chore(findings): synopsys/seeker/seeker-server
Summary
synopsys/seeker/seeker-server has 392 new findings discovered during continuous monitoring.
id | source | severity | package |
---|---|---|---|
CVE-2023-44487 | Anchore CVE | High | jetty-annotations-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-security-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-continuation-9.4.51.v20230217 |
CVE-2023-41080 | Anchore CVE | Medium | tomcat-jdbc-9.0.71 |
CVE-2022-41862 | Anchore CVE | Low | postgresql-14.5 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-util-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-setuid-java-1.0.4 |
CVE-2023-46589 | Anchore CVE | High | tomcat-jdbc-9.0.71 |
CVE-2023-44487 | Anchore CVE | High | jetty-continuation-9.4.51.v20230217 |
CVE-2023-36478 | Anchore CVE | High | jetty-http-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-servlets-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-util-9.4.51.v20230217 |
CVE-2023-5868 | Anchore CVE | Medium | postgresql-14.5 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-servlet-9.4.51.v20230217 |
CVE-2023-36478 | Anchore CVE | High | jetty-io-9.4.51.v20230217 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-security-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-jndi-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-client-9.4.51.v20230217 |
CVE-2023-28709 | Anchore CVE | High | tomcat-jdbc-9.0.71 |
CVE-2023-42794 | Anchore CVE | Medium | tomcat-jdbc-9.0.71 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-servlets-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-http-9.4.51.v20230217 |
CVE-2023-36478 | Anchore CVE | High | jetty-plus-9.4.51.v20230217 |
CVE-2020-13956 | Anchore CVE | Medium | commons-httpclient-3.1 |
CVE-2023-36478 | Anchore CVE | High | jetty-xml-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-xml-9.4.51.v20230217 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-jndi-9.4.51.v20230217 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-annotations-9.4.51.v20230217 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-xml-9.4.51.v20230217 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-servlet-9.4.51.v20230217 |
CVE-2023-45648 | Anchore CVE | Medium | tomcat-jdbc-9.0.71 |
CVE-2022-1552 | Anchore CVE | High | postgresql-10.19 |
GHSA-9w3m-gqgf-c4p9 | Anchore CVE | Medium | snakeyaml-1.31 |
CVE-2023-36478 | Anchore CVE | High | jetty-annotations-9.4.51.v20230217 |
GHSA-mjmj-j48q-9wg2 | Anchore CVE | High | snakeyaml-1.31 |
CVE-2023-36478 | Anchore CVE | High | jetty-servlet-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-util-9.4.51.v20230217 |
CVE-2023-20863 | Anchore CVE | Medium | spring-core-5.3.20 |
CVE-2012-5783 | Anchore CVE | Medium | commons-httpclient-3.1 |
CVE-2023-44487 | Anchore CVE | High | jetty-servlets-9.4.51.v20230217 |
GHSA-w37g-rhq8-7m4j | Anchore CVE | Medium | snakeyaml-1.31 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-continuation-9.4.51.v20230217 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-util-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-util-ajax-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-jndi-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-webapp-9.4.51.v20230217 |
GHSA-59j4-wjwp-mw9m | Anchore CVE | High | velocity-1.7 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-webapp-9.4.51.v20230217 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-http-9.4.51.v20230217 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-security-9.4.51.v20230217 |
CVE-2023-39417 | Anchore CVE | High | postgresql-14.5 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-http-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-server-9.4.51.v20230217 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-setuid-java-1.0.4 |
CVE-2022-2625 | Anchore CVE | High | postgresql-10.19 |
GHSA-gm62-rw4g-vrc4 | Anchore CVE | High | logback-core-1.2.12 |
CVE-2023-44487 | Anchore CVE | High | tomcat-jdbc-9.0.71 |
CVE-2023-20861 | Anchore CVE | Medium | spring-core-5.3.20 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-xml-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-server-9.4.51.v20230217 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-util-ajax-9.4.51.v20230217 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-annotations-9.4.51.v20230217 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-servlet-9.4.51.v20230217 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-xml-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-plus-9.4.51.v20230217 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-server-9.4.51.v20230217 |
CVE-2023-36478 | Anchore CVE | High | jetty-server-9.4.51.v20230217 |
GHSA-cmxj-wx9v-52qr | Anchore CVE | Medium | not-yet-commons-ssl-0.3.9 |
GHSA-4jrv-ppp4-jm57 | Anchore CVE | High | gson-2.8.8 |
CVE-2019-9193 | Anchore CVE | High | postgresql-10.19 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-util-ajax-9.4.51.v20230217 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-plus-9.4.51.v20230217 |
CVE-2023-36478 | Anchore CVE | High | jetty-webapp-9.4.51.v20230217 |
CVE-2023-36478 | Anchore CVE | High | jetty-util-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-annotations-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-webapp-9.4.51.v20230217 |
GHSA-r68h-jhhj-9jvm | Anchore CVE | High | esapi-2.3.0.0 |
CVE-2023-5869 | Anchore CVE | High | postgresql-14.5 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-client-9.4.51.v20230217 |
CVE-2023-36478 | Anchore CVE | High | jetty-security-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-util-ajax-9.4.51.v20230217 |
GHSA-vmq6-5m68-f53m | Anchore CVE | High | logback-classic-1.2.12 |
CVE-2023-5870 | Anchore CVE | Medium | postgresql-14.5 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-http-9.4.51.v20230217 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-setuid-java-1.0.4 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-server-9.4.51.v20230217 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-plus-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-io-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-plus-9.4.51.v20230217 |
GHSA-vmq6-5m68-f53m | Anchore CVE | High | logback-core-1.2.12 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-client-9.4.51.v20230217 |
CVE-2023-36478 | Anchore CVE | High | jetty-jndi-9.4.51.v20230217 |
CVE-2023-2455 | Anchore CVE | Medium | postgresql-14.5 |
GHSA-7c2q-5qmr-v76q | Anchore CVE | High | esapi-2.3.0.0 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-io-9.4.51.v20230217 |
GHSA-xfrj-6vvc-3xm2 | Anchore CVE | Medium | xmlsec-2.1.7 |
CVE-2023-20860 | Anchore CVE | High | spring-core-5.3.20 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-servlets-9.4.51.v20230217 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-continuation-9.4.51.v20230217 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-jndi-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-client-9.4.51.v20230217 |
CVE-2023-41900 | Anchore CVE | Medium | jetty-webapp-9.4.51.v20230217 |
CVE-2023-36478 | Anchore CVE | High | jetty-util-ajax-9.4.51.v20230217 |
CVE-2023-44487 | Anchore CVE | High | jetty-servlet-9.4.51.v20230217 |
CVE-2023-36479 | Anchore CVE | Medium | jetty-io-9.4.51.v20230217 |
CVE-2023-40167 | Anchore CVE | Medium | jetty-io-9.4.51.v20230217 |
CVE-2021-3393 | Anchore CVE | Medium | postgresql-10.19 |
CVE-2023-34034 | Anchore CVE | Critical | spring-security-core-5.6.9 |
CVE-2023-2454 | Anchore CVE | High | postgresql-14.5 |
CVE-2023-44487 | Anchore CVE | High | jetty-security-9.4.51.v20230217 |
CVE-2023-36478 | Anchore CVE | High | jetty-client-9.4.51.v20230217 |
CVE-2023-42795 | Anchore CVE | Medium | tomcat-jdbc-9.0.71 |
CVE-2023-35116 | Anchore CVE | Medium | jackson-databind-2.13.5 |
CVE-2023-36478 | Anchore CVE | High | jetty-continuation-9.4.51.v20230217 |
CVE-2023-36478 | Anchore CVE | High | jetty-servlets-9.4.51.v20230217 |
CVE-2024-0985 | Anchore CVE | High | postgresql-14.5 |
GHSA-8r3f-844c-mc37 | Anchore CVE | Medium | google.golang.org/protobuf-v1.31.0 |
GHSA-8r3f-844c-mc37 | Anchore CVE | Medium | google.golang.org/protobuf-v1.31.0 |
GHSA-264p-99wq-f4j6 | Anchore CVE | High | ion-java-1.0.2 |
GHSA-4v7x-pqxf-cx7m | Anchore CVE | Medium | golang.org/x/net-v0.17.0 |
GHSA-4v7x-pqxf-cx7m | Anchore CVE | Medium | golang.org/x/net-v0.17.0 |
CVE-2019-17566 | Anchore CVE | High | bridge-1.6.0 |
CVE-2023-24536 | Anchore CVE | High | stdlib-go1.19.1 |
GHSA-wjxj-5m7g-mg7q | Anchore CVE | Medium | bcprov-ext-jdk15on-1.69 |
CVE-2022-41704 | Anchore CVE | High | css-1.6.0 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.osgi.services-3.3.100.v20130513-1956 |
CVE-2023-39318 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2023-44487 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2017-5662 | Anchore CVE | High | svg-1.6.0 |
CVE-2019-17566 | Anchore CVE | High | parser-1.6.0 |
CVE-2022-42890 | Anchore CVE | High | awt-1.6.0 |
CVE-2023-24539 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-46589 | Anchore CVE | High | tomcat-juli-9.0.71 |
CVE-2017-5662 | Anchore CVE | High | transcoder-1.6.0 |
CVE-2023-28709 | Anchore CVE | High | tomcat-juli-9.0.71 |
CVE-2022-41704 | Anchore CVE | High | pdf-1.6.0 |
CVE-2022-41723 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-29403 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2018-8013 | Anchore CVE | Critical | svggen-1.6.0 |
CVE-2023-41080 | Anchore CVE | Medium | tomcat-juli-9.0.71 |
CVE-2019-17566 | Anchore CVE | High | css-1.6.0 |
CVE-2020-11987 | Anchore CVE | High | xml-1.6.0 |
CVE-2023-29404 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2022-41723 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2019-17566 | Anchore CVE | High | pdf-1.6.0 |
CVE-2016-6325 | Anchore CVE | High | tomcat-juli-9.0.71 |
CVE-2020-11987 | Anchore CVE | High | svggen-1.6.0 |
CVE-2023-45287 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2019-17566 | Anchore CVE | High | svggen-1.6.0 |
CVE-2022-41704 | Anchore CVE | High | svg-1.6.0 |
CVE-2023-24538 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2023-39326 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2023-39318 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2015-0250 | Anchore CVE | Medium | parser-1.6.0 |
CVE-2022-41724 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2017-5662 | Anchore CVE | High | bridge-1.6.0 |
CVE-2018-8013 | Anchore CVE | Critical | dom-1.6.0 |
CVE-2022-41704 | Anchore CVE | High | bridge-1.6.0 |
CVE-2020-11987 | Anchore CVE | High | svg-1.6.0 |
CVE-2023-29402 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2023-24534 | Anchore CVE | High | stdlib-go1.19.1 |
GHSA-wxqc-pxw9-g2p8 | Anchore CVE | High | spring-expression-5.3.20 |
CVE-2015-0250 | Anchore CVE | Medium | css-1.6.0 |
CVE-2023-44487 | Anchore CVE | High | stdlib-go1.19.1 |
GHSA-f3jh-qvm4-mg39 | Anchore CVE | High | spring-security-core-5.6.9 |
CVE-2015-0250 | Anchore CVE | Medium | dom-1.6.0 |
CVE-2023-24540 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2018-8013 | Anchore CVE | Critical | pdf-1.6.0 |
CVE-2023-39326 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2023-29404 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2023-42795 | Anchore CVE | Medium | tomcat-juli-9.0.71 |
CVE-2017-5662 | Anchore CVE | High | awt-1.6.0 |
GHSA-2wrp-6fg6-hmc5 | Anchore CVE | High | spring-web-5.3.20 |
CVE-2017-5662 | Anchore CVE | High | gui-1.6.0 |
CVE-2022-41704 | Anchore CVE | High | xml-1.6.0 |
CVE-2023-24538 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2015-0250 | Anchore CVE | Medium | svg-1.6.0 |
CVE-2023-45287 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.update.configurator-3.3.200.v20130326-1319 |
CVE-2022-41704 | Anchore CVE | High | awt-1.6.0 |
CVE-2023-24540 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2023-29409 | Anchore CVE | Medium | stdlib-go1.19.1 |
GHSA-4jrv-ppp4-jm57 | Anchore CVE | High | gson-2.8.8 |
CVE-2023-44487 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-24534 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-29406 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2022-42890 | Anchore CVE | High | transcoder-1.6.0 |
CVE-2022-42890 | Anchore CVE | High | pdf-1.6.0 |
CVE-2020-11987 | Anchore CVE | High | pdf-1.6.0 |
CVE-2022-41704 | Anchore CVE | High | svggen-1.6.0 |
CVE-2015-0250 | Anchore CVE | Medium | xml-1.6.0 |
CVE-2018-8013 | Anchore CVE | Critical | svg-1.6.0 |
CVE-2023-39318 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2023-24536 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2017-5662 | Anchore CVE | High | css-1.6.0 |
CVE-2018-8013 | Anchore CVE | Critical | xml-1.6.0 |
CVE-2023-24538 | Anchore CVE | Critical | stdlib-go1.19.1 |
GHSA-564r-hj7v-mcr5 | Anchore CVE | Medium | spring-expression-5.3.20 |
GHSA-hr8g-6v94-x4m9 | Anchore CVE | Medium | bcprov-ext-jdk15on-1.69 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.equinox.preferences-3.5.100.v20130422-1538 |
CVE-2023-44487 | Anchore CVE | High | tomcat-juli-9.0.71 |
GHSA-9339-86wc-4qgf | Anchore CVE | High | xalan-2.7.2 |
CVE-2023-24537 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-42890 | Anchore CVE | High | css-1.6.0 |
CVE-2018-8013 | Anchore CVE | Critical | awt-1.6.0 |
CVE-2017-5662 | Anchore CVE | High | dom-1.6.0 |
CVE-2023-39319 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2022-41704 | Anchore CVE | High | dom-1.6.0 |
CVE-2023-29406 | Anchore CVE | Medium | stdlib-go1.19.1 |
GHSA-wjxj-5m7g-mg7q | Anchore CVE | Medium | bcprov-jdk15on-1.70 |
CVE-2023-24537 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2015-0250 | Anchore CVE | Medium | transcoder-1.6.0 |
CVE-2023-29409 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2023-39326 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2015-0250 | Anchore CVE | Medium | awt-1.6.0 |
CVE-2020-11987 | Anchore CVE | High | bridge-1.6.0 |
CVE-2022-42890 | Anchore CVE | High | util-1.6.0 |
CVE-2020-11987 | Anchore CVE | High | transcoder-1.6.0 |
CVE-2023-24540 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2023-28708 | Anchore CVE | Medium | tomcat-juli-9.0.71 |
CVE-2022-42890 | Anchore CVE | High | parser-1.6.0 |
CVE-2019-17566 | Anchore CVE | High | dom-1.6.0 |
CVE-2020-11987 | Anchore CVE | High | gui-1.6.0 |
CVE-2020-11987 | Anchore CVE | High | awt-1.6.0 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.equinox.app-1.3.100.v20130327-1442 |
CVE-2023-24532 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2024-1597 | Twistlock CVE | Critical | org.postgresql_postgresql-42.3.3 |
CVE-2022-0839 | Twistlock CVE | Critical | liquibase-core-4.4.2 |
CVE-2021-3538 | Twistlock CVE | Critical | github.com/satori/go.uuid-v1.2.0 |
CVE-2023-34034 | Twistlock CVE | Critical | spring-security-config-5.6.9 |
CVE-2024-22243 | Twistlock CVE | High | spring-web-5.3.20 |
GHSA-7c2q-5qmr-v76q | Twistlock CVE | High | org.owasp.esapi_esapi-2.3.0.0 |
CVE-2023-20863 | Twistlock CVE | High | spring-expression-5.3.20 |
CVE-2023-6378 | Twistlock CVE | High | ch.qos.logback_logback-classic-1.2.12 |
CVE-2022-31197 | Twistlock CVE | High | org.postgresql_postgresql-42.3.3 |
GHSA-r68h-jhhj-9jvm | Twistlock CVE | High | org.owasp.esapi_esapi-2.3.0.0 |
CVE-2023-20861 | Twistlock CVE | Medium | spring-expression-5.3.20 |
CVE-2023-33201 | Twistlock CVE | Medium | org.bouncycastle_bcprov-jdk15on-1.70 |
CVE-2023-33201 | Twistlock CVE | Medium | org.bouncycastle_bcprov-ext-jdk15on-1.69 |
CVE-2022-41946 | Twistlock CVE | Medium | org.postgresql_postgresql-42.3.3 |
CVE-2022-3857 | Twistlock CVE | Low | libpng-1.6.34-5.el8 |
CVE-2019-7317 | Twistlock CVE | Low | libpng-1.6.34-5.el8 |
CVE-2023-33202 | Twistlock CVE | Medium | org.bouncycastle_bcprov-jdk15on-1.70 |
CVE-2023-33202 | Twistlock CVE | Medium | org.bouncycastle_bcprov-ext-jdk15on-1.69 |
CVE-2024-22257 | Twistlock CVE | High | spring-security-core-5.6.9 |
CVE-2024-22259 | Twistlock CVE | High | spring-web-5.3.20 |
CVE-2023-45288 | Twistlock CVE | Medium | golang.org/x/net/http2-v0.17.0 |
CVE-2024-21634 | Twistlock CVE | High | software.amazon.ion_ion-java-1.0.2 |
CVE-2024-22262 | Twistlock CVE | High | spring-web-5.3.20 |
CVE-2023-39319 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2017-5662 | Anchore CVE | High | util-1.6.0 |
CVE-2022-41715 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-24534 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-41725 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-41717 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2018-8013 | Anchore CVE | Critical | transcoder-1.6.0 |
CVE-2023-24537 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-24532 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2017-5662 | Anchore CVE | High | pdf-1.6.0 |
CVE-2022-42890 | Anchore CVE | High | svg-1.6.0 |
CVE-2023-29406 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2022-42890 | Anchore CVE | High | bridge-1.6.0 |
CVE-2020-11987 | Anchore CVE | High | util-1.6.0 |
CVE-2015-0250 | Anchore CVE | Medium | svggen-1.6.0 |
CVE-2015-0250 | Anchore CVE | Medium | gui-1.6.0 |
CVE-2022-2879 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-45285 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-29409 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2022-2880 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-42794 | Anchore CVE | Medium | tomcat-juli-9.0.71 |
GHSA-r38f-c4h4-hqq2 | Anchore CVE | High | postgresql-42.3.3 |
CVE-2022-41704 | Anchore CVE | High | util-1.6.0 |
CVE-2023-2004 | Anchore CVE | Low | freetype-2.9.1-9.el8 |
CVE-2023-45287 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2019-17566 | Anchore CVE | High | util-1.6.0 |
CVE-2022-41725 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2018-8013 | Anchore CVE | Critical | gui-1.6.0 |
CVE-2023-29405 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2017-5662 | Anchore CVE | High | xml-1.6.0 |
CVE-2023-24532 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.core.resources-3.9.1.v20140825-1431 |
CVE-2016-5425 | Anchore CVE | High | tomcat-juli-9.0.71 |
CVE-2018-8013 | Anchore CVE | Critical | bridge-1.6.0 |
CVE-2023-29400 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-41715 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-42890 | Anchore CVE | High | gui-1.6.0 |
CVE-2023-39323 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-41717 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2019-17566 | Anchore CVE | High | transcoder-1.6.0 |
CVE-2017-5662 | Anchore CVE | High | svggen-1.6.0 |
CVE-2022-2880 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2018-8013 | Anchore CVE | Critical | parser-1.6.0 |
CVE-2022-41715 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2019-17566 | Anchore CVE | High | awt-1.6.0 |
CVE-2015-0250 | Anchore CVE | Medium | bridge-1.6.0 |
CVE-2022-41717 | Anchore CVE | Medium | stdlib-go1.19.1 |
CVE-2023-39319 | Anchore CVE | Medium | stdlib-go1.19.1 |
GHSA-ccgv-vj62-xf9h | Anchore CVE | High | spring-web-5.3.20 |
CVE-2022-41704 | Anchore CVE | High | parser-1.6.0 |
CVE-2015-0250 | Anchore CVE | Medium | pdf-1.6.0 |
CVE-2019-17566 | Anchore CVE | High | svg-1.6.0 |
CVE-2022-2879 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2018-8013 | Anchore CVE | Critical | css-1.6.0 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.osgi-3.10.2.v20150203-1939 |
CVE-2023-45285 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-42890 | Anchore CVE | High | xml-1.6.0 |
CVE-2019-17566 | Anchore CVE | High | xml-1.6.0 |
CVE-2019-7317 | Anchore CVE | Low | libpng-2:1.6.34-5.el8 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.equinox.registry-3.5.400.v20140428-1507 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.core.runtime-3.9.0.v20130326-1255 |
CVE-2022-41725 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.core.contenttype-3.4.200.v20130326-1255 |
CVE-2022-42890 | Anchore CVE | High | svggen-1.6.0 |
CVE-2023-29405 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2023-39323 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-41704 | Anchore CVE | High | transcoder-1.6.0 |
CVE-2023-29400 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2019-17566 | Anchore CVE | High | gui-1.6.0 |
GHSA-3h6f-g5f3-gc4w | Anchore CVE | Critical | spring-security-config-5.6.9 |
CVE-2023-29402 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2023-39323 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.core.filesystem-1.4.0.v20130514-1240 |
GHSA-hr8g-6v94-x4m9 | Anchore CVE | Medium | bcprov-jdk15on-1.70 |
CVE-2023-29403 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-42890 | Anchore CVE | High | dom-1.6.0 |
CVE-2023-45648 | Anchore CVE | Medium | tomcat-juli-9.0.71 |
CVE-2015-0250 | Anchore CVE | Medium | util-1.6.0 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.core.jobs-3.6.1.v20141014-1248 |
CVE-2022-41724 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.equinox.common-3.6.200.v20130402-1505 |
CVE-2022-2879 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-24536 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-41704 | Anchore CVE | High | gui-1.6.0 |
CVE-2022-2880 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-3857 | Anchore CVE | Low | libpng-2:1.6.34-5.el8 |
GHSA-j24h-xcpc-9jw8 | Anchore CVE | Medium | org.eclipse.core.runtime-3.9.0.v20130326-1255 |
CVE-2020-27225 | Anchore CVE | High | org.eclipse.core.expressions-3.4.500.v20130515-1343 |
CVE-2022-41723 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2020-11987 | Anchore CVE | High | parser-1.6.0 |
GHSA-562r-vg33-8x8h | Anchore CVE | Medium | postgresql-42.3.3 |
GHSA-24rp-q3w6-vc56 | Anchore CVE | Critical | postgresql-42.3.3 |
CVE-2023-29405 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2023-24539 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-29402 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2017-5662 | Anchore CVE | High | parser-1.6.0 |
CVE-2023-29403 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-45285 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2018-8013 | Anchore CVE | Critical | util-1.6.0 |
CVE-2023-29404 | Anchore CVE | Critical | stdlib-go1.19.1 |
CVE-2023-29400 | Anchore CVE | High | stdlib-go1.19.1 |
GHSA-hgjh-9rj2-g67j | Anchore CVE | High | spring-web-5.3.20 |
CVE-2023-24539 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-41724 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2020-11987 | Anchore CVE | High | css-1.6.0 |
CVE-2020-11987 | Anchore CVE | High | dom-1.6.0 |
CVE-2022-41722 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-41722 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2022-41722 | Anchore CVE | High | stdlib-go1.19.1 |
CVE-2023-4218 | Twistlock CVE | Medium | org.eclipse.core.runtime-3.9.0.v20130326-1255 |
CVE-2023-34034 | Twistlock CVE | Critical | spring-security-core-5.6.9 |
CVE-2022-1471 | Twistlock CVE | Critical | org.yaml_snakeyaml-1.31 |
CVE-2016-1000027 | Twistlock CVE | Critical | spring-web-5.3.20 |
CVE-2023-5869 | Twistlock CVE | High | postgres-14.5 |
CVE-2023-39417 | Twistlock CVE | High | postgres-14.5 |
CVE-2022-1552 | Twistlock CVE | High | postgres-10.19 |
CVE-2024-0985 | Twistlock CVE | High | postgres-14.5 |
CVE-2022-2625 | Twistlock CVE | High | postgres-10.19 |
CVE-2023-6481 | Twistlock CVE | High | ch.qos.logback_logback-core-1.2.12 |
CVE-2023-6378 | Twistlock CVE | High | ch.qos.logback_logback-core-1.2.12 |
CVE-2023-44487 | Twistlock CVE | High | org.eclipse.jetty_jetty-io-9.4.51.v20230217 |
CVE-2023-36478 | Twistlock CVE | High | org.eclipse.jetty_jetty-io-9.4.51.v20230217 |
CVE-2023-20860 | Twistlock CVE | High | spring-web-5.3.20 |
CVE-2023-20860 | Twistlock CVE | High | spring-core-5.3.20 |
CVE-2023-2454 | Twistlock CVE | High | postgres-14.5 |
CVE-2023-44483 | Twistlock CVE | Medium | org.apache.santuario_xmlsec-2.1.7 |
CVE-2023-20863 | Twistlock CVE | Medium | spring-core-5.3.20 |
CVE-2023-20863 | Twistlock CVE | Medium | spring-web-5.3.20 |
CVE-2023-20861 | Twistlock CVE | Medium | spring-web-5.3.20 |
CVE-2023-20861 | Twistlock CVE | Medium | spring-core-5.3.20 |
CVE-2022-41854 | Twistlock CVE | Medium | org.yaml_snakeyaml-1.31 |
CVE-2022-38752 | Twistlock CVE | Medium | org.yaml_snakeyaml-1.31 |
CVE-2023-2455 | Twistlock CVE | Medium | postgres-14.5 |
CVE-2023-40167 | Twistlock CVE | Medium | org.eclipse.jetty_jetty-io-9.4.51.v20230217 |
CVE-2023-5870 | Twistlock CVE | Medium | postgres-14.5 |
CVE-2023-5868 | Twistlock CVE | Medium | postgres-14.5 |
CVE-2023-41900 | Twistlock CVE | Medium | org.eclipse.jetty_jetty-io-9.4.51.v20230217 |
CVE-2023-36479 | Twistlock CVE | Medium | org.eclipse.jetty_jetty-io-9.4.51.v20230217 |
CVE-2021-3393 | Twistlock CVE | Medium | postgres-10.19 |
CVE-2022-41862 | Twistlock CVE | Low | postgres-14.5 |
CVE-2024-30171 | Twistlock CVE | Medium | org.bouncycastle_bcprov-jdk15on-1.70 |
CVE-2024-30172 | Twistlock CVE | Medium | org.bouncycastle_bcprov-jdk15on-1.70 |
CVE-2024-29857 | Twistlock CVE | Medium | org.bouncycastle_bcprov-jdk15on-1.70 |
VAT: https://vat.dso.mil/vat/image?imageName=synopsys/seeker/seeker-server&tag=2024.2.0&branch=master
More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=synopsys/seeker/seeker-server&tag=2023.4.0&branch=master
Tasks
Contributor:
-
Provide justifications for findings in the VAT (docs) -
Apply the ~"Hardening::Verification" label to this issue and wait for feedback
Iron Bank:
-
Review findings and justifications
Note: If the above process is rejected for any reason, the
Verification
label will be removed and the issue will be sent back toOpen
. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add theVerification
label.
Questions?
Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding
.
Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.