chore(findings): sonarsource/sonar-scanner-cli
Summary
sonarsource/sonar-scanner-cli has 4 new findings discovered during continuous monitoring.
| id | source | package |
|---|---|---|
| CVE-2021-3712 | anchore_cve | openssl-1.1.1g-15.el8_3 |
| CVE-2021-3712 | twistlock_cve | openssl-1.1.1g-15.el8_3 |
| CVE-2021-32803 | twistlock_cve | tar-4.4.13 |
| CVE-2021-32804 | twistlock_cve | tar-4.4.13 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/sonarsource/sonar-scanner-cli/-/jobs/6071018
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official
Edited by Andy Maksymowicz