UNCLASSIFIED - NO CUI

Skip to content

chore(findings): synopsys/blackduck/blackduck-storage

Summary

synopsys/blackduck/blackduck-storage has 259 new findings discovered during continuous monitoring.

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=synopsys/blackduck/blackduck-storage&tag=2024.7.0_ubi9.3&branch=master

id source severity package impact workaround
e07d84b039b0e6fcea42fbda1d378647 Anchore Compliance Critical
addbb93c22e9b0988b8b40392a4538cb Anchore Compliance Low
b18c88ddeab24abfb92ae2ccddb0b022 Anchore Compliance Critical
CVE-2022-29458 Anchore CVE Low ncurses-libs-6.2-10.20210508.el9
CVE-2023-4504 Anchore CVE Medium cups-libs-1:2.3.3op2-27.el9_4
CVE-2021-45941 Anchore CVE Medium libbpf-2:1.3.0-2.el9
GHSA-7w75-32cg-r6g2 Anchore CVE Medium tomcat-embed-core-9.0.83
CVE-2022-3219 Anchore CVE Low gnupg2-2.3.3-4.el9
GHSA-4jq9-2xhw-jpx7 Anchore CVE High json-20230227
CVE-2022-3606 Anchore CVE Low libbpf-2:1.3.0-2.el9
GHSA-c2cp-3xj9-97w9 Anchore CVE Medium spring-security-oauth2-2.5.0.RELEASE
CVE-2023-45322 Anchore CVE Low libxml2-2.9.13-6.el9_4
CVE-2022-27943 Anchore CVE Low libstdc++-11.4.1-3.el9
CVE-2023-4156 Anchore CVE Low gawk-5.1.0-6.el9
GHSA-4265-ccf5-phj5 Anchore CVE Medium commons-compress-1.21
CVE-2023-35116 Anchore CVE Medium jackson-databind-2.13.4.2
CVE-2022-47010 Anchore CVE Low gdb-gdbserver-10.2-13.el9
CVE-2022-4899 Anchore CVE Low libzstd-1.5.1-2.el9
CVE-2022-29458 Anchore CVE Low ncurses-base-6.2-10.20210508.el9
GHSA-c2cp-3xj9-97w9 Anchore CVE Medium spring-security-oauth2-2.5.0.RELEASE
GHSA-4265-ccf5-phj5 Anchore CVE Medium commons-compress-1.21
CVE-2023-35116 Anchore CVE Medium jackson-databind-2.13.4.2
CVE-2021-3572 Anchore CVE Low python3-pip-wheel-21.2.3-8.el9
GHSA-c2cp-3xj9-97w9 Anchore CVE Medium spring-security-oauth2-2.5.0.RELEASE
CVE-2023-35116 Anchore CVE Medium jackson-databind-2.13.4.2
CVE-2021-25317 Anchore CVE Low cups-libs-1:2.3.3op2-27.el9_4
GHSA-xw73-rw38-6vjc Anchore CVE Medium github.com/docker/docker-v24.0.7+incompatible
GHSA-4g9r-vxhx-9pgx Anchore CVE High commons-compress-1.21
GHSA-4265-ccf5-phj5 Anchore CVE Medium commons-compress-1.21
GHSA-4g9r-vxhx-9pgx Anchore CVE High commons-compress-1.21
GHSA-wjxj-5m7g-mg7q Anchore CVE Medium bcprov-jdk15on-1.67
CVE-2022-47007 Anchore CVE Low gdb-gdbserver-10.2-13.el9
CVE-2023-34042 Anchore CVE Medium spring-security-core-5.8.5
CVE-2021-45940 Anchore CVE Low libbpf-2:1.3.0-2.el9
CVE-2023-36191 Anchore CVE Low sqlite-libs-3.34.1-7.el9_3
GHSA-mm8h-8587-p46h Anchore CVE Medium amqp-client-5.14.3
GHSA-4g9r-vxhx-9pgx Anchore CVE High commons-compress-1.21
CVE-2022-47011 Anchore CVE Low gdb-gdbserver-10.2-13.el9
CVE-2023-35116 Anchore CVE Medium jackson-databind-2.13.4.2
CVE-2024-25260 Anchore CVE Low elfutils-libs-0.190-2.el9
GHSA-4265-ccf5-phj5 Anchore CVE Medium commons-compress-1.21
CVE-2023-2222 Anchore CVE Low gdb-gdbserver-10.2-13.el9
GHSA-4g9r-vxhx-9pgx Anchore CVE High commons-compress-1.21
GHSA-xfrj-6vvc-3xm2 Anchore CVE Medium xmlsec-2.2.3
CVE-2022-3857 Anchore CVE Low java-11-openjdk-headless-1:11.0.24.0.8-2.el9
CVE-2023-50495 Anchore CVE Low ncurses-libs-6.2-10.20210508.el9
GHSA-4g9r-vxhx-9pgx Anchore CVE High commons-compress-1.21
CVE-2023-48161 Anchore CVE Medium java-11-openjdk-headless-1:11.0.24.0.8-2.el9
GHSA-hr8g-6v94-x4m9 Anchore CVE Medium bcprov-jdk15on-1.67
CVE-2024-25260 Anchore CVE Low elfutils-libelf-0.190-2.el9
GHSA-4265-ccf5-phj5 Anchore CVE Medium commons-compress-1.21
GHSA-c2cp-3xj9-97w9 Anchore CVE Medium spring-security-oauth2-2.5.0.RELEASE
GHSA-4265-ccf5-phj5 Anchore CVE Medium commons-compress-1.21
CVE-2024-25260 Anchore CVE Low elfutils-default-yama-scope-0.190-2.el9
CVE-2017-6519 Anchore CVE Low avahi-libs-0.8-20.el9
CVE-2022-27943 Anchore CVE Low libgomp-11.4.1-3.el9
CVE-2023-35116 Anchore CVE Medium jackson-databind-2.13.4.2
GHSA-4265-ccf5-phj5 Anchore CVE Medium commons-compress-1.21
CVE-2023-35116 Anchore CVE Medium jackson-databind-2.13.4.2
GHSA-c2cp-3xj9-97w9 Anchore CVE Medium spring-security-oauth2-2.5.0.RELEASE
GHSA-4g9r-vxhx-9pgx Anchore CVE High commons-compress-1.21
CVE-2022-33070 Anchore CVE Low protobuf-c-1.3.3-13.el9
CVE-2022-27943 Anchore CVE Low libgcc-11.4.1-3.el9
CVE-2023-50495 Anchore CVE Low ncurses-base-6.2-10.20210508.el9
GHSA-4v7x-pqxf-cx7m Anchore CVE Medium golang.org/x/net-v0.21.0
GHSA-w73w-5m7g-f7qc Anchore CVE High github.com/dgrijalva/jwt-go-v3.2.0+incompatible
GHSA-f3jh-qvm4-mg39 Anchore CVE High spring-security-core-5.8.5
CVE-2024-33655 Anchore CVE Low unbound-libs-1.16.2-3.el9_3.5
GHSA-4g9r-vxhx-9pgx Anchore CVE High commons-compress-1.21
CVE-2022-41409 Anchore CVE Low pcre2-10.40-5.el9
CVE-2024-0232 Anchore CVE Low sqlite-libs-3.34.1-7.el9_3
GHSA-v682-8vv8-vpwr Anchore CVE Medium tomcat-embed-websocket-9.0.83
CVE-2022-41409 Anchore CVE Low pcre2-syntax-10.40-5.el9
GHSA-c2cp-3xj9-97w9 Anchore CVE Medium spring-security-oauth2-2.5.0.RELEASE
CVE-2024-35325 Anchore CVE Medium libyaml-0.2.5-7.el9
GHSA-m44j-cfrm-g8qc Anchore CVE Medium bcprov-jdk15on-1.67
GHSA-v6v8-xj6m-xwqh Anchore CVE Medium github.com/hashicorp/go-retryablehttp-v0.6.6
GHSA-wm9w-rjj3-j356 Anchore CVE High tomcat-embed-core-9.0.83
CVE-2024-43168 Anchore CVE Low unbound-libs-1.16.2-3.el9_3.5
CVE-2024-29040 Anchore CVE Medium tpm2-tss-3.2.2-2.el9
CVE-2024-43167 Anchore CVE Low unbound-libs-1.16.2-3.el9_3.5
CVE-2023-45918 Anchore CVE Low ncurses-base-6.2-10.20210508.el9
CVE-2023-45918 Anchore CVE Low ncurses-libs-6.2-10.20210508.el9
CVE-2024-24790 Anchore CVE Critical stdlib-go1.21.10
CVE-2024-24789 Anchore CVE Medium stdlib-go1.21.10
GHSA-m5vv-6r4h-3vj9 Anchore CVE Medium github.com/Azure/azure-sdk-for-go/sdk/azidentity-v1.4.0
GHSA-v23v-6jw2-98fq Anchore CVE Critical github.com/docker/docker-v24.0.7+incompatible
CVE-2024-34459 Anchore CVE Low libxml2-2.9.13-6.el9_4
CVE-2024-24791 Anchore CVE High stdlib-go1.21.10
GHSA-8xfc-gm6g-vgpv Anchore CVE Medium bcprov-jdk15on-1.67
GHSA-v435-xc8x-wvr9 Anchore CVE Medium bcprov-jdk15on-1.67
GHSA-683x-4444-jxh8 Anchore CVE High cyclonedx-core-java-8.0.3
GHSA-9cmq-m9j5-mvww Anchore CVE Medium spring-expression-5.3.34
CVE-2023-37920 Anchore CVE Low ca-certificates-2024.2.69_v8.0.303-91.4.el9_4
CVE-2024-26458 Anchore CVE Low krb5-libs-1.21.1-2.el9_4
CVE-2023-36632 Anchore CVE Medium python3-3.9.18-3.el9_4.5
CVE-2021-3997 Anchore CVE Medium systemd-rpm-macros-252-32.el9_4.7
CVE-2024-8088 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.5
CVE-2024-26461 Anchore CVE Low krb5-libs-1.21.1-2.el9_4
CVE-2021-3997 Anchore CVE Medium systemd-pam-252-32.el9_4.7
CVE-2021-23336 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.5
CVE-2023-36632 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.5
CVE-2021-3997 Anchore CVE Medium systemd-libs-252-32.el9_4.7
CVE-2024-8088 Anchore CVE Medium python3-3.9.18-3.el9_4.5
CVE-2024-26462 Anchore CVE Medium krb5-libs-1.21.1-2.el9_4
CVE-2021-3997 Anchore CVE Medium systemd-252-32.el9_4.7
CVE-2021-23336 Anchore CVE Medium python3-3.9.18-3.el9_4.5
CVE-2024-7264 Anchore CVE Low curl-minimal-7.76.1-29.el9_4.1
CVE-2024-7264 Anchore CVE Low libcurl-minimal-7.76.1-29.el9_4.1
CVE-2024-6232 Anchore CVE Medium python3-3.9.18-3.el9_4.5
CVE-2024-6232 Anchore CVE Medium python3-libs-3.9.18-3.el9_4.5
CVE-2024-34158 Anchore CVE High stdlib-go1.21.10
CVE-2024-34156 Anchore CVE High stdlib-go1.21.10
CVE-2024-34155 Anchore CVE Low stdlib-go1.21.10
CVE-2024-7592 Anchore CVE Low python3-3.9.18-3.el9_4.5
CVE-2024-7592 Anchore CVE Low python3-libs-3.9.18-3.el9_4.5
CVE-2023-7256 Anchore CVE Medium libpcap-14:1.10.0-4.el9
CVE-2005-2541 Anchore CVE Medium tar-2:1.34-6.el9_4.1
CVE-2023-39804 Anchore CVE Low tar-2:1.34-6.el9_4.1
GHSA-cx7f-g6mp-7hqm Anchore CVE High spring-webmvc-5.3.34
CCE-83438-2 OSCAP Compliance Medium
CCE-83448-1 OSCAP Compliance Medium
CCE-83615-5 OSCAP Compliance Medium
CCE-83621-3 OSCAP Compliance Medium
CCE-83623-9 OSCAP Compliance Medium
CCE-87087-3 OSCAP Compliance Medium
CCE-83644-5 OSCAP Compliance Medium
CVE-2024-22257 Twistlock CVE High spring-security-core-5.8.5
CVE-2024-38374 Twistlock CVE High org.cyclonedx_cyclonedx-core-java-8.0.3
CVE-2024-34750 Twistlock CVE High tomcat-embed-core-9.0.83
CVE-2023-5072 Twistlock CVE High org.json_json-20230227
CVE-2020-26160 Twistlock CVE High github.com/dgrijalva/jwt-go-v3.2.0
CVE-2023-48161 Twistlock CVE Medium java-11-openjdk-headless-11.0.24.0.8-2.el9
CVE-2023-4504 Twistlock CVE Medium cups-libs-2.3.3op2-27.el9_4
CVE-2023-44483 Twistlock CVE Medium org.apache.santuario_xmlsec-2.2.3
CVE-2022-22969 Twistlock CVE Medium org.springframework.security.oauth_spring-security-oauth2-2.5.0.RELEASE
CVE-2024-35195 Twistlock CVE Medium python3-requests-2.25.1-8.el9
CVE-2024-6104 Twistlock CVE Medium github.com/hashicorp/go-retryablehttp-v0.6.6
CVE-2024-35255 Twistlock CVE Medium github.com/Azure/azure-sdk-for-go/sdk/azidentity-v1.4.0
CVE-2024-26308 Twistlock CVE Medium org.apache.commons_commons-compress-1.21
CVE-2024-25710 Twistlock CVE Medium org.apache.commons_commons-compress-1.21
CVE-2023-34042 Twistlock CVE Medium spring-security-core-5.8.5
CVE-2023-46120 Twistlock CVE Medium com.rabbitmq_amqp-client-5.14.3
CVE-2021-45941 Twistlock CVE Medium libbpf-1.3.0-2.el9
CVE-2021-45940 Twistlock CVE Medium libbpf-1.3.0-2.el9
CVE-2024-29040 Twistlock CVE Medium tpm2-tss-3.2.2-2.el9
CVE-2024-24549 Twistlock CVE Medium tomcat-embed-core-9.0.83
CVE-2024-23672 Twistlock CVE Medium tomcat-embed-websocket-9.0.83
CVE-2023-2953 Twistlock CVE Low openldap-2.6.6-3.el9
CVE-2024-34459 Twistlock CVE Low libxml2-2.9.13-6.el9_4
CVE-2022-47011 Twistlock CVE Low gdb-gdbserver-10.2-13.el9
CVE-2022-47010 Twistlock CVE Low gdb-gdbserver-10.2-13.el9
CVE-2022-47007 Twistlock CVE Low gdb-gdbserver-10.2-13.el9
CVE-2022-27943 Twistlock CVE Low libgcc-11.4.1-3.el9
CVE-2022-27943 Twistlock CVE Low libgomp-11.4.1-3.el9
CVE-2022-27943 Twistlock CVE Low libstdc++-11.4.1-3.el9
CVE-2022-41409 Twistlock CVE Low pcre2-syntax-10.40-5.el9
CVE-2022-41409 Twistlock CVE Low pcre2-10.40-5.el9
CVE-2021-3572 Twistlock CVE Low python3-pip-wheel-21.2.3-8.el9
CVE-2022-3606 Twistlock CVE Low libbpf-1.3.0-2.el9
CVE-2024-25260 Twistlock CVE Low elfutils-libelf-0.190-2.el9
CVE-2024-25260 Twistlock CVE Low elfutils-libs-0.190-2.el9
CVE-2024-25260 Twistlock CVE Low elfutils-default-yama-scope-0.190-2.el9
CVE-2024-33655 Twistlock CVE Low unbound-libs-1.16.2-3.el9_3.5
CVE-2023-45918 Twistlock CVE Low ncurses-base-6.2-10.20210508.el9
CVE-2023-45918 Twistlock CVE Low ncurses-libs-6.2-10.20210508.el9
CVE-2021-25317 Twistlock CVE Low cups-libs-2.3.3op2-27.el9_4
CVE-2024-43168 Twistlock CVE Low unbound-libs-1.16.2-3.el9_3.5
CVE-2024-43167 Twistlock CVE Low unbound-libs-1.16.2-3.el9_3.5
CVE-2024-7264 Twistlock CVE Low curl-minimal-7.76.1-29.el9_4.1
CVE-2024-7264 Twistlock CVE Low libcurl-minimal-7.76.1-29.el9_4.1
CVE-2024-38808 Twistlock CVE Medium spring-expression-5.3.34
CVE-2024-30171 Twistlock CVE Medium org.bouncycastle_bcprov-jdk15on-1.67.0
CVE-2023-33202 Twistlock CVE Medium org.bouncycastle_bcprov-jdk15on-1.67.0
CVE-2024-30172 Twistlock CVE Medium org.bouncycastle_bcprov-jdk15on-1.67.0
CVE-2024-29857 Twistlock CVE Medium org.bouncycastle_bcprov-jdk15on-1.67.0
CVE-2023-33201 Twistlock CVE Medium org.bouncycastle_bcprov-jdk15on-1.67.0
CVE-2017-9226 Twistlock CVE Medium oniguruma-6.9.6-1.el9.5
CVE-2023-37920 Twistlock CVE Low ca-certificates-2024.2.69_v8.0.303-91.4.el9_4
CVE-2020-1712 Twistlock CVE High systemd-252-32.el9_4.7
CVE-2024-26462 Twistlock CVE Medium krb5-libs-1.21.1-2.el9_4
CVE-2021-23336 Twistlock CVE Medium python3-libs-3.9.18-3.el9_4.5
CVE-2021-23336 Twistlock CVE Medium python3-3.9.18-3.el9_4.5
CVE-2021-3997 Twistlock CVE Medium systemd-rpm-macros-252-32.el9_4.7
CVE-2024-8088 Twistlock CVE Medium python3-libs-3.9.18-3.el9_4.5
CVE-2024-8088 Twistlock CVE Medium python3-3.9.18-3.el9_4.5
CVE-2024-26461 Twistlock CVE Low krb5-libs-1.21.1-2.el9_4
CVE-2024-26458 Twistlock CVE Low krb5-libs-1.21.1-2.el9_4
CVE-2024-0397 Twistlock CVE Low python3-3.9.18-3.el9_4.5
CVE-2024-0397 Twistlock CVE Low python3-libs-3.9.18-3.el9_4.5
CVE-2019-20386 Twistlock CVE Low systemd-252-32.el9_4.7
CVE-2024-6232 Twistlock CVE Medium python3-libs-3.9.18-3.el9_4.5
CVE-2024-6232 Twistlock CVE Medium python3-3.9.18-3.el9_4.5
CVE-2024-38816 Twistlock CVE High spring-webmvc-5.3.34
CVE-2023-7256 Twistlock CVE Medium libpcap-1.10.0-4.el9
CVE-2024-7592 Twistlock CVE Low python3-libs-3.9.18-3.el9_4.5
CVE-2024-7592 Twistlock CVE Low python3-3.9.18-3.el9_4.5
CVE-2023-39804 Twistlock CVE Low tar-1.34-6.el9_4.1
CVE-2024-6602 Anchore CVE Medium nss-sysinit-3.101.0-7.el9_2
CVE-2024-6602 Anchore CVE Medium nss-util-3.101.0-7.el9_2
CVE-2024-7531 Anchore CVE Low nspr-4.35.0-14.el9_2
GHSA-735f-pc8j-v9w8 Anchore CVE High protobuf-java-3.20.3
CVE-2024-6602 Anchore CVE Medium nss-3.101.0-7.el9_2
CVE-2024-4603 Anchore CVE Low openssl-1:3.0.7-28.el9_4
CVE-2024-7531 Anchore CVE Low nss-3.101.0-7.el9_2
CVE-2020-12413 Anchore CVE Low nss-util-3.101.0-7.el9_2
CVE-2024-7531 Anchore CVE Low nss-softokn-3.101.0-7.el9_2
GHSA-735f-pc8j-v9w8 Anchore CVE High protobuf-java-3.20.3
CVE-2024-5535 Anchore CVE Low openssl-libs-1:3.0.7-28.el9_4
CVE-2020-12413 Anchore CVE Low nss-softokn-3.101.0-7.el9_2
CVE-2024-2511 Anchore CVE Low openssl-1:3.0.7-28.el9_4
CVE-2024-5535 Anchore CVE Low openssl-1:3.0.7-28.el9_4
CVE-2020-12413 Anchore CVE Low nss-3.101.0-7.el9_2
CVE-2024-2511 Anchore CVE Low openssl-libs-1:3.0.7-28.el9_4
CVE-2024-4741 Anchore CVE Low openssl-libs-1:3.0.7-28.el9_4
CVE-2024-6602 Anchore CVE Medium nss-softokn-freebl-3.101.0-7.el9_2
CVE-2024-7531 Anchore CVE Low nss-util-3.101.0-7.el9_2
GHSA-735f-pc8j-v9w8 Anchore CVE High protobuf-java-3.20.3
GHSA-735f-pc8j-v9w8 Anchore CVE High protobuf-java-3.20.3
CVE-2024-4603 Anchore CVE Low openssl-libs-1:3.0.7-28.el9_4
CVE-2020-12413 Anchore CVE Low nspr-4.35.0-14.el9_2
GHSA-735f-pc8j-v9w8 Anchore CVE High protobuf-java-3.20.3
CVE-2020-12413 Anchore CVE Low nss-sysinit-3.101.0-7.el9_2
GHSA-735f-pc8j-v9w8 Anchore CVE High protobuf-java-3.20.3
CVE-2020-12413 Anchore CVE Low nss-softokn-freebl-3.101.0-7.el9_2
CVE-2024-4741 Anchore CVE Low openssl-1:3.0.7-28.el9_4
CVE-2023-32636 Anchore CVE Low glib2-2.68.4-14.el9_4.1
CVE-2024-7531 Anchore CVE Low nss-sysinit-3.101.0-7.el9_2
CVE-2024-6602 Anchore CVE Medium nspr-4.35.0-14.el9_2
CVE-2024-7531 Anchore CVE Low nss-softokn-freebl-3.101.0-7.el9_2
CVE-2024-6602 Anchore CVE Medium nss-softokn-3.101.0-7.el9_2
GHSA-2rmj-mq67-h97g Anchore CVE Medium spring-web-5.3.34
CVE-2024-47175 Anchore CVE High cups-libs-1:2.3.3op2-27.el9_4
CVE-2024-7254 Twistlock CVE High com.google.protobuf_protobuf-java-3.20.3
CVE-2024-6602 Twistlock CVE Medium nspr-4.35.0-14.el9_2
CVE-2024-6602 Twistlock CVE Medium nss-softokn-freebl-3.101.0-7.el9_2
CVE-2024-6602 Twistlock CVE Medium nss-sysinit-3.101.0-7.el9_2
CVE-2024-6602 Twistlock CVE Medium nss-util-3.101.0-7.el9_2
CVE-2024-6602 Twistlock CVE Medium nss-3.101.0-7.el9_2
CVE-2024-6602 Twistlock CVE Medium nss-softokn-3.101.0-7.el9_2
CVE-2023-32636 Twistlock CVE Low glib2-2.68.4-14.el9_4.1
CVE-2024-5535 Twistlock CVE Low openssl-libs-3.0.7-28.el9_4
CVE-2024-5535 Twistlock CVE Low openssl-3.0.7-28.el9_4
CVE-2020-12413 Twistlock CVE Low nspr-4.35.0-14.el9_2
CVE-2024-4741 Twistlock CVE Low openssl-libs-3.0.7-28.el9_4
CVE-2024-4741 Twistlock CVE Low openssl-3.0.7-28.el9_4
CVE-2024-4603 Twistlock CVE Low openssl-libs-3.0.7-28.el9_4
CVE-2024-4603 Twistlock CVE Low openssl-3.0.7-28.el9_4
CVE-2024-2511 Twistlock CVE Low openssl-libs-3.0.7-28.el9_4
CVE-2024-2511 Twistlock CVE Low openssl-3.0.7-28.el9_4
CVE-2024-7531 Twistlock CVE Low nss-softokn-3.101.0-7.el9_2
CVE-2024-7531 Twistlock CVE Low nss-util-3.101.0-7.el9_2
CVE-2024-7531 Twistlock CVE Low nss-3.101.0-7.el9_2
CVE-2024-7531 Twistlock CVE Low nss-sysinit-3.101.0-7.el9_2
CVE-2024-7531 Twistlock CVE Low nspr-4.35.0-14.el9_2
CVE-2024-7531 Twistlock CVE Low nss-softokn-freebl-3.101.0-7.el9_2
CVE-2024-38809 Twistlock CVE Medium spring-web-5.3.34
CVE-2024-47175 Twistlock CVE Low cups-libs-2.3.3op2-27.el9_4
CVE-2022-33099 Twistlock CVE Medium lua-5.4.4-4.el9

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=synopsys/blackduck/blackduck-storage&tag=2024.7.0_ubi9.3&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by Ghost User
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI