-base-6.1-10.20180224.el8
CVE-2022-0235 Anchore CVE Medium python3-subscription-manager-rhsm-1.28.40-1.el8_9
CVE-2024-3651 Anchore CVE Medium python3-idna-2.5-5.el8
CVE-2019-8906 Anchore CVE Low file-libs-5.33-25.el8
CVE-2018-20839 Anchore CVE Medium systemd-pam-239-78.el8
CVE-2019-1010022 Anchore CVE Critical glibc-gconv-extra-2.28-236.el8.7
CVE-2018-19211 Anchore CVE Low ncurses-base-6.1-10.20180224.el8
CVE-2018-20225 Anchore CVE Low python3-pip-wheel-9.0.3-23.el8
CVE-2023-44487 Anchore CVE High stdlib-go1.20.8
CVE-2023-3446 OSCAP Compliance Medium
CVE-2023-3817 OSCAP Compliance Medium
CVE-2023-5678 OSCAP Compliance Medium
CCE-86931-3 OSCAP Compliance Medium
CCE-86916-4 OSCAP Compliance Medium
CCE-85902-5 OSCAP Compliance High
CCE-85897-7 OSCAP Compliance Medium
CCE-85870-4 OSCAP Compliance Medium
CCE-85899-3 OSCAP Compliance Medium
CVE-2023-5981 OSCAP Compliance Medium
CVE-2023-39615 OSCAP Compliance Medium
CVE-2023-43804 OSCAP Compliance Medium
CVE-2023-45803 OSCAP Compliance Medium
CVE-2022-48560 OSCAP Compliance Medium
CVE-2022-48564 OSCAP Compliance Medium
CVE-2023-5388 OSCAP Compliance Medium
CVE-2023-27043 OSCAP Compliance Medium
CVE-2023-7104 OSCAP Compliance Medium
CVE-2023-48795 OSCAP Compliance Medium
CVE-2024-0553 OSCAP Compliance Medium
CVE-2021-35937 OSCAP Compliance Medium
CVE-2021-35938 OSCAP Compliance Medium
CVE-2021-35939 OSCAP Compliance Medium
CVE-2023-6135 OSCAP Compliance Medium
CVE-2023-50387 OSCAP Compliance Medium
CVE-2023-50868 OSCAP Compliance Medium
CCE-86261-5 OSCAP Compliance Medium
CCE-80675-2 OSCAP Compliance Medium
CCE-85964-5 OSCAP Compliance Medium
CCE-82891-3 OSCAP Compliance Medium
CCE-84220-3 OSCAP Compliance Low
CCE-83733-6 OSCAP Compliance Low
CCE-80763-6 OSCAP Compliance Medium
CCE-83918-3 OSCAP Compliance Medium
CCE-82988-7 OSCAP Compliance Low
CCE-82840-0 OSCAP Compliance Low
CCE-84300-3 OSCAP Compliance Medium
CCE-86266-4 OSCAP Compliance Medium
CCE-80785-9 OSCAP Compliance High
CCE-82155-3 OSCAP Compliance High
CCE-80942-6 OSCAP Compliance High
CCE-80789-1 OSCAP Compliance High
CCE-86478-5 OSCAP Compliance Medium
CCE-84029-8 OSCAP Compliance Medium
CCE-82028-2 OSCAP Compliance Medium
CCE-80832-9 OSCAP Compliance Medium
CCE-82059-7 OSCAP Compliance Medium
CCE-81031-7 OSCAP Compliance Low
CCE-82005-0 OSCAP Compliance Low
CCE-80834-5 OSCAP Compliance Medium
CCE-82297-3 OSCAP Compliance Low
CCE-80835-2 OSCAP Compliance Medium
CCE-86960-2 OSCAP Compliance Medium
CCE-90784-0 OSCAP Compliance Medium
CCE-80837-8 OSCAP Compliance Medium
CCE-80838-6 OSCAP Compliance Medium
CCE-80839-4 OSCAP Compliance Medium
CCE-80844-4 OSCAP Compliance Medium
CCE-81043-2 OSCAP Compliance Medium
CCE-82191-8 OSCAP Compliance Medium
CCE-82998-6 OSCAP Compliance Medium
CCE-87036-0 OSCAP Compliance Medium
CCE-86260-7 OSCAP Compliance Medium
CCE-80846-9 OSCAP Compliance Medium
CCE-83303-8 OSCAP Compliance Medium
CCE-82976-2 OSCAP Compliance Low
CCE-85983-5 OSCAP Compliance Medium
CCE-82859-0 OSCAP Compliance Medium
CCE-80847-7 OSCAP Compliance Medium
CCE-80644-8 OSCAP Compliance Medium
CCE-82959-8 OSCAP Compliance Medium
CCE-81044-0 OSCAP Compliance Low
CCE-80851-9 OSCAP Compliance Low
CCE-80852-7 OSCAP Compliance Low
CCE-80853-5 OSCAP Compliance Low
CCE-80854-3 OSCAP Compliance Low
CCE-82730-3 OSCAP Compliance Medium
CCE-80859-2 OSCAP Compliance Medium
CCE-86339-9 OSCAP Compliance Medium
CCE-86098-1 OSCAP Compliance Medium
CCE-85992-6 OSCAP Compliance Medium
CCE-83426-7 OSCAP Compliance Medium
CCE-80863-4 OSCAP Compliance Medium
CCE-80868-3 OSCAP Compliance Medium
CCE-80869-1 OSCAP Compliance High
CCE-86353-0 OSCAP Compliance Medium
CCE-82249-4 OSCAP Compliance Medium
CCE-80886-5 OSCAP Compliance Medium
CCE-82426-8 OSCAP Compliance Medium
CCE-82853-3 OSCAP Compliance Medium
CCE-90781-6 OSCAP Compliance Medium
CCE-82462-3 OSCAP Compliance Low
CCE-84027-2 OSCAP Compliance High
CCE-81027-5 OSCAP Compliance Medium
CCE-81030-9 OSCAP Compliance Medium
CCE-82215-5 OSCAP Compliance Medium
CCE-80913-7 OSCAP Compliance Low
CCE-80952-5 OSCAP Compliance Medium
CCE-80915-2 OSCAP Compliance Medium
CCE-81054-9 OSCAP Compliance Low
CCE-80916-0 OSCAP Compliance Medium
CCE-82974-7 OSCAP Compliance Medium
CCE-80953-3 OSCAP Compliance Medium
CCE-82934-1 OSCAP Compliance Medium
CCE-80917-8 OSCAP Compliance Medium
CCE-81011-9 OSCAP Compliance Medium
CCE-86220-1 OSCAP Compliance Medium
CCE-81021-8 OSCAP Compliance Medium
CCE-80918-6 OSCAP Compliance Medium
CCE-80919-4 OSCAP Compliance Medium
CCE-80920-2 OSCAP Compliance Medium
CCE-80921-0 OSCAP Compliance Medium
CCE-80922-8 OSCAP Compliance Medium
CCE-81006-9 OSCAP Compliance Medium
CCE-81009-3 OSCAP Compliance Medium
CCE-81013-5 OSCAP Compliance Medium
CCE-82863-2 OSCAP Compliance Medium
CCE-81007-7 OSCAP Compliance Medium
CCE-81010-1 OSCAP Compliance Medium
CCE-81015-0 OSCAP Compliance Medium
CCE-82211-4 OSCAP Compliance Medium
CCE-83774-0 OSCAP Compliance Medium
CVE-2023-52425 OSCAP Compliance Medium
CVE-2023-28322 OSCAP Compliance Medium
CVE-2023-38546 OSCAP Compliance Medium
CVE-2023-46218 OSCAP Compliance Medium
CVE-2024-1488 OSCAP Compliance Medium
CVE-2024-28834 OSCAP Compliance Medium
CVE-2024-1488 Twistlock CVE Critical unbound-libs-1.16.2-5.el8
CVE-2024-1488 Twistlock CVE Critical python3-unbound-1.16.2-5.el8
CVE-2023-50868 Twistlock CVE Critical unbound-libs-1.16.2-5.el8
CVE-2023-50868 Twistlock CVE Critical python3-unbound-1.16.2-5.el8
CVE-2023-50387 Twistlock CVE Critical python3-unbound-1.16.2-5.el8
CVE-2023-50387 Twistlock CVE Critical unbound-libs-1.16.2-5.el8
CVE-2023-39325 Twistlock CVE High golang.org/x/net/http2-v0.7.0
CVE-2023-44487 Twistlock CVE High golang.org/x/net-v0.7.0
CVE-2023-44487 Twistlock CVE High google.golang.org/grpc-v1.49.0
CVE-2024-25062 Twistlock CVE Medium libxml2-2.9.7-16.el8_8.1
CVE-2024-25062 Twistlock CVE Medium python3-libxml2-2.9.7-16.el8_8.1
CVE-2024-0553 Twistlock CVE Medium gnutls-3.6.16-7.el8
CVE-2023-52425 Twistlock CVE Medium expat-2.2.5-11.el8
CVE-2023-7104 Twistlock CVE Medium sqlite-libs-3.26.0-18.el8_8
CVE-2023-5455 Twistlock CVE Medium krb5-libs-1.18.2-26.el8_9
CVE-2023-7008 Twistlock CVE Medium systemd-239-78.el8
CVE-2023-7008 Twistlock CVE Medium systemd-libs-239-78.el8
CVE-2023-7008 Twistlock CVE Medium systemd-pam-239-78.el8
CVE-2023-5981 Twistlock CVE Medium gnutls-3.6.16-7.el8
CVE-2023-48795 Twistlock CVE Medium libssh-config-0.9.6-10.el8_8
CVE-2023-48795 Twistlock CVE Medium libssh-0.9.6-10.el8_8
CVE-2024-22365 Twistlock CVE Medium pam-1.3.1-27.el8
CVE-2023-52426 Twistlock CVE Medium expat-2.2.5-11.el8
CVE-2023-46218 Twistlock CVE Medium curl-7.61.1-33.el8
CVE-2023-46218 Twistlock CVE Medium libcurl-7.61.1-33.el8
CVE-2023-6135 Twistlock CVE Medium nss-util-3.90.0-3.el8_8
CVE-2023-6135 Twistlock CVE Medium nss-softokn-freebl-3.90.0-3.el8_8
CVE-2023-6135 Twistlock CVE Medium nss-softokn-3.90.0-3.el8_8
CVE-2023-6135 Twistlock CVE Medium nss-sysinit-3.90.0-3.el8_8
CVE-2023-6135 Twistlock CVE Medium nss-3.90.0-3.el8_8
CVE-2024-26461 Twistlock CVE Low krb5-libs-1.18.2-26.el8_9
CVE-2024-26458 Twistlock CVE Low krb5-libs-1.18.2-26.el8_9
CVE-2023-50495 Twistlock CVE Low ncurses-base-6.1-10.20180224.el8
CVE-2023-50495 Twistlock CVE Low ncurses-libs-6.1-10.20180224.el8
CVE-2023-6004 Twistlock CVE Low libssh-0.9.6-10.el8_8
CVE-2023-6004 Twistlock CVE Low libssh-config-0.9.6-10.el8_8
CVE-2024-0727 Twistlock CVE Low openssl-libs-1.1.1k-9.el8_7
CVE-2022-41409 Twistlock CVE Low pcre2-10.32-3.el8_6
CVE-2024-0232 Twistlock CVE Low sqlite-libs-3.26.0-18.el8_8
CVE-2024-25260 Twistlock CVE Low elfutils-libelf-0.189-3.el8
CVE-2024-25260 Twistlock CVE Low elfutils-default-yama-scope-0.189-3.el8
CVE-2024-25260 Twistlock CVE Low elfutils-libs-0.189-3.el8
CVE-2023-6918 Twistlock CVE Low libssh-0.9.6-10.el8_8
CVE-2023-6918 Twistlock CVE Low libssh-config-0.9.6-10.el8_8
CVE-2023-39804 Twistlock CVE Low tar-1.30-9.el8
CVE-2024-2236 Twistlock CVE Medium libgcrypt-1.8.5-7.el8_6
CVE-2024-28834 Twistlock CVE Medium gnutls-3.6.16-7.el8
CVE-2024-2398 Twistlock CVE Medium curl-7.61.1-33.el8
CVE-2024-2398 Twistlock CVE Medium libcurl-7.61.1-33.el8
CVE-2024-28182 Twistlock CVE Medium libnghttp2-1.33.0-5.el8_9
CVE-2024-3205 Twistlock CVE Medium libyaml-0.1.7-5.el8
CVE-2023-45288 Twistlock CVE Medium golang.org/x/net/http2-v0.7.0
CVE-2024-2511 Twistlock CVE Low openssl-libs-1.1.1k-9.el8_7
CVE-2024-2961 Twistlock CVE Critical glibc-gconv-extra-2.28-236.el8.7
CVE-2024-2961 Twistlock CVE Critical glibc-common-2.28-236.el8.7
CVE-2024-2961 Twistlock CVE Critical glibc-2.28-236.el8.7
CVE-2024-2961 Twistlock CVE Critical glibc-minimal-langpack-2.28-236.el8.7
CVE-2024-2961 Twistlock CVE Critical glibc-langpack-en-2.28-236.el8.7
CVE-2023-6597 Twistlock CVE Critical python3-libs-3.6.8-56.el8_9
CVE-2023-6597 Twistlock CVE Critical platform-python-3.6.8-56.el8_9
CVE-2024-0450 Twistlock CVE Medium python3-libs-3.6.8-56.el8_9
CVE-2024-0450 Twistlock CVE Medium platform-python-3.6.8-56.el8_9
CVE-2023-43804 Twistlock CVE Medium platform-python-pip-9.0.3-23.el8
CVE-2023-43804 Twistlock CVE Medium python3-pip-wheel-9.0.3-23.el8
CVE-2024-29040 Twistlock CVE Medium tpm2-tss-2.3.2-5.el8
CVE-2020-35512 Anchore CVE Low dbus-common-1:1.12.8-26.el8
CVE-2019-14250 Anchore CVE Low libgcc-8.5.0-20.el8
CVE-2024-25260 Anchore CVE Low elfutils-debuginfod-client-0.189-3.el8
CVE-2023-32636 Anchore CVE Low glib2-2.56.4-161.el8
CVE-2021-33294 Anchore CVE Low elfutils-default-yama-scope-0.189-3.el8
CVE-2018-20657 Anchore CVE Low libstdc++-8.5.0-20.el8
CVE-2019-1010022 Anchore CVE Critical glibc-2.28-236.el8.7
CVE-2019-16866 Anchore CVE Low unbound-libs-1.16.2-5.el8
CVE-2022-41409 Anchore CVE Low pcre2-10.32-3.el8_6
CVE-2020-35512 Anchore CVE Low dbus-libs-1:1.12.8-26.el8
CVE-2023-36191 Anchore CVE Low sqlite-libs-3.26.0-18.el8_8
CVE-2023-45285 Anchore CVE High stdlib-go1.20.8
CVE-2018-20839 Anchore CVE Medium systemd-239-78.el8
CVE-2022-23990 Anchore CVE Medium expat-2.2.5-11.el8
CVE-2020-12413 Anchore CVE Low nss-sysinit-3.90.0-3.el8_8
CVE-2021-33294 Anchore CVE Low elfutils-libelf-0.189-3.el8
CVE-2023-45322 Anchore CVE Low libxml2-2.9.7-16.el8_8.1
CVE-2023-50495 Anchore CVE Low ncurses-base-6.1-10.20180224.el8
CVE-2018-1000880 Anchore CVE Low libarchive-3.3.3-5.el8
CVE-2019-8905 Anchore CVE Low file-libs-5.33-25.el8
CVE-2020-12413 Anchore CVE Low nss-softokn-freebl-3.90.0-3.el8_8
CVE-2019-1010022 Anchore CVE Critical glibc-common-2.28-236.el8.7
CVE-2021-42694 Anchore CVE Medium libstdc++-8.5.0-20.el8
CVE-2019-14250 Anchore CVE Low libstdc++-8.5.0-20.el8
CVE-2019-1010022 Anchore CVE Critical glibc-minimal-langpack-2.28-236.el8.7
CVE-2023-27534 Anchore CVE Low libcurl-7.61.1-33.el8
CVE-2020-12413 Anchore CVE Low nss-3.90.0-3.el8_8
CVE-2019-12900 Anchore CVE Low bzip2-libs-1.0.6-26.el8
CVE-2024-0232 Anchore CVE Low sqlite-libs-3.26.0-18.el8_8
CVE-2020-12413 Anchore CVE Low nss-softokn-3.90.0-3.el8_8
CVE-2022-0235 Anchore CVE Medium python3-cloud-what-1.28.40-1.el8_9
CVE-2021-24032 Anchore CVE Low libzstd-1.4.4-1.el8
CVE-2021-4209 Anchore CVE Low gnutls-3.6.16-7.el8
CVE-2021-33294 Anchore CVE Low elfutils-libs-0.189-3.el8
CVE-2018-20839 Anchore CVE Medium systemd-libs-239-78.el8
CVE-2023-43804 Anchore CVE Medium platform-python-pip-9.0.3-23.el8
CVE-2023-43804 Anchore CVE Medium python3-pip-wheel-9.0.3-23.el8
CVE-2024-33655 Anchore CVE Low python3-unbound-1.16.2-5.el8
CVE-2024-33655 Anchore CVE Low unbound-libs-1.16.2-5.el8
CVE-2024-2961 OSCAP Compliance Medium
CVE-2024-34397 Twistlock CVE Medium glib2-2.56.4-161.el8
CVE-2024-33655 Twistlock CVE Low unbound-libs-1.16.2-5.el8
CVE-2024-33655 Twistlock CVE Low python3-unbound-1.16.2-5.el8
CVE-2024-34459 Twistlock CVE Medium libxml2-2.9.7-16.el8_8.1
CVE-2024-34459 Twistlock CVE Medium python3-libxml2-2.9.7-16.el8_8.1

VAT: https://vat.dso.mil/vat/image?imageName=opensource/kubernetes-sigs/aws-encryption-provider&tag=0.0.5&branch=master
More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=opensource/kubernetes-sigs/aws-encryption-provider&tag=0.0.5&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by Ghost User
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI