UNCLASSIFIED - NO CUI

Skip to content

chore(findings): opensource/palo-alto-networks/demisto/unzip

Summary

opensource/palo-alto-networks/demisto/unzip has 295 new findings discovered during continuous monitoring.

id source severity package
addbb93c22e9b0988b8b40392a4538cb Anchore Compliance Low
CVE-2022-45061 Anchore CVE High python-3.9.13
CVE-2022-42919 Anchore CVE High python-3.9.13
CVE-2022-37454 Anchore CVE Critical python-3.9.13
GHSA-43fp-rhv2-5gv8 Anchore CVE Medium certifi-2021.5.30
GHSA-r9hx-vwmv-q579 Anchore CVE High setuptools-63.2.0
GHSA-qwmp-2cf2-g9g6 Anchore CVE High wheel-0.37.1
CVE-2020-10735 Anchore CVE High python-3.9.13
CVE-2023-24329 Anchore CVE High python-3.9.13
CVE-2018-20225 Anchore CVE High pip-22.1.2
CVE-2023-27043 Anchore CVE Medium python-3.9.13
CVE-2023-36632 Anchore CVE High python-3.9.13
CVE-2023-27043 Anchore CVE Medium python-3.9.13
CVE-2022-42919 Anchore CVE High python-3.9.13
CVE-2020-10735 Anchore CVE High python-3.9.13
CVE-2023-29383 Anchore CVE Medium util-linux-2.32.1-42.el8_8
CVE-2022-37454 Anchore CVE Critical python-3.9.13
CVE-2023-29383 Anchore CVE Medium libblkid-2.32.1-42.el8_8
CVE-2023-27043 Anchore CVE Medium platform-python-3.6.8-51.el8_8.1
GHSA-j8r2-6x86-q33q Anchore CVE Medium requests-2.25.1
CVE-2023-29383 Anchore CVE Medium libsmartcols-2.32.1-42.el8_8
CVE-2015-20107 Anchore CVE High python-3.9.13
CVE-2023-29383 Anchore CVE Medium libfdisk-2.32.1-42.el8_8
CVE-2023-27043 Anchore CVE Medium python3-libs-3.6.8-51.el8_8.1
CVE-2023-29383 Anchore CVE Medium libmount-2.32.1-42.el8_8
CVE-2023-24329 Anchore CVE High python-3.9.13
CVE-2007-4559 Anchore CVE Medium python3-libs-3.6.8-51.el8_8.1
CVE-2021-28861 Anchore CVE High python-3.9.13
CVE-2023-36632 Anchore CVE High python-3.9.13
CVE-2007-4559 Anchore CVE Medium python-3.9.13
CVE-2022-45061 Anchore CVE High python-3.9.13
CVE-2023-29383 Anchore CVE Medium libuuid-2.32.1-42.el8_8
CVE-2007-4559 Anchore CVE Medium platform-python-3.6.8-51.el8_8.1
GHSA-xqr8-7jwr-rhp7 Anchore CVE High certifi-2021.5.30
CVE-2023-32681 Anchore CVE Medium python3-requests-2.20.0-3.el8_8
CVE-2023-28322 Anchore CVE Low libcurl-7.61.1-30.el8_8.3
CVE-2023-27538 Anchore CVE Low libcurl-7.61.1-30.el8_8.3
CVE-2023-27538 Anchore CVE Low curl-7.61.1-30.el8_8.3
CVE-2021-32256 Anchore CVE Medium gdb-gdbserver-8.2-19.el8
CVE-2021-44568 Anchore CVE Low libsolv-0.7.20-4.el8_7
CVE-2023-28320 Anchore CVE Low curl-7.61.1-30.el8_8.3
CVE-2023-28322 Anchore CVE Low curl-7.61.1-30.el8_8.3
CVE-2023-3446 Anchore CVE Low openssl-1:1.1.1k-9.el8_7
CVE-2023-3446 Anchore CVE Low openssl-libs-1:1.1.1k-9.el8_7
CVE-2023-28320 Anchore CVE Low libcurl-7.61.1-30.el8_8.3
CVE-2020-35342 Anchore CVE Medium gdb-gdbserver-8.2-19.el8
CVE-2020-19726 Anchore CVE Medium gdb-gdbserver-8.2-19.el8
CVE-2022-47007 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47673 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2020-19724 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-45703 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47011 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2020-21490 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-35206 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2021-46174 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47696 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47695 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47010 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-48063 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-48065 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-48064 Anchore CVE Low gdb-gdbserver-8.2-19.el8
CVE-2020-22916 Anchore CVE Low xz-libs-5.2.4-4.el8_6
CVE-2022-48554 Anchore CVE Low file-libs-5.33-24.el8
CVE-2023-40217 Anchore CVE High platform-python-3.6.8-51.el8_8.1
CVE-2023-40217 Anchore CVE Medium python-3.9.13
CVE-2023-40217 Anchore CVE High python3-libs-3.6.8-51.el8_8.1
CVE-2023-40217 Anchore CVE Medium python-3.9.13
CVE-2023-39615 Anchore CVE Medium python3-libxml2-2.9.7-16.el8_8.1
CVE-2023-39615 Anchore CVE Medium libxml2-2.9.7-16.el8_8.1
CVE-2023-4641 Anchore CVE Low shadow-utils-2:4.6-17.el8
CVE-2023-4752 Anchore CVE Low vim-minimal-2:8.0.1763-19.el8_6.4
CVE-2023-4039 Anchore CVE Medium libstdc++-8.5.0-18.el8
CVE-2023-4039 Anchore CVE Medium libgcc-8.5.0-18.el8
CVE-2023-4421 Anchore CVE Medium nss-softokn-freebl-3.90.0-3.el8_8
CVE-2020-19185 Anchore CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2020-19190 Anchore CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2020-19190 Anchore CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2020-19187 Anchore CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2020-19186 Anchore CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2020-19187 Anchore CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2023-4421 Anchore CVE Medium nss-3.90.0-3.el8_8
CVE-2020-19185 Anchore CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2020-19188 Anchore CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2023-4421 Anchore CVE Medium nss-util-3.90.0-3.el8_8
CVE-2023-4421 Anchore CVE Medium nss-softokn-3.90.0-3.el8_8
CVE-2020-19188 Anchore CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2023-4421 Anchore CVE Medium nss-sysinit-3.90.0-3.el8_8
CVE-2020-19186 Anchore CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2019-25033 Anchore CVE Medium unbound-libs-1.16.2-5.el8
CVE-2019-25033 Anchore CVE Medium python3-unbound-1.16.2-5.el8
CVE-2020-20703 Anchore CVE Low vim-minimal-2:8.0.1763-19.el8_6.4
CVE-2021-39537 Anchore CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2023-36632 Anchore CVE Medium platform-python-3.6.8-51.el8_8.1
CVE-2021-39537 Anchore CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2023-30571 Anchore CVE Medium libarchive-3.3.3-5.el8
CVE-2023-36632 Anchore CVE Medium python3-libs-3.6.8-51.el8_8.1
GHSA-v845-jxx5-vc9f Anchore CVE Medium urllib3-1.26.5
CVE-2023-0687 Anchore CVE Medium glibc-minimal-langpack-2.28-225.el8_8.6
CVE-2023-0687 Anchore CVE Medium glibc-langpack-en-2.28-225.el8_8.6
CVE-2023-0687 Anchore CVE Medium glibc-common-2.28-225.el8_8.6
CVE-2023-45322 Anchore CVE Medium libxml2-2.9.7-16.el8_8.1
CVE-2023-5156 Anchore CVE Medium glibc-2.28-225.el8_8.6
CVE-2023-43804 Anchore CVE Medium python3-urllib3-1.24.2-5.el8
CVE-2023-43804 Anchore CVE Medium python3-pip-wheel-9.0.3-22.el8
CVE-2023-0687 Anchore CVE Medium glibc-2.28-225.el8_8.6
CVE-2023-45322 Anchore CVE Medium python3-libxml2-2.9.7-16.el8_8.1
CVE-2023-5156 Anchore CVE Medium glibc-common-2.28-225.el8_8.6
CVE-2023-43804 Anchore CVE Medium platform-python-pip-9.0.3-22.el8
CVE-2023-38546 Anchore CVE Low libcurl-7.61.1-30.el8_8.3
CVE-2023-5156 Anchore CVE Medium glibc-langpack-en-2.28-225.el8_8.6
CVE-2023-5156 Anchore CVE Medium glibc-minimal-langpack-2.28-225.el8_8.6
CVE-2023-5156 Anchore CVE Medium glibc-gconv-extra-2.28-225.el8_8.6
CVE-2023-38546 Anchore CVE Low curl-7.61.1-30.el8_8.3
CVE-2023-0687 Anchore CVE Medium glibc-gconv-extra-2.28-225.el8_8.6
CVE-2023-5388 Anchore CVE Medium nss-softokn-freebl-3.90.0-3.el8_8
CVE-2023-5388 Anchore CVE Medium nss-3.90.0-3.el8_8
CVE-2023-5388 Anchore CVE Medium nss-sysinit-3.90.0-3.el8_8
CVE-2023-5388 Anchore CVE Medium nss-util-3.90.0-3.el8_8
CVE-2023-5388 Anchore CVE Medium nss-softokn-3.90.0-3.el8_8
CVE-2023-44487 Anchore CVE High libnghttp2-1.33.0-5.el8_8
CVE-2022-40898 Twistlock CVE High wheel-0.37.1
PRISMA-2022-0404 Twistlock CVE Medium wheel-0.37.1
CVE-2022-23491 Twistlock CVE Medium certifi-2021.5.30
CVE-2023-0512 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-0433 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-0054 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-4292 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-3352 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-3296 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-3256 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-3235 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-3234 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-3037 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-2946 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-1127 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-0288 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-0049 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-3705 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-3219 Twistlock CVE Low gnupg2-smime-2.2.20-3.el8_6
CVE-2022-3153 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-1264 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-4293 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-2980 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-2923 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-1175 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-1170 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-2849 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2020-17049 Twistlock CVE Medium krb5-libs-1.18.2-25.el8_8
CVE-2022-23990 Twistlock CVE Medium expat-2.2.5-11.el8
CVE-2021-35939 Twistlock CVE Medium rpm-libs-4.14.3-26.el8
CVE-2021-35939 Twistlock CVE Medium rpm-build-libs-4.14.3-26.el8
CVE-2021-35939 Twistlock CVE Medium python3-rpm-4.14.3-26.el8
CVE-2021-35939 Twistlock CVE Medium rpm-4.14.3-26.el8
CVE-2021-35938 Twistlock CVE Medium rpm-4.14.3-26.el8
CVE-2021-35938 Twistlock CVE Medium rpm-build-libs-4.14.3-26.el8
CVE-2021-35938 Twistlock CVE Medium python3-rpm-4.14.3-26.el8
CVE-2021-35938 Twistlock CVE Medium rpm-libs-4.14.3-26.el8
CVE-2021-35937 Twistlock CVE Medium rpm-libs-4.14.3-26.el8
CVE-2021-35937 Twistlock CVE Medium rpm-build-libs-4.14.3-26.el8
CVE-2021-35937 Twistlock CVE Medium python3-rpm-4.14.3-26.el8
CVE-2021-35937 Twistlock CVE Medium rpm-4.14.3-26.el8
CVE-2023-30571 Twistlock CVE Medium libarchive-3.3.3-5.el8
CVE-2023-27043 Twistlock CVE Medium python3-libs-3.6.8-51.el8_8.1
CVE-2023-27043 Twistlock CVE Medium platform-python-3.6.8-51.el8_8.1
CVE-2020-21674 Twistlock CVE Low libarchive-3.3.3-5.el8
CVE-2019-9674 Twistlock CVE Low python3-libs-3.6.8-51.el8_8.1
CVE-2019-9674 Twistlock CVE Low platform-python-3.6.8-51.el8_8.1
CVE-2019-19244 Twistlock CVE Low sqlite-libs-3.26.0-18.el8_8
CVE-2023-2953 Twistlock CVE Low openldap-2.4.46-18.el8
CVE-2023-2650 Twistlock CVE Low openssl-libs-1.1.1k-9.el8_7
CVE-2023-2650 Twistlock CVE Low openssl-1.1.1k-9.el8_7
CVE-2023-32665 Twistlock CVE Low glib2-2.56.4-161.el8
CVE-2023-32611 Twistlock CVE Low glib2-2.56.4-161.el8
CVE-2023-29499 Twistlock CVE Low glib2-2.56.4-161.el8
CVE-2023-2610 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-2609 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2022-27943 Twistlock CVE Low libgcc-8.5.0-18.el8
CVE-2022-27943 Twistlock CVE Low libstdc++-8.5.0-18.el8
CVE-2019-16866 Twistlock CVE Low python3-unbound-1.16.2-5.el8
CVE-2019-16866 Twistlock CVE Low unbound-libs-1.16.2-5.el8
CVE-2023-32636 Twistlock CVE Low glib2-2.56.4-161.el8
CVE-2019-8906 Twistlock CVE Low file-libs-5.33-24.el8
CVE-2019-8905 Twistlock CVE Low file-libs-5.33-24.el8
CVE-2021-20193 Twistlock CVE Low tar-1.30-9.el8
CVE-2019-9937 Twistlock CVE Low sqlite-libs-3.26.0-18.el8_8
CVE-2019-9936 Twistlock CVE Low sqlite-libs-3.26.0-18.el8_8
CVE-2019-9923 Twistlock CVE Low tar-1.30-9.el8
CVE-2019-14250 Twistlock CVE Low libgcc-8.5.0-18.el8
CVE-2019-14250 Twistlock CVE Low libstdc++-8.5.0-18.el8
CVE-2018-20657 Twistlock CVE Low libstdc++-8.5.0-18.el8
CVE-2018-20657 Twistlock CVE Low libgcc-8.5.0-18.el8
CVE-2018-1000880 Twistlock CVE Low libarchive-3.3.3-5.el8
CVE-2018-1000879 Twistlock CVE Low libarchive-3.3.3-5.el8
CVE-2023-3446 Twistlock CVE Low openssl-libs-1.1.1k-9.el8_7
CVE-2023-3446 Twistlock CVE Low openssl-1.1.1k-9.el8_7
CVE-2023-37920 Twistlock CVE Critical certifi-2021.5.30
CVE-2023-3817 Twistlock CVE Low openssl-libs-1.1.1k-9.el8_7
CVE-2023-3817 Twistlock CVE Low openssl-1.1.1k-9.el8_7
CVE-2020-20703 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-4156 Twistlock CVE Low gawk-4.2.1-4.el8
CVE-2020-35512 Twistlock CVE Low dbus-1.12.8-24.el8_8.1
CVE-2020-35512 Twistlock CVE Low dbus-common-1.12.8-24.el8_8.1
CVE-2020-35512 Twistlock CVE Low dbus-libs-1.12.8-24.el8_8.1
CVE-2020-35512 Twistlock CVE Low dbus-daemon-1.12.8-24.el8_8.1
CVE-2020-35512 Twistlock CVE Low dbus-tools-1.12.8-24.el8_8.1
CVE-2023-28322 Twistlock CVE Low libcurl-7.61.1-30.el8_8.3
CVE-2023-28322 Twistlock CVE Low curl-7.61.1-30.el8_8.3
CVE-2023-27534 Twistlock CVE Low libcurl-7.61.1-30.el8_8.3
CVE-2023-27534 Twistlock CVE Low curl-7.61.1-30.el8_8.3
CVE-2021-3236 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2021-33294 Twistlock CVE Low elfutils-default-yama-scope-0.188-3.el8
CVE-2021-33294 Twistlock CVE Low elfutils-libelf-0.188-3.el8
CVE-2021-33294 Twistlock CVE Low elfutils-libs-0.188-3.el8
CVE-2022-0235 Twistlock CVE Medium python3-cloud-what-1.28.36-3.el8_8
CVE-2022-0235 Twistlock CVE Medium python3-syspurpose-1.28.36-3.el8_8
CVE-2022-0235 Twistlock CVE Medium subscription-manager-rhsm-certificates-1.28.36-3.el8_8
CVE-2022-0235 Twistlock CVE Medium python3-subscription-manager-rhsm-1.28.36-3.el8_8
CVE-2022-0235 Twistlock CVE Medium subscription-manager-1.28.36-3.el8_8
CVE-2022-0235 Twistlock CVE Medium dnf-plugin-subscription-manager-1.28.36-3.el8_8
CVE-2022-48065 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-48064 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-48063 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2020-21490 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2020-19726 Twistlock CVE Medium gdb-gdbserver-8.2-19.el8
CVE-2020-19724 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47696 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47695 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47673 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47011 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47010 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47008 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-47007 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-45703 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2022-35206 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2021-46174 Twistlock CVE Low gdb-gdbserver-8.2-19.el8
CVE-2020-35342 Twistlock CVE Medium gdb-gdbserver-8.2-19.el8
CVE-2023-40217 Twistlock CVE Critical python3-libs-3.6.8-51.el8_8.1
CVE-2023-40217 Twistlock CVE Critical platform-python-3.6.8-51.el8_8.1
CVE-2023-4641 Twistlock CVE Low shadow-utils-4.6-17.el8
CVE-2023-4751 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-4738 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-4734 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-4752 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-4735 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-4781 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-4039 Twistlock CVE Medium libstdc++-8.5.0-18.el8
CVE-2023-4039 Twistlock CVE Medium libgcc-8.5.0-18.el8
CVE-2023-4421 Twistlock CVE Medium nss-3.90.0-3.el8_8
CVE-2023-4421 Twistlock CVE Medium nss-softokn-3.90.0-3.el8_8
CVE-2023-4421 Twistlock CVE Medium nss-util-3.90.0-3.el8_8
CVE-2023-4421 Twistlock CVE Medium nss-softokn-freebl-3.90.0-3.el8_8
CVE-2023-4421 Twistlock CVE Medium nss-sysinit-3.90.0-3.el8_8
CVE-2020-19190 Twistlock CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2020-19190 Twistlock CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2020-19189 Twistlock CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2020-19189 Twistlock CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2020-19188 Twistlock CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2020-19188 Twistlock CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2020-19187 Twistlock CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2020-19187 Twistlock CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2020-19186 Twistlock CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2020-19186 Twistlock CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2020-19185 Twistlock CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2020-19185 Twistlock CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2018-20839 Twistlock CVE Medium systemd-239-74.el8_8.5
CVE-2018-20839 Twistlock CVE Medium systemd-pam-239-74.el8_8.5
CVE-2018-20839 Twistlock CVE Medium systemd-libs-239-74.el8_8.5
CVE-2021-39537 Twistlock CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2021-39537 Twistlock CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2020-12413 Twistlock CVE Low nss-sysinit-3.90.0-3.el8_8
CVE-2020-12413 Twistlock CVE Low nss-3.90.0-3.el8_8
CVE-2020-12413 Twistlock CVE Low nss-util-3.90.0-3.el8_8
CVE-2020-12413 Twistlock CVE Low nss-softokn-freebl-3.90.0-3.el8_8
CVE-2020-12413 Twistlock CVE Low nss-softokn-3.90.0-3.el8_8
CVE-2021-3997 Twistlock CVE Low systemd-239-74.el8_8.5
CVE-2021-3997 Twistlock CVE Low systemd-libs-239-74.el8_8.5
CVE-2021-3997 Twistlock CVE Low systemd-pam-239-74.el8_8.5
CVE-2018-19211 Twistlock CVE Low ncurses-libs-6.1-9.20180224.el8_8.1
CVE-2018-19211 Twistlock CVE Low ncurses-base-6.1-9.20180224.el8_8.1
CVE-2023-43804 Twistlock CVE Medium python3-urllib3-1.24.2-5.el8
CVE-2023-5441 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-38546 Twistlock CVE Low libcurl-7.61.1-30.el8_8.3
CVE-2023-38546 Twistlock CVE Low curl-7.61.1-30.el8_8.3
CVE-2023-5344 Twistlock CVE Low vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-5388 Twistlock CVE Medium nss-softokn-freebl-3.90.0-3.el8_8
CVE-2023-5388 Twistlock CVE Medium nss-sysinit-3.90.0-3.el8_8
CVE-2023-5388 Twistlock CVE Medium nss-3.90.0-3.el8_8
CVE-2023-5388 Twistlock CVE Medium nss-util-3.90.0-3.el8_8
CVE-2023-5388 Twistlock CVE Medium nss-softokn-3.90.0-3.el8_8
CVE-2023-5535 Twistlock CVE Critical vim-minimal-8.0.1763-19.el8_6.4
CVE-2023-45853 Twistlock CVE Medium zlib-1.2.11-21.el8_7
CVE-2023-45803 Twistlock CVE Medium urllib3-1.24.2
CVE-2018-25091 Twistlock CVE Medium python3-urllib3-1.24.2-5.el8
CVE-2018-25091 Twistlock CVE Medium platform-python-pip-9.0.3-22.el8
CVE-2018-25091 Twistlock CVE Medium python3-pip-wheel-9.0.3-22.el8

VAT: https://vat.dso.mil/vat/image?imageName=opensource/palo-alto-networks/demisto/unzip&tag=1.0.0.23423&branch=master
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/opensource/palo-alto-networks/demisto/unzip/-/jobs/14350786

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the ~"Hardening::Approval" label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications
  • Send approval request to Authorizing Official
  • Close issue after approval from Authorizing Official

Note: If the above approval process is rejected for any reason, the Approval label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Approval label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by W. Scott Rogers
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI