UNCLASSIFIED - NO CUI

Skip to content

chore(findings): beast-code/courseware-editor/base-image

Summary

beast-code/courseware-editor/base-image has 128 new findings discovered during continuous monitoring.

id source severity package
CCE-85987-6 OSCAP Compliance Medium
CCE-86519-6 OSCAP Compliance Medium
CCE-80806-3 OSCAP Compliance Medium
CVE-2022-42898 Twistlock CVE Critical krb5-libs-1.18.2-21.el8
CVE-2022-45061 Twistlock CVE Medium python3-libs-3.6.8-48.el8_7
CVE-2022-45061 Twistlock CVE Medium platform-python-3.6.8-48.el8_7
CVE-2022-36227 Twistlock CVE Low libarchive-3.3.3-4.el8
CVE-2022-45061 Anchore CVE Medium platform-python-3.6.8-48.el8_7
CVE-2007-4559 Anchore CVE Medium python3-libs-3.6.8-48.el8_7
CVE-2022-45061 Anchore CVE Medium python3-libs-3.6.8-48.el8_7
CVE-2022-43680 Anchore CVE Medium expat-2.2.5-10.el8
CVE-2007-4559 Anchore CVE Medium platform-python-3.6.8-48.el8_7
CVE-2021-46848 Anchore CVE Medium libtasn1-4.13-3.el8
CVE-2022-35737 Anchore CVE Medium sqlite-libs-3.26.0-16.el8_6
CVE-2022-42898 Anchore CVE High krb5-libs-1.18.2-21.el8
CVE-2022-36227 Anchore CVE Low libarchive-3.3.3-4.el8
CVE-2022-42898 OSCAP Compliance Medium
CCE-86099-9 OSCAP Compliance Medium
CVE-2022-4415 Twistlock CVE Medium systemd-libs-239-68.el8
CVE-2022-4415 Twistlock CVE Medium systemd-pam-239-68.el8
CVE-2022-4415 Twistlock CVE Medium systemd-239-68.el8
CVE-2022-4415 Anchore CVE Medium systemd-239-68.el8
CVE-2022-4415 Anchore CVE Medium systemd-libs-239-68.el8
CVE-2022-4415 Anchore CVE Medium systemd-pam-239-68.el8
CVE-2022-40897 Twistlock CVE Medium platform-python-setuptools-39.2.0-6.el8
CVE-2022-40897 Twistlock CVE Medium python3-setuptools-wheel-39.2.0-6.el8
CVE-2022-40897 Anchore CVE Medium python3-setuptools-wheel-39.2.0-6.el8
CVE-2022-40897 Anchore CVE Medium platform-python-setuptools-39.2.0-6.el8
CVE-2022-35737 Twistlock CVE Medium sqlite-libs-3.26.0-16.el8_6
CVE-2021-46848 OSCAP Compliance Medium
CVE-2022-35737 OSCAP Compliance Medium
CVE-2022-43680 OSCAP Compliance Medium
CVE-2022-3821 OSCAP Compliance Medium
CVE-2022-42010 OSCAP Compliance Medium
CVE-2022-42011 OSCAP Compliance Medium
CVE-2022-42012 OSCAP Compliance Medium
CVE-2022-40303 OSCAP Compliance Medium
CVE-2022-40304 OSCAP Compliance Medium
CVE-2022-47629 Twistlock CVE Critical libksba-1.3.5-8.el8_6
CVE-2022-47629 Anchore CVE High libksba-1.3.5-8.el8_6
CVE-2023-22745 Twistlock CVE Low tpm2-tss-2.3.2-4.el8
CVE-2023-22745 Anchore CVE Low tpm2-tss-2.3.2-4.el8
CVE-2022-48303 Twistlock CVE Medium tar-1.30-6.el8
CCE-83478-8 OSCAP Compliance Medium
CCE-83480-4 OSCAP Compliance Medium
CCE-86067-6 OSCAP Compliance Medium
CVE-2022-48303 Anchore CVE Medium tar-2:1.30-6.el8
CVE-2023-0286 Anchore CVE High openssl-libs-1:1.1.1k-7.el8_6
CVE-2022-4450 Anchore CVE Medium openssl-libs-1:1.1.1k-7.el8_6
CVE-2023-0215 Anchore CVE Medium openssl-libs-1:1.1.1k-7.el8_6
CVE-2022-4304 Anchore CVE Medium openssl-libs-1:1.1.1k-7.el8_6
CVE-2022-47629 OSCAP Compliance Medium
CVE-2023-0361 Twistlock CVE Medium gnutls-3.6.16-5.el8_6
CVE-2023-0361 Anchore CVE Medium gnutls-3.6.16-5.el8_6
CVE-2022-48303 OSCAP Compliance Medium
CVE-2022-4415 OSCAP Compliance Medium
CVE-2022-40897 OSCAP Compliance Medium
CVE-2020-10735 OSCAP Compliance Medium
CVE-2021-28861 OSCAP Compliance Medium
CVE-2022-45061 OSCAP Compliance Medium
CVE-2023-24329 Twistlock CVE Critical python3-libs-3.6.8-48.el8_7
CVE-2023-24329 Twistlock CVE Critical platform-python-3.6.8-48.el8_7
CVE-2023-24329 Anchore CVE High platform-python-3.6.8-48.el8_7
CVE-2023-24329 Anchore CVE High python3-libs-3.6.8-48.el8_7
CVE-2023-26604 Anchore CVE Medium systemd-pam-239-68.el8
CVE-2023-26604 Anchore CVE Medium systemd-239-68.el8
CVE-2023-26604 Anchore CVE Medium systemd-libs-239-68.el8
CVE-2022-43552 Twistlock CVE Low curl-7.61.1-25.el8_7.3
CVE-2022-43552 Twistlock CVE Low libcurl-7.61.1-25.el8_7.3
CVE-2022-35252 Twistlock CVE Low curl-7.61.1-25.el8_7.3
CVE-2022-35252 Twistlock CVE Low libcurl-7.61.1-25.el8_7.3
CVE-2022-43552 Anchore CVE Low libcurl-7.61.1-25.el8_7.3
CVE-2022-35252 Anchore CVE Low libcurl-7.61.1-25.el8_7.3
CVE-2022-43552 Anchore CVE Low curl-7.61.1-25.el8_7.3
CVE-2022-35252 Anchore CVE Low curl-7.61.1-25.el8_7.3
CVE-2023-0767 Anchore CVE High nss-softokn-3.79.0-10.el8_6
CVE-2023-0767 Anchore CVE High nss-util-3.79.0-10.el8_6
CVE-2023-0767 Anchore CVE High nss-sysinit-3.79.0-10.el8_6
CVE-2023-0767 Anchore CVE High nss-3.79.0-10.el8_6
CVE-2023-0767 Anchore CVE High nss-softokn-freebl-3.79.0-10.el8_6
CVE-2023-0767 OSCAP Compliance Medium
CVE-2023-0767 Twistlock CVE Critical nss-softokn-freebl-3.79.0-10.el8_6
CVE-2023-0767 Twistlock CVE Critical nss-sysinit-3.79.0-10.el8_6
CVE-2023-0767 Twistlock CVE Critical nss-softokn-3.79.0-10.el8_6
CVE-2023-0767 Twistlock CVE Critical nss-util-3.79.0-10.el8_6
CVE-2023-0767 Twistlock CVE Critical nss-3.79.0-10.el8_6
CVE-2023-26604 Twistlock CVE Medium systemd-libs-239-68.el8
CVE-2023-26604 Twistlock CVE Medium systemd-239-68.el8
CVE-2023-26604 Twistlock CVE Medium systemd-pam-239-68.el8
CVE-2022-23990 Twistlock CVE Medium expat-2.2.5-10.el8
CVE-2022-4899 Twistlock CVE Low libzstd-1.4.4-1.el8
CVE-2022-4899 Anchore CVE Low libzstd-1.4.4-1.el8
CVE-2023-27535 Twistlock CVE Medium curl-7.61.1-25.el8_7.3
CVE-2023-27535 Twistlock CVE Medium libcurl-7.61.1-25.el8_7.3
CVE-2023-27536 Twistlock CVE Medium curl-7.61.1-25.el8_7.3
CVE-2023-27536 Twistlock CVE Medium libcurl-7.61.1-25.el8_7.3
CVE-2023-27534 Twistlock CVE Low libcurl-7.61.1-25.el8_7.3
CVE-2023-27534 Twistlock CVE Low curl-7.61.1-25.el8_7.3
CVE-2023-27536 Anchore CVE Medium curl-7.61.1-25.el8_7.3
CVE-2023-27535 Anchore CVE Medium libcurl-7.61.1-25.el8_7.3
CVE-2023-27535 Anchore CVE Medium curl-7.61.1-25.el8_7.3
CVE-2023-27536 Anchore CVE Medium libcurl-7.61.1-25.el8_7.3
CVE-2023-0286 Twistlock CVE Critical openssl-libs-1.1.1k-7.el8_6
CVE-2023-0215 Twistlock CVE Medium openssl-libs-1.1.1k-7.el8_6
CVE-2022-4450 Twistlock CVE Medium openssl-libs-1.1.1k-7.el8_6
CVE-2022-4304 Twistlock CVE Medium openssl-libs-1.1.1k-7.el8_6
CVE-2022-4304 OSCAP Compliance Medium
CVE-2022-4450 OSCAP Compliance Medium
CVE-2023-0215 OSCAP Compliance Medium
CVE-2023-0286 OSCAP Compliance Medium
CVE-2023-1579 Twistlock CVE Medium gdb-gdbserver-8.2-19.el8
CVE-2023-25180 Twistlock CVE Low glib2-2.56.4-159.el8
CVE-2023-24593 Twistlock CVE Low glib2-2.56.4-159.el8
CVE-2023-0464 Twistlock CVE Low openssl-libs-1.1.1k-7.el8_6
CVE-2023-0464 Anchore CVE Low openssl-libs-1:1.1.1k-7.el8_6
CVE-2023-1579 Anchore CVE Medium gdb-gdbserver-8.2-19.el8
CVE-2023-0466 Twistlock CVE Low openssl-libs-1.1.1k-7.el8_6
CVE-2023-0465 Twistlock CVE Low openssl-libs-1.1.1k-7.el8_6
CVE-2023-0466 Anchore CVE Low openssl-libs-1:1.1.1k-7.el8_6
CVE-2023-0465 Anchore CVE Low openssl-libs-1:1.1.1k-7.el8_6
CVE-2023-0361 OSCAP Compliance Medium
PRISMA-2022-0168 Twistlock CVE High pip-9.0.3
CVE-2021-33503 Twistlock CVE High urllib3-1.24.2
CVE-2019-20916 Twistlock CVE High pip-9.0.3
CVE-2020-26137 Twistlock CVE Medium urllib3-1.24.2
CVE-2019-11236 Twistlock CVE Medium urllib3-1.24.2
CVE-2021-3572 Twistlock CVE Medium pip-9.0.3
CVE-2021-45985 Twistlock CVE Medium lua-libs-5.3.4-12.el8

VAT: https://vat.dso.mil/vat/image?imageName=beast-code/courseware-editor/base-image&tag=1.22.0&branch=master
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/beast-code/courseware-editor/base-image/-/jobs/13729433

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the ~"Approval" label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications
  • Send approval request to Authorizing Official
  • Close issue after approval from Authorizing Official

Note: If the above approval process is rejected for any reason, the Approval label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Approval label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by Ghost User
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI