chore(findings): virtualitics/imds2remis/imds2remis_backend
Summary
virtualitics/imds2remis/imds2remis_backend has 40 new findings discovered during continuous monitoring.
id | source | package |
---|---|---|
CVE-2021-3712 | twistlock_cve | openssl-1.1.1g-15.el8_3 |
PRISMA-2021-0090 | twistlock_cve | sqlalchemy-1.3.17 |
CVE-2021-36087 | anchore_cve | libsepol-devel-2.9-2.el8 |
CVE-2021-36084 | anchore_cve | libsepol-devel-2.9-2.el8 |
CVE-2021-36085 | anchore_cve | libsepol-devel-2.9-2.el8 |
CVE-2021-36086 | anchore_cve | libsepol-devel-2.9-2.el8 |
CCE-83375-6 | oscap_comp | Uninherited |
CCE-80783-4 | oscap_comp | Uninherited |
CCE-80809-7 | oscap_comp | Uninherited |
CVE-2019-13117 | twistlock_cve | libxslt-1.1.32-6.el8 |
CVE-2019-13118 | twistlock_cve | libxslt-1.1.32-6.el8 |
CVE-2016-4607 | twistlock_cve | libxslt-1.1.32-6.el8 |
CVE-2021-33560 | twistlock_cve | libgcrypt-devel-1.8.5-4.el8 |
CVE-2021-40528 | twistlock_cve | libgcrypt-devel-1.8.5-4.el8 |
CVE-2019-13117 | twistlock_cve | libxslt-devel-1.1.32-6.el8 |
CVE-2019-13118 | twistlock_cve | libxslt-devel-1.1.32-6.el8 |
CVE-2016-4607 | twistlock_cve | libxslt-devel-1.1.32-6.el8 |
CVE-2019-17594 | twistlock_cve | ncurses-6.1-7.20180224.el8 |
CVE-2019-17595 | twistlock_cve | ncurses-6.1-7.20180224.el8 |
CVE-2021-39537 | twistlock_cve | ncurses-6.1-7.20180224.el8 |
CVE-2018-19211 | twistlock_cve | ncurses-6.1-7.20180224.el8 |
CVE-2021-36084 | twistlock_cve | libsepol-devel-2.9-2.el8 |
CVE-2021-36085 | twistlock_cve | libsepol-devel-2.9-2.el8 |
CVE-2021-36086 | twistlock_cve | libsepol-devel-2.9-2.el8 |
CVE-2021-36087 | twistlock_cve | libsepol-devel-2.9-2.el8 |
CVE-2021-23840 | twistlock_cve | openssl-devel-1.1.1g-15.el8_3 |
CVE-2021-23841 | twistlock_cve | openssl-devel-1.1.1g-15.el8_3 |
CVE-2021-3712 | twistlock_cve | openssl-devel-1.1.1g-15.el8_3 |
CVE-2021-41183 | twistlock_cve | jquery-ui-1.12.1 |
CVE-2021-41182 | twistlock_cve | jquery-ui-1.12.1 |
CVE-2021-41184 | twistlock_cve | jquery-ui-1.12.1 |
PRISMA-2021-0131 | twistlock_cve | websockets-9.1 |
CVE-2021-39537 | anchore_cve | ncurses-6.1-7.20180224.el8 |
CVE-2021-40528 | anchore_cve | libgcrypt-devel-1.8.5-4.el8 |
CVE-2019-17594 | anchore_cve | ncurses-6.1-7.20180224.el8 |
CVE-2019-17595 | anchore_cve | ncurses-6.1-7.20180224.el8 |
PRISMA-2021-0088 | twistlock_cve | pillow-8.2.0 |
CVE-2021-23437 | twistlock_cve | pillow-8.2.0 |
CVE-2021-3828 | twistlock_cve | nltk-3.4.5 |
PRISMA-2021-0134 | twistlock_cve | pillow-8.2.0 |
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/virtualitics/imds2remis-backend/-/jobs/7860014
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official