chore(findings): parasoft/license-server
Summary
parasoft/license-server has 48 new findings discovered during continuous monitoring.
id | source | package |
---|---|---|
CVE-2021-42694 | twistlock_cve | libgcc-8.5.0-4.el8_5 |
CVE-2021-3974 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
CVE-2020-17049 | twistlock_cve | krb5-libs-1.18.2-14.el8 |
CVE-2021-3733 | twistlock_cve | python3-libs-3.6.8-41.el8 |
CVE-2021-3733 | twistlock_cve | platform-python-3.6.8-41.el8 |
CVE-2021-43618 | twistlock_cve | gmp-6.1.2-10.el8 |
CVE-2021-3984 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
CVE-2021-4019 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
CVE-2020-12401 | twistlock_cve | nss-util-3.67.0-7.el8_5 |
CVE-2020-12413 | twistlock_cve | nss-util-3.67.0-7.el8_5 |
CVE-2020-12401 | twistlock_cve | nss-softokn-3.67.0-7.el8_5 |
CVE-2020-12413 | twistlock_cve | nss-softokn-3.67.0-7.el8_5 |
CVE-2020-12401 | twistlock_cve | nss-3.67.0-7.el8_5 |
CVE-2020-12413 | twistlock_cve | nss-3.67.0-7.el8_5 |
CVE-2020-12401 | twistlock_cve | nss-softokn-freebl-3.67.0-7.el8_5 |
CVE-2020-12413 | twistlock_cve | nss-softokn-freebl-3.67.0-7.el8_5 |
CVE-2020-12401 | twistlock_cve | nss-sysinit-3.67.0-7.el8_5 |
CVE-2020-12413 | twistlock_cve | nss-sysinit-3.67.0-7.el8_5 |
CVE-2020-12401 | anchore_cve | nss-3.67.0-7.el8_5 |
CVE-2020-12401 | anchore_cve | nss-softokn-freebl-3.67.0-7.el8_5 |
CVE-2020-12401 | anchore_cve | nss-softokn-3.67.0-7.el8_5 |
CVE-2020-12401 | anchore_cve | nss-util-3.67.0-7.el8_5 |
CVE-2020-12401 | anchore_cve | nss-sysinit-3.67.0-7.el8_5 |
CVE-2018-20839 | twistlock_cve | systemd-pam-239-51.el8_5.3 |
CVE-2018-20839 | twistlock_cve | systemd-libs-239-51.el8_5.3 |
CVE-2018-20839 | twistlock_cve | systemd-239-51.el8_5.3 |
CVE-2019-20386 | twistlock_cve | systemd-239-51.el8_5.3 |
CVE-2021-23177 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2021-31566 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2021-31566 | anchore_cve | libarchive-3.3.3-1.el8 |
CVE-2021-23177 | anchore_cve | libarchive-3.3.3-1.el8 |
CVE-2021-3712 | twistlock_cve | openssl-libs-1.1.1k-5.el8_5 |
CVE-2021-23841 | twistlock_cve | openssl-libs-1.1.1k-5.el8_5 |
CVE-2021-3712 | twistlock_cve | openssl-1.1.1k-5.el8_5 |
CVE-2021-23841 | twistlock_cve | openssl-1.1.1k-5.el8_5 |
CVE-2021-44832 | twistlock_cve | org.apache.logging.log4j_log4j-core-2.14.0 |
CVE-2021-4166 | twistlock_cve | vim-minimal-8.0.1763-16.el8 |
CVE-2021-4189 | twistlock_cve | python3-libs-3.6.8-41.el8 |
CVE-2021-4189 | twistlock_cve | platform-python-3.6.8-41.el8 |
CVE-2021-4189 | anchore_cve | platform-python-3.6.8-41.el8 |
CVE-2021-4189 | anchore_cve | python3-libs-3.6.8-41.el8 |
PRISMA-2021-0213 | twistlock_cve | com.fasterxml.jackson.core_jackson-databind-2.12.5 |
PRISMA-2021-0213 | twistlock_cve | com.fasterxml.jackson.core_jackson-databind-2.12.0 |
CVE-2021-40690 | twistlock_cve | org.apache.cxf_cxf-core-3.4.4 |
CVE-2021-44228 | twistlock_cve | org.apache.logging.log4j_log4j-core-2.14.0 |
CVE-2021-45046 | twistlock_cve | org.apache.logging.log4j_log4j-core-2.14.0 |
CVE-2020-1712 | twistlock_cve | systemd-239-51.el8_5.3 |
CVE-2021-45105 | twistlock_cve | org.apache.logging.log4j_log4j-core-2.14.0 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/parasoft/parasoft/licenseserver/-/jobs/9127409
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official