UNCLASSIFIED - NO CUI

Skip to content

chore(findings): opensource/metrostar/tip-dependencies

Summary

opensource/metrostar/tip-dependencies has 106 new findings discovered during continuous monitoring.

id source package
CVE-2018-20839 twistlock_cve systemd-libs-239-51.el8_5.3
CVE-2018-20839 twistlock_cve systemd-239-51.el8_5.3
CVE-2019-20386 twistlock_cve systemd-239-51.el8_5.3
CVE-2018-20839 twistlock_cve systemd-pam-239-51.el8_5.3
CVE-2021-23177 twistlock_cve libarchive-3.3.3-1.el8
CVE-2021-31566 twistlock_cve libarchive-3.3.3-1.el8
CVE-2021-31566 anchore_cve libarchive-3.3.3-1.el8
CVE-2021-23177 anchore_cve libarchive-3.3.3-1.el8
CVE-2021-3712 twistlock_cve openssl-libs-1.1.1k-5.el8_5
CVE-2021-23841 twistlock_cve openssl-libs-1.1.1k-5.el8_5
CVE-2021-3712 twistlock_cve openssl-1.1.1k-5.el8_5
CVE-2021-23841 twistlock_cve openssl-1.1.1k-5.el8_5
CVE-2021-4189 anchore_cve platform-python-3.6.8-41.el8
CVE-2021-4189 anchore_cve python3-libs-3.6.8-41.el8
CVE-2021-4189 twistlock_cve python3-libs-3.6.8-41.el8
CVE-2021-4189 twistlock_cve platform-python-3.6.8-41.el8
CVE-2021-34141 twistlock_cve numpy-1.21.3
CCE-85902-5 oscap_comp Uninherited
CCE-85897-7 oscap_comp Uninherited
CCE-85870-4 oscap_comp Uninherited
CCE-85899-3 oscap_comp Uninherited
CCE-86233-4 oscap_comp Uninherited
CCE-85987-6 oscap_comp Uninherited
CCE-85910-8 oscap_comp Uninherited
CVE-2021-3997 twistlock_cve systemd-pam-239-51.el8_5.3
CVE-2021-3997 twistlock_cve systemd-libs-239-51.el8_5.3
CVE-2021-3997 twistlock_cve systemd-239-51.el8_5.3
CVE-2021-3999 twistlock_cve glibc-minimal-langpack-2.28-164.el8
CVE-2021-3999 twistlock_cve glibc-2.28-164.el8
CVE-2021-3999 twistlock_cve glibc-common-2.28-164.el8
CVE-2021-3999 twistlock_cve glibc-langpack-en-2.28-164.el8
CVE-2021-3999 anchore_cve glibc-common-2.28-164.el8
CVE-2021-3999 anchore_cve glibc-minimal-langpack-2.28-164.el8
CVE-2021-3999 anchore_cve glibc-langpack-en-2.28-164.el8
CVE-2021-3997 anchore_cve systemd-pam-239-51.el8_5.3
CVE-2021-3997 anchore_cve systemd-239-51.el8_5.3
CVE-2021-3999 anchore_cve glibc-2.28-164.el8
CVE-2021-3997 anchore_cve systemd-libs-239-51.el8_5.3
CVE-2022-23218 twistlock_cve glibc-minimal-langpack-2.28-164.el8
CVE-2022-23219 twistlock_cve glibc-minimal-langpack-2.28-164.el8
CVE-2022-23218 twistlock_cve glibc-2.28-164.el8
CVE-2022-23219 twistlock_cve glibc-2.28-164.el8
CVE-2022-23218 twistlock_cve glibc-common-2.28-164.el8
CVE-2022-23219 twistlock_cve glibc-common-2.28-164.el8
CVE-2022-23218 twistlock_cve glibc-langpack-en-2.28-164.el8
CVE-2022-23219 twistlock_cve glibc-langpack-en-2.28-164.el8
CVE-2021-45960 twistlock_cve expat-2.2.5-4.el8
CVE-2021-46143 twistlock_cve expat-2.2.5-4.el8
CVE-2022-22822 twistlock_cve expat-2.2.5-4.el8
CVE-2022-22823 twistlock_cve expat-2.2.5-4.el8
CVE-2022-22824 twistlock_cve expat-2.2.5-4.el8
CVE-2022-22825 twistlock_cve expat-2.2.5-4.el8
CVE-2022-22826 twistlock_cve expat-2.2.5-4.el8
CVE-2022-22827 twistlock_cve expat-2.2.5-4.el8
CVE-2022-23852 twistlock_cve expat-2.2.5-4.el8
CVE-2021-46195 twistlock_cve libgcc-8.5.0-4.el8_5
CVE-2022-0391 twistlock_cve python3-libs-3.6.8-41.el8
CVE-2022-0391 twistlock_cve platform-python-3.6.8-41.el8
CVE-2021-43519 twistlock_cve lua-libs-5.3.4-12.el8
CCE-80667-9 oscap_comp Uninherited
CCE-80668-7 oscap_comp Uninherited
CCE-80669-5 oscap_comp Uninherited
CCE-80670-3 oscap_comp Uninherited
CCE-81037-4 oscap_comp Uninherited
CCE-81035-8 oscap_comp Uninherited
CVE-2021-35939 twistlock_cve rpm-libs-4.14.3-19.el8_5.2
CVE-2021-35938 twistlock_cve rpm-libs-4.14.3-19.el8_5.2
CVE-2021-35937 twistlock_cve rpm-libs-4.14.3-19.el8_5.2
CVE-2021-35939 twistlock_cve python3-rpm-4.14.3-19.el8_5.2
CVE-2021-35938 twistlock_cve python3-rpm-4.14.3-19.el8_5.2
CVE-2021-35937 twistlock_cve python3-rpm-4.14.3-19.el8_5.2
CVE-2021-35939 twistlock_cve rpm-4.14.3-19.el8_5.2
CVE-2021-35938 twistlock_cve rpm-4.14.3-19.el8_5.2
CVE-2021-35937 twistlock_cve rpm-4.14.3-19.el8_5.2
CVE-2021-35939 twistlock_cve rpm-build-libs-4.14.3-19.el8_5.2
CVE-2021-35938 twistlock_cve rpm-build-libs-4.14.3-19.el8_5.2
CVE-2021-35937 twistlock_cve rpm-build-libs-4.14.3-19.el8_5.2
CVE-2018-20786 twistlock_cve vim-minimal-8.0.1763-16.el8_5.4
CVE-2021-3927 twistlock_cve vim-minimal-8.0.1763-16.el8_5.4
CVE-2021-3974 twistlock_cve vim-minimal-8.0.1763-16.el8_5.4
CVE-2021-4166 twistlock_cve vim-minimal-8.0.1763-16.el8_5.4
CVE-2022-0318 twistlock_cve vim-minimal-8.0.1763-16.el8_5.4
CVE-2022-0261 twistlock_cve vim-minimal-8.0.1763-16.el8_5.4
CVE-2022-0351 twistlock_cve vim-minimal-8.0.1763-16.el8_5.4
CVE-2022-0359 twistlock_cve vim-minimal-8.0.1763-16.el8_5.4
CVE-2022-0413 twistlock_cve vim-minimal-8.0.1763-16.el8_5.4
CVE-2022-0392 twistlock_cve vim-minimal-8.0.1763-16.el8_5.4
CVE-2021-35937 anchore_cve rpm-build-libs-4.14.3-19.el8_5.2
CVE-2021-35938 anchore_cve rpm-libs-4.14.3-19.el8_5.2
CVE-2021-3521 anchore_cve rpm-4.14.3-19.el8_5.2
CVE-2021-35939 anchore_cve rpm-libs-4.14.3-19.el8_5.2
CVE-2021-35938 anchore_cve rpm-4.14.3-19.el8_5.2
CVE-2021-4122 anchore_cve cryptsetup-libs-2.3.3-4.el8_5.1
CVE-2021-3521 anchore_cve rpm-libs-4.14.3-19.el8_5.2
CVE-2021-35938 anchore_cve python3-rpm-4.14.3-19.el8_5.2
CVE-2021-35938 anchore_cve rpm-build-libs-4.14.3-19.el8_5.2
CVE-2021-35939 anchore_cve python3-rpm-4.14.3-19.el8_5.2
CVE-2021-3521 anchore_cve python3-rpm-4.14.3-19.el8_5.2
CVE-2021-35937 anchore_cve python3-rpm-4.14.3-19.el8_5.2
CVE-2021-35939 anchore_cve rpm-4.14.3-19.el8_5.2
CVE-2021-35939 anchore_cve rpm-build-libs-4.14.3-19.el8_5.2
CVE-2021-3521 anchore_cve rpm-build-libs-4.14.3-19.el8_5.2
CVE-2021-35937 anchore_cve rpm-libs-4.14.3-19.el8_5.2
CVE-2021-35937 anchore_cve rpm-4.14.3-19.el8_5.2
CVE-2020-1712 twistlock_cve systemd-239-51.el8_5.3
CVE-2021-43818 twistlock_cve lxml-4.6.3

More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/opensource/metrostar/tip-dependencies/-/jobs/9875405

Definition of Done

Justifications:

  • All findings have been justified
  • Justifications have been provided to the container hardening team

Approval Process:

  • Findings Approver has reviewed and approved all justifications
  • Approval request has been sent to Authorizing Official
  • Approval request has been processed by Authorizing Official
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI