UNCLASSIFIED - NO CUI

Skip to content

chore(findings): technergetics/anubis-schema-registry

Summary

technergetics/anubis-schema-registry has 667 new findings discovered during continuous monitoring.

Layer: redhat/ubi/ubi8:8.8 is EOL, please update if possible

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=technergetics/anubis-schema-registry&tag=5.5.1&branch=master

EPSS (Exploit Prediction Scoring System) provides an estimate of the likelihood that a vulnerability will be exploited in the wild.

KEV (Known Exploited Vulnerabilities) indicates whether a vulnerability is actively being exploited according to CISA.

id source severity package impact workaround epss_score kev
CVE-2023-2650 Anchore CVE Medium openssl-1:1.1.1k-14.el8_6 0.88208 false
CVE-2023-2650 Anchore CVE Medium openssl-libs-1:1.1.1k-14.el8_6 0.88208 false
CVE-2024-21512 Twistlock CVE High mysql2-1.7.0 0.68341 false
CVE-2024-27983 Anchore CVE High nodejs-full-i18n-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.65466 false
CVE-2024-27983 Anchore CVE High npm-1:8.19.4-1.16.20.2.4.module+el8.9.0+21536+8fdee1fb 0.65466 false
CVE-2024-27983 Anchore CVE High nodejs-docs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.65466 false
CVE-2024-27983 Anchore CVE High nodejs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.65466 false
CVE-2024-21508 Twistlock CVE Critical mysql2-1.7.0 0.55588 false
CVE-2024-28182 Anchore CVE Medium nodejs-full-i18n-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.22062 false
CVE-2024-28182 Anchore CVE Medium nodejs-docs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.22062 false
CVE-2024-28182 Anchore CVE Medium nodejs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.22062 false
CVE-2024-28182 Anchore CVE Medium npm-1:8.19.4-1.16.20.2.4.module+el8.9.0+21536+8fdee1fb 0.22062 false
CVE-2020-14343 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.13704 false
CVE-2020-14343 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.13704 false
CVE-2020-14343 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.13704 false
CVE-2020-14343 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.13704 false
CVE-2020-14343 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.13704 false
CVE-2019-9740 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.10210 false
CVE-2019-9740 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.10210 false
CVE-2019-9636 Twistlock CVE High python-pysocks-1.6.8-3.el8 0.09135 false
CVE-2019-9636 Twistlock CVE High python-chardet-3.0.4-7.el8 0.09135 false
CVE-2024-6345 Twistlock CVE High python-requests-2.20.0-6.el8_10 0.07682 false
CVE-2024-6345 Twistlock CVE High python-pysocks-1.6.8-3.el8 0.07682 false
CVE-2024-6345 Twistlock CVE High python-idna-2.5-7.el8_10 0.07682 false
CVE-2024-6345 Twistlock CVE High python-chardet-3.0.4-7.el8 0.07682 false
CVE-2024-6345 Twistlock CVE High python-urllib3-1.24.2-8.el8_10 0.07682 false
CVE-2024-7264 Anchore CVE Low libcurl-7.61.1-34.el8_10.3 0.07100 false
CVE-2024-7264 Anchore CVE Low curl-7.61.1-34.el8_10.3 0.07100 false
CVE-2024-7264 Twistlock CVE Low curl-7.61.1-34.el8_10.3 0.07100 false
CVE-2023-26136 Twistlock CVE Critical tough-cookie-2.5.0 0.06872 false
CVE-2020-19188 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.06348 false
CVE-2023-32681 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.06121 false
CVE-2023-32681 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.06121 false
CVE-2020-19187 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.04825 false
CVE-2020-19186 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.04825 false
CVE-2020-19185 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.04825 false
CVE-2020-19190 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.04818 false
CVE-2024-33655 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.04101 false
CVE-2024-33655 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.04101 false
CVE-2024-33655 Twistlock CVE Low unbound-1.16.2-5.9.el8_10 0.04101 false
CVE-2019-9936 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.03718 false
CVE-2019-9936 Twistlock CVE Low sqlite-3.26.0-20.el8_10 0.03718 false
CVE-2022-48565 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.03703 false
CVE-2022-48565 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.03703 false
CVE-2022-23990 Anchore CVE Medium expat-2.2.5-17.el8_10 0.03519 false
CVE-2022-23990 Twistlock CVE Medium expat-2.2.5-17.el8_10 0.03519 false
CVE-2024-56433 Anchore CVE Low shadow-utils-2:4.6-22.el8 0.03253 false
CVE-2019-9937 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.03244 false
CVE-2019-9937 Twistlock CVE Low sqlite-3.26.0-20.el8_10 0.03244 false
CVE-2021-43818 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.03013 false
CVE-2021-43818 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.03013 false
CVE-2020-1747 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.02593 false
CVE-2020-1747 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.02593 false
CVE-2020-1747 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.02593 false
CVE-2020-1747 Twistlock CVE Medium python-six-1.11.0-8.el8 0.02593 false
CVE-2020-1747 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.02593 false
CVE-2020-1747 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.02593 false
CVE-2020-19189 Anchore CVE Low ncurses-libs-6.1-10.20180224.el8 0.02546 false
CVE-2020-19189 Anchore CVE Low ncurses-base-6.1-10.20180224.el8 0.02546 false
CVE-2020-19189 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.02546 false
CVE-2018-20225 Anchore CVE Low platform-python-pip-9.0.3-24.el8 0.02537 false
CVE-2018-20225 Anchore CVE Low python3-pip-wheel-9.0.3-24.el8 0.02537 false
CVE-2021-29921 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.02447 false
CVE-2021-29921 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.02447 false
CVE-2021-29921 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.02447 false
CVE-2021-29921 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.02447 false
CVE-2021-29921 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.02447 false
CVE-2020-8492 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.02413 false
CVE-2020-8492 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.02413 false
CVE-2020-8492 Twistlock CVE Medium python-six-1.11.0-8.el8 0.02413 false
CVE-2020-8492 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.02413 false
CVE-2020-8492 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.02413 false
CVE-2020-8492 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.02413 false
CVE-2021-27291 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.02326 false
CVE-2021-27291 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.02326 false
CVE-2024-2511 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.02116 false
CVE-2024-2511 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.02116 false
CVE-2024-2511 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.02116 false
CVE-2019-7164 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.01979 false
CVE-2019-7164 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.01979 false
CVE-2018-1000880 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.01747 false
CVE-2018-1000880 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.01747 false
CVE-2024-6232 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.01519 false
CVE-2024-6232 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.01519 false
CVE-2024-6232 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.01519 false
CVE-2024-6232 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.01519 false
CVE-2024-6232 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.01519 false
CVE-2019-11324 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.01449 false
CVE-2019-11324 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.01449 false
CVE-2023-0464 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.01333 false
CVE-2023-0464 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.01333 false
CVE-2023-24329 Twistlock CVE High python-chardet-3.0.4-7.el8 0.01309 false
CVE-2023-24329 Twistlock CVE High python-pysocks-1.6.8-3.el8 0.01309 false
CVE-2019-16866 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.01248 false
CVE-2019-16866 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.01248 false
CVE-2019-16866 Twistlock CVE Low unbound-1.16.2-5.9.el8_10 0.01248 false
CVE-2019-9674 Twistlock CVE Low python3-3.6.8-71.el8_10 0.01198 false
CVE-2019-9674 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.01198 false
CVE-2019-9674 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.01198 false
CVE-2019-9948 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.01118 false
CVE-2019-9948 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.01118 false
CVE-2018-1000879 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.01112 false
CVE-2018-1000879 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.01112 false
CVE-2019-7548 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.01109 false
CVE-2019-7548 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.01109 false
CVE-2018-20852 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.01052 false
CVE-2018-20852 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.01052 false
CVE-2019-9947 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.01045 false
CVE-2019-9947 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.01045 false
CVE-2020-27783 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.01026 false
CVE-2020-27783 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.01026 false
CVE-2023-46809 Anchore CVE Medium nodejs-full-i18n-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00989 false
CVE-2023-46809 Anchore CVE Medium npm-1:8.19.4-1.16.20.2.4.module+el8.9.0+21536+8fdee1fb 0.00989 false
CVE-2023-46809 Anchore CVE Medium nodejs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00989 false
CVE-2023-46809 Anchore CVE Medium nodejs-docs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00989 false
CVE-2020-14422 Twistlock CVE Medium python-six-1.11.0-8.el8 0.00973 false
CVE-2020-14422 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00973 false
CVE-2020-14422 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00973 false
CVE-2020-14422 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00973 false
CVE-2020-14422 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00973 false
CVE-2020-14422 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00973 false
CVE-2023-26144 Twistlock CVE Medium graphql-16.7.1 Only servers that validate untrusted graphql queries are affected. 0.00966 false
CVE-2020-21674 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00915 false
CVE-2020-21674 Anchore CVE Medium libarchive-3.3.3-6.el8_10 0.00915 false
CVE-2022-29244 Anchore CVE Medium nodejs-full-i18n-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00899 false
CVE-2022-29244 Anchore CVE Medium nodejs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00899 false
CVE-2022-29244 Anchore CVE Medium nodejs-docs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00899 false
CVE-2022-29244 Anchore CVE Medium npm-1:8.19.4-1.16.20.2.4.module+el8.9.0+21536+8fdee1fb 0.00899 false
CVE-2020-27619 Twistlock CVE Low python-chardet-3.0.4-7.el8 0.00896 false
CVE-2020-27619 Twistlock CVE Low python-pysocks-1.6.8-3.el8 0.00896 false
CVE-2015-20107 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00888 false
CVE-2015-20107 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00888 false
CVE-2021-33503 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00863 false
CVE-2021-33503 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00863 false
CVE-2021-33503 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00863 false
CVE-2021-33503 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00863 false
CVE-2021-33503 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00863 false
CVE-2022-0391 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00816 false
CVE-2022-0391 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00816 false
CVE-2022-0391 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00816 false
CVE-2022-0391 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00816 false
CVE-2022-0391 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00816 false
CVE-2025-0938 Twistlock CVE Medium python3-3.6.8-71.el8_10 0.00801 false
CVE-2025-0938 Anchore CVE Medium python3-libs-3.6.8-71.el8_10 0.00801 false
CVE-2025-0938 Anchore CVE Medium platform-python-3.6.8-71.el8_10 0.00801 false
CVE-2025-0938 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00801 false
CVE-2025-0938 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00801 false
CVE-2025-0938 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00801 false
CVE-2025-0938 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00801 false
CVE-2025-0938 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00801 false
CVE-2019-16056 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00793 false
CVE-2019-16056 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00793 false
CVE-2023-23931 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00717 false
CVE-2023-23931 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00717 false
CVE-2023-23931 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00717 false
CVE-2023-23931 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00717 false
CVE-2023-23931 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00717 false
CVE-2018-20839 Anchore CVE Medium systemd-239-82.el8_10.5 0.00668 false
CVE-2018-20839 Anchore CVE Medium systemd-libs-239-82.el8_10.5 0.00668 false
CVE-2018-20839 Anchore CVE Medium systemd-pam-239-82.el8_10.5 0.00668 false
CVE-2018-20839 Twistlock CVE Medium systemd-239-82.el8_10.5 0.00668 false
CVE-2019-11236 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00636 false
CVE-2019-11236 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00636 false
CVE-2019-20916 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00622 false
CVE-2019-20916 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00622 false
CVE-2023-43646 Twistlock CVE High get-func-name-2.0.0 0.00616 false
CVE-2024-11831 Twistlock CVE Medium serialize-javascript-6.0.1 0.00597 false
CVE-2024-21509 Twistlock CVE Medium mysql2-1.7.0 0.00585 false
CVE-2020-26116 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00579 false
CVE-2020-26116 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00579 false
CVE-2019-16935 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00565 false
CVE-2019-16935 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00565 false
CVE-2024-37890 Twistlock CVE High ws-7.5.9 0.00541 false
CVE-2022-0235 Anchore CVE Medium python3-cloud-what-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium python3-subscription-manager-rhsm-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium subscription-manager-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium dnf-plugin-subscription-manager-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Anchore CVE Medium python3-syspurpose-1.28.44-1.el8_10 0.00512 false
CVE-2022-0235 Twistlock CVE Medium subscription-manager-1.28.44-1.el8_10 0.00512 false
CVE-2023-0466 Anchore CVE Medium openssl-libs-1:1.1.1k-14.el8_6 0.00508 false
CVE-2023-0466 Anchore CVE Medium openssl-1:1.1.1k-14.el8_6 0.00508 false
CVE-2024-45590 Twistlock CVE High body-parser-1.20.0 A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. More technical details can be found at httpsexpressjs.com20241022securityauditmilestoneachievement.html 0.00504 false
CVE-2024-45590 Twistlock CVE High body-parser-1.20.1 A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. More technical details can be found at httpsexpressjs.com20241022securityauditmilestoneachievement.html 0.00504 false
CVE-2021-28957 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00491 false
CVE-2021-28957 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00491 false
CVE-2023-43804 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00472 false
CVE-2023-43804 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00472 false
CVE-2024-7592 Twistlock CVE Low python3-3.6.8-71.el8_10 0.00468 false
CVE-2024-7592 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.00468 false
CVE-2024-7592 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.00468 false
CVE-2024-7592 Twistlock CVE Low python-pysocks-1.6.8-3.el8 0.00468 false
CVE-2024-7592 Twistlock CVE Low python-requests-2.20.0-6.el8_10 0.00468 false
CVE-2024-7592 Twistlock CVE Low python-chardet-3.0.4-7.el8 0.00468 false
CVE-2024-7592 Twistlock CVE Low python-urllib3-1.24.2-8.el8_10 0.00468 false
CVE-2024-7592 Twistlock CVE Low python-idna-2.5-7.el8_10 0.00468 false
CVE-2023-48631 Twistlock CVE Medium @adobe/css-tools-4.2.0 0.00468 false
CVE-2019-20477 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00456 false
CVE-2019-20477 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00456 false
CVE-2019-20477 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00456 false
CVE-2019-20477 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00456 false
CVE-2019-20477 Twistlock CVE Medium python-six-1.11.0-8.el8 0.00456 false
CVE-2019-20477 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00456 false
CVE-2018-20060 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00442 false
CVE-2018-20060 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00442 false
CVE-2021-23336 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00414 false
CVE-2021-23336 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00414 false
CVE-2021-39537 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.00409 false
CVE-2019-9923 Twistlock CVE Low tar-1.30-11.el8_10 0.00408 false
CVE-2019-9923 Anchore CVE Low tar-2:1.30-11.el8_10 0.00408 false
CVE-2019-20907 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00407 false
CVE-2019-20907 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00407 false
CVE-2018-19217 Anchore CVE Medium ncurses-libs-6.1-10.20180224.el8 0.00404 false
CVE-2018-19217 Anchore CVE Medium ncurses-base-6.1-10.20180224.el8 0.00404 false
CVE-2021-20066 Twistlock CVE Low jsdom-16.7.0 0.00402 false
CVE-2021-3733 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00366 false
CVE-2021-3733 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00366 false
CVE-2024-11053 Anchore CVE Low curl-7.61.1-34.el8_10.3 0.00361 false
CVE-2024-11053 Anchore CVE Low libcurl-7.61.1-34.el8_10.3 0.00361 false
CVE-2024-11053 Twistlock CVE Low curl-7.61.1-34.el8_10.3 0.00361 false
CVE-2021-4189 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00361 false
CVE-2021-4189 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00361 false
CVE-2020-10735 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00353 false
CVE-2020-10735 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00353 false
CVE-2020-10735 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00353 false
CVE-2020-10735 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00353 false
CVE-2020-10735 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00353 false
CVE-2024-22025 Anchore CVE Medium npm-1:8.19.4-1.16.20.2.4.module+el8.9.0+21536+8fdee1fb 0.00343 false
CVE-2024-22025 Anchore CVE Medium nodejs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00343 false
CVE-2024-22025 Anchore CVE Medium nodejs-docs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00343 false
CVE-2024-22025 Anchore CVE Medium nodejs-full-i18n-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00343 false
CVE-2024-21507 Twistlock CVE Medium mysql2-1.7.0 0.00341 false
CVE-2024-3651 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00338 false
CVE-2024-3651 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00338 false
CVE-2024-3651 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00338 false
CVE-2024-3651 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00338 false
CVE-2024-3651 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00338 false
CVE-2023-0465 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00337 false
CVE-2023-0465 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00337 false
CVE-2024-0727 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00332 false
CVE-2024-0727 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00332 false
CVE-2024-0727 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.00332 false
CVE-2022-40897 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00318 false
CVE-2022-40897 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00318 false
CVE-2024-2236 Anchore CVE Medium libgcrypt-1.8.5-7.el8_6 0.00301 false
CVE-2024-2236 Twistlock CVE Medium libgcrypt-1.8.5-7.el8_6 0.00301 false
CVE-2019-12904 Anchore CVE Medium libgcrypt-1.8.5-7.el8_6 0.00290 false
CVE-2018-19211 Anchore CVE Low ncurses-base-6.1-10.20180224.el8 0.00278 false
CVE-2018-19211 Anchore CVE Low ncurses-libs-6.1-10.20180224.el8 0.00278 false
CVE-2018-19211 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.00278 false
CVE-2023-40217 Twistlock CVE High python-chardet-3.0.4-7.el8 0.00266 false
CVE-2023-40217 Twistlock CVE High python-pysocks-1.6.8-3.el8 0.00266 false
CVE-2022-2255 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00266 false
CVE-2022-2255 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00266 false
CVE-2022-2255 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00266 false
CVE-2022-2255 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00266 false
CVE-2022-2255 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00266 false
CVE-2019-19244 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.00256 false
CVE-2019-19244 Twistlock CVE Low sqlite-3.26.0-20.el8_10 0.00256 false
CVE-2020-26137 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00245 false
CVE-2020-26137 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00245 false
CVE-2021-3572 Twistlock CVE Low python-urllib3-1.24.2-8.el8_10 0.00240 false
CVE-2021-3572 Twistlock CVE Low python-idna-2.5-7.el8_10 0.00240 false
CVE-2021-3572 Twistlock CVE Low python-chardet-3.0.4-7.el8 0.00240 false
CVE-2021-3572 Twistlock CVE Low python-pysocks-1.6.8-3.el8 0.00240 false
CVE-2021-3572 Twistlock CVE Low python-requests-2.20.0-6.el8_10 0.00240 false
CVE-2024-0397 Twistlock CVE Low python3-3.6.8-71.el8_10 0.00226 false
CVE-2024-0397 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.00226 false
CVE-2024-0397 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.00226 false
CVE-2024-0397 Twistlock CVE Low python-chardet-3.0.4-7.el8 0.00226 false
CVE-2024-0397 Twistlock CVE Low python-urllib3-1.24.2-8.el8_10 0.00226 false
CVE-2024-0397 Twistlock CVE Low python-pysocks-1.6.8-3.el8 0.00226 false
CVE-2024-0397 Twistlock CVE Low python-idna-2.5-7.el8_10 0.00226 false
CVE-2024-0397 Twistlock CVE Low python-requests-2.20.0-6.el8_10 0.00226 false
CVE-2024-4068 Twistlock CVE High braces-3.0.2 0.00225 false
CVE-2024-29180 Twistlock CVE High webpack-dev-middleware-5.3.3 0.00218 false
CVE-2018-18074 Twistlock CVE Low python-pysocks-1.6.8-3.el8 0.00215 false
CVE-2018-18074 Twistlock CVE Low python-chardet-3.0.4-7.el8 0.00215 false
CVE-2025-1153 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00212 false
CVE-2025-1153 Twistlock CVE Low gdb-8.2-20.el8 0.00212 false
CVE-2020-28493 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00207 false
CVE-2020-28493 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00207 false
CVE-2024-28863 Twistlock CVE Medium tar-6.1.11 0.00205 false
CVE-2025-1795 Twistlock CVE Low python3-3.6.8-71.el8_10 0.00184 false
CVE-2025-1795 Anchore CVE Low platform-python-3.6.8-71.el8_10 0.00184 false
CVE-2025-1795 Anchore CVE Low python3-libs-3.6.8-71.el8_10 0.00184 false
CVE-2025-1795 Twistlock CVE Low python-idna-2.5-7.el8_10 0.00184 false
CVE-2025-1795 Twistlock CVE Low python-urllib3-1.24.2-8.el8_10 0.00184 false
CVE-2025-1795 Twistlock CVE Low python-pysocks-1.6.8-3.el8 0.00184 false
CVE-2025-1795 Twistlock CVE Low python-requests-2.20.0-6.el8_10 0.00184 false
CVE-2025-1795 Twistlock CVE Low python-chardet-3.0.4-7.el8 0.00184 false
CVE-2024-43788 Twistlock CVE Medium webpack-5.88.2 0.00179 false
CVE-2023-32636 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00179 false
CVE-2023-32636 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00179 false
CVE-2023-27534 Anchore CVE Low curl-7.61.1-34.el8_10.3 0.00176 false
CVE-2023-27534 Anchore CVE Low libcurl-7.61.1-34.el8_10.3 0.00176 false
CVE-2023-27534 Twistlock CVE Low curl-7.61.1-34.el8_10.3 0.00176 false
CVE-2018-20657 Twistlock CVE Low gcc-8.5.0-28.el8_10 0.00174 false
CVE-2018-20657 Anchore CVE Low libgcc-8.5.0-28.el8_10 0.00174 false
CVE-2018-20657 Anchore CVE Low libstdc++-8.5.0-28.el8_10 0.00174 false
CVE-2024-0450 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00173 false
CVE-2024-0450 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00173 false
CVE-2024-0450 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00173 false
CVE-2024-0450 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00173 false
CVE-2024-0450 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00173 false
CVE-2024-27982 Anchore CVE Medium nodejs-docs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00172 false
CVE-2024-27982 Anchore CVE Medium npm-1:8.19.4-1.16.20.2.4.module+el8.9.0+21536+8fdee1fb 0.00172 false
CVE-2024-27982 Anchore CVE Medium nodejs-full-i18n-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00172 false
CVE-2024-27982 Anchore CVE Medium nodejs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00172 false
CVE-2021-4209 Anchore CVE Low gnutls-3.6.16-8.el8_10.3 0.00172 false
CVE-2021-4209 Twistlock CVE Low gnutls-3.6.16-8.el8_10.3 0.00172 false
CVE-2023-26364 Twistlock CVE Medium @adobe/css-tools-4.2.0 0.00168 false
CVE-2024-45296 Twistlock CVE High path-to-regexp-0.1.7 Its unlikely you are using routes that match the required characteristics, overwhelming majority of user paths stick with foobar or foo.bar. Provide a manual regular expression to the second parameter that does not match the prefixed text. 0.00167 false
CVE-2024-45296 Twistlock CVE High path-to-regexp-1.8.0 Its unlikely you are using routes that match the required characteristics, overwhelming majority of user paths stick with foobar or foo.bar. Provide a manual regular expression to the second parameter that does not match the prefixed text. 0.00167 false
CVE-2024-41996 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00166 false
CVE-2024-41996 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00166 false
CVE-2024-41996 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.00166 false
CVE-2024-6923 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00157 false
CVE-2024-6923 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00157 false
CVE-2024-6923 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00157 false
CVE-2024-6923 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00157 false
CVE-2024-6923 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00157 false
CVE-2024-34459 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00153 false
CVE-2024-34459 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00153 false
CVE-2024-34459 Twistlock CVE Low libxml2-2.9.7-21.el8_10.3 0.00153 false
CVE-2019-14250 Twistlock CVE Low gcc-8.5.0-28.el8_10 0.00151 false
CVE-2019-14250 Anchore CVE Low libgcc-8.5.0-28.el8_10 0.00151 false
CVE-2019-14250 Anchore CVE Low libstdc++-8.5.0-28.el8_10 0.00151 false
CVE-2025-47273 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00139 false
CVE-2025-47273 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00139 false
CVE-2025-47273 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00139 false
CVE-2025-47273 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00139 false
CVE-2025-47273 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00139 false
CVE-2021-3737 Twistlock CVE Low python-chardet-3.0.4-7.el8 0.00138 false
CVE-2021-3737 Twistlock CVE Low python-pysocks-1.6.8-3.el8 0.00138 false
CVE-2023-38552 Anchore CVE Medium nodejs-docs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00137 false
CVE-2023-38552 Anchore CVE Medium nodejs-full-i18n-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00137 false
CVE-2023-38552 Anchore CVE Medium nodejs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00137 false
CVE-2023-38552 Anchore CVE Medium npm-1:8.19.4-1.16.20.2.4.module+el8.9.0+21536+8fdee1fb 0.00137 false
CVE-2025-1632 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00136 false
CVE-2025-1632 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00136 false
CVE-2021-42771 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00130 false
CVE-2021-42771 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00130 false
CVE-2024-4741 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00129 false
CVE-2024-4741 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00129 false
CVE-2024-4741 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.00129 false
CVE-2024-21538 Twistlock CVE High cross-spawn-7.0.3 0.00129 false
CVE-2024-21538 Twistlock CVE High cross-spawn-4.0.2 0.00129 false
CVE-2024-4067 Twistlock CVE Medium micromatch-4.0.5 0.00126 false
CVE-2024-7531 Twistlock CVE Low nss-3.112.0-4.el8_10 0.00121 false
CVE-2024-7531 Anchore CVE Low nss-util-3.112.0-4.el8_10 0.00121 false
CVE-2024-7531 Anchore CVE Low nss-sysinit-3.112.0-4.el8_10 0.00121 false
CVE-2024-7531 Anchore CVE Low nss-softokn-freebl-3.112.0-4.el8_10 0.00121 false
CVE-2024-7531 Anchore CVE Low nss-softokn-3.112.0-4.el8_10 0.00121 false
CVE-2024-7531 Anchore CVE Low nss-3.112.0-4.el8_10 0.00121 false
CVE-2023-29499 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00120 false
CVE-2023-29499 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00120 false
CVE-2020-12413 Twistlock CVE Low nss-3.112.0-4.el8_10 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-softokn-freebl-3.112.0-4.el8_10 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-sysinit-3.112.0-4.el8_10 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-util-3.112.0-4.el8_10 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-3.112.0-4.el8_10 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-softokn-3.112.0-4.el8_10 0.00120 false
CVE-2018-1000654 Anchore CVE Low libtasn1-4.13-5.el8_10 0.00120 false
CVE-2018-1000654 Twistlock CVE Low libtasn1-4.13-5.el8_10 0.00120 false
CVE-2023-27043 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00117 false
CVE-2023-27043 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00117 false
CVE-2023-27043 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00117 false
CVE-2023-27043 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00117 false
CVE-2023-27043 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00117 false
CVE-2021-20270 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00115 false
CVE-2021-20270 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00115 false
CVE-2022-48560 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00114 false
CVE-2022-48560 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00114 false
CVE-2021-3426 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00113 false
CVE-2021-3426 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00113 false
CVE-2021-3426 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00113 false
CVE-2021-3426 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00113 false
CVE-2021-3426 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00113 false
CVE-2019-18874 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00112 false
CVE-2019-18874 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00112 false
CVE-2019-18874 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00112 false
CVE-2019-18874 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00112 false
CVE-2019-18874 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00112 false
CVE-2023-44270 Twistlock CVE Medium postcss-8.4.27 Most of users use PostCSS locally as build tool. Even people who process users CSS via PostCSS rarely do security linting of CSS. Remove all r before parsing CSS 0.00109 false
CVE-2019-8905 Anchore CVE Medium file-libs-5.33-26.el8 0.00105 false
CVE-2019-8905 Twistlock CVE Medium file-5.33-26.el8 0.00105 false
CVE-2021-20193 Twistlock CVE Low tar-1.30-11.el8_10 0.00100 false
CVE-2021-20193 Anchore CVE Medium tar-2:1.30-11.el8_10 0.00100 false
CVE-2025-8194 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00096 false
CVE-2025-8194 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00096 false
CVE-2025-8194 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00096 false
CVE-2025-8194 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00096 false
CVE-2025-8194 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00096 false
CVE-2025-9288 Twistlock CVE Critical sha.js-2.4.11 See above. Check the types of the input before passing it in to the hashing function. 0.00094 false
CVE-2023-39333 Anchore CVE Low nodejs-docs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00094 false
CVE-2023-39333 Anchore CVE Low nodejs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00094 false
CVE-2023-39333 Anchore CVE Low npm-1:8.19.4-1.16.20.2.4.module+el8.9.0+21536+8fdee1fb 0.00094 false
CVE-2023-39333 Anchore CVE Low nodejs-full-i18n-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00094 false
CVE-2025-1152 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00093 false
CVE-2025-1152 Twistlock CVE Low gdb-8.2-20.el8 0.00093 false
CVE-2025-1150 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00093 false
CVE-2025-1150 Twistlock CVE Low gdb-8.2-20.el8 0.00093 false
CVE-2024-22195 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00093 false
CVE-2024-22195 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00093 false
CVE-2024-8088 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00091 false
CVE-2024-8088 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00091 false
CVE-2024-8088 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00091 false
CVE-2024-8088 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00091 false
CVE-2024-8088 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00091 false
CVE-2025-6069 Twistlock CVE Medium python3-3.6.8-71.el8_10 0.00090 false
CVE-2025-6069 Anchore CVE Medium platform-python-3.6.8-71.el8_10 0.00090 false
CVE-2025-6069 Anchore CVE Medium python3-libs-3.6.8-71.el8_10 0.00090 false
CVE-2025-6069 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00090 false
CVE-2025-6069 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00090 false
CVE-2025-6069 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00090 false
CVE-2025-6069 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00090 false
CVE-2025-6069 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00090 false
CVE-2019-8906 Anchore CVE Low file-libs-5.33-26.el8 0.00090 false
CVE-2019-8906 Twistlock CVE Low file-5.33-26.el8 0.00090 false
CVE-2022-45061 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00089 false
CVE-2022-45061 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00089 false
CVE-2025-1151 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00086 false
CVE-2025-1151 Twistlock CVE Low gdb-8.2-20.el8 0.00086 false
CVE-2022-4899 Anchore CVE Medium libzstd-1.4.4-1.el8 0.00086 false
CVE-2022-4899 Twistlock CVE Medium zstd-1.4.4-1.el8 0.00086 false
CVE-2024-13176 Anchore CVE Low openssl-1:1.1.1k-14.el8_6 0.00080 false
CVE-2024-13176 Anchore CVE Low openssl-libs-1:1.1.1k-14.el8_6 0.00080 false
CVE-2024-13176 Twistlock CVE Low openssl-1.1.1k-14.el8_6 0.00080 false
CVE-2023-6597 Twistlock CVE High python-urllib3-1.24.2-8.el8_10 0.00079 false
CVE-2023-6597 Twistlock CVE High python-pysocks-1.6.8-3.el8 0.00079 false
CVE-2023-6597 Twistlock CVE High python-requests-2.20.0-6.el8_10 0.00079 false
CVE-2023-6597 Twistlock CVE High python-idna-2.5-7.el8_10 0.00079 false
CVE-2023-6597 Twistlock CVE High python-chardet-3.0.4-7.el8 0.00079 false
CVE-2023-45143 Anchore CVE Low npm-1:8.19.4-1.16.20.2.4.module+el8.9.0+21536+8fdee1fb 0.00078 false
CVE-2023-45143 Anchore CVE Low nodejs-docs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00078 false
CVE-2023-45143 Anchore CVE Low nodejs-full-i18n-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00078 false
CVE-2023-45143 Anchore CVE Low nodejs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00078 false
CVE-2023-45322 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00076 false
CVE-2023-45322 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00076 false
CVE-2025-32990 Anchore CVE Medium gnutls-3.6.16-8.el8_10.3 0.00072 false
CVE-2025-32990 Twistlock CVE Medium gnutls-3.6.16-8.el8_10.3 0.00072 false
CVE-2024-21511 Twistlock CVE Critical mysql2-1.7.0 0.00071 false
CVE-2024-47764 Twistlock CVE Low cookie-0.5.0 0.00069 false
CVE-2024-52798 Twistlock CVE High path-to-regexp-0.1.7 0.00067 false
CVE-2023-45133 Twistlock CVE Critical @babel/traverse-7.22.8 Users will not be affected if they use only official Babel plugins. For thirdparty Babel plugins, please review the source code and make sure they do not use the path.evaluateor path.evaluateTruthy method. 0.00067 false
CVE-2025-7039 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00066 false
CVE-2024-43799 Twistlock CVE Medium send-0.18.0 Application owners have always been expected to sanitize and validate their inputs, so using it correctly should result in very low likelihood of impact. Validate and sanitize user inputs. 0.00063 false
CVE-2021-24032 Anchore CVE Low libzstd-1.4.4-1.el8 0.00062 false
CVE-2021-24032 Twistlock CVE Low zstd-1.4.4-1.el8 0.00062 false
CVE-2022-41409 Anchore CVE Low pcre2-10.32-3.el8_6 0.00061 false
CVE-2022-41409 Twistlock CVE Low pcre2-10.32-3.el8_6 0.00061 false
CVE-2023-32665 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00059 false
CVE-2023-32665 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00059 false
CVE-2024-43796 Twistlock CVE Medium express-4.18.1 A successful exploitation of this vector requires the following1. The attacker MUST control the input to response.redirect2. express MUST NOT redirect before the template appears3. the browser MUST NOT complete redirection before4. the user MUST click on the link in the templateNote this exploitation requires a lot of work from the attacker, also the victim should use the links generated in the template, this require certain conditions browser rules, network, etc.... More details httpsgithub.comexpressjsexpresssecurityadvisoriesGHSAqw6hvgh9j6wx Users are encouraged to upgrade to the patched version of express, but otherwise can workaround this issue by making sure any untrusted inputs are safe, ideally by validating them against an explicit allowlist 0.00058 false
CVE-2025-6395 Anchore CVE Medium gnutls-3.6.16-8.el8_10.3 0.00057 false
CVE-2025-6395 Twistlock CVE Medium gnutls-3.6.16-8.el8_10.3 0.00057 false
CVE-2025-5372 Anchore CVE Medium libssh-0.9.6-14.el8 0.00056 false
CVE-2025-5372 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00056 false
CVE-2025-5372 Twistlock CVE Medium libssh-0.9.6-14.el8 0.00056 false
CVE-2025-32988 Anchore CVE Medium gnutls-3.6.16-8.el8_10.3 0.00056 false
CVE-2025-32988 Twistlock CVE Medium gnutls-3.6.16-8.el8_10.3 0.00056 false
CVE-2024-43800 Twistlock CVE Medium serve-static-1.15.0 Users who are already validating and sanitizing their inputs as expected are highly unlikely to be impacted. Validate and sanitize user input before passing it to this method. 0.00056 false
CVE-2025-5318 Anchore CVE Medium libssh-0.9.6-14.el8 0.00055 false
CVE-2025-5318 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00055 false
CVE-2025-5318 Twistlock CVE Medium libssh-0.9.6-14.el8 0.00055 false
CVE-2025-27113 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00055 false
CVE-2025-27113 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00055 false
CVE-2025-27113 Twistlock CVE Low libxml2-2.9.7-21.el8_10.3 0.00055 false
CVE-2025-3360 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00052 false
CVE-2025-3360 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00052 false
CVE-2025-5987 Anchore CVE Medium libssh-0.9.6-14.el8 0.00050 false
CVE-2025-5987 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00050 false
CVE-2025-5987 Twistlock CVE Medium libssh-0.9.6-14.el8 0.00050 false
CVE-2025-27789 Twistlock CVE Medium @babel/runtime-7.22.6 Its only if you are passing untrusted inputs to the second argument of RegExp.prototype.replace, which is a rare thing to do 0.00050 false
CVE-2025-27789 Twistlock CVE Medium @babel/helpers-7.22.6 0.00050 false
CVE-2023-50495 Anchore CVE Low ncurses-libs-6.1-10.20180224.el8 0.00050 false
CVE-2023-50495 Anchore CVE Low ncurses-base-6.1-10.20180224.el8 0.00050 false
CVE-2023-50495 Twistlock CVE Low ncurses-6.1-10.20180224.el8 0.00050 false
CVE-2022-27943 Twistlock CVE Low gcc-8.5.0-28.el8_10 0.00050 false
CVE-2022-27943 Anchore CVE Low libstdc++-8.5.0-28.el8_10 0.00050 false
CVE-2022-27943 Anchore CVE Low libgcc-8.5.0-28.el8_10 0.00050 false
CVE-2021-3997 Anchore CVE Medium systemd-pam-239-82.el8_10.5 0.00045 false
CVE-2021-3997 Anchore CVE Medium systemd-libs-239-82.el8_10.5 0.00045 false
CVE-2021-3997 Anchore CVE Medium systemd-239-82.el8_10.5 0.00045 false
CVE-2021-3997 Twistlock CVE Low systemd-239-82.el8_10.5 0.00045 false
CVE-2024-29041 Twistlock CVE Medium express-4.18.1 When a user of Express performs a redirect using a userprovided URL Express performs an encode using encodeurl on the contents before passing it to the location header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list.The main method impacted is res.location but this is also called from within res.redirect. The fix for this involves preparsing the url string with either requirenodeurl.parse or new URL. These are steps you can take on your own before passing the user input string to res.location or res.redirect.More details httpsgithub.comexpressjsexpresssecurityadvisoriesGHSArv95896hc2vc 0.00043 false
CVE-2025-45582 Twistlock CVE Medium tar-1.30-11.el8_10 0.00042 false
CVE-2025-45582 Anchore CVE Medium tar-2:1.30-11.el8_10 0.00042 false
CVE-2025-8277 Twistlock CVE Low libssh-0.9.6-14.el8 0.00039 false
CVE-2025-8277 Anchore CVE Low libssh-config-0.9.6-14.el8 0.00039 false
CVE-2025-8277 Anchore CVE Low libssh-0.9.6-14.el8 0.00039 false
CVE-2025-5351 Anchore CVE Medium libssh-0.9.6-14.el8 0.00039 false
CVE-2025-5351 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00039 false
CVE-2025-5351 Twistlock CVE Medium libssh-0.9.6-14.el8 0.00039 false
CVE-2023-39804 Twistlock CVE Low tar-1.30-11.el8_10 0.00039 false
CVE-2023-39804 Anchore CVE Low tar-2:1.30-11.el8_10 0.00039 false
CVE-2025-4598 Anchore CVE Medium systemd-libs-239-82.el8_10.5 0.00037 false
CVE-2025-4598 Anchore CVE Medium systemd-pam-239-82.el8_10.5 0.00037 false
CVE-2025-4598 Anchore CVE Medium systemd-239-82.el8_10.5 0.00037 false
CVE-2025-4598 Twistlock CVE Medium systemd-239-82.el8_10.5 0.00037 false
CVE-2023-32611 Anchore CVE Low glib2-2.56.4-166.el8_10 0.00037 false
CVE-2023-32611 Twistlock CVE Low glib2-2.56.4-166.el8_10 0.00037 false
CVE-2021-3177 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00037 false
CVE-2021-3177 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00037 false
CVE-2024-53382 Twistlock CVE Medium prismjs-1.28.0 0.00036 false
CVE-2024-25629 Anchore CVE Low nodejs-full-i18n-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00035 false
CVE-2024-25629 Anchore CVE Low npm-1:8.19.4-1.16.20.2.4.module+el8.9.0+21536+8fdee1fb 0.00035 false
CVE-2024-25629 Anchore CVE Low nodejs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00035 false
CVE-2024-25629 Anchore CVE Low nodejs-docs-1:16.20.2-4.module+el8.9.0+21536+8fdee1fb 0.00035 false
CVE-2024-35195 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00033 false
CVE-2024-55565 Twistlock CVE Medium nanoid-3.3.6 It is very rare to allow users to define ID size Check that user pass real number 0.00032 false
CVE-2024-43167 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.00032 false
CVE-2024-43167 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.00032 false
CVE-2024-43167 Twistlock CVE Low unbound-1.16.2-5.9.el8_10 0.00032 false
CVE-2024-43168 Anchore CVE Low python3-unbound-1.16.2-5.9.el8_10 0.00031 false
CVE-2024-43168 Anchore CVE Low unbound-libs-1.16.2-5.9.el8_10 0.00031 false
CVE-2024-43168 Twistlock CVE Low unbound-1.16.2-5.9.el8_10 0.00031 false
CVE-2023-4156 Anchore CVE Low gawk-4.2.1-4.el8 0.00031 false
CVE-2024-47081 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00028 false
CVE-2025-7783 Twistlock CVE Critical form-data-2.3.3 See the impact section in the attached GHSA. 0.00024 false
CVE-2025-7783 Twistlock CVE Critical form-data-3.0.1 See the impact section in the attached GHSA. 0.00024 false
CVE-2024-57360 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00024 false
CVE-2024-57360 Twistlock CVE Low gdb-8.2-20.el8 0.00024 false
CVE-2025-5889 Twistlock CVE Low brace-expansion-1.1.11 Im mirroring the CVE severity assessment here. Sanitize strings being passed to the function so that they dont contain many , in a row. 0.00022 false
CVE-2025-5889 Twistlock CVE Low brace-expansion-2.0.1 Im mirroring the CVE severity assessment here. Sanitize strings being passed to the function so that they dont contain many , in a row. 0.00022 false
CVE-2025-5245 Anchore CVE Medium gdb-gdbserver-8.2-20.el8 0.00022 false
CVE-2025-5245 Twistlock CVE Medium gdb-8.2-20.el8 0.00022 false
CVE-2025-6170 Anchore CVE Low libxml2-2.9.7-21.el8_10.3 0.00021 false
CVE-2025-6170 Anchore CVE Low python3-libxml2-2.9.7-21.el8_10.3 0.00021 false
CVE-2025-6170 Twistlock CVE Low libxml2-2.9.7-21.el8_10.3 0.00021 false
CVE-2025-4516 Twistlock CVE Medium python3-3.6.8-71.el8_10 0.00021 false
CVE-2025-4516 Anchore CVE Medium python3-libs-3.6.8-71.el8_10 0.00021 false
CVE-2025-4516 Anchore CVE Medium platform-python-3.6.8-71.el8_10 0.00021 false
CVE-2025-4516 Twistlock CVE Medium python-pysocks-1.6.8-3.el8 0.00021 false
CVE-2025-4516 Twistlock CVE Medium python-chardet-3.0.4-7.el8 0.00021 false
CVE-2025-4516 Twistlock CVE Medium python-urllib3-1.24.2-8.el8_10 0.00021 false
CVE-2025-4516 Twistlock CVE Medium python-idna-2.5-7.el8_10 0.00021 false
CVE-2025-4516 Twistlock CVE Medium python-requests-2.20.0-6.el8_10 0.00021 false
CVE-2022-42919 Twistlock CVE High python-idna-2.5-7.el8_10 0.00020 false
CVE-2022-42919 Twistlock CVE High python-urllib3-1.24.2-8.el8_10 0.00020 false
CVE-2022-42919 Twistlock CVE High python-chardet-3.0.4-7.el8 0.00020 false
CVE-2022-42919 Twistlock CVE High python-pysocks-1.6.8-3.el8 0.00020 false
CVE-2022-42919 Twistlock CVE High python-requests-2.20.0-6.el8_10 0.00020 false
CVE-2025-5918 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00018 false
CVE-2025-5918 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00018 false
CVE-2025-5278 Anchore CVE Medium coreutils-single-8.30-15.el8 0.00018 false
CVE-2025-5278 Twistlock CVE Medium coreutils-8.30-15.el8 0.00018 false
CVE-2024-0232 Anchore CVE Low sqlite-libs-3.26.0-20.el8_10 0.00018 false
CVE-2024-0232 Twistlock CVE Low sqlite-3.26.0-20.el8_10 0.00018 false
CVE-2025-5916 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00017 false
CVE-2025-5916 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00017 false
CVE-2025-30258 Anchore CVE Low gnupg2-2.2.20-3.el8_6 0.00017 false
CVE-2025-30258 Twistlock CVE Low gnupg2-2.2.20-3.el8_6 0.00017 false
CVE-2020-35512 Twistlock CVE Low dbus-1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-libs-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-common-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-tools-1:1.12.8-27.el8_10 0.00017 false
CVE-2020-35512 Anchore CVE Low dbus-daemon-1:1.12.8-27.el8_10 0.00017 false
CVE-2025-25724 Twistlock CVE Medium libarchive-3.3.3-6.el8_10 0.00016 false
CVE-2025-25724 Anchore CVE Medium libarchive-3.3.3-6.el8_10 0.00016 false
CVE-2025-8114 Anchore CVE Medium libssh-config-0.9.6-14.el8 0.00015 false
CVE-2025-8114 Anchore CVE Medium libssh-0.9.6-14.el8 0.00015 false
CVE-2025-8114 Twistlock CVE Medium libssh-0.9.6-14.el8 0.00015 false
CVE-2025-5917 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00015 false
CVE-2025-5917 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00015 false
CVE-2025-50181 Twistlock CVE Medium urllib3-1.24.2 Most users dont disable redirects on the PoolManager. Set redirectsFalseredirects0 on the .request call instead of on the toplevel urllib3.PoolManager 0.00015 false
CVE-2025-50181 Anchore CVE Medium platform-python-pip-9.0.3-24.el8 0.00015 false
CVE-2025-50181 Anchore CVE Medium python3-pip-wheel-9.0.3-24.el8 0.00015 false
CVE-2025-50181 Twistlock CVE Medium python-pip-9.0.3-24.el8 0.00015 false
CVE-2025-4878 Anchore CVE Low libssh-0.9.6-14.el8 0.00015 false
CVE-2025-4878 Anchore CVE Low libssh-config-0.9.6-14.el8 0.00015 false
CVE-2025-4878 Twistlock CVE Low libssh-0.9.6-14.el8 0.00015 false
CVE-2025-5915 Twistlock CVE Low libarchive-3.3.3-6.el8_10 0.00014 false
CVE-2025-5915 Anchore CVE Low libarchive-3.3.3-6.el8_10 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-debuginfod-client-0.190-2.el8 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-default-yama-scope-0.190-2.el8 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-libelf-0.190-2.el8 0.00014 false
CVE-2024-25260 Anchore CVE Low elfutils-libs-0.190-2.el8 0.00014 false
CVE-2024-25260 Twistlock CVE Low elfutils-0.190-2.el8 0.00014 false
CVE-2022-47011 Twistlock CVE Low gdb-8.2-20.el8 0.00014 false
CVE-2022-47010 Twistlock CVE Low gdb-8.2-20.el8 0.00014 false
CVE-2022-47007 Twistlock CVE Low gdb-8.2-20.el8 0.00014 false
CVE-2025-9714 Twistlock CVE Medium libxml2-2.9.7-21.el8_10.3 0.00013 false
CVE-2025-9714 Anchore CVE Medium libxml2-2.9.7-21.el8_10.3 0.00013 false
CVE-2025-9714 Anchore CVE Medium python3-libxml2-2.9.7-21.el8_10.3 0.00013 false
CVE-2025-50182 Anchore CVE Medium python3-pip-wheel-9.0.3-24.el8 0.00013 false
CVE-2025-50182 Anchore CVE Medium platform-python-pip-9.0.3-24.el8 0.00013 false
CVE-2025-50182 Twistlock CVE Medium python-pip-9.0.3-24.el8 0.00013 false
CVE-2025-3198 Anchore CVE Low gdb-gdbserver-8.2-20.el8 0.00012 false
CVE-2025-3198 Twistlock CVE Low gdb-8.2-20.el8 0.00012 false
CVE-2024-57970 Twistlock CVE Medium libarchive-3.3.3-6.el8_10 0.00012 false
CVE-2024-57970 Anchore CVE Medium libarchive-3.3.3-6.el8_10 0.00012 false
CVE-2022-3219 Anchore CVE Low gnupg2-2.2.20-3.el8_6 0.00012 false
CVE-2025-7339 Twistlock CVE Low on-headers-1.0.2 0.00006 false
CVE-2021-33294 Anchore CVE Medium elfutils-libs-0.190-2.el8 0.00006 false
CVE-2021-33294 Anchore CVE Medium elfutils-libelf-0.190-2.el8 0.00006 false
CVE-2021-33294 Anchore CVE Medium elfutils-default-yama-scope-0.190-2.el8 0.00006 false
CVE-2021-33294 Anchore CVE Medium elfutils-debuginfod-client-0.190-2.el8 0.00006 false
CVE-2021-33294 Twistlock CVE Medium elfutils-0.190-2.el8 0.00006 false
addbb93c22e9b0988b8b40392a4538cb Anchore Compliance Low N/A N/A
GHSA-x7hr-w5r2-h6wg Anchore CVE Medium prismjs-1.28.0 N/A N/A
GHSA-wr3j-pwj9-hqq6 Anchore CVE High webpack-dev-middleware-5.3.3 N/A N/A
GHSA-v6h2-p8h4-qcjw Anchore CVE Low brace-expansion-1.1.11 N/A N/A
GHSA-rv95-896h-c2vc Anchore CVE Medium express-4.18.1 N/A N/A
GHSA-rhx6-c78j-4q9w Anchore CVE High path-to-regexp-0.1.7 N/A N/A
GHSA-qwcr-r2fm-qrc7 Anchore CVE High body-parser-1.20.0 N/A N/A
GHSA-qwcr-r2fm-qrc7 Anchore CVE High body-parser-1.20.1 N/A N/A
GHSA-qw6h-vgh9-j6wx Anchore CVE Low express-4.18.1 N/A N/A
GHSA-pxg6-pf52-xh8x Anchore CVE Low cookie-0.5.0 N/A N/A
GHSA-prr3-c3m5-p7q2 Anchore CVE Medium @adobe/css-tools-4.2.0 N/A N/A
GHSA-pmh2-wpjm-fj45 Anchore CVE High mysql2-1.7.0 N/A N/A
GHSA-mwcw-c2x4-8c55 Anchore CVE Medium nanoid-3.3.6 N/A N/A
GHSA-mqr2-w7wj-jjgr Anchore CVE Medium mysql2-1.7.0 N/A N/A
GHSA-m6fv-jmcg-4jfg Anchore CVE Low send-0.18.0 N/A N/A
GHSA-j5g3-5c8r-7qfx Anchore CVE Low apollo-server-core-3.12.0 N/A N/A
GHSA-j5g3-5c8r-7qfx Anchore CVE Low @apollo/server-4.7.5 N/A N/A
GHSA-j5g3-5c8r-7qfx Twistlock CVE Low apollo-server-core-3.12.0 N/A N/A
GHSA-j5g3-5c8r-7qfx Twistlock CVE Low @apollo/server-4.7.5 N/A N/A
GHSA-hpx4-r86g-5jrg Anchore CVE Medium @adobe/css-tools-4.2.0 N/A N/A
GHSA-grv7-fg5c-xmjg Anchore CVE High braces-3.0.2 N/A N/A
GHSA-fpw7-j2hg-69v5 Anchore CVE Critical mysql2-1.7.0 N/A N/A
GHSA-fjxv-7rqg-78g4 Anchore CVE Critical form-data-3.0.1 N/A N/A
GHSA-fjxv-7rqg-78g4 Anchore CVE Critical form-data-2.3.3 N/A N/A
GHSA-cm22-4g7w-348p Anchore CVE Low serve-static-1.15.0 N/A N/A
GHSA-9wv6-86v2-598j Anchore CVE High path-to-regexp-1.8.0 N/A N/A
GHSA-9wv6-86v2-598j Anchore CVE High path-to-regexp-1.8.0 N/A N/A
GHSA-9wv6-86v2-598j Anchore CVE High path-to-regexp-0.1.7 N/A N/A
GHSA-9pv7-vfvm-6vr7 Anchore CVE Medium graphql-16.7.1 N/A N/A
GHSA-968p-4wvh-cqc8 Anchore CVE Medium @babel/helpers-7.22.6 N/A N/A
GHSA-968p-4wvh-cqc8 Anchore CVE Medium @babel/runtime-7.22.6 N/A N/A
GHSA-95m3-7q98-8xr5 Anchore CVE Critical sha.js-2.4.11 N/A N/A
GHSA-952p-6rrq-rcjv Anchore CVE Medium micromatch-4.0.5 N/A N/A
GHSA-7fh5-64p2-3v2j Anchore CVE Medium postcss-8.4.27 N/A N/A
GHSA-76p7-773f-r4q5 Anchore CVE Medium serialize-javascript-6.0.1 N/A N/A
GHSA-76c9-3jph-rj3q Anchore CVE Low on-headers-1.0.2 N/A N/A
GHSA-72xf-g2v4-qvf3 Anchore CVE Medium tough-cookie-2.5.0 N/A N/A
GHSA-67hx-6x53-jw92 Anchore CVE Critical @babel/traverse-7.22.8 N/A N/A
GHSA-4vvj-4cpr-p986 Anchore CVE Medium webpack-5.88.2 N/A N/A
GHSA-4rch-2fh8-94vw Anchore CVE Critical mysql2-1.7.0 N/A N/A
GHSA-4q6p-r6v2-jvc5 Anchore CVE High get-func-name-2.0.0 N/A N/A
GHSA-49j4-86m8-q2jw Anchore CVE Medium mysql2-1.7.0 N/A N/A
GHSA-3xgq-45jj-v275 Anchore CVE High cross-spawn-4.0.2 N/A N/A
GHSA-3xgq-45jj-v275 Anchore CVE High cross-spawn-7.0.3 N/A N/A
GHSA-3h5v-q93c-6h6q Anchore CVE High ws-7.5.9 N/A N/A
GHSA-36jr-mh4h-2g58 Anchore CVE High d3-color-1.4.1 N/A N/A
GHSA-36jr-mh4h-2g58 Twistlock CVE High d3-color-1.4.1 N/A N/A
CCE-89707-4 OSCAP Compliance Medium N/A N/A
CCE-86473-6 OSCAP Compliance Medium N/A N/A
CCE-86106-2 OSCAP Compliance Medium N/A N/A
CCE-85902-5 OSCAP Compliance High N/A N/A
CCE-85899-3 OSCAP Compliance Medium N/A N/A
CCE-85897-7 OSCAP Compliance Medium N/A N/A
CCE-85870-4 OSCAP Compliance Medium N/A N/A
CCE-84255-9 OSCAP Compliance Medium N/A N/A
CCE-84254-2 OSCAP Compliance Medium N/A N/A
CCE-82730-3 OSCAP Compliance Medium N/A N/A
CCE-81044-0 OSCAP Compliance Low N/A N/A
CCE-80935-0 OSCAP Compliance High N/A N/A
CCE-80854-3 OSCAP Compliance Low N/A N/A
CCE-80853-5 OSCAP Compliance Low N/A N/A
CCE-80852-7 OSCAP Compliance Low N/A N/A
CCE-80851-9 OSCAP Compliance Low N/A N/A
CCE-80839-4 OSCAP Compliance Medium N/A N/A
CCE-80838-6 OSCAP Compliance Medium N/A N/A
CCE-80837-8 OSCAP Compliance Medium N/A N/A
CCE-80664-6 OSCAP Compliance Medium N/A N/A

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=technergetics/anubis-schema-registry&tag=5.5.1&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by CHORE_TOKEN
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI