chore(findings): vertaaiofficial/modeldb/backend-kubeflow
Summary
vertaaiofficial/modeldb/backend-kubeflow has 133 new findings discovered during continuous monitoring.
id | source | package |
---|---|---|
CVE-2020-13790 | twistlock_cve | libjpeg-turbo-1.5.3-10.el8 |
CVE-2017-6519 | twistlock_cve | avahi-libs-0.7-20.el8 |
CVE-2021-3468 | twistlock_cve | avahi-libs-0.7-20.el8 |
CVE-2020-24370 | twistlock_cve | lua-5.3.4-11.el8 |
CVE-2020-10001 | twistlock_cve | cups-libs-2.2.6-38.el8 |
CVE-2021-25317 | twistlock_cve | cups-libs-2.2.6-38.el8 |
CVE-2021-33503 | twistlock_cve | python3-pip-wheel-9.0.3-19.el8 |
CVE-2021-3572 | twistlock_cve | python3-pip-wheel-9.0.3-19.el8 |
CVE-2018-19211 | twistlock_cve | ncurses-libs-6.1-7.20180224.el8 |
CVE-2019-17594 | twistlock_cve | ncurses-libs-6.1-7.20180224.el8 |
CVE-2019-17595 | twistlock_cve | ncurses-libs-6.1-7.20180224.el8 |
CVE-2021-39537 | twistlock_cve | ncurses-libs-6.1-7.20180224.el8 |
CVE-2021-27645 | twistlock_cve | glibc-common-2.28-151.el8 |
CVE-2021-33574 | twistlock_cve | glibc-common-2.28-151.el8 |
CVE-2021-35942 | twistlock_cve | glibc-common-2.28-151.el8 |
CVE-2019-12900 | twistlock_cve | bzip2-libs-1.0.6-26.el8 |
CVE-2021-24032 | twistlock_cve | libzstd-1.4.4-1.el8 |
CVE-2020-35512 | twistlock_cve | dbus-libs-1.12.8-12.el8_4.2 |
CVE-2020-35512 | twistlock_cve | dbus-tools-1.12.8-12.el8_4.2 |
CVE-2021-33503 | twistlock_cve | python3-urllib3-1.24.2-5.el8 |
CVE-2021-3634 | twistlock_cve | libssh-config-0.9.4-2.el8 |
CVE-2021-3445 | twistlock_cve | python3-hawkey-0.55.0-7.el8 |
CVE-2020-35512 | twistlock_cve | dbus-daemon-1.12.8-12.el8_4.2 |
CVE-2020-35512 | twistlock_cve | dbus-1.12.8-12.el8_4.2 |
CVE-2018-20786 | twistlock_cve | vim-minimal-8.0.1763-15.el8 |
CVE-2021-3778 | twistlock_cve | vim-minimal-8.0.1763-15.el8 |
CVE-2021-3796 | twistlock_cve | vim-minimal-8.0.1763-15.el8 |
CVE-2021-3872 | twistlock_cve | vim-minimal-8.0.1763-15.el8 |
CVE-2018-20406 | twistlock_cve | platform-python-3.6.8-38.el8_4 |
CVE-2019-9674 | twistlock_cve | platform-python-3.6.8-38.el8_4 |
CVE-2021-3426 | twistlock_cve | platform-python-3.6.8-38.el8_4 |
CVE-2021-3733 | twistlock_cve | platform-python-3.6.8-38.el8_4 |
CVE-2021-3737 | twistlock_cve | platform-python-3.6.8-38.el8_4 |
CVE-2021-22876 | twistlock_cve | libcurl-7.61.1-18.el8_4.1 |
CVE-2021-22898 | twistlock_cve | libcurl-7.61.1-18.el8_4.1 |
CVE-2021-22925 | twistlock_cve | libcurl-7.61.1-18.el8_4.1 |
CVE-2021-22946 | twistlock_cve | libcurl-7.61.1-18.el8_4.1 |
CVE-2021-22947 | twistlock_cve | libcurl-7.61.1-18.el8_4.1 |
CVE-2021-20266 | twistlock_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-3521 | twistlock_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-35937 | twistlock_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-35938 | twistlock_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-35939 | twistlock_cve | rpm-libs-4.14.3-14.el8_4 |
CVE-2021-20266 | twistlock_cve | rpm-build-libs-4.14.3-14.el8_4 |
CVE-2021-3521 | twistlock_cve | rpm-build-libs-4.14.3-14.el8_4 |
CVE-2021-35937 | twistlock_cve | rpm-build-libs-4.14.3-14.el8_4 |
CVE-2021-35938 | twistlock_cve | rpm-build-libs-4.14.3-14.el8_4 |
CVE-2021-35939 | twistlock_cve | rpm-build-libs-4.14.3-14.el8_4 |
CVE-2018-20839 | twistlock_cve | systemd-239-45.el8_4.3 |
CVE-2017-9050 | twistlock_cve | python3-libxml2-2.9.7-9.el8_4.2 |
CVE-2017-9049 | twistlock_cve | python3-libxml2-2.9.7-9.el8_4.2 |
CVE-2017-9048 | twistlock_cve | python3-libxml2-2.9.7-9.el8_4.2 |
CVE-2017-9047 | twistlock_cve | python3-libxml2-2.9.7-9.el8_4.2 |
CVE-2017-7375 | twistlock_cve | python3-libxml2-2.9.7-9.el8_4.2 |
CVE-2017-18258 | twistlock_cve | python3-libxml2-2.9.7-9.el8_4.2 |
CVE-2017-15412 | twistlock_cve | python3-libxml2-2.9.7-9.el8_4.2 |
CVE-2017-0663 | twistlock_cve | python3-libxml2-2.9.7-9.el8_4.2 |
CVE-2016-5131 | twistlock_cve | python3-libxml2-2.9.7-9.el8_4.2 |
CVE-2016-4658 | twistlock_cve | python3-libxml2-2.9.7-9.el8_4.2 |
CVE-2020-12399 | twistlock_cve | nss-softokn-freebl-3.67.0-6.el8_4 |
CVE-2020-12401 | twistlock_cve | nss-softokn-freebl-3.67.0-6.el8_4 |
CVE-2020-12413 | twistlock_cve | nss-softokn-freebl-3.67.0-6.el8_4 |
CVE-2020-12399 | twistlock_cve | nss-sysinit-3.67.0-6.el8_4 |
CVE-2020-12401 | twistlock_cve | nss-sysinit-3.67.0-6.el8_4 |
CVE-2020-12413 | twistlock_cve | nss-sysinit-3.67.0-6.el8_4 |
CVE-2019-14250 | twistlock_cve | libgcc-8.4.1-1.el8 |
CVE-2018-20673 | twistlock_cve | libgcc-8.4.1-1.el8 |
CVE-2018-20657 | twistlock_cve | libgcc-8.4.1-1.el8 |
CVE-2021-3114 | twistlock_cve | libgcc-8.4.1-1.el8 |
CVE-2018-19211 | twistlock_cve | ncurses-base-6.1-7.20180224.el8 |
CVE-2019-17594 | twistlock_cve | ncurses-base-6.1-7.20180224.el8 |
CVE-2019-17595 | twistlock_cve | ncurses-base-6.1-7.20180224.el8 |
CVE-2021-39537 | twistlock_cve | ncurses-base-6.1-7.20180224.el8 |
CVE-2021-27645 | twistlock_cve | glibc-minimal-langpack-2.28-151.el8 |
CVE-2021-33574 | twistlock_cve | glibc-minimal-langpack-2.28-151.el8 |
CVE-2021-35942 | twistlock_cve | glibc-minimal-langpack-2.28-151.el8 |
CVE-2021-27645 | twistlock_cve | glibc-2.28-151.el8 |
CVE-2019-13750 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-13751 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-19244 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-19603 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-5827 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-9936 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2019-9937 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2020-13435 | twistlock_cve | sqlite-libs-3.26.0-13.el8 |
CVE-2017-18018 | twistlock_cve | coreutils-single-8.30-8.el8 |
CVE-2020-24370 | twistlock_cve | lua-libs-5.3.4-11.el8 |
CVE-2019-18218 | twistlock_cve | file-libs-5.33-16.el8_3.1 |
CVE-2019-8905 | twistlock_cve | file-libs-5.33-16.el8_3.1 |
CVE-2019-8906 | twistlock_cve | file-libs-5.33-16.el8_3.1 |
CVE-2018-1000654 | twistlock_cve | libtasn1-4.13-3.el8 |
CVE-2021-23840 | twistlock_cve | openssl-libs-1.1.1g-15.el8_3 |
CVE-2021-23841 | twistlock_cve | openssl-libs-1.1.1g-15.el8_3 |
CVE-2021-3712 | twistlock_cve | openssl-libs-1.1.1g-15.el8_3 |
CVE-2020-21674 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2018-1000879 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2018-1000880 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2017-14501 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2017-14166 | twistlock_cve | libarchive-3.3.3-1.el8 |
CVE-2021-3445 | twistlock_cve | python3-libdnf-0.55.0-7.el8 |
CVE-2020-35512 | twistlock_cve | dbus-common-1.12.8-12.el8_4.2 |
CVE-2021-20193 | twistlock_cve | tar-1.30-5.el8 |
CVE-2019-9923 | twistlock_cve | tar-1.30-5.el8 |
CVE-2019-17543 | twistlock_cve | lz4-libs-1.8.3-3.el8_4 |
CVE-2018-16429 | twistlock_cve | glib2-2.56.4-10.el8_4.1 |
CVE-2018-16428 | twistlock_cve | glib2-2.56.4-10.el8_4.1 |
CVE-2021-3800 | twistlock_cve | glib2-2.56.4-10.el8_4.1 |
CVE-2018-20839 | twistlock_cve | systemd-libs-239-45.el8_4.3 |
CVE-2018-20406 | twistlock_cve | python3-libs-3.6.8-38.el8_4 |
CVE-2019-9674 | twistlock_cve | python3-libs-3.6.8-38.el8_4 |
CVE-2021-3426 | twistlock_cve | python3-libs-3.6.8-38.el8_4 |
CVE-2021-3733 | twistlock_cve | python3-libs-3.6.8-38.el8_4 |
CVE-2021-3737 | twistlock_cve | python3-libs-3.6.8-38.el8_4 |
CVE-2021-3572 | twistlock_cve | platform-python-pip-9.0.3-19.el8 |
CVE-2021-3521 | twistlock_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-35937 | twistlock_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-35938 | twistlock_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-35939 | twistlock_cve | rpm-4.14.3-14.el8_4 |
CVE-2021-20266 | twistlock_cve | python3-rpm-4.14.3-14.el8_4 |
CVE-2021-3521 | twistlock_cve | python3-rpm-4.14.3-14.el8_4 |
CVE-2021-35937 | twistlock_cve | python3-rpm-4.14.3-14.el8_4 |
CVE-2021-35938 | twistlock_cve | python3-rpm-4.14.3-14.el8_4 |
CVE-2021-35939 | twistlock_cve | python3-rpm-4.14.3-14.el8_4 |
CVE-2018-20839 | twistlock_cve | systemd-pam-239-45.el8_4.3 |
CVE-2020-12399 | twistlock_cve | nss-util-3.67.0-6.el8_4 |
CVE-2020-12401 | twistlock_cve | nss-util-3.67.0-6.el8_4 |
CVE-2020-12413 | twistlock_cve | nss-util-3.67.0-6.el8_4 |
CVE-2020-12399 | twistlock_cve | nss-softokn-3.67.0-6.el8_4 |
CVE-2020-12401 | twistlock_cve | nss-softokn-3.67.0-6.el8_4 |
CVE-2020-12413 | twistlock_cve | nss-softokn-3.67.0-6.el8_4 |
CVE-2020-12413 | twistlock_cve | nss-3.67.0-6.el8_4 |
CVE-2021-37137 | twistlock_cve | io.netty_netty-codec-4.1.30.Final |
CVE-2021-37136 | twistlock_cve | io.netty_netty-codec-4.1.30.Final |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/vertaaiofficial/modeldb/backend-kubeflow/-/jobs/7551583
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official