UNCLASSIFIED - NO CUI

Skip to content

chore(findings): rocketchat/ddp-streamer-service

Summary

rocketchat/ddp-streamer-service has 362 new findings discovered during continuous monitoring.

Layer: opensource/nodejs/nodejs14:14.21.3 is EOL, please update if possible

Layer: redhat/ubi/ubi8:8.8 is EOL, please update if possible

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=rocketchat/ddp-streamer-service&tag=7.0.0&branch=master

EPSS (Exploit Prediction Scoring System) provides an estimate of the likelihood that a vulnerability will be exploited in the wild.

KEV (Known Exploited Vulnerabilities) indicates whether a vulnerability is actively being exploited according to CISA.

id source severity package impact workaround epss_score kev
CVE-2023-44487 Anchore CVE High node-14.21.3 0.94437 true
CVE-2023-2650 Anchore CVE Medium openssl-libs-1:1.1.1k-14.el8_6 0.88208 false
CVE-2023-2650 Anchore CVE Medium openssl-1:1.1.1k-14.el8_6 0.88208 false
CVE-2023-2650 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.88208 false
CVE-2024-27983 Anchore CVE High node-14.21.3 0.66457 false
CVE-2020-19188 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.07066 false
CVE-2020-19186 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.04961 false
CVE-2020-19185 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.04961 false
CVE-2020-19190 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.04954 false
CVE-2020-19187 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.04834 false
CVE-2024-33655 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.04101 false
CVE-2024-33655 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.04101 false
CVE-2024-33655 Twistlock CVE Low unbound-1.16.2-5.9.el8_10 0.04101 false
CVE-2019-9936 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.03924 false
CVE-2019-9936 Twistlock CVE Low sqlite-3.26.0-20.el8_10 0.03924 false
CVE-2019-9937 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.03622 false
CVE-2019-9937 Twistlock CVE Low sqlite-3.26.0-20.el8_10 0.03622 false
CVE-2022-23990 Anchore CVE Medium expat-2.2.5-17.el8_10 0.03519 false
CVE-2022-23990 Twistlock CVE Medium expat-2.2.5-17.el8_10 0.03519 false
CVE-2005-2541 Anchore CVE Medium tar-2:1.30-11.el8_10 0.03250 false
CVE-2024-29415 Twistlock CVE High ip-2.0.0 0.02845 false
CVE-2024-29415 Twistlock CVE High ip-1.1.5 0.02845 false
CVE-2024-56433 Anchore CVE Low shadow-utils-2:4.6-22.el8 0.02806 false
CVE-2020-19189 Anchore CVE Low ncurses-libs-6.1-10.20180224.el8 0.02620 false
CVE-2020-19189 Anchore CVE Low ncurses-base-6.1-10.20180224.el8 0.02620 false
CVE-2020-19189 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.02620 false
CVE-2024-7264 Anchore CVE Low libcurl-7.61.1-34.el8_10.3 0.02574 false
CVE-2024-7264 Anchore CVE Low curl-7.61.1-34.el8_10.3 0.02574 false
CVE-2024-7264 Twistlock CVE Low curl-7.61.1-34.el8_10.3 0.02574 false
CVE-2018-20225 Anchore CVE Low python3-pip-wheel-9.0.3-24.el8 0.02537 false
CVE-2018-20225 Anchore CVE Low platform-python-pip-9.0.3-24.el8 0.02537 false
CVE-2024-2511 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.02116 false
CVE-2024-2511 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.02116 false
CVE-2024-2511 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.02116 false
CVE-2018-1000880 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.01747 false
CVE-2018-1000880 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.01747 false
CVE-2024-6232 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.01519 false
CVE-2024-6232 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.01519 false
CVE-2024-6232 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.01519 false
CVE-2024-6232 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.01519 false
CVE-2024-6232 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.01519 false
CVE-2023-0464 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.01333 false
CVE-2023-0464 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.01333 false
CVE-2023-0464 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.01333 false
CVE-2019-16866 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.01248 false
CVE-2019-16866 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.01248 false
CVE-2019-16866 Twistlock CVE Low unbound-1.16.2-5.9.el8_10 0.01248 false
CVE-2019-9674 Twistlock CVE Low python3-3.6.8-71.el8_10 0.01198 false
CVE-2019-9674 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.01198 false
CVE-2019-9674 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.01198 false
CVE-2018-1000879 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.01112 false
CVE-2018-1000879 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.01112 false
CVE-2023-46809 Anchore CVE High node-14.21.3 0.00989 false
CVE-2020-21674 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00915 false
CVE-2020-21674 Anchore CVE Medium libarchive-3.3.3-6.el8_10 0.00915 false
CVE-2025-0938 Twistlock CVE Medium python3-3.6.8-71.el8_10 0.00801 false
CVE-2025-0938 Anchore CVE Medium python3-libs-3.6.8-71.el8_10 0.00801 false
CVE-2025-0938 Anchore CVE Medium platform-python-3.6.8-71.el8_10 0.00801 false
CVE-2024-12905 Twistlock CVE High tar-fs-2.1.1 Really depends on use. Most uses of tarfs use the packaging aspect. Normally if you use the extracting aspect you are also considering things like file limits already. patches exist for all major release lines. if still unable to update, use a sandboxed directory or switch to tarstream to parse it yourself. 0.00776 false
CVE-2024-12905 Twistlock CVE High tar-fs-3.0.6 Really depends on use. Most uses of tarfs use the packaging aspect. Normally if you use the extracting aspect you are also considering things like file limits already. patches exist for all major release lines. if still unable to update, use a sandboxed directory or switch to tarstream to parse it yourself. 0.00776 false
CVE-2018-20839 Anchore CVE Medium systemd-239-82.el8_10.5 0.00668 false
CVE-2018-20839 Anchore CVE Medium systemd-libs-239-82.el8_10.5 0.00668 false
CVE-2018-20839 Anchore CVE Medium systemd-pam-239-82.el8_10.5 0.00668 false
CVE-2018-20839 Twistlock CVE Medium systemd-239-82.el8_10.5 0.00668 false
CVE-2022-0235 Anchore CVE Medium python3-cloud-what-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium dnf-plugin-subscription-manager-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium python3-syspurpose-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium subscription-manager-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium python3-subscription-manager-rhsm-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Twistlock CVE Medium subscription-manager-1.28.44-1.el8_10 0.00512 false
CVE-2023-0466 Anchore CVE Medium openssl-libs-1:1.1.1k-14.el8_6 0.00508 false
CVE-2023-0466 Anchore CVE Medium openssl-1:1.1.1k-14.el8_6 0.00508 false
CVE-2023-0466 Twistlock CVE Medium openssl-1.1.1k-14.el8_6 0.00508 false
CVE-2024-7592 Twistlock CVE Low python3-3.6.8-71.el8_10 0.00468 false
CVE-2024-7592 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.00468 false
CVE-2024-7592 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.00468 false
CVE-2019-9923 Twistlock CVE Low tar-1.30-11.el8_10 0.00408 false
CVE-2019-9923 Anchore CVE Low tar-2:1.30-11.el8_10 0.00408 false
CVE-2018-19217 Anchore CVE Medium ncurses-base-6.1-10.20180224.el8 0.00404 false
CVE-2018-19217 Anchore CVE Medium ncurses-libs-6.1-10.20180224.el8 0.00404 false
CVE-2023-42282 Twistlock CVE Critical ip-2.0.0 0.00397 false
CVE-2023-42282 Twistlock CVE Critical ip-1.1.5 0.00397 false
CVE-2024-11053 Anchore CVE Low curl-7.61.1-34.el8_10.3 0.00361 false
CVE-2024-11053 Anchore CVE Low libcurl-7.61.1-34.el8_10.3 0.00361 false
CVE-2024-11053 Twistlock CVE Low curl-7.61.1-34.el8_10.3 0.00361 false
CVE-2024-22025 Anchore CVE Medium node-14.21.3 0.00343 false
CVE-2021-39537 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.00342 false
CVE-2024-3651 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00338 false
CVE-2023-0465 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00337 false
CVE-2023-0465 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00337 false
CVE-2023-0465 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.00337 false
CVE-2024-0727 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00332 false
CVE-2024-0727 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00332 false
CVE-2024-0727 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.00332 false
CVE-2024-2236 Anchore CVE Medium libgcrypt-1.8.5-7.el8_6 0.00301 false
CVE-2024-2236 Twistlock CVE Medium libgcrypt-1.8.5-7.el8_6 0.00301 false
CVE-2019-12904 Anchore CVE Medium libgcrypt-1.8.5-7.el8_6 0.00290 false
CVE-2018-19211 Anchore CVE Low ncurses-base-6.1-10.20180224.el8 0.00278 false
CVE-2018-19211 Anchore CVE Low ncurses-libs-6.1-10.20180224.el8 0.00278 false
CVE-2018-19211 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.00278 false
CVE-2019-19244 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.00256 false
CVE-2019-19244 Twistlock CVE Low sqlite-3.26.0-20.el8_10 0.00256 false
CVE-2024-21892 Anchore CVE High node-14.21.3 0.00255 false
CVE-2024-0397 Twistlock CVE Low python3-3.6.8-71.el8_10 0.00226 false
CVE-2024-0397 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.00226 false
CVE-2024-0397 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.00226 false
CVE-2023-26920 Twistlock CVE Medium fast-xml-parser-4.0.11 If the XML source is untrusted or usersupplied, the parsed result is used in a way where polluted prototypes affect logic. Manually validate tag names before using parsed objects. Use a custom tagvalue processor to sanitize XML tag names, ensuring they do not include prototypemodifying keys like proto, constructor, or prototype. Avoid merging parsed objects with applicationlevel objects or configurations. 0.00226 false
CVE-2025-1153 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00212 false
CVE-2025-1153 Twistlock CVE Low gdb-8.2-20.el8 0.00212 false
CVE-2024-28863 Twistlock CVE Medium tar-6.1.11 0.00205 false
CVE-2024-28863 Twistlock CVE Medium tar-4.4.19 0.00205 false
CVE-2023-34104 Twistlock CVE High fast-xml-parser-4.0.11 0.00196 false
CVE-2022-25881 Twistlock CVE High http-cache-semantics-4.1.0 0.00193 false
CVE-2025-1795 Twistlock CVE Low python3-3.6.8-71.el8_10 0.00184 false
CVE-2025-1795 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.00184 false
CVE-2025-1795 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.00184 false
CVE-2023-32636 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00179 false
CVE-2023-32636 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00179 false
CVE-2023-27534 Anchore CVE Low curl-7.61.1-34.el8_10.3 0.00176 false
CVE-2023-27534 Anchore CVE Low libcurl-7.61.1-34.el8_10.3 0.00176 false
CVE-2023-27534 Twistlock CVE Low curl-7.61.1-34.el8_10.3 0.00176 false
CVE-2018-20657 Twistlock CVE Low gcc-8.5.0-28.el8_10 0.00174 false
CVE-2018-20657 Anchore CVE Low libgcc-8.5.0-28.el8_10 0.00174 false
CVE-2018-20657 Anchore CVE Low libstdc++-8.5.0-28.el8_10 0.00174 false
CVE-2024-27982 Anchore CVE Medium node-14.21.3 0.00172 false
CVE-2024-41996 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00166 false
CVE-2024-41996 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00166 false
CVE-2024-41996 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.00166 false
CVE-2024-34459 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00153 false
CVE-2024-34459 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00153 false
CVE-2024-34459 Twistlock CVE Low libxml2-2.9.7-21.el8_10.3 0.00153 false
CVE-2021-4209 Anchore CVE Low gnutls-3.6.16-8.el8_10.3 0.00148 false
CVE-2021-4209 Twistlock CVE Low gnutls-3.6.16-8.el8_10.3 0.00148 false
CVE-2023-38552 Anchore CVE High node-14.21.3 0.00137 false
CVE-2025-1632 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00136 false
CVE-2025-1632 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00136 false
CVE-2024-21538 Twistlock CVE High cross-spawn-5.1.0 0.00129 false
CVE-2019-14250 Twistlock CVE Low gcc-8.5.0-28.el8_10 0.00127 false
CVE-2019-14250 Anchore CVE Low libstdc++-8.5.0-28.el8_10 0.00127 false
CVE-2019-14250 Anchore CVE Low libgcc-8.5.0-28.el8_10 0.00127 false
CVE-2023-29499 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00120 false
CVE-2023-29499 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-sysinit-3.101.0-11.el8_8 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-3.101.0-11.el8_8 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-util-3.101.0-11.el8_8 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-softokn-3.101.0-11.el8_8 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-softokn-freebl-3.101.0-11.el8_8 0.00120 false
CVE-2020-12413 Twistlock CVE Low nss-3.101.0-11.el8_8 0.00120 false
CVE-2018-1000654 Anchore CVE Low libtasn1-4.13-5.el8_10 0.00120 false
CVE-2018-1000654 Twistlock CVE Low libtasn1-4.13-5.el8_10 0.00120 false
CVE-2024-4741 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00116 false
CVE-2024-4741 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00116 false
CVE-2024-4741 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.00116 false
CVE-2024-7531 Anchore CVE Low nss-softokn-freebl-3.101.0-11.el8_8 0.00112 false
CVE-2024-7531 Anchore CVE Low nss-sysinit-3.101.0-11.el8_8 0.00112 false
CVE-2024-7531 Anchore CVE Low nss-softokn-3.101.0-11.el8_8 0.00112 false
CVE-2024-7531 Anchore CVE Low nss-util-3.101.0-11.el8_8 0.00112 false
CVE-2024-7531 Anchore CVE Low nss-3.101.0-11.el8_8 0.00112 false
CVE-2024-7531 Twistlock CVE Low nss-3.101.0-11.el8_8 0.00112 false
CVE-2025-48387 Twistlock CVE High tar-fs-2.1.1 If you are extracting untrusted tarballs you are affected and should upgrade. Patch releases out for ALL release lines, so just update to latest patch, likely your npm already does this, you might need to bump your lock file if you use that. 0.00110 false
CVE-2025-48387 Twistlock CVE High tar-fs-3.0.6 If you are extracting untrusted tarballs you are affected and should upgrade. Patch releases out for ALL release lines, so just update to latest patch, likely your npm already does this, you might need to bump your lock file if you use that. 0.00110 false
CVE-2024-22019 Anchore CVE High node-14.21.3 0.00110 false
CVE-2024-22020 Anchore CVE Medium node-14.21.3 0.00107 false
CVE-2019-8905 Anchore CVE Medium file-libs-5.33-26.el8 0.00105 false
CVE-2019-8905 Twistlock CVE Medium file-5.33-26.el8 0.00105 false
CVE-2021-20193 Twistlock CVE Low tar-1.30-11.el8_10 0.00100 false
CVE-2021-20193 Anchore CVE Medium tar-2:1.30-11.el8_10 0.00100 false
CVE-2023-39333 Anchore CVE Medium node-14.21.3 0.00094 false
CVE-2025-1152 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00093 false
CVE-2025-1152 Twistlock CVE Low gdb-8.2-20.el8 0.00093 false
CVE-2025-1150 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00093 false
CVE-2025-1150 Twistlock CVE Low gdb-8.2-20.el8 0.00093 false
CVE-2024-22195 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00093 false
CVE-2024-22195 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00093 false
CVE-2025-23166 Anchore CVE High node-14.21.3 0.00092 false
CVE-2025-6069 Twistlock CVE Medium python3-3.6.8-71.el8_10 0.00090 false
CVE-2025-6069 Anchore CVE Medium python3-libs-3.6.8-71.el8_10 0.00090 false
CVE-2025-6069 Anchore CVE Medium platform-python-3.6.8-71.el8_10 0.00090 false
CVE-2019-8906 Anchore CVE Low file-libs-5.33-26.el8 0.00090 false
CVE-2019-8906 Twistlock CVE Low file-5.33-26.el8 0.00090 false
CVE-2025-1151 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00086 false
CVE-2025-1151 Twistlock CVE Low gdb-8.2-20.el8 0.00086 false
CVE-2022-4899 Anchore CVE Medium libzstd-1.4.4-1.el8 0.00086 false
CVE-2022-4899 Twistlock CVE Medium zstd-1.4.4-1.el8 0.00086 false
CVE-2025-23085 Anchore CVE Medium node-14.21.3 0.00082 false
CVE-2024-13176 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00080 false
CVE-2024-13176 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00080 false
CVE-2024-13176 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.00080 false
CVE-2023-45322 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00076 false
CVE-2023-45322 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00076 false
CVE-2025-32990 Anchore CVE Medium gnutls-3.6.16-8.el8_10.3 0.00072 false
CVE-2025-32990 Twistlock CVE Medium gnutls-3.6.16-8.el8_10.3 0.00072 false
CVE-2023-32006 Anchore CVE High node-14.21.3 0.00072 false
CVE-2025-23165 Anchore CVE Low node-14.21.3 0.00064 false
CVE-2021-24032 Anchore CVE Low libzstd-1.4.4-1.el8 0.00062 false
CVE-2021-24032 Twistlock CVE Low zstd-1.4.4-1.el8 0.00062 false
CVE-2022-41409 Anchore CVE Low pcre2-10.32-3.el8_6 0.00061 false
CVE-2022-41409 Twistlock CVE Low pcre2-10.32-3.el8_6 0.00061 false
CVE-2023-32665 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00059 false
CVE-2023-32665 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00059 false
CVE-2025-6395 Anchore CVE Medium gnutls-3.6.16-8.el8_10.3 0.00057 false
CVE-2025-6395 Twistlock CVE Medium gnutls-3.6.16-8.el8_10.3 0.00057 false
CVE-2025-32988 Anchore CVE Medium gnutls-3.6.16-8.el8_10.3 0.00056 false
CVE-2025-32988 Twistlock CVE Medium gnutls-3.6.16-8.el8_10.3 0.00056 false
CVE-2025-5318 Anchore CVE Medium libssh-0.9.6-14.el8 0.00055 false
CVE-2025-5318 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00055 false
CVE-2025-5318 Twistlock CVE Medium libssh-0.9.6-14.el8 0.00055 false
CVE-2025-27113 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00055 false
CVE-2025-27113 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00055 false
CVE-2025-27113 Twistlock CVE Low libxml2-2.9.7-21.el8_10.3 0.00055 false
CVE-2025-3360 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00052 false
CVE-2025-3360 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00052 false
CVE-2025-7039 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00050 false
CVE-2025-5987 Anchore CVE Medium libssh-0.9.6-14.el8 0.00050 false
CVE-2025-5987 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00050 false
CVE-2025-5987 Twistlock CVE Medium libssh-0.9.6-14.el8 0.00050 false
CVE-2023-50495 Anchore CVE Low ncurses-base-6.1-10.20180224.el8 0.00050 false
CVE-2023-50495 Anchore CVE Low ncurses-libs-6.1-10.20180224.el8 0.00050 false
CVE-2023-50495 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.00050 false
CVE-2022-27943 Twistlock CVE Low gcc-8.5.0-28.el8_10 0.00050 false
CVE-2022-27943 Anchore CVE Low libstdc++-8.5.0-28.el8_10 0.00050 false
CVE-2022-27943 Anchore CVE Low libgcc-8.5.0-28.el8_10 0.00050 false
CVE-2025-5372 Anchore CVE Medium libssh-0.9.6-14.el8 0.00048 false
CVE-2025-5372 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00048 false
CVE-2025-5372 Twistlock CVE Medium libssh-0.9.6-14.el8 0.00048 false
CVE-2024-35195 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00044 false
CVE-2025-45582 Twistlock CVE Medium tar-1.30-11.el8_10 0.00042 false
CVE-2025-45582 Anchore CVE Medium tar-2:1.30-11.el8_10 0.00042 false
CVE-2023-39804 Twistlock CVE Low tar-1.30-11.el8_10 0.00039 false
CVE-2023-39804 Anchore CVE Low tar-2:1.30-11.el8_10 0.00039 false
CVE-2023-32559 Anchore CVE High node-14.21.3 0.00039 false
CVE-2021-3997 Anchore CVE Medium systemd-pam-239-82.el8_10.5 0.00038 false
CVE-2021-3997 Anchore CVE Medium systemd-libs-239-82.el8_10.5 0.00038 false
CVE-2021-3997 Anchore CVE Medium systemd-239-82.el8_10.5 0.00038 false
CVE-2021-3997 Twistlock CVE Low systemd-239-82.el8_10.5 0.00038 false
CVE-2025-4598 Anchore CVE Medium systemd-239-82.el8_10.5 0.00037 false
CVE-2025-4598 Anchore CVE Medium systemd-pam-239-82.el8_10.5 0.00037 false
CVE-2025-4598 Anchore CVE Medium systemd-libs-239-82.el8_10.5 0.00037 false
CVE-2025-4598 Twistlock CVE Medium systemd-239-82.el8_10.5 0.00037 false
CVE-2023-32611 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00037 false
CVE-2023-32611 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00037 false
CVE-2025-5351 Anchore CVE Medium libssh-0.9.6-14.el8 0.00034 false
CVE-2025-5351 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00034 false
CVE-2025-5351 Twistlock CVE Medium libssh-0.9.6-14.el8 0.00034 false
CVE-2024-43167 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.00032 false
CVE-2024-43167 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.00032 false
CVE-2024-43167 Twistlock CVE Low unbound-1.16.2-5.9.el8_10 0.00032 false
CVE-2024-43168 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.00031 false
CVE-2024-43168 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.00031 false
CVE-2024-43168 Twistlock CVE Low unbound-1.16.2-5.9.el8_10 0.00031 false
CVE-2023-4156 Anchore CVE Low gawk-4.2.1-4.el8 0.00031 false
CVE-2024-47081 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00028 false
CVE-2025-32989 Anchore CVE Medium gnutls-3.6.16-8.el8_10.3 0.00026 false
CVE-2025-32989 Twistlock CVE Medium gnutls-3.6.16-8.el8_10.3 0.00026 false
CVE-2023-32002 Anchore CVE Critical node-14.21.3 0.00026 false
CVE-2025-8941 Anchore CVE High pam-1.3.1-38.el8_10 0.00024 false
CVE-2025-7783 Twistlock CVE Critical form-data-2.3.3 See the impact section in the attached GHSA. 0.00024 false
CVE-2024-57360 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00024 false
CVE-2024-57360 Twistlock CVE Low gdb-8.2-20.el8 0.00024 false
CVE-2025-5889 Twistlock CVE Low brace-expansion-1.1.11 Im mirroring the CVE severity assessment here. Sanitize strings being passed to the function so that they dont contain many , in a row. 0.00022 false
CVE-2025-5245 Anchore CVE Medium gdb-gdbserver-8.2-20.el8 0.00022 false
CVE-2025-5245 Twistlock CVE Medium gdb-8.2-20.el8 0.00022 false
CVE-2025-6170 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00021 false
CVE-2025-6170 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00021 false
CVE-2025-6170 Twistlock CVE Low libxml2-2.9.7-21.el8_10.3 0.00021 false
CVE-2025-54798 Twistlock CVE Low tmp-0.0.33 0.00021 false
CVE-2025-4516 Twistlock CVE Medium python3-3.6.8-71.el8_10 0.00021 false
CVE-2025-4516 Anchore CVE Medium python3-libs-3.6.8-71.el8_10 0.00021 false
CVE-2025-4516 Anchore CVE Medium platform-python-3.6.8-71.el8_10 0.00021 false
CVE-2025-5918 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00018 false
CVE-2025-5918 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00018 false
CVE-2025-5278 Anchore CVE Medium coreutils-single-8.30-15.el8 0.00018 false
CVE-2025-5278 Twistlock CVE Medium coreutils-8.30-15.el8 0.00018 false
CVE-2024-0232 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.00018 false
CVE-2024-0232 Twistlock CVE Low sqlite-3.26.0-20.el8_10 0.00018 false
CVE-2025-5916 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00017 false
CVE-2025-5916 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00017 false
CVE-2025-30258 Anchore CVE Low gnupg2-2.2.20-3.el8_6 0.00017 false
CVE-2025-30258 Twistlock CVE Low gnupg2-2.2.20-3.el8_6 0.00017 false
CVE-2020-35512 Twistlock CVE Low dbus-1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-tools-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-daemon-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-common-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-libs-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-1:1.12.8-27.el8_10 0.00017 false
CVE-2025-25724 Twistlock CVE Medium libarchive-3.3.3-6.el8_10 0.00016 false
CVE-2025-25724 Anchore CVE Medium libarchive-3.3.3-6.el8_10 0.00016 false
CVE-2025-8114 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00015 false
CVE-2025-8114 Anchore CVE Medium libssh-0.9.6-14.el8 0.00015 false
CVE-2025-8114 Twistlock CVE Medium libssh-0.9.6-14.el8 0.00015 false
CVE-2025-5917 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00015 false
CVE-2025-5917 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00015 false
CVE-2025-50181 Twistlock CVE Medium urllib3-1.24.2 Most users dont disable redirects on the PoolManager. Set redirectsFalseredirects0 on the .request call instead of on the toplevel urllib3.PoolManager 0.00015 false
CVE-2025-50181 Anchore CVE Medium platform-python-pip-9.0.3-24.el8 0.00015 false
CVE-2025-50181 Anchore CVE Medium python3-pip-wheel-9.0.3-24.el8 0.00015 false
CVE-2025-50181 Twistlock CVE Medium python-pip-9.0.3-24.el8 0.00015 false
CVE-2025-4878 Anchore CVE Low libssh-0.9.6-14.el8 0.00015 false
CVE-2025-4878 Anchore CVE Low libssh-config-0.9.6-14.el8 0.00015 false
CVE-2025-4878 Twistlock CVE Low libssh-0.9.6-14.el8 0.00015 false
CVE-2025-5915 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00014 false
CVE-2025-5915 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00014 false
CVE-2025-23167 Anchore CVE Medium node-14.21.3 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-libelf-0.190-2.el8 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-libs-0.190-2.el8 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-default-yama-scope-0.190-2.el8 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-debuginfod-client-0.190-2.el8 0.00014 false
CVE-2024-25260 Twistlock CVE Low elfutils-0.190-2.el8 0.00014 false
CVE-2022-47011 Twistlock CVE Low gdb-8.2-20.el8 0.00014 false
CVE-2022-47010 Twistlock CVE Low gdb-8.2-20.el8 0.00014 false
CVE-2022-47007 Twistlock CVE Low gdb-8.2-20.el8 0.00014 false
CVE-2025-50182 Anchore CVE Medium platform-python-pip-9.0.3-24.el8 0.00013 false
CVE-2025-50182 Anchore CVE Medium python3-pip-wheel-9.0.3-24.el8 0.00013 false
CVE-2025-50182 Twistlock CVE Medium python-pip-9.0.3-24.el8 0.00013 false
CVE-2024-57970 Twistlock CVE Medium libarchive-3.3.3-6.el8_10 0.00012 false
CVE-2024-57970 Anchore CVE Medium libarchive-3.3.3-6.el8_10 0.00012 false
CVE-2022-3219 Anchore CVE Low gnupg2-2.2.20-3.el8_6 0.00012 false
CVE-2025-3198 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00011 false
CVE-2025-3198 Twistlock CVE Low gdb-8.2-20.el8 0.00011 false
CVE-2021-33294 Anchore CVE Medium elfutils-libs-0.190-2.el8 0.00006 false
CVE-2021-33294 Anchore CVE Medium elfutils-default-yama-scope-0.190-2.el8 0.00006 false
CVE-2021-33294 Anchore CVE Medium elfutils-debuginfod-client-0.190-2.el8 0.00006 false
CVE-2021-33294 Anchore CVE Medium elfutils-libelf-0.190-2.el8 0.00006 false
CVE-2021-33294 Twistlock CVE Medium elfutils-0.190-2.el8 0.00006 false
CVE-2025-9714 Twistlock CVE Medium libxml2-2.9.7-21.el8_10.3 N/A false
addbb93c22e9b0988b8b40392a4538cb Anchore Compliance Low N/A N/A
GHSA-x3cc-x39p-42qx Anchore CVE Medium fast-xml-parser-4.0.11 N/A N/A
GHSA-v6h2-p8h4-qcjw Anchore CVE Low brace-expansion-1.1.11 N/A N/A
GHSA-v6h2-p8h4-qcjw Anchore CVE Low brace-expansion-1.1.11 N/A N/A
GHSA-rc47-6667-2j5j Anchore CVE High http-cache-semantics-4.1.0 N/A N/A
GHSA-pq67-2wwv-3xjx Anchore CVE High tar-fs-2.1.1 N/A N/A
GHSA-pq67-2wwv-3xjx Anchore CVE High tar-fs-3.0.6 N/A N/A
GHSA-fjxv-7rqg-78g4 Anchore CVE Critical form-data-2.3.3 N/A N/A
GHSA-f5x3-32g6-xq36 Anchore CVE Medium tar-4.4.19 N/A N/A
GHSA-f5x3-32g6-xq36 Anchore CVE Medium tar-6.1.11 N/A N/A
GHSA-8cj5-5rvv-wf4v Anchore CVE High tar-fs-3.0.6 N/A N/A
GHSA-8cj5-5rvv-wf4v Anchore CVE High tar-fs-2.1.1 N/A N/A
GHSA-78xj-cgh5-2h22 Anchore CVE Low ip-2.0.0 N/A N/A
GHSA-78xj-cgh5-2h22 Anchore CVE Low ip-1.1.5 N/A N/A
GHSA-52f5-9888-hmc6 Anchore CVE Low tmp-0.0.33 N/A N/A
GHSA-3xgq-45jj-v275 Anchore CVE High cross-spawn-5.1.0 N/A N/A
GHSA-2p57-rm9w-gvfp Anchore CVE High ip-2.0.0 N/A N/A
GHSA-2p57-rm9w-gvfp Anchore CVE High ip-1.1.5 N/A N/A
CCE-89707-4 OSCAP Compliance Medium N/A N/A
CCE-86473-6 OSCAP Compliance Medium N/A N/A
CCE-86106-2 OSCAP Compliance Medium N/A N/A
CCE-85902-5 OSCAP Compliance High N/A N/A
CCE-85899-3 OSCAP Compliance Medium N/A N/A
CCE-85897-7 OSCAP Compliance Medium N/A N/A
CCE-85870-4 OSCAP Compliance Medium N/A N/A
CCE-84255-9 OSCAP Compliance Medium N/A N/A
CCE-84254-2 OSCAP Compliance Medium N/A N/A
CCE-82730-3 OSCAP Compliance Medium N/A N/A
CCE-81044-0 OSCAP Compliance Low N/A N/A
CCE-80854-3 OSCAP Compliance Low N/A N/A
CCE-80853-5 OSCAP Compliance Low N/A N/A
CCE-80852-7 OSCAP Compliance Low N/A N/A
CCE-80851-9 OSCAP Compliance Low N/A N/A
CCE-80839-4 OSCAP Compliance Medium N/A N/A
CCE-80838-6 OSCAP Compliance Medium N/A N/A
CCE-80837-8 OSCAP Compliance Medium N/A N/A
CCE-80664-6 OSCAP Compliance Medium N/A N/A
554f00250994e8f927cbc5c31b77a931 Anchore Compliance Critical N/A N/A

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=rocketchat/ddp-streamer-service&tag=7.0.0&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by CHORE_TOKEN
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI