chore(findings): falkonry-inc/http-forwarder

Summary

falkonry-inc/http-forwarder has 419 new findings discovered during continuous monitoring.

id	source	severity	package
addbb93c22e9b0988b8b40392a4538cb	Anchore Compliance	Low
GHSA-f8q6-p94x-37v3	Anchore CVE	High	minimatch-3.0.4
GHSA-w573-4hg7-7wgq	Anchore CVE	High	decode-uri-component-0.2.0
GHSA-hrpp-h998-j3pp	Anchore CVE	High	qs-6.5.2
CVE-2022-32212	Anchore CVE	High	node-14.20.0
CVE-2022-32213	Anchore CVE	Medium	node-14.20.0
CVE-2022-43548	Anchore CVE	High	node-14.20.0
CVE-2022-35256	Anchore CVE	Medium	node-14.20.0
GHSA-rc47-6667-2j5j	Anchore CVE	High	http-cache-semantics-3.8.1
CVE-2023-23918	Anchore CVE	High	node-14.20.0
CVE-2023-23919	Anchore CVE	High	node-14.20.0
CVE-2023-23920	Anchore CVE	Medium	node-14.20.0
GHSA-p8p7-x288-28g6	Anchore CVE	Medium	request-2.88.0
GHSA-72xf-g2v4-qvf3	Anchore CVE	Medium	tough-cookie-2.4.3
GHSA-c2qf-rxjj-qqgw	Anchore CVE	Medium	semver-5.7.1
GHSA-x3cc-x39p-42qx	Anchore CVE	Medium	fast-xml-parser-3.19.0
GHSA-wf5p-g6vw-rhxx	Anchore CVE	Medium	axios-0.27.2
CVE-2023-37920	Anchore CVE	Low	ca-certificates-2023.2.60_v7.0.306-80.0.el8_8
CVE-2022-47010	Anchore CVE	Low	gdb-gdbserver-8.2-20.el8
CVE-2022-47007	Anchore CVE	Low	gdb-gdbserver-8.2-20.el8
CVE-2022-47011	Anchore CVE	Low	gdb-gdbserver-8.2-20.el8
CVE-2023-2222	Anchore CVE	Low	gdb-gdbserver-8.2-20.el8
GHSA-jchw-25xp-jwwc	Anchore CVE	Medium	follow-redirects-1.15.1
GHSA-78xj-cgh5-2h22	Anchore CVE	Medium	ip-1.1.5
CVE-2024-25062	Anchore CVE	Medium	python3-libxml2-2.9.7-18.el8_9
CVE-2024-25062	Anchore CVE	Medium	libxml2-2.9.7-18.el8_9
GHSA-cxjh-pqwp-8mfp	Anchore CVE	Medium	follow-redirects-1.15.1
CVE-2024-2236	Anchore CVE	Medium	libgcrypt-1.8.5-7.el8_6
CVE-2024-28182	Anchore CVE	Medium	libnghttp2-1.33.0-5.el8_9
CVE-2024-3205	Anchore CVE	Medium	libyaml-0.1.7-5.el8
CVE-2024-2511	Anchore CVE	Low	openssl-libs-1:1.1.1k-12.el8_9
GHSA-f5x3-32g6-xq36	Anchore CVE	Medium	tar-4.4.19
CVE-2024-2511	Anchore CVE	Low	openssl-1:1.1.1k-12.el8_9
CVE-2023-2953	Anchore CVE	Low	openldap-2.4.46-18.el8
CVE-2023-0465	Anchore CVE	Low	openssl-libs-1:1.1.1k-12.el8_9
CVE-2020-19187	Anchore CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2020-19189	Anchore CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2023-39804	Anchore CVE	Low	tar-2:1.30-9.el8
CVE-2020-19189	Anchore CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2019-9923	Anchore CVE	Low	tar-2:1.30-9.el8
CVE-2020-19188	Anchore CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2023-0465	Anchore CVE	Low	openssl-1:1.1.1k-12.el8_9
CVE-2018-19211	Anchore CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2020-21674	Anchore CVE	Medium	libarchive-3.3.3-5.el8
CVE-2020-35512	Anchore CVE	Low	dbus-daemon-1:1.12.8-26.el8
CVE-2023-50495	Anchore CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2023-45322	Anchore CVE	Low	libxml2-2.9.7-18.el8_9
CVE-2023-50495	Anchore CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2019-12900	Anchore CVE	Low	bzip2-libs-1.0.6-26.el8
CVE-2020-19188	Anchore CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2018-1000879	Anchore CVE	Low	libarchive-3.3.3-5.el8
CVE-2018-19211	Anchore CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2024-0727	Anchore CVE	Low	openssl-1:1.1.1k-12.el8_9
CVE-2024-3651	Anchore CVE	Medium	python3-idna-2.5-5.el8
CVE-2020-19185	Anchore CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2021-20193	Anchore CVE	Medium	tar-2:1.30-9.el8
CVE-2019-12904	Anchore CVE	Medium	libgcrypt-1.8.5-7.el8_6
CVE-2018-19217	Anchore CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2019-19244	Anchore CVE	Low	sqlite-libs-3.26.0-19.el8_9
CVE-2023-0464	Anchore CVE	Low	openssl-libs-1:1.1.1k-12.el8_9
CVE-2021-39537	Anchore CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2023-2650	Anchore CVE	Medium	openssl-1:1.1.1k-12.el8_9
CVE-2023-0466	Anchore CVE	Low	openssl-1:1.1.1k-12.el8_9
CVE-2020-35512	Anchore CVE	Low	dbus-common-1:1.12.8-26.el8
CVE-2019-17543	Anchore CVE	Medium	lz4-libs-1.8.3-3.el8_4
CVE-2019-9937	Anchore CVE	Low	sqlite-libs-3.26.0-19.el8_9
CVE-2018-19217	Anchore CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2020-19186	Anchore CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2020-19190	Anchore CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2021-39537	Anchore CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2023-36191	Anchore CVE	Low	sqlite-libs-3.26.0-19.el8_9
CVE-2023-4156	Anchore CVE	Low	gawk-4.2.1-4.el8
CVE-2020-19185	Anchore CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2023-0466	Anchore CVE	Low	openssl-libs-1:1.1.1k-12.el8_9
CVE-2023-45322	Anchore CVE	Low	python3-libxml2-2.9.7-18.el8_9
CVE-2021-24032	Anchore CVE	Low	libzstd-1.4.4-1.el8
CVE-2020-19187	Anchore CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2005-2541	Anchore CVE	Medium	tar-2:1.30-9.el8
CVE-2024-0727	Anchore CVE	Low	openssl-libs-1:1.1.1k-12.el8_9
CVE-2019-16866	Anchore CVE	Low	unbound-libs-1.16.2-5.el8_9.6
CVE-2023-2650	Anchore CVE	Medium	openssl-libs-1:1.1.1k-12.el8_9
CVE-2018-1000880	Anchore CVE	Low	libarchive-3.3.3-5.el8
CVE-2020-35512	Anchore CVE	Low	dbus-1:1.12.8-26.el8
CVE-2021-4209	Anchore CVE	Low	gnutls-3.6.16-8.el8_9.3
CVE-2019-9936	Anchore CVE	Low	sqlite-libs-3.26.0-19.el8_9
CVE-2020-35512	Anchore CVE	Low	dbus-tools-1:1.12.8-26.el8
CVE-2018-1000654	Anchore CVE	Low	libtasn1-4.13-4.el8_7
CVE-2023-0464	Anchore CVE	Low	openssl-1:1.1.1k-12.el8_9
CVE-2019-16866	Anchore CVE	Low	python3-unbound-1.16.2-5.el8_9.6
CVE-2020-19190	Anchore CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2022-41409	Anchore CVE	Low	pcre2-10.32-3.el8_6
CVE-2020-19186	Anchore CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2020-35512	Anchore CVE	Low	dbus-libs-1:1.12.8-26.el8
CVE-2024-0232	Anchore CVE	Low	sqlite-libs-3.26.0-19.el8_9
CVE-2024-33655	Anchore CVE	Low	python3-unbound-1.16.2-5.el8_9.6
CVE-2024-33655	Anchore CVE	Low	unbound-libs-1.16.2-5.el8_9.6
CVE-2022-27943	Anchore CVE	Low	libgcc-8.5.0-22.el8_10
CVE-2023-7008	Anchore CVE	Medium	systemd-libs-239-82.el8
CVE-2022-0235	Anchore CVE	Medium	python3-syspurpose-1.28.42-1.el8
CVE-2023-29499	Anchore CVE	Low	glib2-2.56.4-162.el8
CVE-2021-43618	Anchore CVE	Medium	gmp-1:6.1.2-11.el8
CVE-2024-26458	Anchore CVE	Low	krb5-libs-1.18.2-27.el8_10
CVE-2019-14250	Anchore CVE	Low	libgcc-8.5.0-22.el8_10
CCE-86931-3	OSCAP Compliance	Medium
CCE-86916-4	OSCAP Compliance	Medium
CCE-85902-5	OSCAP Compliance	High
CCE-85897-7	OSCAP Compliance	Medium
CCE-85870-4	OSCAP Compliance	Medium
CCE-85899-3	OSCAP Compliance	Medium
CCE-86261-5	OSCAP Compliance	Medium
CCE-80675-2	OSCAP Compliance	Medium
CCE-85964-5	OSCAP Compliance	Medium
CCE-82891-3	OSCAP Compliance	Medium
CCE-84220-3	OSCAP Compliance	Low
CCE-83733-6	OSCAP Compliance	Low
CCE-80763-6	OSCAP Compliance	Medium
CCE-83918-3	OSCAP Compliance	Medium
CCE-82988-7	OSCAP Compliance	Low
CCE-82840-0	OSCAP Compliance	Low
CCE-84300-3	OSCAP Compliance	Medium
CCE-86266-4	OSCAP Compliance	Medium
CCE-80785-9	OSCAP Compliance	High
CCE-82155-3	OSCAP Compliance	High
CCE-80942-6	OSCAP Compliance	High
CCE-80789-1	OSCAP Compliance	High
CCE-86478-5	OSCAP Compliance	Medium
CCE-82028-2	OSCAP Compliance	Medium
CCE-80832-9	OSCAP Compliance	Medium
CCE-82059-7	OSCAP Compliance	Medium
CCE-81031-7	OSCAP Compliance	Low
CCE-82005-0	OSCAP Compliance	Low
CCE-80834-5	OSCAP Compliance	Medium
CCE-82297-3	OSCAP Compliance	Low
CCE-80835-2	OSCAP Compliance	Medium
CCE-86960-2	OSCAP Compliance	Medium
CCE-90784-0	OSCAP Compliance	Medium
CCE-80837-8	OSCAP Compliance	Medium
CCE-80838-6	OSCAP Compliance	Medium
CCE-80839-4	OSCAP Compliance	Medium
CCE-80844-4	OSCAP Compliance	Medium
CCE-81043-2	OSCAP Compliance	Medium
CCE-82191-8	OSCAP Compliance	Medium
CCE-82998-6	OSCAP Compliance	Medium
CCE-87036-0	OSCAP Compliance	Medium
CCE-86260-7	OSCAP Compliance	Medium
CCE-80846-9	OSCAP Compliance	Medium
CCE-83303-8	OSCAP Compliance	Medium
CCE-82976-2	OSCAP Compliance	Low
CCE-85983-5	OSCAP Compliance	Medium
CCE-82859-0	OSCAP Compliance	Medium
CCE-80847-7	OSCAP Compliance	Medium
CCE-80644-8	OSCAP Compliance	Medium
CCE-81044-0	OSCAP Compliance	Low
CCE-80851-9	OSCAP Compliance	Low
CCE-80852-7	OSCAP Compliance	Low
CCE-80853-5	OSCAP Compliance	Low
CCE-80854-3	OSCAP Compliance	Low
CCE-82730-3	OSCAP Compliance	Medium
CCE-80859-2	OSCAP Compliance	Medium
CCE-86339-9	OSCAP Compliance	Medium
CCE-86098-1	OSCAP Compliance	Medium
CCE-85992-6	OSCAP Compliance	Medium
CCE-83426-7	OSCAP Compliance	Medium
CCE-80863-4	OSCAP Compliance	Medium
CCE-80868-3	OSCAP Compliance	Medium
CCE-80869-1	OSCAP Compliance	High
CCE-86353-0	OSCAP Compliance	Medium
CCE-82249-4	OSCAP Compliance	Medium
CCE-80886-5	OSCAP Compliance	Medium
CCE-82426-8	OSCAP Compliance	Medium
CCE-82853-3	OSCAP Compliance	Medium
CCE-90781-6	OSCAP Compliance	Medium
CCE-82462-3	OSCAP Compliance	Low
CCE-84027-2	OSCAP Compliance	High
CCE-81027-5	OSCAP Compliance	Medium
CCE-81030-9	OSCAP Compliance	Medium
CCE-82215-5	OSCAP Compliance	Medium
CCE-80913-7	OSCAP Compliance	Low
CCE-80952-5	OSCAP Compliance	Medium
CCE-80915-2	OSCAP Compliance	Medium
CCE-81054-9	OSCAP Compliance	Low
CCE-80916-0	OSCAP Compliance	Medium
CCE-82974-7	OSCAP Compliance	Medium
CCE-80953-3	OSCAP Compliance	Medium
CCE-82934-1	OSCAP Compliance	Medium
CCE-80917-8	OSCAP Compliance	Medium
CCE-81011-9	OSCAP Compliance	Medium
CCE-86220-1	OSCAP Compliance	Medium
CCE-81021-8	OSCAP Compliance	Medium
CCE-80918-6	OSCAP Compliance	Medium
CCE-80919-4	OSCAP Compliance	Medium
CCE-80920-2	OSCAP Compliance	Medium
CCE-80921-0	OSCAP Compliance	Medium
CCE-80922-8	OSCAP Compliance	Medium
CCE-81006-9	OSCAP Compliance	Medium
CCE-81009-3	OSCAP Compliance	Medium
CCE-81013-5	OSCAP Compliance	Medium
CCE-82863-2	OSCAP Compliance	Medium
CCE-81007-7	OSCAP Compliance	Medium
CCE-81010-1	OSCAP Compliance	Medium
CCE-81015-0	OSCAP Compliance	Medium
CCE-82211-4	OSCAP Compliance	Medium
CCE-83774-0	OSCAP Compliance	Medium
CVE-2024-25062	Twistlock CVE	Medium	libxml2-2.9.7-18.el8_9
CVE-2024-25062	Twistlock CVE	Medium	python3-libxml2-2.9.7-18.el8_9
CVE-2022-0235	Twistlock CVE	Medium	subscription-manager-rhsm-certificates-20220623-1.el8
CVE-2023-37920	Twistlock CVE	Low	ca-certificates-2023.2.60_v7.0.306-80.0.el8_8
CVE-2020-21674	Twistlock CVE	Low	libarchive-3.3.3-5.el8
CVE-2019-19244	Twistlock CVE	Low	sqlite-libs-3.26.0-19.el8_9
CVE-2023-2953	Twistlock CVE	Low	openldap-2.4.46-18.el8
CVE-2020-35512	Twistlock CVE	Low	dbus-1.12.8-26.el8
CVE-2020-35512	Twistlock CVE	Low	dbus-common-1.12.8-26.el8
CVE-2020-35512	Twistlock CVE	Low	dbus-daemon-1.12.8-26.el8
CVE-2020-35512	Twistlock CVE	Low	dbus-tools-1.12.8-26.el8
CVE-2020-35512	Twistlock CVE	Low	dbus-libs-1.12.8-26.el8
CVE-2023-50495	Twistlock CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2023-50495	Twistlock CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2023-2650	Twistlock CVE	Low	openssl-libs-1.1.1k-12.el8_9
CVE-2023-2650	Twistlock CVE	Low	openssl-1.1.1k-12.el8_9
CVE-2020-19190	Twistlock CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2020-19190	Twistlock CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2020-19189	Twistlock CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2020-19189	Twistlock CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2020-19188	Twistlock CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2020-19188	Twistlock CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2020-19187	Twistlock CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2020-19187	Twistlock CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2020-19186	Twistlock CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2020-19186	Twistlock CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2020-19185	Twistlock CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2020-19185	Twistlock CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2023-4156	Twistlock CVE	Low	gawk-4.2.1-4.el8
CVE-2023-0464	Twistlock CVE	Low	openssl-1.1.1k-12.el8_9
CVE-2023-0464	Twistlock CVE	Low	openssl-libs-1.1.1k-12.el8_9
CVE-2024-0727	Twistlock CVE	Low	openssl-libs-1.1.1k-12.el8_9
CVE-2024-0727	Twistlock CVE	Low	openssl-1.1.1k-12.el8_9
CVE-2022-47011	Twistlock CVE	Low	gdb-gdbserver-8.2-20.el8
CVE-2022-47010	Twistlock CVE	Low	gdb-gdbserver-8.2-20.el8
CVE-2022-47007	Twistlock CVE	Low	gdb-gdbserver-8.2-20.el8
CVE-2021-39537	Twistlock CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2021-39537	Twistlock CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2023-0466	Twistlock CVE	Low	openssl-libs-1.1.1k-12.el8_9
CVE-2023-0466	Twistlock CVE	Low	openssl-1.1.1k-12.el8_9
CVE-2023-0465	Twistlock CVE	Low	openssl-libs-1.1.1k-12.el8_9
CVE-2023-0465	Twistlock CVE	Low	openssl-1.1.1k-12.el8_9
CVE-2022-41409	Twistlock CVE	Low	pcre2-10.32-3.el8_6
CVE-2024-0232	Twistlock CVE	Low	sqlite-libs-3.26.0-19.el8_9
CVE-2018-19211	Twistlock CVE	Low	ncurses-base-6.1-10.20180224.el8
CVE-2018-19211	Twistlock CVE	Low	ncurses-libs-6.1-10.20180224.el8
CVE-2023-39804	Twistlock CVE	Low	tar-1.30-9.el8
CVE-2021-20193	Twistlock CVE	Low	tar-1.30-9.el8
CVE-2019-9937	Twistlock CVE	Low	sqlite-libs-3.26.0-19.el8_9
CVE-2019-9936	Twistlock CVE	Low	sqlite-libs-3.26.0-19.el8_9
