chore(findings): opensource/rtems-5.1/rtems-5.1
Summary
opensource/rtems-5.1/rtems-5.1 has 41 new findings discovered during continuous monitoring.
| id | source | package |
|---|---|---|
| CVE-2021-42694 | twistlock_cve | libgcc-8.5.0-4.el8_5 |
| CVE-2021-3974 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
| CVE-2020-17049 | twistlock_cve | krb5-libs-1.18.2-14.el8 |
| CVE-2021-3733 | twistlock_cve | python3-libs-3.6.8-41.el8 |
| CVE-2021-3733 | twistlock_cve | platform-python-3.6.8-41.el8 |
| CVE-2021-43618 | twistlock_cve | gmp-6.1.2-10.el8 |
| CVE-2021-3984 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
| CVE-2020-12401 | twistlock_cve | nss-util-3.67.0-7.el8_5 |
| CVE-2020-12413 | twistlock_cve | nss-util-3.67.0-7.el8_5 |
| CVE-2020-12401 | twistlock_cve | nss-softokn-3.67.0-7.el8_5 |
| CVE-2020-12413 | twistlock_cve | nss-softokn-3.67.0-7.el8_5 |
| CVE-2020-12401 | twistlock_cve | nss-3.67.0-7.el8_5 |
| CVE-2020-12413 | twistlock_cve | nss-3.67.0-7.el8_5 |
| CVE-2020-12401 | twistlock_cve | nss-softokn-freebl-3.67.0-7.el8_5 |
| CVE-2020-12413 | twistlock_cve | nss-softokn-freebl-3.67.0-7.el8_5 |
| CVE-2020-12401 | twistlock_cve | nss-sysinit-3.67.0-7.el8_5 |
| CVE-2020-12413 | twistlock_cve | nss-sysinit-3.67.0-7.el8_5 |
| CVE-2020-12401 | anchore_cve | nss-3.67.0-7.el8_5 |
| CVE-2020-12401 | anchore_cve | nss-softokn-freebl-3.67.0-7.el8_5 |
| CVE-2020-12401 | anchore_cve | nss-softokn-3.67.0-7.el8_5 |
| CVE-2020-12401 | anchore_cve | nss-util-3.67.0-7.el8_5 |
| CVE-2020-12401 | anchore_cve | nss-sysinit-3.67.0-7.el8_5 |
| CVE-2021-4019 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
| CVE-2018-20839 | twistlock_cve | systemd-pam-239-51.el8_5.3 |
| CVE-2018-20839 | twistlock_cve | systemd-libs-239-51.el8_5.3 |
| CVE-2018-20839 | twistlock_cve | systemd-239-51.el8_5.3 |
| CVE-2019-20386 | twistlock_cve | systemd-239-51.el8_5.3 |
| CVE-2021-23177 | twistlock_cve | libarchive-3.3.3-1.el8 |
| CVE-2021-31566 | twistlock_cve | libarchive-3.3.3-1.el8 |
| CVE-2021-23177 | anchore_cve | libarchive-3.3.3-1.el8 |
| CVE-2021-31566 | anchore_cve | libarchive-3.3.3-1.el8 |
| CVE-2021-3712 | twistlock_cve | openssl-libs-1.1.1k-5.el8_5 |
| CVE-2021-23841 | twistlock_cve | openssl-libs-1.1.1k-5.el8_5 |
| CVE-2021-3712 | twistlock_cve | openssl-1.1.1k-5.el8_5 |
| CVE-2021-23841 | twistlock_cve | openssl-1.1.1k-5.el8_5 |
| CVE-2021-4166 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
| CVE-2021-4189 | anchore_cve | platform-python-3.6.8-41.el8 |
| CVE-2021-4189 | anchore_cve | python3-libs-3.6.8-41.el8 |
| CVE-2021-4189 | twistlock_cve | python3-libs-3.6.8-41.el8 |
| CVE-2021-4189 | twistlock_cve | platform-python-3.6.8-41.el8 |
| CVE-2020-1712 | twistlock_cve | systemd-239-51.el8_5.3 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/opensource/rtems-5.1/rtems-5.1/-/jobs/9103463
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official