chore(findings): opensource/metrostar/dask-gateway
Summary
opensource/metrostar/dask-gateway has 11 new findings discovered during continuous monitoring.
| id | source | severity | package |
|---|---|---|---|
| CVE-2022-22817 | twistlock_cve | Critical | pillow-8.4.0 |
| CVE-2022-22815 | twistlock_cve | Critical | pillow-8.4.0 |
| CVE-2022-22816 | twistlock_cve | Medium | pillow-8.4.0 |
| CVE-2021-34141 | twistlock_cve | Medium | numpy-1.21.4 |
| GHSA-pw3c-h7wp-cvhx | anchore_cve | Critical | Pillow-8.4.0 |
| CVE-2021-34141 | anchore_cve | Medium | numpy-1.21.4 |
| GHSA-8vj2-vxx3-667w | anchore_cve | Critical | Pillow-8.4.0 |
| GHSA-xrcv-f9gm-v42c | anchore_cve | Medium | Pillow-8.4.0 |
| GHSA-9j59-75qj-795w | anchore_cve | Critical | Pillow-8.4.0 |
| GHSA-4fx9-vc88-q2xc | anchore_cve | Low | Pillow-8.4.0 |
| CVE-2022-24303 | twistlock_cve | Critical | pillow-8.4.0 |
VAT: https://vat.dso.mil/vat/container/17118?branch=master
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/opensource/metrostar/dask-gateway/-/jobs/9876162
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official
Edited by Ghost User