UNCLASSIFIED - NO CUI

chore(findings): opensource/spark-operator/spark

Summary

opensource/spark-operator/spark has 12 new findings discovered during continuous monitoring.

id source package
CVE-2018-12536 anchore_cve jetty-9.3.24.v20180605
CVE-2018-12536 anchore_cve jetty-9.3.24.v20180605
CVE-2018-12536 anchore_cve jetty-9.3.24.v20180605
CVE-2018-12536 anchore_cve jetty-9.3.24.v20180605
CVE-2018-12536 anchore_cve jetty-9.3.24.v20180605
CVE-2018-12536 anchore_cve jetty-9.3.24.v20180605
CVE-2018-12536 anchore_cve jetty-9.3.24.v20180605
CVE-2018-12536 anchore_cve jetty-9.3.24.v20180605
CVE-2018-12536 anchore_cve jetty-9.3.24.v20180605
CVE-2018-12536 anchore_cve jetty-9.3.24.v20180605
CVE-2018-12536 anchore_cve jetty-9.3.24.v20180605
CVE-2021-34428 twistlock_cve org.eclipse.jetty_jetty-io-9.3.24.v20180605

More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/opensource/spark-operator/spark/-/jobs/4606802

Definition of Done

Justifications:

  • All findings have been justified
  • Justifications have been provided to the container hardening team

Approval Process:

  • Findings Approver has reviewed and approved all justifications
  • Approval request has been sent to Authorizing Official
  • Approval request has been processed by Authorizing Official
Edited by Ghost User