UNCLASSIFIED - NO CUI

Skip to content

chore(findings): pingidm

Summary

pingidm has 113 new findings discovered during continuous monitoring.

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=pingidm&tag=v8.0.0_1&branch=master

EPSS (Exploit Prediction Scoring System) provides an estimate of the likelihood that a vulnerability will be exploited in the wild.

KEV (Known Exploited Vulnerabilities) indicates whether a vulnerability is actively being exploited according to CISA.

id source severity package impact workaround epss_score kev
CVE-2023-44487 Anchore CVE High tomcat-servlet-api-9.0.80 0.94440 true
CVE-2025-24813 Anchore CVE Critical tomcat-juli-9.0.98 0.94157 true
CVE-2025-24813 Anchore CVE Critical tomcat-servlet-api-9.0.80 0.94157 true
CVE-2025-24813 Anchore CVE Critical tomcat-juli-9.0.98 0.94157 true
CVE-2025-24813 Anchore CVE Critical tomcat-jdbc-9.0.98 0.94157 true
CVE-2025-24813 Anchore CVE Critical tomcat-jdbc-9.0.98 0.94157 true
CVE-2024-50379 Anchore CVE Critical tomcat-servlet-api-9.0.80 0.85716 false
CVE-2024-24549 Anchore CVE High tomcat-servlet-api-9.0.80 0.52453 false
CVE-2023-46589 Anchore CVE High tomcat-servlet-api-9.0.80 0.50252 false
CVE-2024-56337 Anchore CVE Critical tomcat-servlet-api-9.0.80 0.18794 false
CVE-2024-34750 Anchore CVE High tomcat-servlet-api-9.0.80 0.17458 false
CVE-2024-54677 Anchore CVE Medium tomcat-servlet-api-9.0.80 0.06971 false
CVE-2021-23383 Anchore CVE Critical handlebars-4.4.0 0.05851 false
CVE-2021-23369 Anchore CVE Critical handlebars-4.4.0 0.04041 false
CVE-2025-31650 Anchore CVE High tomcat-juli-9.0.98 0.01761 false
CVE-2025-31650 Anchore CVE High tomcat-juli-9.0.98 0.01761 false
CVE-2025-31650 Anchore CVE High tomcat-jdbc-9.0.98 0.01761 false
CVE-2025-31650 Anchore CVE High tomcat-servlet-api-9.0.80 0.01761 false
CVE-2025-31650 Anchore CVE High tomcat-jdbc-9.0.98 0.01761 false
CVE-2024-38286 Anchore CVE High tomcat-servlet-api-9.0.80 0.01356 false
CVE-2024-52316 Anchore CVE Critical tomcat-servlet-api-9.0.80 0.00992 false
CVE-2024-23672 Anchore CVE Medium tomcat-servlet-api-9.0.80 0.00577 false
CVE-2023-45648 Anchore CVE Medium tomcat-servlet-api-9.0.80 0.00540 false
CVE-2023-42795 Anchore CVE Medium tomcat-servlet-api-9.0.80 0.00510 false
CVE-2019-20920 Anchore CVE High handlebars-4.4.0 0.00343 false
CVE-2025-48924 Twistlock CVE Medium commons-lang_commons-lang-2.6 0.00258 false
CVE-2025-48924 Twistlock CVE Medium org.apache.commons_commons-lang3-3.17.0 0.00258 false
CVE-2019-20922 Anchore CVE High handlebars-4.4.0 0.00250 false
CVE-2023-42794 Anchore CVE Medium tomcat-servlet-api-9.0.80 0.00239 false
CVE-2025-52520 Anchore CVE High tomcat-juli-9.0.98 0.00217 false
CVE-2025-52520 Anchore CVE High tomcat-jdbc-9.0.98 0.00217 false
CVE-2025-52520 Anchore CVE High tomcat-jdbc-9.0.98 0.00217 false
CVE-2025-52520 Anchore CVE High tomcat-juli-9.0.98 0.00217 false
CVE-2025-52520 Anchore CVE High tomcat-servlet-api-9.0.80 0.00217 false
CVE-2025-52434 Anchore CVE High tomcat-jdbc-9.0.98 0.00203 false
CVE-2025-52434 Anchore CVE High tomcat-jdbc-9.0.98 0.00203 false
CVE-2025-52434 Anchore CVE High tomcat-juli-9.0.98 0.00203 false
CVE-2025-52434 Anchore CVE High tomcat-servlet-api-9.0.80 0.00203 false
CVE-2025-52434 Anchore CVE High tomcat-juli-9.0.98 0.00203 false
CVE-2025-48989 Anchore CVE High tomcat-jdbc-9.0.98 0.00177 false
CVE-2025-48989 Anchore CVE High tomcat-juli-9.0.98 0.00177 false
CVE-2025-48989 Anchore CVE High tomcat-juli-9.0.98 0.00177 false
CVE-2025-48989 Anchore CVE High tomcat-jdbc-9.0.98 0.00177 false
CVE-2025-48989 Anchore CVE High tomcat-servlet-api-9.0.80 0.00177 false
CVE-2025-50106 Anchore CVE High openjdk-17.0.14+7-LTS 0.00174 false
CVE-2025-30749 Anchore CVE High openjdk-17.0.14+7-LTS 0.00174 false
CVE-2025-53506 Anchore CVE High tomcat-juli-9.0.98 0.00163 false
CVE-2025-53506 Anchore CVE High tomcat-servlet-api-9.0.80 0.00163 false
CVE-2025-53506 Anchore CVE High tomcat-jdbc-9.0.98 0.00163 false
CVE-2025-53506 Anchore CVE High tomcat-juli-9.0.98 0.00163 false
CVE-2025-53506 Anchore CVE High tomcat-jdbc-9.0.98 0.00163 false
CVE-2024-43126 Anchore CVE High opentelemetry-exporter-sender-jdk-1.45.0 0.00141 false
CVE-2025-22227 Twistlock CVE Medium io.projectreactor.netty_reactor-netty-http-1.2.2 0.00094 false
CVE-2025-21587 Twistlock CVE Medium java-17.0.14 0.00085 false
CVE-2025-21587 Anchore CVE High openjdk-17.0.14+7-LTS 0.00085 false
CVE-2025-30698 Twistlock CVE Medium java-17.0.14 0.00082 false
CVE-2025-30698 Anchore CVE Medium openjdk-17.0.14+7-LTS 0.00082 false
CVE-2025-49125 Anchore CVE High tomcat-jdbc-9.0.98 0.00070 false
CVE-2025-49125 Anchore CVE High tomcat-juli-9.0.98 0.00070 false
CVE-2025-49125 Anchore CVE High tomcat-jdbc-9.0.98 0.00070 false
CVE-2025-49125 Anchore CVE High tomcat-servlet-api-9.0.80 0.00070 false
CVE-2025-49125 Anchore CVE High tomcat-juli-9.0.98 0.00070 false
CVE-2025-31651 Anchore CVE Critical tomcat-jdbc-9.0.98 0.00069 false
CVE-2025-31651 Anchore CVE Critical tomcat-jdbc-9.0.98 0.00069 false
CVE-2025-31651 Anchore CVE Critical tomcat-servlet-api-9.0.80 0.00069 false
CVE-2025-31651 Anchore CVE Critical tomcat-juli-9.0.98 0.00069 false
CVE-2025-31651 Anchore CVE Critical tomcat-juli-9.0.98 0.00069 false
CVE-2025-1948 Anchore CVE High jetty-ee10-servlets-12.0.16 0.00059 false
CVE-2025-48976 Twistlock CVE Low commons-fileupload_commons-fileupload-1.5 0.00057 false
CVE-2025-48734 Twistlock CVE Low commons-beanutils_commons-beanutils-1.9.4 0.00056 false
CVE-2025-48734 Twistlock CVE High commons-beanutils_commons-beanutils-1.10.0 0.00056 false
CVE-2025-8916 Twistlock CVE Medium org.bouncycastle_bcpkix-fips-2.0.7 0.00055 false
CVE-2025-8885 Twistlock CVE Medium org.bouncycastle_bc-fips-2.0.0 0.00055 false
CVE-2025-55163 Twistlock CVE High io.netty_netty-codec-http2-4.1.118.Final 0.00055 false
CVE-2025-50059 Anchore CVE High openjdk-17.0.14+7-LTS 0.00054 false
CVE-2025-48988 Anchore CVE High tomcat-jdbc-9.0.98 0.00053 false
CVE-2025-48988 Anchore CVE High tomcat-juli-9.0.98 0.00053 false
CVE-2025-48988 Anchore CVE High tomcat-servlet-api-9.0.80 0.00053 false
CVE-2025-48988 Anchore CVE High tomcat-jdbc-9.0.98 0.00053 false
CVE-2025-48988 Anchore CVE High tomcat-juli-9.0.98 0.00053 false
CVE-2025-58056 Twistlock CVE Low io.netty_netty-codec-http-4.1.116.Final 0.00050 false
CVE-2024-39657 Anchore CVE High opentelemetry-exporter-sender-jdk-1.45.0 0.00048 false
CVE-2025-58057 Twistlock CVE Medium io.netty_netty-codec-4.1.118.Final 0.00042 false
CVE-2025-30754 Anchore CVE Medium openjdk-17.0.14+7-LTS 0.00036 false
CVE-2025-46701 Anchore CVE High tomcat-jdbc-9.0.98 0.00030 false
CVE-2025-46701 Anchore CVE High tomcat-juli-9.0.98 0.00030 false
CVE-2025-46701 Anchore CVE High tomcat-servlet-api-9.0.80 0.00030 false
CVE-2025-46701 Anchore CVE High tomcat-juli-9.0.98 0.00030 false
CVE-2025-46701 Anchore CVE High tomcat-jdbc-9.0.98 0.00030 false
CVE-2025-49146 Twistlock CVE High org.postgresql_postgresql-42.7.5 0.00026 false
CVE-2025-49124 Anchore CVE High tomcat-juli-9.0.98 0.00026 false
CVE-2025-49124 Anchore CVE High tomcat-jdbc-9.0.98 0.00026 false
CVE-2025-49124 Anchore CVE High tomcat-servlet-api-9.0.80 0.00026 false
CVE-2025-49124 Anchore CVE High tomcat-juli-9.0.98 0.00026 false
CVE-2025-49124 Anchore CVE High tomcat-jdbc-9.0.98 0.00026 false
CVE-2025-55668 Anchore CVE Medium tomcat-juli-9.0.98 0.00012 false
CVE-2025-55668 Anchore CVE Medium tomcat-juli-9.0.98 0.00012 false
CVE-2025-55668 Anchore CVE Medium tomcat-servlet-api-9.0.80 0.00012 false
CVE-2025-55668 Anchore CVE Medium tomcat-jdbc-9.0.98 0.00012 false
CVE-2025-55668 Anchore CVE Medium tomcat-jdbc-9.0.98 0.00012 false
GHSA-wxr5-93ph-8wr9 Anchore CVE High commons-beanutils-1.9.4 N/A N/A
GHSA-wxr5-93ph-8wr9 Anchore CVE High commons-beanutils-1.10.0 N/A N/A
GHSA-vv7r-c36w-3prj Anchore CVE High commons-fileupload-1.5 N/A N/A
GHSA-prj3-ccx8-p6x4 Anchore CVE High netty-codec-http2-4.1.118.Final N/A N/A
GHSA-j288-q9x7-2f5v Anchore CVE Medium commons-lang-2.6 N/A N/A
GHSA-j288-q9x7-2f5v Anchore CVE Medium commons-lang3-3.17.0 N/A N/A
GHSA-j288-q9x7-2f5v Anchore CVE Medium commons-lang3-3.17.0 N/A N/A
GHSA-hq9p-pm7w-8p54 Anchore CVE High postgresql-42.7.5 N/A N/A
GHSA-67mf-3cr5-8w23 Anchore CVE Medium bc-fips-2.0.0 N/A N/A
GHSA-67mf-3cr5-8w23 Anchore CVE Medium bc-fips-2.0.0 N/A N/A
GHSA-4q2v-9p7v-3v22 Anchore CVE Medium reactor-netty-http-1.2.2 N/A N/A
GHSA-4cx2-fc23-5wg6 Anchore CVE Medium bcpkix-fips-2.0.7 N/A N/A
GHSA-4cx2-fc23-5wg6 Anchore CVE Medium bcpkix-fips-2.0.7 N/A N/A

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=pingidm&tag=v8.0.0_1&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by CHORE_TOKEN
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI