chore(findings): synopsys/blackduck/blackduck-cfssl
Summary
synopsys/blackduck/blackduck-cfssl has 128 new findings discovered during continuous monitoring.
| id | source | severity | package |
|---|---|---|---|
| CCE-80809-7 | oscap_comp | Medium | |
| CVE-2021-3733 | twistlock_cve | Medium | python3-libs-3.6.8-41.el8 |
| CVE-2021-3733 | twistlock_cve | Medium | platform-python-3.6.8-41.el8 |
| CVE-2020-12401 | twistlock_cve | Medium | nss-util-3.67.0-7.el8_5 |
| CVE-2020-12401 | twistlock_cve | Medium | nss-softokn-3.67.0-7.el8_5 |
| CVE-2020-12401 | twistlock_cve | Medium | nss-3.67.0-7.el8_5 |
| CVE-2020-12401 | twistlock_cve | Medium | nss-softokn-freebl-3.67.0-7.el8_5 |
| CVE-2020-12401 | twistlock_cve | Medium | nss-sysinit-3.67.0-7.el8_5 |
| CVE-2020-12401 | anchore_cve | Medium | nss-3.67.0-7.el8_5 |
| CVE-2020-12401 | anchore_cve | Medium | nss-softokn-freebl-3.67.0-7.el8_5 |
| CVE-2020-12401 | anchore_cve | Medium | nss-softokn-3.67.0-7.el8_5 |
| CVE-2020-12401 | anchore_cve | Medium | nss-util-3.67.0-7.el8_5 |
| CVE-2020-12401 | anchore_cve | Medium | nss-sysinit-3.67.0-7.el8_5 |
| CVE-2021-4189 | anchore_cve | Medium | platform-python-3.6.8-41.el8 |
| CVE-2021-4189 | anchore_cve | Medium | python3-libs-3.6.8-41.el8 |
| CVE-2021-4189 | twistlock_cve | Medium | python3-libs-3.6.8-41.el8 |
| CVE-2021-4189 | twistlock_cve | Medium | platform-python-3.6.8-41.el8 |
| CCE-85902-5 | oscap_comp | High | |
| CCE-85897-7 | oscap_comp | Medium | |
| CCE-85870-4 | oscap_comp | High | |
| CCE-85899-3 | oscap_comp | Medium | |
| CCE-86233-4 | oscap_comp | Medium | |
| CCE-85987-6 | oscap_comp | Medium | |
| CCE-85910-8 | oscap_comp | Medium | |
| CCE-80667-9 | oscap_comp | Medium | |
| CCE-80668-7 | oscap_comp | Medium | |
| CCE-80669-5 | oscap_comp | Medium | |
| CCE-80670-3 | oscap_comp | Medium | |
| CCE-81037-4 | oscap_comp | Medium | |
| CCE-81035-8 | oscap_comp | Medium | |
| CVE-2021-35939 | twistlock_cve | Medium | rpm-4.14.3-19.el8_5.2 |
| CVE-2021-35938 | twistlock_cve | Medium | rpm-4.14.3-19.el8_5.2 |
| CVE-2021-35937 | twistlock_cve | Medium | rpm-4.14.3-19.el8_5.2 |
| CVE-2021-35939 | twistlock_cve | Medium | rpm-build-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35938 | twistlock_cve | Medium | rpm-build-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35937 | twistlock_cve | Medium | rpm-build-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35939 | twistlock_cve | Medium | rpm-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35938 | twistlock_cve | Medium | rpm-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35937 | twistlock_cve | Medium | rpm-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35939 | twistlock_cve | Medium | python3-rpm-4.14.3-19.el8_5.2 |
| CVE-2021-35938 | twistlock_cve | Medium | python3-rpm-4.14.3-19.el8_5.2 |
| CVE-2021-35937 | twistlock_cve | Medium | python3-rpm-4.14.3-19.el8_5.2 |
| CVE-2021-35937 | anchore_cve | Medium | rpm-build-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35938 | anchore_cve | Medium | rpm-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35939 | anchore_cve | Medium | rpm-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35938 | anchore_cve | Medium | rpm-4.14.3-19.el8_5.2 |
| CVE-2021-35938 | anchore_cve | Medium | python3-rpm-4.14.3-19.el8_5.2 |
| CVE-2021-35938 | anchore_cve | Medium | rpm-build-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35939 | anchore_cve | Medium | python3-rpm-4.14.3-19.el8_5.2 |
| CVE-2021-35937 | anchore_cve | Medium | python3-rpm-4.14.3-19.el8_5.2 |
| CVE-2021-35939 | anchore_cve | Medium | rpm-4.14.3-19.el8_5.2 |
| CVE-2021-35939 | anchore_cve | Medium | rpm-build-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35937 | anchore_cve | Medium | rpm-libs-4.14.3-19.el8_5.2 |
| CVE-2021-35937 | anchore_cve | Medium | rpm-4.14.3-19.el8_5.2 |
| CVE-2021-44569 | twistlock_cve | Medium | libsolv-0.7.19-1.el8 |
| CVE-2022-0391 | twistlock_cve | Medium | python3-libs-3.6.8-41.el8 |
| CVE-2022-0391 | twistlock_cve | Medium | platform-python-3.6.8-41.el8 |
| CVE-2021-44577 | twistlock_cve | Medium | libsolv-0.7.19-1.el8 |
| CVE-2021-44576 | twistlock_cve | Medium | libsolv-0.7.19-1.el8 |
| CVE-2021-44575 | twistlock_cve | Medium | libsolv-0.7.19-1.el8 |
| CVE-2021-44573 | twistlock_cve | Medium | libsolv-0.7.19-1.el8 |
| CVE-2021-44571 | twistlock_cve | Medium | libsolv-0.7.19-1.el8 |
| CVE-2021-44574 | twistlock_cve | Medium | libsolv-0.7.19-1.el8 |
| CVE-2021-44570 | twistlock_cve | Medium | libsolv-0.7.19-1.el8 |
| CVE-2022-0391 | anchore_cve | Medium | platform-python-3.6.8-41.el8 |
| CVE-2022-0391 | anchore_cve | Medium | python3-libs-3.6.8-41.el8 |
| CVE-2022-0235 | twistlock_cve | Medium | dnf-plugin-subscription-manager-1.28.13-2.el8 |
| CVE-2017-15412 | twistlock_cve | Medium | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2016-5131 | twistlock_cve | Medium | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2017-0663 | twistlock_cve | Medium | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2017-9047 | twistlock_cve | Medium | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2017-9050 | twistlock_cve | Medium | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2017-9049 | twistlock_cve | Medium | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2017-7375 | twistlock_cve | Medium | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2016-4658 | twistlock_cve | Medium | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2017-9048 | twistlock_cve | Low | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2017-18258 | twistlock_cve | Low | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2017-14501 | twistlock_cve | Low | libarchive-3.3.3-3.el8_5 |
| CVE-2017-14166 | twistlock_cve | Low | libarchive-3.3.3-3.el8_5 |
| CVE-2017-14501 | anchore_cve | Low | libarchive-3.3.3-3.el8_5 |
| CVE-2017-14166 | anchore_cve | Low | libarchive-3.3.3-3.el8_5 |
| CVE-2022-22824 | twistlock_cve | Medium | expat-2.2.5-4.el8_5.3 |
| CVE-2022-22823 | twistlock_cve | Medium | expat-2.2.5-4.el8_5.3 |
| CVE-2022-22822 | twistlock_cve | Medium | expat-2.2.5-4.el8_5.3 |
| CVE-2022-22827 | twistlock_cve | Medium | expat-2.2.5-4.el8_5.3 |
| CVE-2022-22826 | twistlock_cve | Medium | expat-2.2.5-4.el8_5.3 |
| CVE-2022-22825 | twistlock_cve | Medium | expat-2.2.5-4.el8_5.3 |
| CVE-2021-46143 | twistlock_cve | Medium | expat-2.2.5-4.el8_5.3 |
| CVE-2022-25314 | twistlock_cve | Medium | expat-2.2.5-4.el8_5.3 |
| CVE-2022-25313 | twistlock_cve | Medium | expat-2.2.5-4.el8_5.3 |
| CVE-2022-25313 | anchore_cve | Medium | expat-2.2.5-4.el8_5.3 |
| CVE-2022-25314 | anchore_cve | Medium | expat-2.2.5-4.el8_5.3 |
| CVE-2022-27943 | twistlock_cve | Medium | libgcc-8.5.0-4.el8_5 |
| CVE-2022-27943 | twistlock_cve | Medium | libstdc++-8.5.0-4.el8_5 |
| CCE-86377-9 | oscap_comp | Medium | |
| CVE-2022-26280 | twistlock_cve | Critical | libarchive-3.3.3-3.el8_5 |
| CVE-2022-1304 | anchore_cve | Medium | libcom_err-1.45.6-2.el8 |
| CCE-84254-2 | oscap_comp | Medium | |
| CVE-2022-1304 | twistlock_cve | Medium | libcom_err-1.45.6-2.el8 |
| CVE-2015-20107 | twistlock_cve | Medium | python3-libs-3.6.8-41.el8 |
| CVE-2015-20107 | twistlock_cve | Medium | platform-python-3.6.8-41.el8 |
| CVE-2015-20107 | anchore_cve | Medium | python3-libs-3.6.8-41.el8 |
| CVE-2015-20107 | anchore_cve | Medium | platform-python-3.6.8-41.el8 |
| CVE-2022-27776 | anchore_cve | Medium | curl-7.61.1-22.el8 |
| CVE-2022-27774 | anchore_cve | Medium | libcurl-7.61.1-22.el8 |
| CVE-2022-22576 | anchore_cve | Medium | curl-7.61.1-22.el8 |
| CVE-2022-27776 | anchore_cve | Medium | libcurl-7.61.1-22.el8 |
| CVE-2022-22576 | anchore_cve | Medium | libcurl-7.61.1-22.el8 |
| CVE-2022-27774 | anchore_cve | Medium | curl-7.61.1-22.el8 |
| CVE-2022-27774 | twistlock_cve | Medium | curl-7.61.1-22.el8 |
| CVE-2022-27774 | twistlock_cve | Medium | libcurl-7.61.1-22.el8 |
| CVE-2022-22576 | twistlock_cve | Medium | libcurl-7.61.1-22.el8 |
| CVE-2022-22576 | twistlock_cve | Medium | curl-7.61.1-22.el8 |
| CVE-2022-27776 | twistlock_cve | Medium | libcurl-7.61.1-22.el8 |
| CVE-2022-27776 | twistlock_cve | Medium | curl-7.61.1-22.el8 |
| CVE-2018-25032 | twistlock_cve | Critical | zlib-1.2.11-18.el8_5 |
| CVE-2022-1292 | twistlock_cve | Medium | openssl-libs-1.1.1k-6.el8_5 |
| CVE-2022-1292 | twistlock_cve | Medium | openssl-1.1.1k-6.el8_5 |
| CVE-2022-29824 | twistlock_cve | Medium | libxml2-2.9.7-12.el8_5 |
| CVE-2022-29824 | twistlock_cve | Medium | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2022-1586 | twistlock_cve | Medium | pcre2-10.32-2.el8 |
| CVE-2022-29155 | twistlock_cve | Medium | openldap-2.4.46-18.el8 |
| CVE-2022-1586 | anchore_cve | Medium | pcre2-10.32-2.el8 |
| CVE-2022-29824 | anchore_cve | Medium | libxml2-2.9.7-12.el8_5 |
| CVE-2022-29824 | anchore_cve | Medium | python3-libxml2-2.9.7-12.el8_5 |
| CVE-2022-1616 | twistlock_cve | Low | vim-minimal-8.0.1763-16.el8_5.13 |
| CVE-2022-1620 | twistlock_cve | Low | vim-minimal-8.0.1763-16.el8_5.13 |
| CVE-2022-1619 | twistlock_cve | Low | vim-minimal-8.0.1763-16.el8_5.13 |
VAT: https://vat.dso.mil/vat/container/1024?branch=master
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/synopsys/blackduck/blackduck-cfssl/-/jobs/9126898
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official
Edited by Ghost User