chore(findings): redhat/go/go-toolset-ubi9
Summary
redhat/go/go-toolset-ubi9 has 198 new findings discovered during continuous monitoring.
id | source | severity | package |
---|---|---|---|
e445640192fdf901f427d237153c72ca | Anchore Compliance | Critical | |
CVE-2023-45287 | Anchore CVE | Medium | go-toolset-1.21.9-2.el9_4 |
CVE-2024-33601 | Anchore CVE | Low | glibc-headers-2.34-100.el9 |
CVE-2024-33602 | Anchore CVE | Low | glibc-headers-2.34-100.el9 |
CVE-2024-33601 | Anchore CVE | Low | glibc-devel-2.34-100.el9 |
CVE-2023-45287 | Anchore CVE | Medium | golang-1.21.9-2.el9_4 |
CVE-2024-2961 | Anchore CVE | High | glibc-headers-2.34-100.el9 |
CVE-2023-45287 | Anchore CVE | Medium | golang-src-1.21.9-2.el9_4 |
CVE-2024-2511 | Anchore CVE | Low | openssl-devel-1:3.0.7-27.el9 |
CVE-2024-33599 | Anchore CVE | High | glibc-headers-2.34-100.el9 |
CVE-2024-2961 | Anchore CVE | High | glibc-devel-2.34-100.el9 |
CVE-2024-33599 | Anchore CVE | High | glibc-devel-2.34-100.el9 |
CVE-2023-45287 | Anchore CVE | Medium | golang-bin-1.21.9-2.el9_4 |
CVE-2024-33602 | Anchore CVE | Low | glibc-devel-2.34-100.el9 |
CVE-2024-33600 | Anchore CVE | Medium | glibc-devel-2.34-100.el9 |
CVE-2024-33600 | Anchore CVE | Medium | glibc-headers-2.34-100.el9 |
CVE-2021-45078 | Anchore CVE | Medium | binutils-gold-2.35.2-43.el9 |
CVE-2021-32256 | Anchore CVE | Medium | binutils-gold-2.35.2-43.el9 |
CVE-2024-25260 | Anchore CVE | Low | elfutils-debuginfod-client-0.190-2.el9 |
CVE-2023-24056 | Anchore CVE | Low | pkgconf-1.7.3-10.el9 |
CVE-2021-32256 | Anchore CVE | Medium | binutils-2.35.2-43.el9 |
CVE-2022-38533 | Anchore CVE | Low | binutils-2.35.2-43.el9 |
CVE-2023-24056 | Anchore CVE | Low | pkgconf-pkg-config-1.7.3-10.el9 |
CVE-2022-27943 | Anchore CVE | Low | gcc-11.4.1-3.el9 |
CVE-2023-1579 | Anchore CVE | Medium | binutils-gold-2.35.2-43.el9 |
CVE-2023-1579 | Anchore CVE | Medium | binutils-2.35.2-43.el9 |
CVE-2021-45078 | Anchore CVE | Medium | binutils-2.35.2-43.el9 |
CVE-2023-24056 | Anchore CVE | Low | pkgconf-m4-1.7.3-10.el9 |
CVE-2022-38533 | Anchore CVE | Low | binutils-gold-2.35.2-43.el9 |
CVE-2021-3826 | Anchore CVE | Low | binutils-gold-2.35.2-43.el9 |
CVE-2022-27943 | Anchore CVE | Low | cpp-11.4.1-3.el9 |
CVE-2023-1972 | Anchore CVE | Low | binutils-2.35.2-43.el9 |
CVE-2021-3826 | Anchore CVE | Low | binutils-2.35.2-43.el9 |
CVE-2023-1972 | Anchore CVE | Low | binutils-gold-2.35.2-43.el9 |
CVE-2023-24056 | Anchore CVE | Low | libpkgconf-1.7.3-10.el9 |
CVE-2021-47199 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26689 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48652 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26900 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48640 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-45402 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52637 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26826 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26700 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26927 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26630 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-25744 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52638 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52619 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26691 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26830 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-2201 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26810 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-3424 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47182 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52478 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-4204 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47196 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-7042 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26853 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-42739 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-34866 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48637 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48662 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26801 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26687 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47212 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48642 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47097 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26737 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-1118 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-0045 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-0500 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52466 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47217 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-28711 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26858 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-3534 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47185 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52614 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-28712 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26857 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-0775 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2020-14304 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26812 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26918 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47215 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-3542 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26828 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52447 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26835 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26821 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47041 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26852 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26845 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-2961 | Twistlock CVE | Critical | glibc-headers-2.34-100.el9 |
CVE-2024-2961 | Twistlock CVE | Critical | glibc-devel-2.34-100.el9 |
CVE-2024-33599 | Twistlock CVE | Critical | glibc-headers-2.34-100.el9 |
CVE-2024-33599 | Twistlock CVE | Critical | glibc-devel-2.34-100.el9 |
CVE-2021-45078 | Twistlock CVE | Medium | binutils-gold-2.35.2-43.el9 |
CVE-2021-45078 | Twistlock CVE | Medium | binutils-2.35.2-43.el9 |
CVE-2023-1579 | Twistlock CVE | Medium | binutils-gold-2.35.2-43.el9 |
CVE-2023-1579 | Twistlock CVE | Medium | binutils-2.35.2-43.el9 |
CVE-2024-33600 | Twistlock CVE | Medium | glibc-headers-2.34-100.el9 |
CVE-2024-33600 | Twistlock CVE | Medium | glibc-devel-2.34-100.el9 |
CVE-2021-20197 | Twistlock CVE | Medium | binutils-2.35.2-43.el9 |
CVE-2021-20197 | Twistlock CVE | Medium | binutils-gold-2.35.2-43.el9 |
CVE-2022-44840 | Twistlock CVE | Low | binutils-gold-2.35.2-43.el9 |
CVE-2022-44840 | Twistlock CVE | Low | binutils-2.35.2-43.el9 |
CVE-2021-3826 | Twistlock CVE | Low | binutils-gold-2.35.2-43.el9 |
CVE-2021-3826 | Twistlock CVE | Low | binutils-2.35.2-43.el9 |
CVE-2022-47011 | Twistlock CVE | Low | binutils-gold-2.35.2-43.el9 |
CVE-2022-47011 | Twistlock CVE | Low | binutils-2.35.2-43.el9 |
CVE-2022-47010 | Twistlock CVE | Low | binutils-2.35.2-43.el9 |
CVE-2022-47010 | Twistlock CVE | Low | binutils-gold-2.35.2-43.el9 |
CVE-2022-47008 | Twistlock CVE | Low | binutils-gold-2.35.2-43.el9 |
CVE-2022-47008 | Twistlock CVE | Low | binutils-2.35.2-43.el9 |
CVE-2022-47007 | Twistlock CVE | Low | binutils-gold-2.35.2-43.el9 |
CVE-2022-47007 | Twistlock CVE | Low | binutils-2.35.2-43.el9 |
CVE-2022-38533 | Twistlock CVE | Low | binutils-gold-2.35.2-43.el9 |
CVE-2022-38533 | Twistlock CVE | Low | binutils-2.35.2-43.el9 |
CVE-2024-33602 | Twistlock CVE | Low | glibc-devel-2.34-100.el9 |
CVE-2024-33602 | Twistlock CVE | Low | glibc-headers-2.34-100.el9 |
CVE-2024-33601 | Twistlock CVE | Low | glibc-headers-2.34-100.el9 |
CVE-2024-33601 | Twistlock CVE | Low | glibc-devel-2.34-100.el9 |
CVE-2024-2511 | Twistlock CVE | Low | openssl-devel-3.0.7-27.el9 |
CVE-2023-1972 | Twistlock CVE | Low | binutils-2.35.2-43.el9 |
CVE-2023-1972 | Twistlock CVE | Low | binutils-gold-2.35.2-43.el9 |
CVE-2024-26886 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-25265 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48659 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-4202 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48632 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-3344 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52452 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48635 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52475 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26686 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48651 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-3629 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26928 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26860 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26643 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47202 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48638 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48647 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-27437 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48654 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48660 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26656 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-23222 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26820 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-2905 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-26966 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-3633 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48646 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26735 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48648 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47219 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-3606 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52481 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47214 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47197 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52458 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-24959 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-47233 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48650 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48666 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-3903 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2020-13844 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47210 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26695 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52615 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48653 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52464 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26897 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48631 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26855 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-20320 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48639 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2019-16089 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48644 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48657 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26844 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-37454 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-28713 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2023-52568 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-26804 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2022-48658 | Anchore CVE | Medium | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2021-47191 | Anchore CVE | Low | kernel-headers-5.14.0-427.16.1.el9_4 |
CVE-2024-24788 | Twistlock CVE | Medium | golang-bin-1.21.9-2.el9_4 |
CVE-2024-24788 | Twistlock CVE | Medium | go-toolset-1.21.9-2.el9_4 |
CVE-2024-24788 | Twistlock CVE | Medium | golang-src-1.21.9-2.el9_4 |
CVE-2024-24788 | Twistlock CVE | Medium | golang-1.21.9-2.el9_4 |
CVE-2024-24786 | Twistlock CVE | Medium | go-toolset-1.21.9-2.el9_4 |
CVE-2024-24786 | Twistlock CVE | Medium | golang-1.21.9-2.el9_4 |
CVE-2024-24786 | Twistlock CVE | Medium | golang-src-1.21.9-2.el9_4 |
CVE-2024-24786 | Twistlock CVE | Medium | golang-bin-1.21.9-2.el9_4 |
VAT: https://vat.dso.mil/vat/image?imageName=redhat/go/go-toolset-ubi9&tag=1.21&branch=master
More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=redhat/go/go-toolset-ubi9&tag=1.20&branch=master
Tasks
Contributor:
-
Provide justifications for findings in the VAT (docs) -
Apply the StatusVerification label to this issue and wait for feedback
Iron Bank:
-
Review findings and justifications
Note: If the above process is rejected for any reason, the
Verification
label will be removed and the issue will be sent back toOpen
. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add theVerification
label.
Questions?
Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding
.
Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.