chore(findings): rapidfort/rfx
Summary
rapidfort/rfx has 15 new findings discovered during continuous monitoring.
More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=rapidfort/rfx&tag=1.1.300-1-rfhardened&branch=master
EPSS (Exploit Prediction Scoring System) provides an estimate of the likelihood that a vulnerability will be exploited in the wild.
KEV (Known Exploited Vulnerabilities) indicates whether a vulnerability is actively being exploited according to CISA.
| id | source | severity | package | impact | workaround | epss_score | kev |
|---|---|---|---|---|---|---|---|
| CVE-2022-4899 | Anchore CVE | Low | libzstd-1.5.5+dfsg2-2build1.1 | 0.00205 | false | ||
| CVE-2025-53859 | Anchore CVE | Medium | nginx-1.28.0 | 0.00106 | false | ||
| CVE-2025-9086 | Anchore CVE | High | curl-8.14.1 | 0.00077 | false | ||
| CVE-2025-45582 | Twistlock CVE | Medium | tar-1.34+dfsg-1ubuntu0.1.22.04.2 | 0.00049 | false | ||
| CVE-2025-45582 | Anchore CVE | Medium | tar-1.34+dfsg-1ubuntu0.1.22.04.2 | 0.00049 | false | ||
| CVE-2025-10148 | Anchore CVE | Medium | curl-8.14.1 | 0.00036 | false | ||
| CVE-2025-9230 | Anchore CVE | High | openssl-3.5.0 | 0.00026 | false | ||
| CVE-2025-9232 | Anchore CVE | Medium | openssl-3.5.0 | 0.00023 | false | ||
| CVE-2025-9231 | Anchore CVE | Medium | openssl-3.5.0 | 0.00013 | false | ||
| CVE-2025-4575 | Anchore CVE | Medium | openssl-3.5.0 | 0.00011 | false | ||
| xccdf_org.ssgproject.content_rule_package_apparmor_installed | OSCAP Compliance | Medium | N/A | N/A | |||
| xccdf_org.ssgproject.content_rule_encrypt_partitions | OSCAP Compliance | High | N/A | N/A | |||
| xccdf_org.ssgproject.content_rule_apparmor_configured | OSCAP Compliance | Medium | N/A | N/A | |||
| da870e801836e419385f2f300713cf7f | Anchore Compliance | Low | N/A | N/A | |||
| 4f9abc83a7a1c95e222b659e0fab27fa | Anchore Compliance | Low | N/A | N/A |
More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=rapidfort/rfx&tag=1.1.300-1-rfhardened&branch=master
Tasks
Contributor:
-
Apply the StatusReview label to this issue for a merge request reviewand wait for feedback
OR
-
Provide justifications for findings in the VAT (docs) -
Apply the StatusVerification label to this issue for a VAT justifications reviewand wait for feedback
Iron Bank:
-
Review findings and justifications
Note: If the above process is rejected for any reason, the
RevieworVerificationlabel will be removed and the issue will be sent back toTo-Do. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add theRevieworVerificationlabel.
Questions?
Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.
Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.