UNCLASSIFIED - NO CUI

Skip to content

chore(findings): opensource/rustlang/rust

Summary

opensource/rustlang/rust has 144 new findings discovered during continuous monitoring.

id source severity package
e07d84b039b0e6fcea42fbda1d378647 Anchore Compliance Critical
addbb93c22e9b0988b8b40392a4538cb Anchore Compliance Low
b18c88ddeab24abfb92ae2ccddb0b022 Anchore Compliance Critical
CVE-2022-0391 Anchore CVE Medium python3-3.9.18-1.el9_3
CVE-2022-45703 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2023-29941 Anchore CVE Medium llvm-libs-16.0.6-4.el9
CVE-2021-35937 Anchore CVE Medium rpm-plugin-systemd-inhibit-4.16.1.3-25.el9
CVE-2023-27043 Anchore CVE Medium python3-3.9.18-1.el9_3
CVE-2021-22925 Anchore CVE Low curl-minimal-7.76.1-26.el9_3.2
CVE-2023-25180 Anchore CVE Low glib2-2.68.4-11.el9
CVE-2023-29942 Anchore CVE Medium llvm-libs-16.0.6-4.el9
CVE-2020-19185 Anchore CVE Medium ncurses-base-6.2-10.20210508.el9
CVE-2023-28320 Anchore CVE Low libcurl-minimal-7.76.1-26.el9_3.2
CVE-2023-0687 Anchore CVE Medium glibc-minimal-langpack-2.34-83.el9_3.7
CVE-2022-47695 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2023-29383 Anchore CVE Medium util-linux-core-2.37.4-15.el9
CVE-2022-47695 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2021-27212 Anchore CVE Medium openldap-compat-2.6.3-1.el9
CVE-2020-35342 Anchore CVE Medium binutils-gold-2.35.2-42.el9
CVE-2023-3446 Anchore CVE Low openssl-libs-1:3.0.7-24.el9
CVE-2020-19188 Anchore CVE Medium ncurses-libs-6.2-10.20210508.el9
CVE-2023-28320 Anchore CVE Low curl-minimal-7.76.1-26.el9_3.2
CVE-2022-48064 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2022-48554 Anchore CVE Low file-libs-5.39-14.el9
CVE-2022-47696 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2021-35939 Anchore CVE Medium rpm-sign-libs-4.16.1.3-25.el9
CVE-2023-39615 Anchore CVE Medium libxml2-2.9.13-4.el9
CVE-2020-19189 Anchore CVE Medium ncurses-base-6.2-10.20210508.el9
CVE-2022-35206 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2021-3572 Anchore CVE Low python3-pip-wheel-21.2.3-7.el9
CVE-2020-21490 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2023-0687 Anchore CVE Medium glibc-2.34-83.el9_3.7
CVE-2022-48065 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2023-4039 Anchore CVE Medium libstdc++-11.4.1-2.1.el9
CVE-2022-48565 Anchore CVE Medium python3-libs-3.9.18-1.el9_3
CVE-2020-19188 Anchore CVE Medium ncurses-base-6.2-10.20210508.el9
CVE-2021-35938 Anchore CVE Medium rpm-libs-4.16.1.3-25.el9
CVE-2023-5156 Anchore CVE Medium glibc-minimal-langpack-2.34-83.el9_3.7
CVE-2021-46174 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2022-47673 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2023-25587 Anchore CVE Medium binutils-2.35.2-42.el9
CVE-2021-22925 Anchore CVE Low libcurl-minimal-7.76.1-26.el9_3.2
CVE-2023-29383 Anchore CVE Medium libblkid-2.37.4-15.el9
CVE-2023-3446 Anchore CVE Low openssl-1:3.0.7-24.el9
CVE-2022-45703 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2023-5156 Anchore CVE Medium glibc-langpack-en-2.34-83.el9_3.7
CVE-2021-35937 Anchore CVE Medium rpm-4.16.1.3-25.el9
CVE-2021-3997 Anchore CVE Medium systemd-libs-252-18.el9
CVE-2021-23840 Anchore CVE Medium openssl-libs-1:3.0.7-24.el9
CVE-2021-32256 Anchore CVE Medium gdb-gdbserver-10.2-11.el9
CVE-2023-5363 Anchore CVE Medium openssl-libs-1:3.0.7-24.el9
CVE-2021-35938 Anchore CVE Medium rpm-4.16.1.3-25.el9
CVE-2022-48566 Anchore CVE Medium python3-3.9.18-1.el9_3
CVE-2021-35937 Anchore CVE Medium rpm-build-libs-4.16.1.3-25.el9
CVE-2020-19190 Anchore CVE Medium ncurses-base-6.2-10.20210508.el9
CVE-2021-35937 Anchore CVE Medium python3-rpm-4.16.1.3-25.el9
CVE-2021-3997 Anchore CVE Medium systemd-252-18.el9
CVE-2021-35939 Anchore CVE Medium rpm-build-libs-4.16.1.3-25.el9
CVE-2021-20197 Anchore CVE Medium binutils-gold-2.35.2-42.el9
CVE-2022-47007 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2023-2953 Anchore CVE Low openldap-compat-2.6.3-1.el9
CVE-2023-5363 Anchore CVE Medium openssl-1:3.0.7-24.el9
CVE-2023-2953 Anchore CVE Low openldap-2.6.3-1.el9
CVE-2023-25587 Anchore CVE Medium binutils-gold-2.35.2-42.el9
CVE-2023-4039 Anchore CVE Medium libgcc-11.4.1-2.1.el9
CVE-2021-23840 Anchore CVE Medium openssl-1:3.0.7-24.el9
CVE-2022-44840 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2022-48565 Anchore CVE Medium python3-3.9.18-1.el9_3
CVE-2022-47696 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2022-0391 Anchore CVE Medium python3-libs-3.9.18-1.el9_3
CVE-2022-48063 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2023-27043 Anchore CVE Medium python3-libs-3.9.18-1.el9_3
CVE-2023-5156 Anchore CVE Medium glibc-common-2.34-83.el9_3.7
CVE-2022-48063 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2020-19190 Anchore CVE Medium ncurses-libs-6.2-10.20210508.el9
CVE-2023-29383 Anchore CVE Medium libfdisk-2.37.4-15.el9
CVE-2022-48064 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2021-35939 Anchore CVE Medium rpm-plugin-systemd-inhibit-4.16.1.3-25.el9
CVE-2022-48566 Anchore CVE Medium python3-libs-3.9.18-1.el9_3
CVE-2020-19724 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2020-19186 Anchore CVE Medium ncurses-libs-6.2-10.20210508.el9
CVE-2023-29934 Anchore CVE Medium llvm-libs-16.0.6-4.el9
CVE-2021-35937 Anchore CVE Medium rpm-sign-libs-4.16.1.3-25.el9
CVE-2023-45853 Anchore CVE Medium zlib-1.2.11-40.el9
CVE-2023-3817 Anchore CVE Low openssl-libs-1:3.0.7-24.el9
CVE-2021-35938 Anchore CVE Medium rpm-build-libs-4.16.1.3-25.el9
CVE-2023-29383 Anchore CVE Medium libmount-2.37.4-15.el9
CVE-2020-19726 Anchore CVE Medium gdb-gdbserver-10.2-11.el9
CVE-2021-35938 Anchore CVE Medium python3-rpm-4.16.1.3-25.el9
CVE-2021-3997 Anchore CVE Medium systemd-rpm-macros-252-18.el9
CVE-2022-47007 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2023-29383 Anchore CVE Medium libsmartcols-2.37.4-15.el9
CVE-2022-35206 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2021-23336 Anchore CVE Medium python3-3.9.18-1.el9_3
CVE-2021-27212 Anchore CVE Medium openldap-2.6.3-1.el9
CVE-2020-19724 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2023-29383 Anchore CVE Medium libuuid-2.37.4-15.el9
CVE-2023-5156 Anchore CVE Medium glibc-2.34-83.el9_3.7
CVE-2021-35939 Anchore CVE Medium python3-rpm-4.16.1.3-25.el9
CVE-2021-35938 Anchore CVE Medium rpm-sign-libs-4.16.1.3-25.el9
CVE-2020-19189 Anchore CVE Medium ncurses-libs-6.2-10.20210508.el9
CVE-2023-32636 Anchore CVE Low glib2-2.68.4-11.el9
CVE-2023-0687 Anchore CVE Medium glibc-langpack-en-2.34-83.el9_3.7
CVE-2020-19187 Anchore CVE Medium ncurses-base-6.2-10.20210508.el9
CVE-2023-26924 Anchore CVE Low llvm-libs-16.0.6-4.el9
CVE-2021-23336 Anchore CVE Medium python3-libs-3.9.18-1.el9_3
CVE-2020-19186 Anchore CVE Medium ncurses-base-6.2-10.20210508.el9
CVE-2022-47008 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2022-47011 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2021-20197 Anchore CVE Medium binutils-2.35.2-42.el9
CVE-2023-24593 Anchore CVE Low glib2-2.68.4-11.el9
CVE-2022-48065 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2020-21490 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2021-35939 Anchore CVE Medium rpm-libs-4.16.1.3-25.el9
CVE-2021-35938 Anchore CVE Medium rpm-plugin-systemd-inhibit-4.16.1.3-25.el9
CVE-2020-35342 Anchore CVE Medium gdb-gdbserver-10.2-11.el9
CVE-2023-2975 Anchore CVE Low openssl-1:3.0.7-24.el9
CVE-2023-2222 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2023-3817 Anchore CVE Low openssl-1:3.0.7-24.el9
CVE-2022-35205 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2021-46174 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2023-29383 Anchore CVE Medium util-linux-2.37.4-15.el9
CVE-2020-19187 Anchore CVE Medium ncurses-libs-6.2-10.20210508.el9
CVE-2021-35939 Anchore CVE Medium rpm-4.16.1.3-25.el9
CVE-2020-19726 Anchore CVE Medium binutils-gold-2.35.2-42.el9
CVE-2022-47010 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2023-0687 Anchore CVE Medium glibc-common-2.34-83.el9_3.7
CVE-2021-44568 Anchore CVE Low libsolv-0.7.24-2.el9
CVE-2022-47011 Anchore CVE Low binutils-gold-2.35.2-42.el9
CVE-2023-2222 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2023-2975 Anchore CVE Low openssl-libs-1:3.0.7-24.el9
CVE-2023-29935 Anchore CVE Medium llvm-libs-16.0.6-4.el9
CVE-2021-3997 Anchore CVE Medium systemd-pam-252-18.el9
CVE-2020-19185 Anchore CVE Medium ncurses-libs-6.2-10.20210508.el9
CVE-2022-47010 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2022-47673 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2023-29933 Anchore CVE Medium llvm-libs-16.0.6-4.el9
CVE-2021-35937 Anchore CVE Medium rpm-libs-4.16.1.3-25.el9
CVE-2023-5678 Anchore CVE Low openssl-1:3.0.7-24.el9
CVE-2023-5678 Anchore CVE Low openssl-libs-1:3.0.7-24.el9
CVE-2023-37920 Anchore CVE Low ca-certificates-2023.2.60_v7.0.306-90.1.el9_2
CVE-2022-44840 Anchore CVE Low gdb-gdbserver-10.2-11.el9
CVE-2018-25091 Anchore CVE Medium python3-urllib3-1.26.5-3.el9
CVE-2023-45803 Anchore CVE Medium python3-urllib3-1.26.5-3.el9

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=opensource/rustlang/rust&tag=1.71.1&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by Jeff Weatherford
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI