chore(findings): solutions-delivery-platform/jenkins/jenkins
Summary
solutions-delivery-platform/jenkins/jenkins has 6 new findings discovered during continuous monitoring.
| id | source | package |
|---|---|---|
| VULNDB-106409 | anchore_cve | commons_beanutils-1.9.3 |
| VULNDB-106409 | anchore_cve | commons_digester-2.1 |
| GHSA-m6cp-vxjx-65j6 | anchore_cve | jetty-server-9.4.39.v20210325 |
| CVE-2021-29505 | twistlock_cve | com.thoughtworks.xstream_xstream-1.4.15 |
| CVE-2021-28169 | twistlock_cve | org.eclipse.jetty_jetty-io-9.4.39.v20210325 |
| CVE-2021-34428 | twistlock_cve | org.eclipse.jetty_jetty-io-9.4.39.v20210325 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/solutions-delivery-platform/jenkins/jenkins/-/jobs/4615003
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official