UNCLASSIFIED - NO CUI

chore(findings): soacloud/custom-artemis-init

Summary

soacloud/custom-artemis-init has 121 new findings discovered during continuous monitoring.

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=soacloud/custom-artemis-init&tag=0.1.2&branch=master

EPSS (Exploit Prediction Scoring System) provides an estimate of the likelihood that a vulnerability will be exploited in the wild.

KEV (Known Exploited Vulnerabilities) indicates whether a vulnerability is actively being exploited according to CISA.

id source severity package impact workaround epss_score kev
CVE-2017-16232 Anchore CVE Low libtiff-4.4.0-15.el9_7.2 0.01738 false
CVE-2017-17973 Anchore CVE Medium libtiff-4.4.0-15.el9_7.2 0.00486 false
CVE-2023-6787 Twistlock CVE High org.keycloak_keycloak-core-18.0.2 0.00423 false
CVE-2023-6277 Twistlock CVE Medium libtiff-4.4.0-15.el9_7.2 0.00418 false
CVE-2023-6277 Anchore CVE Medium libtiff-4.4.0-15.el9_7.2 0.00418 false
CVE-2025-27427 Twistlock CVE Medium org.apache.activemq_artemis-jms-client-2.33.0 0.00271 false
CVE-2023-25434 Twistlock CVE Medium libtiff-4.4.0-15.el9_7.2 0.00209 false
CVE-2023-25434 Anchore CVE Medium libtiff-4.4.0-15.el9_7.2 0.00209 false
CVE-2025-6069 Twistlock CVE Medium python3.12-3.12.11-2.el9 0.00163 false
CVE-2025-6069 Anchore CVE Medium python3.12-3.12.11-2.el9 0.00163 false
CVE-2025-6069 Anchore CVE Medium python3.12-libs-3.12.11-2.el9 0.00163 false
CVE-2025-8291 Twistlock CVE Medium python3.12-3.12.11-2.el9 0.00113 false
CVE-2025-8291 Anchore CVE Medium python3.12-libs-3.12.11-2.el9 0.00113 false
CVE-2025-8291 Anchore CVE Medium python3.12-3.12.11-2.el9 0.00113 false
CVE-2025-58457 Twistlock CVE Low org.apache.zookeeper_zookeeper-3.9.1 0.00093 false
CVE-2025-58457 Anchore CVE Medium zookeeper-jute-3.9.1 0.00093 false
CVE-2025-8916 Twistlock CVE Medium org.bouncycastle_bcpkix-jdk15on-1.70.00.0 0.00087 false
CVE-2025-8916 Twistlock CVE Medium org.bouncycastle_bcpkix-jdk18on-1.77.00.0 0.00087 false
CVE-2025-8885 Twistlock CVE Medium org.bouncycastle_bcprov-jdk18on-1.77.00.0 0.00082 false
CVE-2025-47808 Anchore CVE Medium gstreamer1-plugins-base-1.22.12-4.el9 0.00076 false
CVE-2025-47808 Twistlock CVE Medium gstreamer1-plugins-base-1.22.12-4.el9 0.00076 false
CVE-2022-1056 Twistlock CVE Low libtiff-4.4.0-15.el9_7.2 0.00074 false
CVE-2022-1056 Anchore CVE Low libtiff-4.4.0-15.el9_7.2 0.00074 false
CVE-2025-27391 Twistlock CVE Medium org.apache.activemq_artemis-jms-client-2.33.0 0.00073 false
CVE-2025-9901 Twistlock CVE Medium libsoup-2.72.0-12.el9_7.1 0.00068 false
CVE-2025-9901 Anchore CVE Medium libsoup-2.72.0-12.el9_7.1 0.00068 false
CVE-2025-13836 Anchore CVE Medium python3.12-libs-3.12.11-2.el9 0.00066 false
CVE-2025-13836 Anchore CVE Medium python3.12-3.12.11-2.el9 0.00066 false
CVE-2025-13836 Twistlock CVE Medium python3.12-3.12.11-2.el9 0.00066 false
CVE-2025-47806 Anchore CVE Medium gstreamer1-plugins-base-1.22.12-4.el9 0.00064 false
CVE-2025-47806 Twistlock CVE Medium gstreamer1-plugins-base-1.22.12-4.el9 0.00064 false
CVE-2025-1377 Twistlock CVE Low elfutils-0.193-1.el9 0.00064 false
CVE-2025-1377 Anchore CVE Low elfutils-libelf-0.193-1.el9 0.00064 false
CVE-2025-1376 Twistlock CVE Low elfutils-0.193-1.el9 0.00064 false
CVE-2025-1376 Anchore CVE Low elfutils-libelf-0.193-1.el9 0.00064 false
CVE-2025-43228 Twistlock CVE Medium webkit2gtk3-2.50.3-1.el9_7 0.00057 false
CVE-2025-43228 Anchore CVE Medium webkit2gtk3-jsc-2.50.3-1.el9_7 0.00057 false
CVE-2025-11731 Twistlock CVE Low libxslt-1.1.34-13.el9_6 0.00057 false
CVE-2025-11731 Anchore CVE Low libxslt-1.1.34-13.el9_6 0.00057 false
CVE-2025-1371 Twistlock CVE Low elfutils-0.193-1.el9 0.00052 false
CVE-2025-1371 Anchore CVE Low elfutils-libelf-0.193-1.el9 0.00052 false
CVE-2025-52886 Anchore CVE Medium poppler-glib-21.01.0-21.el9 0.00051 false
CVE-2025-52886 Anchore CVE Medium poppler-21.01.0-21.el9 0.00051 false
CVE-2025-52886 Anchore CVE Medium poppler-data-0.4.9-9.el9 0.00051 false
CVE-2025-52886 Twistlock CVE Medium poppler-data-0.4.9-9.el9 0.00051 false
CVE-2025-52886 Twistlock CVE Medium poppler-21.01.0-21.el9 0.00051 false
CVE-2025-50952 Anchore CVE Medium openjpeg2-2.4.0-8.el9 0.00049 false
CVE-2025-50952 Twistlock CVE Medium openjpeg2-2.4.0-8.el9 0.00049 false
CVE-2025-43419 Twistlock CVE High webkit2gtk3-2.50.3-1.el9_7 0.00049 false
CVE-2025-43419 Anchore CVE High webkit2gtk3-jsc-2.50.3-1.el9_7 0.00049 false
CVE-2025-66293 Anchore CVE High java-17-openjdk-1:17.0.17.0.10-1.el9 0.00046 false
CVE-2024-13978 Twistlock CVE Low libtiff-4.4.0-15.el9_7.2 0.00042 false
CVE-2024-13978 Anchore CVE Low libtiff-4.4.0-15.el9_7.2 0.00042 false
CVE-2025-8961 Twistlock CVE Low libtiff-4.4.0-15.el9_7.2 0.00034 false
CVE-2025-8961 Anchore CVE Low libtiff-4.4.0-15.el9_7.2 0.00034 false
CVE-2025-58057 Twistlock CVE Medium io.netty_netty-codec-4.1.107.Final 0.00034 false
CVE-2025-64720 Anchore CVE High java-17-openjdk-1:17.0.17.0.10-1.el9 0.00033 false
CVE-2023-25435 Twistlock CVE Medium libtiff-4.4.0-15.el9_7.2 0.00033 false
CVE-2023-25435 Anchore CVE Medium libtiff-4.4.0-15.el9_7.2 0.00033 false
CVE-2025-52999 Twistlock CVE High com.fasterxml.jackson.core_jackson-core-2.14.2 0.00030 false
CVE-2025-9165 Anchore CVE Low libtiff-4.4.0-15.el9_7.2 0.00028 false
CVE-2025-8851 Twistlock CVE Medium libtiff-4.4.0-15.el9_7.2 0.00028 false
CVE-2025-8851 Anchore CVE Medium libtiff-4.4.0-15.el9_7.2 0.00028 false
CVE-2025-14523 Twistlock CVE High libsoup-2.72.0-12.el9_7.1 0.00028 false
CVE-2025-14523 Anchore CVE High libsoup-2.72.0-12.el9_7.1 0.00028 false
CVE-2025-9232 Anchore CVE Low openssl-1:3.5.1-4.el9_7 0.00027 false
CVE-2022-37052 Twistlock CVE Medium poppler-21.01.0-21.el9 0.00027 false
CVE-2023-25433 Twistlock CVE Medium libtiff-4.4.0-15.el9_7.2 0.00026 false
CVE-2023-25433 Anchore CVE Medium libtiff-4.4.0-15.el9_7.2 0.00026 false
CVE-2025-58056 Twistlock CVE Low io.netty_netty-codec-http-4.1.107.Final 0.00024 false
CVE-2025-50422 Anchore CVE Low poppler-21.01.0-21.el9 0.00024 false
CVE-2025-50422 Anchore CVE Low poppler-glib-21.01.0-21.el9 0.00024 false
CVE-2025-50422 Twistlock CVE Low poppler-21.01.0-21.el9 0.00024 false
CVE-2025-4516 Twistlock CVE Medium python3.12-3.12.11-2.el9 0.00023 false
CVE-2025-4516 Anchore CVE Medium python3.12-3.12.11-2.el9 0.00023 false
CVE-2025-4516 Anchore CVE Medium python3.12-libs-3.12.11-2.el9 0.00023 false
CVE-2025-47807 Anchore CVE Medium gstreamer1-plugins-base-1.22.12-4.el9 0.00021 false
CVE-2025-47807 Twistlock CVE Medium gstreamer1-plugins-base-1.22.12-4.el9 0.00021 false
CVE-2025-52885 Twistlock CVE Medium poppler-21.01.0-21.el9 0.00020 false
CVE-2025-52885 Anchore CVE Medium poppler-21.01.0-21.el9 0.00020 false
CVE-2025-52885 Anchore CVE Medium poppler-glib-21.01.0-21.el9 0.00020 false
CVE-2025-65018 Anchore CVE High java-17-openjdk-1:17.0.17.0.10-1.el9 0.00018 false
CVE-2025-54080 Anchore CVE Low exiv2-0.27.5-2.el9 0.00018 false
CVE-2025-54080 Anchore CVE Low exiv2-libs-0.27.5-2.el9 0.00018 false
CVE-2025-54080 Twistlock CVE Low exiv2-0.27.5-2.el9 0.00018 false
CVE-2025-13837 Twistlock CVE Medium python3.12-3.12.11-2.el9 0.00018 false
CVE-2025-13837 Anchore CVE Medium python3.12-3.12.11-2.el9 0.00018 false
CVE-2025-13837 Anchore CVE Medium python3.12-libs-3.12.11-2.el9 0.00018 false
CVE-2025-6075 Twistlock CVE Low python3.12-3.12.11-2.el9 0.00017 false
CVE-2025-6075 Anchore CVE Low python3.12-3.12.11-2.el9 0.00017 false
CVE-2025-6075 Anchore CVE Low python3.12-libs-3.12.11-2.el9 0.00017 false
CVE-2023-1916 Twistlock CVE Low libtiff-4.4.0-15.el9_7.2 0.00017 false
CVE-2023-1916 Anchore CVE Low libtiff-4.4.0-15.el9_7.2 0.00017 false
CVE-2025-10911 Anchore CVE Medium libxslt-1.1.34-13.el9_6 0.00016 false
CVE-2025-10911 Twistlock CVE Medium libxslt-1.1.34-13.el9_6 0.00016 false
CVE-2025-48924 Twistlock CVE Medium org.apache.commons_commons-lang3-3.14.0 0.00014 false
CVE-2025-14104 Anchore CVE Medium libfdisk-2.37.4-21.el9 0.00014 false
CVE-2025-14104 Anchore CVE Medium util-linux-2.37.4-21.el9 0.00014 false
CVE-2025-14104 Anchore CVE Medium util-linux-core-2.37.4-21.el9 0.00014 false
CVE-2024-25260 Twistlock CVE Low elfutils-0.193-1.el9 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-libelf-0.193-1.el9 0.00014 false
CVE-2025-64506 Anchore CVE Medium java-17-openjdk-1:17.0.17.0.10-1.el9 0.00012 false
CVE-2025-64505 Anchore CVE Medium java-17-openjdk-1:17.0.17.0.10-1.el9 0.00012 false
CVE-2023-3164 Twistlock CVE Medium libtiff-4.4.0-15.el9_7.2 0.00010 false
CVE-2023-3164 Anchore CVE Medium libtiff-4.4.0-15.el9_7.2 0.00010 false
CVE-2025-55304 Anchore CVE Low exiv2-libs-0.27.5-2.el9 0.00006 false
CVE-2025-55304 Anchore CVE Low exiv2-0.27.5-2.el9 0.00006 false
CVE-2025-55304 Twistlock CVE Low exiv2-0.27.5-2.el9 0.00006 false
CVE-2025-8197 Anchore CVE Low libsoup-2.72.0-12.el9_7.1 N/A false
GHSA-j288-q9x7-2f5v Anchore CVE Medium commons-lang3-3.14.0 N/A N/A
GHSA-j288-q9x7-2f5v Anchore CVE Medium commons-lang3-3.14.0 N/A N/A
GHSA-h46c-h94j-95f3 Anchore CVE High jackson-core-2.14.2 N/A N/A
GHSA-g93m-8x6h-g5gv Anchore CVE High zookeeper-3.9.1 N/A N/A
GHSA-fghv-69vj-qj49 Anchore CVE Low netty-codec-http-4.1.107.Final N/A N/A
GHSA-fghv-69vj-qj49 Anchore CVE Low netty-codec-http-4.1.107.Final N/A N/A
GHSA-67mf-3cr5-8w23 Anchore CVE Medium bcprov-jdk18on-1.77 N/A N/A
GHSA-4cx2-fc23-5wg6 Anchore CVE Medium bcpkix-jdk15on-1.70 N/A N/A
GHSA-4cx2-fc23-5wg6 Anchore CVE Medium bcpkix-jdk18on-1.77 N/A N/A
GHSA-3p8m-j85q-pgmj Anchore CVE Medium netty-codec-4.1.107.Final N/A N/A
GHSA-3p8m-j85q-pgmj Anchore CVE Medium netty-codec-4.1.107.Final N/A N/A
GHSA-2hmj-97jw-28jh Anchore CVE Medium zookeeper-3.9.1 N/A N/A

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=soacloud/custom-artemis-init&tag=0.1.2&branch=master

Tasks

Contributor:

  • Apply the StatusReview label to this issue for a merge request review and wait for feedback

OR

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue for a VAT justifications review and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Review or Verification label will be removed and the issue will be sent back to To-Do. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Review or Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by CHORE_TOKEN
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI