chore(findings): rancher-federal/rke2/coredns
Summary
rancher-federal/rke2/coredns has 77 new findings discovered during continuous monitoring.
id | source | package |
---|---|---|
CVE-2018-19211 | twistlock_cve | ncurses-libs-6.1-7.20180224.el8 |
CVE-2019-17594 | twistlock_cve | ncurses-libs-6.1-7.20180224.el8 |
CVE-2019-17595 | twistlock_cve | ncurses-libs-6.1-7.20180224.el8 |
CVE-2021-39537 | twistlock_cve | ncurses-libs-6.1-7.20180224.el8 |
CVE-2021-27645 | twistlock_cve | glibc-common-2.28-151.el8 |
CVE-2021-33574 | twistlock_cve | glibc-common-2.28-151.el8 |
CVE-2021-35942 | twistlock_cve | glibc-common-2.28-151.el8 |
CVE-2019-12900 | twistlock_cve | bzip2-libs-1.0.6-26.el8 |
CVE-2021-24032 | twistlock_cve | libzstd-1.4.4-1.el8 |
CVE-2017-18018 | twistlock_cve | coreutils-single-8.30-8.el8 |
CVE-2019-17543 | twistlock_cve | lz4-libs-1.8.3-3.el8_4 |
CVE-2021-23840 | twistlock_cve | openssl-libs-1.1.1g-15.el8_3 |
CVE-2021-23841 | twistlock_cve | openssl-libs-1.1.1g-15.el8_3 |
CVE-2021-3712 | twistlock_cve | openssl-libs-1.1.1g-15.el8_3 |
CVE-2018-16429 | twistlock_cve | glib2-2.56.4-10.el8_4.1 |
CVE-2018-16428 | twistlock_cve | glib2-2.56.4-10.el8_4.1 |
CVE-2021-3800 | twistlock_cve | glib2-2.56.4-10.el8_4.1 |
CVE-2019-18218 | twistlock_cve | file-libs-5.33-16.el8_3.1 |
CVE-2019-8905 | twistlock_cve | file-libs-5.33-16.el8_3.1 |
CVE-2019-8906 | twistlock_cve | file-libs-5.33-16.el8_3.1 |
CVE-2021-20266 | twistlock_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-3521 | twistlock_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-35937 | twistlock_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-35938 | twistlock_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-35939 | twistlock_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-3572 | twistlock_cve | platform-python-pip-9.0.3-19.el8 |
CVE-2018-20406 | twistlock_cve | platform-python-3.6.8-38.el8_4 |
CVE-2019-9674 | twistlock_cve | platform-python-3.6.8-38.el8_4 |
CVE-2021-3426 | twistlock_cve | platform-python-3.6.8-38.el8_4 |
CVE-2021-3733 | twistlock_cve | platform-python-3.6.8-38.el8_4 |
CVE-2021-3737 | twistlock_cve | platform-python-3.6.8-38.el8_4 |
CVE-2019-14250 | twistlock_cve | libgcc-8.4.1-1.el8 |
CVE-2018-20673 | twistlock_cve | libgcc-8.4.1-1.el8 |
CVE-2018-20657 | twistlock_cve | libgcc-8.4.1-1.el8 |
CVE-2021-3114 | twistlock_cve | libgcc-8.4.1-1.el8 |
CVE-2018-19211 | twistlock_cve | ncurses-base-6.1-7.20180224.el8 |
CVE-2019-17594 | twistlock_cve | ncurses-base-6.1-7.20180224.el8 |
CVE-2019-17595 | twistlock_cve | ncurses-base-6.1-7.20180224.el8 |
CVE-2021-39537 | twistlock_cve | ncurses-base-6.1-7.20180224.el8 |
CVE-2021-27645 | twistlock_cve | glibc-minimal-langpack-2.28-151.el8 |
CVE-2021-33574 | twistlock_cve | glibc-minimal-langpack-2.28-151.el8 |
CVE-2021-35942 | twistlock_cve | glibc-minimal-langpack-2.28-151.el8 |
CVE-2021-27645 | twistlock_cve | glibc-2.28-151.el8 |
CVE-2019-13750 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-13751 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-19244 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-19603 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-5827 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-9936 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-9937 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2020-13435 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2018-1000654 | twistlock_cve | libtasn1-4.13-3.el8 |
CVE-2020-24370 | twistlock_cve | lua-libs-5.3.4-11.el8 |
CVE-2018-20839 | twistlock_cve | systemd-libs-239-45.el8_4.3 |
CVE-2020-21674 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2018-1000879 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2018-1000880 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2017-14501 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2017-14166 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2021-3634 | twistlock_cve | libssh-config-0.9.4-2.el8 |
CVE-2021-22876 | twistlock_cve | libcurl-7.61.1-18.el8_4.1 |
CVE-2021-22898 | twistlock_cve | libcurl-7.61.1-18.el8_4.1 |
CVE-2021-22925 | twistlock_cve | libcurl-7.61.1-18.el8_4.1 |
CVE-2021-22946 | twistlock_cve | libcurl-7.61.1-18.el8_4.1 |
CVE-2021-22947 | twistlock_cve | libcurl-7.61.1-18.el8_4.1 |
CVE-2021-3521 | twistlock_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-35937 | twistlock_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-35938 | twistlock_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-35939 | twistlock_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-33503 | twistlock_cve | python3-pip-wheel-9.0.3-19.el8 |
CVE-2021-3572 | twistlock_cve | python3-pip-wheel-9.0.3-19.el8 |
CVE-2018-20406 | twistlock_cve | python3-libs-3.6.8-38.el8_4 |
CVE-2019-9674 | twistlock_cve | python3-libs-3.6.8-38.el8_4 |
CVE-2021-3426 | twistlock_cve | python3-libs-3.6.8-38.el8_4 |
CVE-2021-3733 | twistlock_cve | python3-libs-3.6.8-38.el8_4 |
CVE-2021-3737 | twistlock_cve | python3-libs-3.6.8-38.el8_4 |
CVE-2020-26160 | twistlock_cve | github.com |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/rancher-federal/rke2/coredns/-/jobs/7558273
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official