CVE-2019-9923	Twistlock CVE	Low	tar-1.30-9.el8
CVE-2018-1000880	Twistlock CVE	Low	libarchive-3.3.3-5.el8
CVE-2018-1000879	Twistlock CVE	Low	libarchive-3.3.3-5.el8
CVE-2024-2236	Twistlock CVE	Medium	libgcrypt-1.8.5-7.el8_6
CVE-2024-28182	Twistlock CVE	Medium	libnghttp2-1.33.0-5.el8_9
CVE-2024-3205	Twistlock CVE	Medium	libyaml-0.1.7-5.el8
CVE-2024-2511	Twistlock CVE	Low	openssl-1.1.1k-12.el8_9
CVE-2024-2511	Twistlock CVE	Low	openssl-libs-1.1.1k-12.el8_9
CVE-2021-4209	Twistlock CVE	Low	gnutls-3.6.16-8.el8_9.3
CVE-2019-16866	Twistlock CVE	Low	unbound-libs-1.16.2-5.el8_9.6
CVE-2019-16866	Twistlock CVE	Low	python3-unbound-1.16.2-5.el8_9.6
CVE-2023-42282	Twistlock CVE	Critical	ip-1.1.5
CVE-2023-26136	Twistlock CVE	Critical	tough-cookie-2.4.3
CVE-2022-32212	Twistlock CVE	High	node-14.20.0
CVE-2023-34104	Twistlock CVE	High	fast-xml-parser-3.19.0
CVE-2023-23919	Twistlock CVE	High	node-14.20.0
CVE-2023-23918	Twistlock CVE	High	node-14.20.0
CVE-2022-38900	Twistlock CVE	High	decode-uri-component-0.2.0
CVE-2022-3517	Twistlock CVE	High	minimatch-3.0.4
CVE-2022-25883	Twistlock CVE	High	semver-5.7.1
CVE-2022-25881	Twistlock CVE	High	http-cache-semantics-3.8.1
CVE-2022-24999	Twistlock CVE	High	qs-6.5.2
CVE-2021-3807	Twistlock CVE	High	ansi-regex-3.0.0
CVE-2021-3807	Twistlock CVE	High	ansi-regex-4.1.0
CVE-2024-28863	Twistlock CVE	Medium	tar-4.4.19
CVE-2024-28849	Twistlock CVE	Medium	follow-redirects-1.15.1
CVE-2023-26920	Twistlock CVE	Medium	fast-xml-parser-3.19.0
CVE-2022-38778	Twistlock CVE	Medium	decode-uri-component-0.2.0
CVE-2022-35256	Twistlock CVE	Medium	node-14.20.0
CVE-2022-32213	Twistlock CVE	Medium	node-14.20.0
CVE-2023-28155	Twistlock CVE	Medium	request-2.88.0
CVE-2023-26159	Twistlock CVE	Medium	follow-redirects-1.15.1
CVE-2022-33987	Twistlock CVE	Medium	got-6.7.1
CVE-2023-23920	Twistlock CVE	Medium	node-14.20.0
CVE-2024-33655	Twistlock CVE	Low	unbound-libs-1.16.2-5.el8_9.6
CVE-2024-33655	Twistlock CVE	Low	python3-unbound-1.16.2-5.el8_9.6
CVE-2024-34459	Twistlock CVE	Medium	python3-libxml2-2.9.7-18.el8_9
CVE-2024-34459	Twistlock CVE	Low	libxml2-2.9.7-18.el8_9
CVE-2024-35195	Twistlock CVE	Medium	requests-2.20.0
CVE-2024-2398	Twistlock CVE	Medium	libcurl-7.61.1-34.el8
CVE-2024-2398	Twistlock CVE	Medium	curl-7.61.1-34.el8
CVE-2020-17049	Twistlock CVE	Medium	krb5-libs-1.18.2-27.el8_10
CVE-2023-5455	Twistlock CVE	Medium	krb5-libs-1.18.2-27.el8_10
CVE-2022-23990	Twistlock CVE	Medium	expat-2.2.5-13.el8_10
CVE-2018-20839	Twistlock CVE	Medium	systemd-pam-239-82.el8
CVE-2018-20839	Twistlock CVE	Medium	systemd-libs-239-82.el8
CVE-2018-20839	Twistlock CVE	Medium	systemd-239-82.el8
CVE-2021-43618	Twistlock CVE	Medium	gmp-6.1.2-11.el8
CVE-2022-0235	Twistlock CVE	Medium	python3-syspurpose-1.28.42-1.el8
CVE-2022-0235	Twistlock CVE	Medium	python3-subscription-manager-rhsm-1.28.42-1.el8
CVE-2022-0235	Twistlock CVE	Medium	subscription-manager-1.28.42-1.el8
CVE-2022-0235	Twistlock CVE	Medium	python3-cloud-what-1.28.42-1.el8
CVE-2022-0235	Twistlock CVE	Medium	dnf-plugin-subscription-manager-1.28.42-1.el8
CVE-2023-7008	Twistlock CVE	Medium	systemd-239-82.el8
CVE-2023-7008	Twistlock CVE	Medium	systemd-pam-239-82.el8
CVE-2023-7008	Twistlock CVE	Medium	systemd-libs-239-82.el8
CVE-2023-43804	Twistlock CVE	Medium	python3-pip-wheel-9.0.3-24.el8
CVE-2023-43804	Twistlock CVE	Medium	platform-python-pip-9.0.3-24.el8
CVE-2024-22365	Twistlock CVE	Medium	pam-1.3.1-33.el8
CVE-2023-52426	Twistlock CVE	Medium	expat-2.2.5-13.el8_10
CVE-2024-34397	Twistlock CVE	Medium	glib2-2.56.4-162.el8
CVE-2024-29040	Twistlock CVE	Medium	tpm2-tss-2.3.2-6.el8
CVE-2023-32665	Twistlock CVE	Low	glib2-2.56.4-162.el8
CVE-2023-32611	Twistlock CVE	Low	glib2-2.56.4-162.el8
CVE-2023-32636	Twistlock CVE	Low	glib2-2.56.4-162.el8
CVE-2023-29499	Twistlock CVE	Low	glib2-2.56.4-162.el8
CVE-2024-26461	Twistlock CVE	Low	krb5-libs-1.18.2-27.el8_10
CVE-2024-26458	Twistlock CVE	Low	krb5-libs-1.18.2-27.el8_10
CVE-2020-12413	Twistlock CVE	Low	nss-3.90.0-7.el8_10
CVE-2020-12413	Twistlock CVE	Low	nss-softokn-3.90.0-7.el8_10
CVE-2020-12413	Twistlock CVE	Low	nss-sysinit-3.90.0-7.el8_10
CVE-2020-12413	Twistlock CVE	Low	nss-util-3.90.0-7.el8_10
CVE-2020-12413	Twistlock CVE	Low	nss-softokn-freebl-3.90.0-7.el8_10
CVE-2022-27943	Twistlock CVE	Low	libstdc++-8.5.0-22.el8_10
CVE-2022-27943	Twistlock CVE	Low	libgcc-8.5.0-22.el8_10
CVE-2021-3997	Twistlock CVE	Low	systemd-pam-239-82.el8
CVE-2021-3997	Twistlock CVE	Low	systemd-libs-239-82.el8
CVE-2021-3997	Twistlock CVE	Low	systemd-239-82.el8
CVE-2023-6004	Twistlock CVE	Low	libssh-0.9.6-14.el8
CVE-2023-6004	Twistlock CVE	Low	libssh-config-0.9.6-14.el8
CVE-2019-8906	Twistlock CVE	Low	file-libs-5.33-26.el8
CVE-2019-8905	Twistlock CVE	Low	file-libs-5.33-26.el8
CVE-2024-25260	Twistlock CVE	Low	elfutils-default-yama-scope-0.190-2.el8
CVE-2024-25260	Twistlock CVE	Low	elfutils-libelf-0.190-2.el8
CVE-2024-25260	Twistlock CVE	Low	elfutils-libs-0.190-2.el8
CVE-2021-33294	Twistlock CVE	Low	elfutils-default-yama-scope-0.190-2.el8
CVE-2021-33294	Twistlock CVE	Low	elfutils-libelf-0.190-2.el8
CVE-2021-33294	Twistlock CVE	Low	elfutils-libs-0.190-2.el8
CVE-2023-6918	Twistlock CVE	Low	libssh-config-0.9.6-14.el8
CVE-2023-6918	Twistlock CVE	Low	libssh-0.9.6-14.el8
CVE-2023-27534	Twistlock CVE	Low	curl-7.61.1-34.el8
CVE-2023-27534	Twistlock CVE	Low	libcurl-7.61.1-34.el8
CVE-2019-14250	Twistlock CVE	Low	libstdc++-8.5.0-22.el8_10
CVE-2019-14250	Twistlock CVE	Low	libgcc-8.5.0-22.el8_10
CVE-2018-20657	Twistlock CVE	Low	libgcc-8.5.0-22.el8_10
CVE-2018-20657	Twistlock CVE	Low	libstdc++-8.5.0-22.el8_10
CVE-2021-33294	Anchore CVE	Low	elfutils-default-yama-scope-0.190-2.el8
CVE-2018-20657	Anchore CVE	Low	libgcc-8.5.0-22.el8_10
CVE-2022-27943	Anchore CVE	Low	libstdc++-8.5.0-22.el8_10
CVE-2022-23990	Anchore CVE	Medium	expat-2.2.5-13.el8_10
CVE-2024-22365	Anchore CVE	Medium	pam-1.3.1-33.el8
CVE-2018-20839	Anchore CVE	Medium	systemd-239-82.el8
CVE-2020-12413	Anchore CVE	Low	nss-util-3.90.0-7.el8_10
CVE-2023-32611	Anchore CVE	Low	glib2-2.56.4-162.el8
CVE-2023-32636	Anchore CVE	Low	glib2-2.56.4-162.el8
CVE-2020-12413	Anchore CVE	Low	nss-softokn-3.90.0-7.el8_10
CVE-2020-12413	Anchore CVE	Low	nss-sysinit-3.90.0-7.el8_10
CVE-2024-2398	Anchore CVE	Medium	libcurl-7.61.1-34.el8
CVE-2022-0235	Anchore CVE	Medium	python3-cloud-what-1.28.42-1.el8
CVE-2020-12413	Anchore CVE	Low	nss-softokn-freebl-3.90.0-7.el8_10
CVE-2018-20839	Anchore CVE	Medium	systemd-pam-239-82.el8
CVE-2024-25260	Anchore CVE	Low	elfutils-libs-0.190-2.el8
CVE-2021-33294	Anchore CVE	Low	elfutils-libs-0.190-2.el8
CVE-2023-43804	Anchore CVE	Medium	platform-python-pip-9.0.3-24.el8
CVE-2022-0235	Anchore CVE	Medium	dnf-plugin-subscription-manager-1.28.42-1.el8
CVE-2022-0235	Anchore CVE	Medium	subscription-manager-1.28.42-1.el8
CVE-2021-33294	Anchore CVE	Low	elfutils-libelf-0.190-2.el8
CVE-2024-25260	Anchore CVE	Low	elfutils-libelf-0.190-2.el8
CVE-2021-42694	Anchore CVE	Medium	libgcc-8.5.0-22.el8_10
CVE-2018-20225	Anchore CVE	Low	platform-python-pip-9.0.3-24.el8
CVE-2023-6004	Anchore CVE	Low	libssh-0.9.6-14.el8
CVE-2021-3997	Anchore CVE	Medium	systemd-libs-239-82.el8
CVE-2018-20225	Anchore CVE	Low	python3-pip-wheel-9.0.3-24.el8
CVE-2019-14250	Anchore CVE	Low	libstdc++-8.5.0-22.el8_10
CVE-2024-25260	Anchore CVE	Low	elfutils-debuginfod-client-0.190-2.el8
CVE-2023-27534	Anchore CVE	Low	curl-7.61.1-34.el8
CVE-2021-3997	Anchore CVE	Medium	systemd-239-82.el8
CVE-2023-7008	Anchore CVE	Medium	systemd-pam-239-82.el8
CVE-2023-6918	Anchore CVE	Low	libssh-0.9.6-14.el8
CVE-2021-42694	Anchore CVE	Medium	libstdc++-8.5.0-22.el8_10
CVE-2024-25260	Anchore CVE	Low	elfutils-default-yama-scope-0.190-2.el8
CVE-2018-20839	Anchore CVE	Medium	systemd-libs-239-82.el8
CVE-2020-12413	Anchore CVE	Low	nss-3.90.0-7.el8_10
CVE-2023-32665	Anchore CVE	Low	glib2-2.56.4-162.el8
CVE-2023-27534	Anchore CVE	Low	libcurl-7.61.1-34.el8
CVE-2018-20657	Anchore CVE	Low	libstdc++-8.5.0-22.el8_10
CVE-2023-6004	Anchore CVE	Low	libssh-config-0.9.6-14.el8
CVE-2020-17049	Anchore CVE	Medium	krb5-libs-1.18.2-27.el8_10
CVE-2022-0235	Anchore CVE	Medium	python3-subscription-manager-rhsm-1.28.42-1.el8
CVE-2024-2398	Anchore CVE	Medium	curl-7.61.1-34.el8
CVE-2021-3997	Anchore CVE	Medium	systemd-pam-239-82.el8
CVE-2024-26461	Anchore CVE	Low	krb5-libs-1.18.2-27.el8_10
CVE-2023-43804	Anchore CVE	Medium	python3-pip-wheel-9.0.3-24.el8
CVE-2023-6918	Anchore CVE	Low	libssh-config-0.9.6-14.el8
CVE-2019-8905	Anchore CVE	Low	file-libs-5.33-26.el8
CVE-2023-7008	Anchore CVE	Medium	systemd-239-82.el8
CVE-2023-5455	Anchore CVE	Medium	krb5-libs-1.18.2-27.el8_10
CVE-2021-33294	Anchore CVE	Low	elfutils-debuginfod-client-0.190-2.el8
CVE-2019-8906	Anchore CVE	Low	file-libs-5.33-26.el8
CVE-2023-6597	Anchore CVE	High	platform-python-3.6.8-62.el8_10
CVE-2019-1010022	Anchore CVE	Critical	glibc-langpack-en-2.28-251.el8_10.2
CVE-2019-1010022	Anchore CVE	Critical	glibc-gconv-extra-2.28-251.el8_10.2
CVE-2023-6597	Anchore CVE	High	python3-libs-3.6.8-62.el8_10
CVE-2019-1010022	Anchore CVE	Critical	glibc-common-2.28-251.el8_10.2
CVE-2019-9674	Anchore CVE	Low	python3-libs-3.6.8-62.el8_10
CVE-2024-0450	Anchore CVE	Medium	platform-python-3.6.8-62.el8_10
CVE-2019-1010022	Anchore CVE	Critical	glibc-minimal-langpack-2.28-251.el8_10.2
CVE-2019-1010022	Anchore CVE	Critical	glibc-2.28-251.el8_10.2
CVE-2019-9674	Anchore CVE	Low	platform-python-3.6.8-62.el8_10
CVE-2024-0450	Anchore CVE	Medium	python3-libs-3.6.8-62.el8_10
CVE-2023-6597	Twistlock CVE	Critical	platform-python-3.6.8-62.el8_10
CVE-2023-6597	Twistlock CVE	Critical	python3-libs-3.6.8-62.el8_10
CVE-2024-0450	Twistlock CVE	Medium	platform-python-3.6.8-62.el8_10
CVE-2024-0450	Twistlock CVE	Medium	python3-libs-3.6.8-62.el8_10
CVE-2019-9674	Twistlock CVE	Low	platform-python-3.6.8-62.el8_10
CVE-2019-9674	Twistlock CVE	Low	python3-libs-3.6.8-62.el8_10

VAT: https://vat.dso.mil/vat/image?imageName=falkonry-inc/http-forwarder&tag=2022.23.11&branch=master
More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/Falkonry-Inc/http-forwarder/-/jobs/23449694

Tasks

Contributor:

• Provide justifications for findings in the VAT (docs)
• Apply the ~"Hardening::Verification" label to this issue and wait for feedback

Iron Bank:

• Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

changed due date to July 17, 2023

added ContainerNew Findings label

set weight to 3

The labels for this issue have been adjusted because one or more labels were identified as being incorrectly set.

added OwnerVendor PRIORITY3 labels

assigned to @bjose

Updated findings table.

changed the description

set weight to 4

Ticket re-labeled as the old type tracking label is deprecated.

added KindContainer label

Ticket re-labeled as the old type tracking label is deprecated.

removed ContainerNew Findings label

Updated findings table.

changed the description

Updated findings table.

changed the description

Updated findings table.

changed the description

Updated findings table.

changed the description

Updated findings table.

changed the description

Updated findings table.

changed the description

Updated findings table.

Updated findings table.

changed the description

Updated findings table.

Updated findings table.

changed the description

Updated findings table.

changed the description

Updated findings table.

changed the description

Updated findings table.

changed the description

Updated findings table.

changed the description

Updated findings table.

changed the description

Updated findings table.

Updated findings table.

Updated findings table.

Updated findings table.

changed the description

Updated findings table.

Updated findings table.

Updated findings table.

changed the description