UNCLASSIFIED - NO CUI

Skip to content

chore(findings): bitnami/openldap

Summary

bitnami/openldap has 386 new findings discovered during continuous monitoring.

Layer: redhat/ubi/ubi9:9.2 is EOL, please update if possible

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=bitnami/openldap&tag=2.6.3-r77&branch=master

EPSS (Exploit Prediction Scoring System) provides an estimate of the likelihood that a vulnerability will be exploited in the wild.

KEV (Known Exploited Vulnerabilities) indicates whether a vulnerability is actively being exploited according to CISA.

id source severity package impact workaround epss_score kev
CVE-2023-44487 Anchore CVE High stdlib-go1.18.2 0.94434 true
CVE-2023-45288 Anchore CVE High stdlib-go1.18.2 0.64852 false
CVE-2024-1931 Twistlock CVE Medium unbound-1.16.2-19.el9_6.1 0.06925 false
CVE-2024-1931 Anchore CVE Medium unbound-libs-1.16.2-19.el9_6.1 0.06925 false
CVE-2005-2541 Anchore CVE Medium tar-2:1.34-7.el9 0.03739 false
CVE-2024-56433 Anchore CVE Low shadow-utils-2:4.9-12.el9 0.02806 false
CVE-2024-7264 Anchore CVE Low libcurl-minimal-7.76.1-31.el9 0.02574 false
CVE-2024-7264 Anchore CVE Low curl-minimal-7.76.1-31.el9 0.02574 false
CVE-2024-7264 Twistlock CVE Low curl-7.76.1-31.el9 0.02574 false
CVE-2024-33655 Twistlock CVE Low unbound-1.16.2-19.el9_6.1 0.02518 false
CVE-2024-33655 Anchore CVE Low unbound-libs-1.16.2-19.el9_6.1 0.02518 false
CVE-2024-24787 Anchore CVE Medium stdlib-go1.18.2 0.01583 false
CVE-2024-24784 Anchore CVE High stdlib-go1.18.2 0.01498 false
CVE-2021-38593 Anchore CVE Medium qt5-srpm-macros-5.15.9-1.el9 0.00935 false
CVE-2021-38593 Twistlock CVE Medium qt5-5.15.9-1.el9 0.00935 false
CVE-2023-24531 Anchore CVE Critical stdlib-go1.18.2 0.00655 false
CVE-2023-24538 Anchore CVE Critical stdlib-go1.18.2 0.00646 false
CVE-2022-41717 Anchore CVE Medium stdlib-go1.18.2 0.00413 false
CVE-2023-45289 Anchore CVE Medium stdlib-go1.18.2 0.00409 false
CVE-2024-24783 Anchore CVE Medium stdlib-go1.18.2 0.00401 false
CVE-2021-3826 Twistlock CVE Low binutils-2.35.2-63.el9 0.00368 false
CVE-2021-3826 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00368 false
CVE-2021-3826 Anchore CVE Low binutils-2.35.2-63.el9 0.00368 false
CVE-2024-9681 Anchore CVE Low libcurl-minimal-7.76.1-31.el9 0.00348 false
CVE-2024-9681 Anchore CVE Low curl-minimal-7.76.1-31.el9 0.00348 false
CVE-2024-9681 Twistlock CVE Low curl-7.76.1-31.el9 0.00348 false
CVE-2023-45290 Anchore CVE Medium stdlib-go1.18.2 0.00326 false
CVE-2023-29405 Anchore CVE Critical stdlib-go1.18.2 0.00326 false
CVE-2024-7592 Twistlock CVE Low python3.9-3.9.21-2.el9_6.1 0.00325 false
CVE-2024-7592 Anchore CVE Low python3-3.9.21-2.el9_6.1 0.00325 false
CVE-2024-7592 Anchore CVE Low python3-libs-3.9.21-2.el9_6.1 0.00325 false
CVE-2023-24607 Anchore CVE Medium qt5-srpm-macros-5.15.9-1.el9 0.00295 false
CVE-2023-24607 Twistlock CVE Medium qt5-5.15.9-1.el9 0.00295 false
CVE-2024-24785 Anchore CVE Medium stdlib-go1.18.2 0.00246 false
CVE-2023-24540 Anchore CVE Critical stdlib-go1.18.2 0.00243 false
CVE-2021-3572 Anchore CVE Low python3-pip-wheel-21.3.1-1.el9 0.00240 false
CVE-2021-3572 Twistlock CVE Low python-pip-21.3.1-1.el9 0.00240 false
CVE-2022-41723 Anchore CVE High stdlib-go1.18.2 0.00235 false
CVE-2024-0397 Twistlock CVE Low python3.9-3.9.21-2.el9_6.1 0.00232 false
CVE-2024-0397 Anchore CVE Low python3-3.9.21-2.el9_6.1 0.00232 false
CVE-2024-0397 Anchore CVE Low python3-libs-3.9.21-2.el9_6.1 0.00232 false
CVE-2022-0529 Anchore CVE Low unzip-6.0-58.el9_5 0.00230 false
CVE-2022-0529 Twistlock CVE Low unzip-6.0-58.el9_5 0.00230 false
CVE-2024-11053 Anchore CVE Low libcurl-minimal-7.76.1-31.el9 0.00221 false
CVE-2024-11053 Anchore CVE Low curl-minimal-7.76.1-31.el9 0.00221 false
CVE-2024-11053 Twistlock CVE Low curl-7.76.1-31.el9 0.00221 false
CVE-2021-45078 Twistlock CVE Medium binutils-2.35.2-63.el9 0.00220 false
CVE-2021-45078 Anchore CVE Medium binutils-2.35.2-63.el9 0.00220 false
CVE-2021-45078 Anchore CVE Medium binutils-gold-2.35.2-63.el9 0.00220 false
CVE-2024-24791 Anchore CVE High stdlib-go1.18.2 0.00200 false
CVE-2025-1153 Twistlock CVE Low binutils-2.35.2-63.el9 0.00185 false
CVE-2025-1153 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00185 false
CVE-2025-1153 Anchore CVE Low binutils-2.35.2-63.el9 0.00185 false
CVE-2025-1153 Twistlock CVE Low gdb-14.2-4.1.el9_6 0.00185 false
CVE-2025-1153 Anchore CVE Low gdb-gdbserver-14.2-4.1.el9_6 0.00185 false
CVE-2023-45287 Anchore CVE High stdlib-go1.18.2 0.00185 false
CVE-2021-20197 Twistlock CVE Medium binutils-2.35.2-63.el9 0.00184 false
CVE-2021-20197 Anchore CVE Medium binutils-gold-2.35.2-63.el9 0.00184 false
CVE-2021-20197 Anchore CVE Medium binutils-2.35.2-63.el9 0.00184 false
CVE-2023-32636 Twistlock CVE Low glib2-2.68.4-16.el9_6.2 0.00179 false
CVE-2023-32636 Anchore CVE Low glib2-2.68.4-16.el9_6.2 0.00179 false
CVE-2024-34156 Anchore CVE High stdlib-go1.18.2 0.00178 false
CVE-2024-41996 Anchore CVE Low openssl-1:3.2.2-6.el9_5.1 0.00166 false
CVE-2024-41996 Anchore CVE Low openssl-libs-1:3.2.2-6.el9_5.1 0.00166 false
CVE-2024-41996 Twistlock CVE Low openssl-3.2.2-6.el9_5.1 0.00166 false
CVE-2023-29406 Anchore CVE Medium stdlib-go1.18.2 0.00155 false
CVE-2022-29162 Twistlock CVE Medium github.com/opencontainers/runc-v1.1.0 0.00141 false
CVE-2025-1795 Twistlock CVE Low python3.9-3.9.21-2.el9_6.1 0.00140 false
CVE-2025-1795 Anchore CVE Low python3-3.9.21-2.el9_6.1 0.00140 false
CVE-2025-1795 Anchore CVE Low python3-libs-3.9.21-2.el9_6.1 0.00140 false
CVE-2024-34459 Twistlock CVE Low libxml2-2.9.13-10.el9_6 0.00135 false
CVE-2024-34459 Anchore CVE Low libxml2-2.9.13-10.el9_6 0.00135 false
CVE-2021-4217 Anchore CVE Low unzip-6.0-58.el9_5 0.00134 false
CVE-2021-4217 Twistlock CVE Low unzip-6.0-58.el9_5 0.00134 false
CVE-2023-29402 Anchore CVE Critical stdlib-go1.18.2 0.00124 false
CVE-2024-7531 Twistlock CVE Low nss-3.101.0-10.el9_2 0.00121 false
CVE-2024-7531 Anchore CVE Low nss-sysinit-3.101.0-10.el9_2 0.00121 false
CVE-2024-7531 Anchore CVE Low nss-util-3.101.0-10.el9_2 0.00121 false
CVE-2024-7531 Anchore CVE Low nss-softokn-freebl-3.101.0-10.el9_2 0.00121 false
CVE-2024-7531 Anchore CVE Low nss-softokn-3.101.0-10.el9_2 0.00121 false
CVE-2024-7531 Anchore CVE Low nspr-4.35.0-17.el9_2 0.00121 false
CVE-2024-7531 Anchore CVE Low nss-3.101.0-10.el9_2 0.00121 false
CVE-2024-7531 Anchore CVE Low nss-tools-3.101.0-10.el9_2 0.00121 false
CVE-2022-0530 Anchore CVE Low unzip-6.0-58.el9_5 0.00120 false
CVE-2022-0530 Twistlock CVE Low unzip-6.0-58.el9_5 0.00120 false
CVE-2020-12413 Twistlock CVE Low nss-3.101.0-10.el9_2 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-sysinit-3.101.0-10.el9_2 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-tools-3.101.0-10.el9_2 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-util-3.101.0-10.el9_2 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-softokn-freebl-3.101.0-10.el9_2 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-3.101.0-10.el9_2 0.00120 false
CVE-2020-12413 Anchore CVE Low nss-softokn-3.101.0-10.el9_2 0.00120 false
CVE-2020-12413 Anchore CVE Low nspr-4.35.0-17.el9_2 0.00120 false
CVE-2022-30635 Anchore CVE High stdlib-go1.18.2 0.00118 false
CVE-2021-45941 Twistlock CVE Medium libbpf-1.5.0-1.el9 0.00117 false
CVE-2021-45941 Anchore CVE Medium libbpf-2:1.5.0-1.el9 0.00117 false
CVE-2021-45940 Twistlock CVE Medium libbpf-1.5.0-1.el9 0.00117 false
CVE-2021-45940 Anchore CVE Low libbpf-2:1.5.0-1.el9 0.00117 false
CVE-2024-34155 Anchore CVE Medium stdlib-go1.18.2 0.00115 false
CVE-2021-32256 Anchore CVE Medium binutils-gold-2.35.2-63.el9 0.00115 false
CVE-2021-32256 Anchore CVE Medium binutils-2.35.2-63.el9 0.00115 false
CVE-2022-27664 Anchore CVE High stdlib-go1.18.2 0.00112 false
CVE-2023-27561 Twistlock CVE High github.com/opencontainers/runc-v1.1.0 0.00110 false
CVE-2022-32189 Anchore CVE High stdlib-go1.18.2 0.00099 false
CVE-2024-24790 Anchore CVE Critical stdlib-go1.18.2 0.00092 false
CVE-2025-1632 Twistlock CVE Low libarchive-3.5.3-5.el9_6 0.00088 false
CVE-2025-1632 Anchore CVE Low libarchive-3.5.3-5.el9_6 0.00088 false
CVE-2023-29404 Anchore CVE Critical stdlib-go1.18.2 0.00083 false
CVE-2024-34158 Anchore CVE High stdlib-go1.18.2 0.00082 false
CVE-2023-29409 Anchore CVE Medium stdlib-go1.18.2 0.00082 false
CVE-2025-1152 Twistlock CVE Low binutils-2.35.2-63.el9 0.00081 false
CVE-2025-1152 Anchore CVE Low binutils-2.35.2-63.el9 0.00081 false
CVE-2025-1152 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00081 false
CVE-2025-1152 Twistlock CVE Low gdb-14.2-4.1.el9_6 0.00081 false
CVE-2025-1152 Anchore CVE Low gdb-gdbserver-14.2-4.1.el9_6 0.00081 false
CVE-2025-1150 Twistlock CVE Low binutils-2.35.2-63.el9 0.00081 false
CVE-2025-1150 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00081 false
CVE-2025-1150 Anchore CVE Low binutils-2.35.2-63.el9 0.00081 false
CVE-2025-1150 Twistlock CVE Low gdb-14.2-4.1.el9_6 0.00081 false
CVE-2025-1150 Anchore CVE Low gdb-gdbserver-14.2-4.1.el9_6 0.00081 false
CVE-2025-3360 Twistlock CVE Low glib2-2.68.4-16.el9_6.2 0.00079 false
CVE-2025-3360 Anchore CVE Low glib2-2.68.4-16.el9_6.2 0.00079 false
CVE-2023-45322 Anchore CVE Low libxml2-2.9.13-10.el9_6 0.00078 false
CVE-2025-6069 Twistlock CVE Medium python3.9-3.9.21-2.el9_6.1 0.00077 false
CVE-2025-6069 Anchore CVE Medium python3-3.9.21-2.el9_6.1 0.00077 false
CVE-2025-6069 Anchore CVE Medium python3-libs-3.9.21-2.el9_6.1 0.00077 false
CVE-2025-1151 Twistlock CVE Low binutils-2.35.2-63.el9 0.00075 false
CVE-2025-1151 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00075 false
CVE-2025-1151 Anchore CVE Low binutils-2.35.2-63.el9 0.00075 false
CVE-2025-1151 Twistlock CVE Low gdb-14.2-4.1.el9_6 0.00075 false
CVE-2025-1151 Anchore CVE Low gdb-gdbserver-14.2-4.1.el9_6 0.00075 false
CVE-2024-13176 Anchore CVE Low openssl-libs-1:3.2.2-6.el9_5.1 0.00071 false
CVE-2024-13176 Anchore CVE Low openssl-1:3.2.2-6.el9_5.1 0.00071 false
CVE-2024-13176 Twistlock CVE Low openssl-3.2.2-6.el9_5.1 0.00071 false
CVE-2023-24536 Anchore CVE High stdlib-go1.18.2 0.00066 false
CVE-2025-1377 Twistlock CVE Low elfutils-0.192-6.el9_6 0.00065 false
CVE-2025-1377 Anchore CVE Low elfutils-libelf-0.192-6.el9_6 0.00065 false
CVE-2025-1377 Anchore CVE Low elfutils-debuginfod-client-0.192-6.el9_6 0.00065 false
CVE-2025-1377 Anchore CVE Low elfutils-default-yama-scope-0.192-6.el9_6 0.00065 false
CVE-2025-1377 Anchore CVE Low elfutils-libs-0.192-6.el9_6 0.00065 false
CVE-2023-24539 Anchore CVE High stdlib-go1.18.2 0.00065 false
CVE-2022-30633 Anchore CVE High stdlib-go1.18.2 0.00064 false
CVE-2022-30632 Anchore CVE High stdlib-go1.18.2 0.00064 false
CVE-2023-39319 Anchore CVE Medium stdlib-go1.18.2 0.00062 false
CVE-2023-39318 Anchore CVE Medium stdlib-go1.18.2 0.00062 false
CVE-2022-41409 Twistlock CVE Low pcre2-10.40-6.el9 0.00061 false
CVE-2022-41409 Anchore CVE Low pcre2-syntax-10.40-6.el9 0.00061 false
CVE-2022-41409 Anchore CVE Low pcre2-10.40-6.el9 0.00061 false
CVE-2025-5683 Twistlock CVE Medium qt5-5.15.9-1.el9 0.00060 false
CVE-2025-5683 Anchore CVE Medium qt5-srpm-macros-5.15.9-1.el9 0.00060 false
CVE-2023-39323 Anchore CVE High stdlib-go1.18.2 0.00060 false
CVE-2025-32990 Twistlock CVE Medium gnutls-3.8.3-6.el9 0.00059 false
CVE-2025-32990 Anchore CVE Medium gnutls-dane-3.8.3-6.el9 0.00059 false
CVE-2025-32990 Anchore CVE Medium gnutls-utils-3.8.3-6.el9 0.00059 false
CVE-2025-32990 Anchore CVE Medium gnutls-3.8.3-6.el9 0.00059 false
CVE-2025-8194 Twistlock CVE Medium python3.9-3.9.21-2.el9_6.1 0.00057 false
CVE-2025-8194 Anchore CVE Medium python3-libs-3.9.21-2.el9_6.1 0.00057 false
CVE-2025-8194 Anchore CVE Medium python3-3.9.21-2.el9_6.1 0.00057 false
CVE-2025-27113 Twistlock CVE Low libxml2-2.9.13-10.el9_6 0.00055 false
CVE-2025-27113 Anchore CVE Low libxml2-2.9.13-10.el9_6 0.00055 false
CVE-2023-45285 Anchore CVE High stdlib-go1.18.2 0.00055 false
CVE-2025-6395 Twistlock CVE Medium gnutls-3.8.3-6.el9 0.00053 false
CVE-2025-6395 Anchore CVE Medium gnutls-dane-3.8.3-6.el9 0.00053 false
CVE-2025-6395 Anchore CVE Medium gnutls-utils-3.8.3-6.el9 0.00053 false
CVE-2025-6395 Anchore CVE Medium gnutls-3.8.3-6.el9 0.00053 false
CVE-2025-32988 Twistlock CVE Medium gnutls-3.8.3-6.el9 0.00052 false
CVE-2025-32988 Anchore CVE Medium gnutls-utils-3.8.3-6.el9 0.00052 false
CVE-2025-32988 Anchore CVE Medium gnutls-3.8.3-6.el9 0.00052 false
CVE-2025-32988 Anchore CVE Medium gnutls-dane-3.8.3-6.el9 0.00052 false
CVE-2022-33070 Anchore CVE Low protobuf-c-1.3.3-13.el9 0.00052 false
CVE-2022-33070 Twistlock CVE Low protobuf-c-1.3.3-13.el9 0.00052 false
CVE-2022-41725 Anchore CVE High stdlib-go1.18.2 0.00051 false
CVE-2023-50495 Anchore CVE Low ncurses-base-6.2-10.20210508.el9 0.00050 false
CVE-2023-50495 Anchore CVE Low ncurses-6.2-10.20210508.el9 0.00050 false
CVE-2023-50495 Anchore CVE Low ncurses-libs-6.2-10.20210508.el9 0.00050 false
CVE-2023-50495 Twistlock CVE Low ncurses-6.2-10.20210508.el9 0.00050 false
CVE-2023-39326 Anchore CVE Medium stdlib-go1.18.2 0.00049 false
CVE-2025-1376 Twistlock CVE Low elfutils-0.192-6.el9_6 0.00048 false
CVE-2025-1376 Anchore CVE Low elfutils-debuginfod-client-0.192-6.el9_6 0.00048 false
CVE-2025-1376 Anchore CVE Low elfutils-default-yama-scope-0.192-6.el9_6 0.00048 false
CVE-2025-1376 Anchore CVE Low elfutils-libelf-0.192-6.el9_6 0.00048 false
CVE-2025-1376 Anchore CVE Low elfutils-libs-0.192-6.el9_6 0.00048 false
CVE-2023-29400 Anchore CVE High stdlib-go1.18.2 0.00048 false
CVE-2022-32148 Anchore CVE Medium stdlib-go1.18.2 0.00048 false
CVE-2022-30629 Anchore CVE Low stdlib-go1.18.2 0.00048 false
CVE-2022-27943 Anchore CVE Low cpp-11.5.0-5.el9_5 0.00047 false
CVE-2022-27943 Anchore CVE Low gcc-plugin-annobin-11.5.0-5.el9_5 0.00047 false
CVE-2022-27943 Anchore CVE Low libstdc++-11.5.0-5.el9_5 0.00047 false
CVE-2022-27943 Anchore CVE Low gcc-11.5.0-5.el9_5 0.00047 false
CVE-2022-27943 Anchore CVE Low libgcc-11.5.0-5.el9_5 0.00047 false
CVE-2022-27943 Anchore CVE Low libgomp-11.5.0-5.el9_5 0.00047 false
CVE-2022-27943 Twistlock CVE Low gcc-11.5.0-5.el9_5 0.00047 false
CVE-2024-29040 Anchore CVE Medium tpm2-tss-3.2.3-1.el9 0.00045 false
CVE-2024-29040 Twistlock CVE Medium tpm2-tss-3.2.3-1.el9 0.00045 false
CVE-2023-24534 Anchore CVE High stdlib-go1.18.2 0.00045 false
CVE-2023-1972 Twistlock CVE Low binutils-2.35.2-63.el9 0.00045 false
CVE-2023-1972 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00045 false
CVE-2023-1972 Anchore CVE Low binutils-2.35.2-63.el9 0.00045 false
CVE-2025-4673 Anchore CVE Medium stdlib-go1.18.2 0.00044 false
CVE-2023-1579 Twistlock CVE Medium binutils-2.35.2-63.el9 0.00040 false
CVE-2023-1579 Anchore CVE Medium binutils-gold-2.35.2-63.el9 0.00040 false
CVE-2023-1579 Anchore CVE Medium binutils-2.35.2-63.el9 0.00040 false
CVE-2025-5914 Twistlock CVE Low libarchive-3.5.3-5.el9_6 0.00039 false
CVE-2025-5914 Anchore CVE Low libarchive-3.5.3-5.el9_6 0.00039 false
CVE-2022-1705 Anchore CVE Medium stdlib-go1.18.2 0.00039 false
CVE-2023-24056 Anchore CVE Low pkgconf-pkg-config-1.7.3-10.el9 0.00037 false
CVE-2023-24056 Anchore CVE Low pkgconf-1.7.3-10.el9 0.00037 false
CVE-2023-24056 Anchore CVE Low libpkgconf-1.7.3-10.el9 0.00037 false
CVE-2023-24056 Anchore CVE Low pkgconf-m4-1.7.3-10.el9 0.00037 false
CVE-2023-24056 Twistlock CVE Low pkgconf-1.7.3-10.el9 0.00037 false
CVE-2023-39804 Anchore CVE Low tar-2:1.34-7.el9 0.00036 false
CVE-2023-39804 Twistlock CVE Low tar-1.34-7.el9 0.00036 false
CVE-2024-45336 Anchore CVE Medium stdlib-go1.18.2 0.00032 false
CVE-2024-43167 Twistlock CVE Low unbound-1.16.2-19.el9_6.1 0.00032 false
CVE-2024-43167 Anchore CVE Low unbound-libs-1.16.2-19.el9_6.1 0.00032 false
CVE-2024-43168 Twistlock CVE Low unbound-1.16.2-19.el9_6.1 0.00031 false
CVE-2024-43168 Anchore CVE Low unbound-libs-1.16.2-19.el9_6.1 0.00031 false
CVE-2023-4156 Anchore CVE Low gawk-5.1.0-6.el9 0.00031 false
CVE-2023-4156 Twistlock CVE Low gawk-5.1.0-6.el9 0.00031 false
CVE-2023-25809 Twistlock CVE Low github.com/opencontainers/runc-v1.1.0 0.00031 false
CVE-2022-30631 Anchore CVE High stdlib-go1.18.2 0.00030 false
CVE-2025-1371 Twistlock CVE Low elfutils-0.192-6.el9_6 0.00029 false
CVE-2025-1371 Anchore CVE Low elfutils-default-yama-scope-0.192-6.el9_6 0.00029 false
CVE-2025-1371 Anchore CVE Low elfutils-debuginfod-client-0.192-6.el9_6 0.00029 false
CVE-2025-1371 Anchore CVE Low elfutils-libs-0.192-6.el9_6 0.00029 false
CVE-2025-1371 Anchore CVE Low elfutils-libelf-0.192-6.el9_6 0.00029 false
CVE-2022-29458 Anchore CVE Low ncurses-6.2-10.20210508.el9 0.00029 false
CVE-2022-29458 Anchore CVE Low ncurses-base-6.2-10.20210508.el9 0.00029 false
CVE-2022-29458 Anchore CVE Low ncurses-libs-6.2-10.20210508.el9 0.00029 false
CVE-2022-29458 Twistlock CVE Low ncurses-6.2-10.20210508.el9 0.00029 false
CVE-2022-2880 Anchore CVE High stdlib-go1.18.2 0.00029 false
CVE-2025-32415 Twistlock CVE Medium libxml2-2.9.13-10.el9_6 0.00027 false
CVE-2025-32415 Anchore CVE Medium libxml2-2.9.13-10.el9_6 0.00027 false
CVE-2022-30630 Anchore CVE High stdlib-go1.18.2 0.00026 false
CVE-2024-45341 Anchore CVE Medium stdlib-go1.18.2 0.00025 false
CVE-2023-24532 Anchore CVE Medium stdlib-go1.18.2 0.00024 false
CVE-2025-45582 Twistlock CVE Medium tar-1.34-7.el9 0.00023 false
CVE-2025-45582 Anchore CVE Medium tar-2:1.34-7.el9 0.00023 false
CVE-2025-22871 Anchore CVE Critical stdlib-go1.18.2 0.00023 false
CVE-2024-57360 Twistlock CVE Low binutils-2.35.2-63.el9 0.00022 false
CVE-2024-57360 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00022 false
CVE-2024-57360 Anchore CVE Low binutils-2.35.2-63.el9 0.00022 false
CVE-2024-57360 Twistlock CVE Low gdb-14.2-4.1.el9_6 0.00022 false
CVE-2024-57360 Anchore CVE Low gdb-gdbserver-14.2-4.1.el9_6 0.00022 false
CVE-2022-30580 Anchore CVE High stdlib-go1.18.2 0.00022 false
CVE-2025-4516 Twistlock CVE Medium python3.9-3.9.21-2.el9_6.1 0.00021 false
CVE-2025-4516 Anchore CVE Medium python3-libs-3.9.21-2.el9_6.1 0.00021 false
CVE-2025-4516 Anchore CVE Medium python3-3.9.21-2.el9_6.1 0.00021 false
CVE-2025-32989 Twistlock CVE Medium gnutls-3.8.3-6.el9 0.00021 false
CVE-2025-32989 Anchore CVE Medium gnutls-dane-3.8.3-6.el9 0.00021 false
CVE-2025-32989 Anchore CVE Medium gnutls-3.8.3-6.el9 0.00021 false
CVE-2025-32989 Anchore CVE Medium gnutls-utils-3.8.3-6.el9 0.00021 false
CVE-2024-25260 Twistlock CVE Low elfutils-0.192-6.el9_6 0.00021 false
CVE-2024-25260 Anchore CVE Low elfutils-libs-0.192-6.el9_6 0.00021 false
CVE-2024-25260 Anchore CVE Low elfutils-libelf-0.192-6.el9_6 0.00021 false
CVE-2024-25260 Anchore CVE Low elfutils-default-yama-scope-0.192-6.el9_6 0.00021 false
CVE-2024-25260 Anchore CVE Low elfutils-debuginfod-client-0.192-6.el9_6 0.00021 false
CVE-2022-44840 Twistlock CVE Low binutils-2.35.2-63.el9 0.00021 false
CVE-2022-44840 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00021 false
CVE-2022-44840 Anchore CVE Low binutils-2.35.2-63.el9 0.00021 false
CVE-2023-24537 Anchore CVE High stdlib-go1.18.2 0.00020 false
CVE-2025-5245 Twistlock CVE Medium binutils-2.35.2-63.el9 0.00019 false
CVE-2025-5245 Anchore CVE Medium binutils-gold-2.35.2-63.el9 0.00019 false
CVE-2025-5245 Anchore CVE Medium binutils-2.35.2-63.el9 0.00019 false
CVE-2025-5245 Twistlock CVE Medium gdb-14.2-4.1.el9_6 0.00019 false
CVE-2025-5245 Anchore CVE Medium gdb-gdbserver-14.2-4.1.el9_6 0.00019 false
CVE-2025-30258 Anchore CVE Low gnupg2-2.3.3-4.el9 0.00018 false
CVE-2025-30258 Twistlock CVE Low gnupg2-2.3.3-4.el9 0.00018 false
CVE-2024-0232 Twistlock CVE Low sqlite-3.34.1-8.el9_6 0.00018 false
CVE-2024-0232 Anchore CVE Low sqlite-libs-3.34.1-8.el9_6 0.00018 false
CVE-2025-5918 Twistlock CVE Low libarchive-3.5.3-5.el9_6 0.00017 false
CVE-2025-5918 Anchore CVE Low libarchive-3.5.3-5.el9_6 0.00017 false
CVE-2025-5916 Twistlock CVE Low libarchive-3.5.3-5.el9_6 0.00017 false
CVE-2025-5916 Anchore CVE Low libarchive-3.5.3-5.el9_6 0.00017 false
CVE-2025-32414 Twistlock CVE Medium libxml2-2.9.13-10.el9_6 0.00017 false
CVE-2025-32414 Anchore CVE Medium libxml2-2.9.13-10.el9_6 0.00017 false
CVE-2022-38533 Twistlock CVE Low binutils-2.35.2-63.el9 0.00017 false
CVE-2022-38533 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00017 false
CVE-2022-38533 Anchore CVE Low binutils-2.35.2-63.el9 0.00017 false
CVE-2025-8058 Twistlock CVE Medium glibc-2.34-168.el9_6.20 0.00016 false
CVE-2025-8058 Anchore CVE Medium glibc-common-2.34-168.el9_6.20 0.00016 false
CVE-2025-8058 Anchore CVE Medium glibc-minimal-langpack-2.34-168.el9_6.20 0.00016 false
CVE-2025-8058 Anchore CVE Medium glibc-gconv-extra-2.34-168.el9_6.20 0.00016 false
CVE-2025-8058 Anchore CVE Medium glibc-headers-2.34-168.el9_6.20 0.00016 false
CVE-2025-8058 Anchore CVE Medium glibc-langpack-en-2.34-168.el9_6.20 0.00016 false
CVE-2025-8058 Anchore CVE Medium glibc-2.34-168.el9_6.20 0.00016 false
CVE-2025-8058 Anchore CVE Medium glibc-devel-2.34-168.el9_6.20 0.00016 false
CVE-2025-6170 Twistlock CVE Low libxml2-2.9.13-10.el9_6 0.00016 false
CVE-2025-6170 Anchore CVE Low libxml2-2.9.13-10.el9_6 0.00016 false
CVE-2025-3198 Twistlock CVE Low binutils-2.35.2-63.el9 0.00016 false
CVE-2025-3198 Anchore CVE Low binutils-2.35.2-63.el9 0.00016 false
CVE-2025-3198 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00016 false
CVE-2025-3198 Twistlock CVE Low gdb-14.2-4.1.el9_6 0.00016 false
CVE-2025-3198 Anchore CVE Low gdb-gdbserver-14.2-4.1.el9_6 0.00016 false
CVE-2022-41724 Anchore CVE High stdlib-go1.18.2 0.00016 false
CVE-2025-5917 Twistlock CVE Low libarchive-3.5.3-5.el9_6 0.00015 false
CVE-2025-5917 Anchore CVE Low libarchive-3.5.3-5.el9_6 0.00015 false
CVE-2025-5915 Twistlock CVE Low libarchive-3.5.3-5.el9_6 0.00015 false
CVE-2025-5915 Anchore CVE Low libarchive-3.5.3-5.el9_6 0.00015 false
CVE-2025-5278 Twistlock CVE Medium coreutils-8.32-39.el9 0.00015 false
CVE-2025-5278 Anchore CVE Medium coreutils-single-8.32-39.el9 0.00015 false
CVE-2025-0913 Anchore CVE Medium stdlib-go1.18.2 0.00015 false
CVE-2022-41715 Anchore CVE High stdlib-go1.18.2 0.00015 false
CVE-2022-2879 Anchore CVE High stdlib-go1.18.2 0.00015 false
CVE-2025-7546 Twistlock CVE Medium binutils-2.35.2-63.el9 0.00014 false
CVE-2025-7546 Anchore CVE Medium binutils-2.35.2-63.el9 0.00014 false
CVE-2025-7546 Anchore CVE Medium binutils-gold-2.35.2-63.el9 0.00014 false
CVE-2025-7545 Twistlock CVE Medium binutils-2.35.2-63.el9 0.00014 false
CVE-2025-7545 Anchore CVE Medium binutils-gold-2.35.2-63.el9 0.00014 false
CVE-2025-7545 Anchore CVE Medium binutils-2.35.2-63.el9 0.00014 false
CVE-2022-47011 Twistlock CVE Low binutils-2.35.2-63.el9 0.00014 false
CVE-2022-47011 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00014 false
CVE-2022-47011 Anchore CVE Low binutils-2.35.2-63.el9 0.00014 false
CVE-2022-47011 Twistlock CVE Low gdb-14.2-4.1.el9_6 0.00014 false
CVE-2022-47011 Anchore CVE Low gdb-gdbserver-14.2-4.1.el9_6 0.00014 false
CVE-2022-47010 Twistlock CVE Low binutils-2.35.2-63.el9 0.00014 false
CVE-2022-47010 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00014 false
CVE-2022-47010 Anchore CVE Low binutils-2.35.2-63.el9 0.00014 false
CVE-2022-47010 Twistlock CVE Low gdb-14.2-4.1.el9_6 0.00014 false
CVE-2022-47010 Anchore CVE Low gdb-gdbserver-14.2-4.1.el9_6 0.00014 false
CVE-2022-47008 Twistlock CVE Low binutils-2.35.2-63.el9 0.00014 false
CVE-2022-47008 Anchore CVE Low binutils-2.35.2-63.el9 0.00014 false
CVE-2022-47008 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00014 false
CVE-2022-47007 Twistlock CVE Low binutils-2.35.2-63.el9 0.00014 false
CVE-2022-47007 Anchore CVE Low binutils-gold-2.35.2-63.el9 0.00014 false
CVE-2022-47007 Anchore CVE Low binutils-2.35.2-63.el9 0.00014 false
CVE-2022-47007 Twistlock CVE Low gdb-14.2-4.1.el9_6 0.00014 false
CVE-2022-47007 Anchore CVE Low gdb-gdbserver-14.2-4.1.el9_6 0.00014 false
CVE-2025-50181 Twistlock CVE Medium urllib3-1.26.5 Most users dont disable redirects on the PoolManager. Set redirectsFalseredirects0 on the .request call instead of on the toplevel urllib3.PoolManager 0.00013 false
CVE-2025-50181 Twistlock CVE Medium python-pip-21.3.1-1.el9 0.00013 false
CVE-2025-50181 Anchore CVE Medium python3-pip-wheel-21.3.1-1.el9 0.00013 false
CVE-2023-30571 Twistlock CVE Medium libarchive-3.5.3-5.el9_6 0.00013 false
CVE-2023-30571 Anchore CVE Medium libarchive-3.5.3-5.el9_6 0.00013 false
CVE-2022-3219 Anchore CVE Low gnupg2-2.3.3-4.el9 0.00012 false
CVE-2022-3219 Twistlock CVE Low gnupg2-2.3.3-4.el9 0.00012 false
CVE-2025-50182 Twistlock CVE Medium python-pip-21.3.1-1.el9 0.00011 false
CVE-2025-50182 Anchore CVE Medium python3-pip-wheel-21.3.1-1.el9 0.00011 false
CVE-2025-4598 Twistlock CVE Medium systemd-252-51.el9_6.1 0.00011 false
CVE-2025-4598 Anchore CVE Medium systemd-pam-252-51.el9_6.1 0.00011 false
CVE-2025-4598 Anchore CVE Medium systemd-rpm-macros-252-51.el9_6.1 0.00011 false
CVE-2025-4598 Anchore CVE Medium systemd-libs-252-51.el9_6.1 0.00011 false
CVE-2025-4598 Anchore CVE Medium systemd-252-51.el9_6.1 0.00011 false
CVE-2023-28642 Twistlock CVE Medium github.com/opencontainers/runc-v1.1.0 0.00011 false
CVE-2022-28131 Anchore CVE High stdlib-go1.18.2 0.00011 false
CVE-2025-22866 Anchore CVE Medium stdlib-go1.18.2 0.00010 false
CVE-2023-29403 Anchore CVE High stdlib-go1.18.2 0.00010 false
CVE-2023-29403 Twistlock CVE High runtime-1.18.2 0.00010 false
CVE-2022-3606 Twistlock CVE Low libbpf-1.5.0-1.el9 0.00009 false
CVE-2022-3606 Anchore CVE Low libbpf-2:1.5.0-1.el9 0.00009 false
CVE-2024-45310 Twistlock CVE Medium github.com/opencontainers/runc-v1.1.0 0.00008 false
CVE-2024-24789 Anchore CVE Medium stdlib-go1.18.2 0.00006 false
CVE-2022-1962 Anchore CVE Medium stdlib-go1.18.2 0.00004 false
CVE-2025-7458 Twistlock CVE Medium sqlite-3.34.1-8.el9_6 N/A false
CVE-2025-7458 Anchore CVE Medium sqlite-libs-3.34.1-8.el9_6 N/A false
CVE-2025-4674 Anchore CVE Low stdlib-go1.18.2 N/A false
CVE-2023-2222 Anchore CVE Low binutils-2.35.2-63.el9 N/A false
CVE-2023-2222 Anchore CVE Low binutils-gold-2.35.2-63.el9 N/A false
CVE-2023-2222 Anchore CVE Low gdb-gdbserver-14.2-4.1.el9_6 N/A false
e07d84b039b0e6fcea42fbda1d378647 Anchore Compliance Critical N/A N/A
b18c88ddeab24abfb92ae2ccddb0b022 Anchore Compliance Low N/A N/A
addbb93c22e9b0988b8b40392a4538cb Anchore Compliance Low N/A N/A
GHSA-xr7r-f8xq-vfvv Anchore CVE High github.com/opencontainers/runc-v1.1.0 N/A N/A
GHSA-vpvm-3wq2-2wvm Anchore CVE High github.com/opencontainers/runc-v1.1.0 N/A N/A
GHSA-m8cg-xc2p-r3fc Anchore CVE Low github.com/opencontainers/runc-v1.1.0 N/A N/A
GHSA-jfvp-7x6p-h2pv Anchore CVE Medium github.com/opencontainers/runc-v1.1.0 N/A N/A
GHSA-g2j6-57v7-gm8c Anchore CVE Medium github.com/opencontainers/runc-v1.1.0 N/A N/A
GHSA-f3fp-gc8g-vw66 Anchore CVE Medium github.com/opencontainers/runc-v1.1.0 N/A N/A
CCE-90848-3 OSCAP Compliance Low N/A N/A
CCE-90847-5 OSCAP Compliance Low N/A N/A
CCE-90845-9 OSCAP Compliance Low N/A N/A
CCE-90125-6 OSCAP Compliance High N/A N/A
CCE-87567-4 OSCAP Compliance Medium N/A N/A
CCE-87332-3 OSCAP Compliance Medium N/A N/A
CCE-87087-3 OSCAP Compliance Medium N/A N/A
CCE-86502-2 OSCAP Compliance Medium N/A N/A
CCE-86474-4 OSCAP Compliance Medium N/A N/A
CCE-86208-6 OSCAP Compliance Medium N/A N/A
CCE-83891-2 OSCAP Compliance Medium N/A N/A
CCE-83881-3 OSCAP Compliance Medium N/A N/A
CCE-83857-3 OSCAP Compliance Medium N/A N/A
CCE-83644-5 OSCAP Compliance Medium N/A N/A
CCE-83621-3 OSCAP Compliance Medium N/A N/A
CCE-83615-5 OSCAP Compliance Medium N/A N/A
CCE-83487-9 OSCAP Compliance Medium N/A N/A
CCE-83468-9 OSCAP Compliance Low N/A N/A
CCE-83466-3 OSCAP Compliance Low N/A N/A

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=bitnami/openldap&tag=2.6.3-r77&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by CHORE_TOKEN
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI