chore(findings): suse/bci/bci-base
Summary
suse/bci/bci-base has 102 new findings discovered during continuous monitoring.
id | source | severity | package |
---|---|---|---|
CVE-2022-40303 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2022-29824 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-4483 | Anchore CVE | Low | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-1833 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2017-0663 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2015-7942 | Anchore CVE | Low | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-1834 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2017-5969 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2022-40304 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-1837 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2015-1819 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2023-28484 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2014-3660 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2023-29469 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2015-7497 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-1836 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2021-3516 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2018-14404 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2015-5312 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2015-7498 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-1839 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2018-14567 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-4658 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2018-9251 | Anchore CVE | Low | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2022-23308 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2021-3517 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2019-20388 | Anchore CVE | Low | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2015-8242 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-1762 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2015-8035 | Anchore CVE | Low | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2015-7941 | Anchore CVE | Low | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2022-2309 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2017-9048 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2020-24977 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-3705 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-1840 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-1835 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2020-7595 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-3627 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2017-9047 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2021-3537 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2016-1838 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2014-0191 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2019-19956 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2021-3518 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2021-3541 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2015-7499 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2015-7500 | Anchore CVE | Medium | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2017-9049 | Anchore CVE | High | libxml2-2-2.10.3-150400.5.3.2 |
CVE-2023-3446 | Anchore CVE | Medium | libopenssl1_1-hmac-1.1.1l-150500.17.6.1 |
CVE-2023-3446 | Anchore CVE | Medium | libopenssl1_1-1.1.1l-150500.17.6.1 |
CVE-2023-3446 | Anchore CVE | Medium | openssl-1_1-1.1.1l-150500.17.6.1 |
CVE-2014-0191 | OSCAP Compliance | Medium | |
CVE-2014-3660 | OSCAP Compliance | Medium | |
CVE-2015-1819 | OSCAP Compliance | Medium | |
CVE-2015-5312 | OSCAP Compliance | Medium | |
CVE-2015-7497 | OSCAP Compliance | Medium | |
CVE-2015-7498 | OSCAP Compliance | Medium | |
CVE-2015-7499 | OSCAP Compliance | Medium | |
CVE-2015-7500 | OSCAP Compliance | Medium | |
CVE-2015-7941 | OSCAP Compliance | Medium | |
CVE-2015-7942 | OSCAP Compliance | Medium | |
CVE-2015-8035 | OSCAP Compliance | Medium | |
CVE-2015-8242 | OSCAP Compliance | Medium | |
CVE-2016-1762 | OSCAP Compliance | Medium | |
CVE-2016-1833 | OSCAP Compliance | Medium | |
CVE-2016-1834 | OSCAP Compliance | Medium | |
CVE-2016-1835 | OSCAP Compliance | Medium | |
CVE-2016-1836 | OSCAP Compliance | Medium | |
CVE-2016-1837 | OSCAP Compliance | Medium | |
CVE-2016-1838 | OSCAP Compliance | Medium | |
CVE-2016-1839 | OSCAP Compliance | Medium | |
CVE-2016-1840 | OSCAP Compliance | Medium | |
CVE-2016-3627 | OSCAP Compliance | Medium | |
CVE-2016-3705 | OSCAP Compliance | Medium | |
CVE-2016-4483 | OSCAP Compliance | Medium | |
CVE-2016-4658 | OSCAP Compliance | Medium | |
CVE-2017-0663 | OSCAP Compliance | Medium | |
CVE-2017-5969 | OSCAP Compliance | Medium | |
CVE-2017-9047 | OSCAP Compliance | Medium | |
CVE-2017-9048 | OSCAP Compliance | Medium | |
CVE-2017-9049 | OSCAP Compliance | Medium | |
CVE-2018-14404 | OSCAP Compliance | Medium | |
CVE-2018-14567 | OSCAP Compliance | Medium | |
CVE-2018-9251 | OSCAP Compliance | Medium | |
CVE-2019-19956 | OSCAP Compliance | Medium | |
CVE-2019-20388 | OSCAP Compliance | Medium | |
CVE-2020-24977 | OSCAP Compliance | Medium | |
CVE-2020-7595 | OSCAP Compliance | Medium | |
CVE-2021-3516 | OSCAP Compliance | Medium | |
CVE-2021-3517 | OSCAP Compliance | Medium | |
CVE-2021-3518 | OSCAP Compliance | Medium | |
CVE-2021-3537 | OSCAP Compliance | Medium | |
CVE-2021-3541 | OSCAP Compliance | Medium | |
CVE-2022-2309 | OSCAP Compliance | Medium | |
CVE-2022-23308 | OSCAP Compliance | Medium | |
CVE-2022-29824 | OSCAP Compliance | Medium | |
CVE-2022-40303 | OSCAP Compliance | Medium | |
CVE-2022-40304 | OSCAP Compliance | Medium | |
CVE-2023-28484 | OSCAP Compliance | Medium | |
CVE-2023-29469 | OSCAP Compliance | Medium | |
CVE-2023-3446 | OSCAP Compliance | Medium |
VAT: https://vat.dso.mil/vat/image?imageName=suse/bci/bci-base&tag=15.5&branch=master
More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=suse/bci/bci-base&tag=15.5&branch=master
Tasks
Contributor:
-
Provide justifications for findings in the VAT (docs) -
Apply the ~"Hardening::Verification" label to this issue and wait for feedback
Iron Bank:
-
Review findings and justifications
Note: If the above process is rejected for any reason, the
Verification
label will be removed and the issue will be sent back toOpen
. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add theVerification
label.
Questions?
Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding
.
Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.