Skip to content
This repository has been archived by the owner on Jan 27, 2023. It is now read-only.

Anchore Engine image is very old and has a number of CVEs #1394

Open
shawngmc opened this issue Nov 28, 2022 · 0 comments
Open

Anchore Engine image is very old and has a number of CVEs #1394

shawngmc opened this issue Nov 28, 2022 · 0 comments

Comments

@shawngmc
Copy link

Is this a request for help?:
No.

Is this a BUG REPORT or a FEATURE REQUEST? (choose one):
BUG REPORT

Version of Anchore Engine and Anchore CLI if applicable:
Anchore Engine v1.1.0
Scanned via Grype 0.53.1

What happened:
The image has 383 vulnerabilities.

What did you expect to happen:
Minimal vulnerabilities, if any

Any relevant log output from /var/log/anchore:
N/A

What docker images are you using:
anchore/anchore-engine:v1.1.0

How to reproduce the issue:
grype docker.io/anchore/anchore-engine

Anything else we need to know:

$ grype docker.io/anchore/anchore-engine:v1.1.0
 ✔ Vulnerability DB        [no update available]
 ✔ Loaded image            
 ✔ Parsed image            
 ✔ Cataloged packages      [553 packages]
 ✔ Scanned image           [383 vulnerabilities]

[0027]  WARN some package(s) are missing CPEs. This may result in missing vulnerabilities. You may autogenerate these using: --add-cpes-if-none
NAME                                  INSTALLED                                                   FIXED-IN                TYPE       VULNERABILITY        SEVERITY 
Twisted                               20.3.0                                                      22.10.0rc1              python     GHSA-vg46-2rrj-3647  Medium    
Twisted                               20.3.0                                                      22.1                    python     GHSA-92x2-jw7w-xvvx  High      
Twisted                               20.3.0                                                      22.4.0                  python     GHSA-c2jg-hw38-jrqq  High      
bzip2-libs                            1.0.6-26.el8                                                (won't fix)             rpm        CVE-2019-12900       Low       
cryptsetup-libs                       2.3.3-4.el8                                                 0:2.3.3-4.el8_5.1       rpm        CVE-2021-4122        Medium    
curl                                  7.61.1-22.el8                                               0:7.61.1-22.el8_6.3     rpm        CVE-2022-27776       Medium    
curl                                  7.61.1-22.el8                                               0:7.61.1-22.el8_6.3     rpm        CVE-2022-22576       Medium    
curl                                  7.61.1-22.el8                                                                       rpm        CVE-2022-35252       Low       
curl                                  7.61.1-22.el8                                               0:7.61.1-22.el8_6.3     rpm        CVE-2022-27774       Medium    
curl                                  7.61.1-22.el8                                               0:7.61.1-22.el8_6.3     rpm        CVE-2022-27782       Medium    
curl                                  7.61.1-22.el8                                               0:7.61.1-22.el8_6.4     rpm        CVE-2022-32206       Medium    
curl                                  7.61.1-22.el8                                               0:7.61.1-22.el8_6.4     rpm        CVE-2022-32208       Medium    
cyrus-sasl-lib                        2.1.27-5.el8                                                0:2.1.27-6.el8_5        rpm        CVE-2022-24407       High      
dbus                                  1:1.12.8-14.el8                                                                     rpm        CVE-2022-42012       Medium    
dbus                                  1:1.12.8-14.el8                                                                     rpm        CVE-2022-42011       Medium    
dbus                                  1:1.12.8-14.el8                                             (won't fix)             rpm        CVE-2020-35512       Low       
dbus                                  1:1.12.8-14.el8                                                                     rpm        CVE-2022-42010       Medium    
dbus-common                           1:1.12.8-14.el8                                                                     rpm        CVE-2022-42012       Medium    
dbus-common                           1:1.12.8-14.el8                                                                     rpm        CVE-2022-42011       Medium    
dbus-common                           1:1.12.8-14.el8                                             (won't fix)             rpm        CVE-2020-35512       Low       
dbus-common                           1:1.12.8-14.el8                                                                     rpm        CVE-2022-42010       Medium    
dbus-daemon                           1:1.12.8-14.el8                                                                     rpm        CVE-2022-42012       Medium    
dbus-daemon                           1:1.12.8-14.el8                                             (won't fix)             rpm        CVE-2020-35512       Low       
dbus-daemon                           1:1.12.8-14.el8                                                                     rpm        CVE-2022-42011       Medium    
dbus-daemon                           1:1.12.8-14.el8                                                                     rpm        CVE-2022-42010       Medium    
dbus-libs                             1:1.12.8-14.el8                                             (won't fix)             rpm        CVE-2020-35512       Low       
dbus-libs                             1:1.12.8-14.el8                                                                     rpm        CVE-2022-42011       Medium    
dbus-libs                             1:1.12.8-14.el8                                                                     rpm        CVE-2022-42012       Medium    
dbus-libs                             1:1.12.8-14.el8                                                                     rpm        CVE-2022-42010       Medium    
dbus-tools                            1:1.12.8-14.el8                                             (won't fix)             rpm        CVE-2020-35512       Low       
dbus-tools                            1:1.12.8-14.el8                                                                     rpm        CVE-2022-42011       Medium    
dbus-tools                            1:1.12.8-14.el8                                                                     rpm        CVE-2022-42012       Medium    
dbus-tools                            1:1.12.8-14.el8                                                                     rpm        CVE-2022-42010       Medium    
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2022-25236       High      
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2022-25315       High      
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2021-46143       Medium    
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2021-45960       Medium    
expat                                 2.2.5-4.el8                                                 (won't fix)             rpm        CVE-2022-23990       Low       
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2022-22824       Medium    
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2022-22823       Medium    
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2022-23852       Medium    
expat                                 2.2.5-4.el8                                                                         rpm        CVE-2022-43680       Medium    
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2022-25235       High      
expat                                 2.2.5-4.el8                                                 0:2.2.5-8.el8_6.3       rpm        CVE-2022-40674       High      
expat                                 2.2.5-4.el8                                                 0:2.2.5-8.el8_6.2       rpm        CVE-2022-25314       Medium    
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2022-22827       Medium    
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2022-22825       Medium    
expat                                 2.2.5-4.el8                                                 0:2.2.5-8.el8_6.2       rpm        CVE-2022-25313       Medium    
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2022-22822       Medium    
expat                                 2.2.5-4.el8                                                 0:2.2.5-4.el8_5.3       rpm        CVE-2022-22826       Medium    
file-libs                             5.33-20.el8                                                 (won't fix)             rpm        CVE-2019-8905        Low       
file-libs                             5.33-20.el8                                                 (won't fix)             rpm        CVE-2019-8906        Low       
gdb-gdbserver                         8.2-16.el8                                                                          rpm        CVE-2021-3826        Low       
github.com/containerd/containerd      v1.4.11                                                     1.4.13                  go-module  GHSA-crp2-qrr5-8pq7  High      
github.com/containerd/containerd      v1.3.4                                                      1.4.12                  go-module  GHSA-5j5w-g665-5m35  Low       
github.com/containerd/containerd      v1.3.4                                                      1.4.11                  go-module  GHSA-c2h3-6mxw-7mvq  Medium    
github.com/containerd/containerd      v1.3.4                                                      1.5.13                  go-module  GHSA-5ffw-gxpp-mxpf  Medium    
github.com/containerd/containerd      v1.4.11                                                     1.4.12                  go-module  GHSA-5j5w-g665-5m35  Low       
github.com/containerd/containerd      v1.4.11                                                     1.5.13                  go-module  GHSA-5ffw-gxpp-mxpf  Medium    
github.com/containerd/containerd      v1.3.4                                                      1.4.8                   go-module  GHSA-c72p-9xmj-rx3w  Medium    
github.com/containerd/containerd      v1.3.4                                                      1.4.13                  go-module  GHSA-crp2-qrr5-8pq7  High      
github.com/containerd/containerd      v1.3.4                                                      1.3.9                   go-module  GHSA-36xw-fx78-c5r4  Medium    
github.com/docker/distribution        v2.7.1+incompatible                                         2.8.0                   go-module  GHSA-qq97-vm5h-rrhg  Low       
github.com/docker/docker              v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible                          go-module  CVE-2021-21284       Medium    
github.com/docker/docker              v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible                          go-module  CVE-2018-10892       Medium    
github.com/docker/docker              v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible                          go-module  CVE-2021-21285       Medium    
github.com/docker/docker              v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible                          go-module  CVE-2019-13139       High      
github.com/docker/docker              v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible                          go-module  CVE-2019-5736        High      
github.com/docker/docker              v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible                          go-module  CVE-2019-16884       High      
github.com/docker/docker              v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible                          go-module  CVE-2019-13509       High      
github.com/docker/docker              v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible                          go-module  CVE-2020-27534       Medium    
github.com/gogo/protobuf              v1.3.1                                                      1.3.2                   go-module  GHSA-c3h9-896r-86jm  High      
github.com/hashicorp/go-getter        v1.4.1                                                                              go-module  CVE-2022-29810       Medium    
github.com/hashicorp/go-getter        v1.4.1                                                      1.6.1                   go-module  GHSA-fcgg-rvwg-jv58  High      
github.com/hashicorp/go-getter        v1.4.1                                                      1.5.11                  go-module  GHSA-27rq-4943-qcwp  Medium    
github.com/hashicorp/go-getter        v1.4.1                                                                              go-module  CVE-2022-30321       High      
github.com/hashicorp/go-getter        v1.4.1                                                      1.6.1                   go-module  GHSA-x24g-9w7v-vprh  Critical  
github.com/hashicorp/go-getter        v1.4.1                                                      1.6.1                   go-module  GHSA-cjr4-fv6c-f3mv  High      
github.com/hashicorp/go-getter        v1.4.1                                                                              go-module  CVE-2022-30322       High      
github.com/hashicorp/go-getter        v1.4.1                                                                              go-module  CVE-2022-30323       High      
github.com/hashicorp/go-getter        v1.4.1                                                                              go-module  CVE-2022-26945       Critical  
github.com/hashicorp/go-getter        v1.4.1                                                      1.6.1                   go-module  GHSA-28r2-q6m8-9hpx  High      
github.com/opencontainers/image-spec  v1.0.1                                                      1.0.2                   go-module  GHSA-77vh-xpmg-72qh  Low       
github.com/opencontainers/runc        v0.1.1                                                      1.0.0-rc95              go-module  GHSA-c3xm-pvg7-gh7r  High      
github.com/opencontainers/runc        v0.1.1                                                      1.0.0-rc9               go-module  GHSA-fgv8-vj5c-2ppq  High      
github.com/opencontainers/runc        v0.1.1                                                      1.0.0-rc3               go-module  GHSA-gp4j-w3vj-7299  Medium    
github.com/opencontainers/runc        v0.1.1                                                      1.0.0-rc91              go-module  GHSA-g54h-m393-cpwq  Low       
github.com/opencontainers/runc        v0.1.1                                                      1.1.2                   go-module  GHSA-f3fp-gc8g-vw66  Medium    
github.com/opencontainers/runc        v0.1.1                                                      1.0.3                   go-module  GHSA-v95c-p5hm-xq8f  Medium    
glib2                                 2.56.4-156.el8                                              (won't fix)             rpm        CVE-2018-16428       Low       
glibc                                 2.28-164.el8                                                (won't fix)             rpm        CVE-2019-1010022     Unknown   
glibc                                 2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2021-3999        Medium    
glibc                                 2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2022-23218       Medium    
glibc                                 2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2022-23219       Medium    
glibc-common                          2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2022-23219       Medium    
glibc-common                          2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2021-3999        Medium    
glibc-common                          2.28-164.el8                                                (won't fix)             rpm        CVE-2019-1010022     Unknown   
glibc-common                          2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2022-23218       Medium    
glibc-langpack-en                     2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2022-23218       Medium    
glibc-langpack-en                     2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2021-3999        Medium    
glibc-langpack-en                     2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2022-23219       Medium    
glibc-langpack-en                     2.28-164.el8                                                (won't fix)             rpm        CVE-2019-1010022     Unknown   
glibc-minimal-langpack                2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2022-23219       Medium    
glibc-minimal-langpack                2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2022-23218       Medium    
glibc-minimal-langpack                2.28-164.el8                                                0:2.28-164.el8_5.3      rpm        CVE-2021-3999        Medium    
glibc-minimal-langpack                2.28-164.el8                                                (won't fix)             rpm        CVE-2019-1010022     Unknown   
gmp                                   1:6.1.2-10.el8                                              (won't fix)             rpm        CVE-2021-43618       Low       
gnupg2                                2.2.20-2.el8                                                0:2.2.20-3.el8_6        rpm        CVE-2022-34903       Medium    
gnupg2                                2.2.20-2.el8                                                                        rpm        CVE-2022-3219        Low       
gnutls                                3.6.16-4.el8                                                (won't fix)             rpm        CVE-2021-4209        Low       
gnutls                                3.6.16-4.el8                                                0:3.6.16-5.el8_6        rpm        CVE-2022-2509        Medium    
google.golang.org/protobuf            v1.24.0                                                                             go-module  CVE-2015-5237        High      
google.golang.org/protobuf            v1.24.0                                                                             go-module  CVE-2021-22570       Medium    
gzip                                  1.9-12.el8                                                  0:1.9-13.el8_5          rpm        CVE-2022-1271        High      
krb5-libs                             1.18.2-14.el8                                                                       rpm        CVE-2022-42898       High      
krb5-libs                             1.18.2-14.el8                                               (won't fix)             rpm        CVE-2020-17049       Medium    
libarchive                            3.3.3-1.el8                                                 (won't fix)             rpm        CVE-2018-1000879     Low       
libarchive                            3.3.3-1.el8                                                                         rpm        CVE-2017-14501       Low       
libarchive                            3.3.3-1.el8                                                 0:3.3.3-3.el8_5         rpm        CVE-2021-31566       Medium    
libarchive                            3.3.3-1.el8                                                                         rpm        CVE-2017-14166       Low       
libarchive                            3.3.3-1.el8                                                 0:3.3.3-3.el8_5         rpm        CVE-2021-23177       Medium    
libarchive                            3.3.3-1.el8                                                 (won't fix)             rpm        CVE-2018-1000880     Low       
libarchive                            3.3.3-1.el8                                                                         rpm        CVE-2022-36227       Low       
libarchive                            3.3.3-1.el8                                                 (won't fix)             rpm        CVE-2020-21674       Medium    
libcom_err                            1.45.6-2.el8                                                0:1.45.6-5.el8          rpm        CVE-2022-1304        Medium    
libcurl                               7.61.1-22.el8                                               0:7.61.1-22.el8_6.3     rpm        CVE-2022-27776       Medium    
libcurl                               7.61.1-22.el8                                               0:7.61.1-22.el8_6.3     rpm        CVE-2022-27774       Medium    
libcurl                               7.61.1-22.el8                                               0:7.61.1-22.el8_6.4     rpm        CVE-2022-32206       Medium    
libcurl                               7.61.1-22.el8                                               0:7.61.1-22.el8_6.4     rpm        CVE-2022-32208       Medium    
libcurl                               7.61.1-22.el8                                                                       rpm        CVE-2022-35252       Low       
libcurl                               7.61.1-22.el8                                               0:7.61.1-22.el8_6.3     rpm        CVE-2022-22576       Medium    
libcurl                               7.61.1-22.el8                                               0:7.61.1-22.el8_6.3     rpm        CVE-2022-27782       Medium    
libgcc                                8.5.0-4.el8_5                                                                       rpm        CVE-2022-27943       Low       
libgcc                                8.5.0-4.el8_5                                               (won't fix)             rpm        CVE-2018-20657       Low       
libgcc                                8.5.0-4.el8_5                                               (won't fix)             rpm        CVE-2021-42694       Medium    
libgcc                                8.5.0-4.el8_5                                               (won't fix)             rpm        CVE-2019-14250       Low       
libgcrypt                             1.8.5-6.el8                                                 (won't fix)             rpm        CVE-2019-12904       Medium    
libgcrypt                             1.8.5-6.el8                                                 0:1.8.5-7.el8_6         rpm        CVE-2021-40528       Medium    
libksba                               1.3.5-7.el8                                                 0:1.3.5-8.el8_6         rpm        CVE-2022-3515        High      
libpq                                 13.3-1.el8_4                                                0:13.5-1.el8            rpm        CVE-2021-23222       Low       
libslirp                              4.4.0-1.module+el8.5.0+12582+56d94c81                       (won't fix)             rpm        CVE-2021-3595        Low       
libslirp                              4.4.0-1.module+el8.5.0+12582+56d94c81                       (won't fix)             rpm        CVE-2021-3593        Low       
libslirp                              4.4.0-1.module+el8.5.0+12582+56d94c81                       (won't fix)             rpm        CVE-2021-3592        Low       
libslirp                              4.4.0-1.module+el8.5.0+12582+56d94c81                       (won't fix)             rpm        CVE-2021-3594        Low       
libsolv                               0.7.19-1.el8                                                                        rpm        CVE-2021-44568       Low       
libssh                                0.9.4-3.el8                                                 0:0.9.6-3.el8           rpm        CVE-2021-3634        Low       
libssh-config                         0.9.4-3.el8                                                 0:0.9.6-3.el8           rpm        CVE-2021-3634        Low       
libstdc++                             8.5.0-4.el8_5                                                                       rpm        CVE-2022-27943       Low       
libstdc++                             8.5.0-4.el8_5                                               (won't fix)             rpm        CVE-2019-14250       Low       
libstdc++                             8.5.0-4.el8_5                                               (won't fix)             rpm        CVE-2018-20657       Low       
libstdc++                             8.5.0-4.el8_5                                               (won't fix)             rpm        CVE-2021-42694       Medium    
libtasn1                              4.13-3.el8                                                                          rpm        CVE-2021-46848       Medium    
libtasn1                              4.13-3.el8                                                  (won't fix)             rpm        CVE-2018-1000654     Low       
libtirpc                              1.1.4-5.el8                                                 0:1.1.4-6.el8           rpm        CVE-2021-46828       Medium    
libxml2                               2.9.7-9.el8_4.2                                             0:2.9.7-13.el8_6.1      rpm        CVE-2022-29824       Medium    
libxml2                               2.9.7-9.el8_4.2                                                                     rpm        CVE-2022-40304       Medium    
libxml2                               2.9.7-9.el8_4.2                                             0:2.9.7-12.el8_5        rpm        CVE-2022-23308       Medium    
libxml2                               2.9.7-9.el8_4.2                                             0:2.9.7-15.el8          rpm        CVE-2016-3709        Medium    
libxml2                               2.9.7-9.el8_4.2                                                                     rpm        CVE-2022-40303       Medium    
libzstd                               1.4.4-1.el8                                                 (won't fix)             rpm        CVE-2021-24032       Low       
lz4-libs                              1.8.3-3.el8_4                                               (won't fix)             rpm        CVE-2019-17543       Medium    
ncurses-base                          6.1-9.20180224.el8                                          (won't fix)             rpm        CVE-2021-39537       Medium    
ncurses-base                          6.1-9.20180224.el8                                          (won't fix)             rpm        CVE-2018-19217       Low       
ncurses-base                          6.1-9.20180224.el8                                          (won't fix)             rpm        CVE-2018-19211       Low       
ncurses-libs                          6.1-9.20180224.el8                                          (won't fix)             rpm        CVE-2018-19217       Low       
ncurses-libs                          6.1-9.20180224.el8                                          (won't fix)             rpm        CVE-2021-39537       Medium    
ncurses-libs                          6.1-9.20180224.el8                                          (won't fix)             rpm        CVE-2018-19211       Low       
openssl                               1:1.1.1k-4.el8                                              1:1.1.1k-5.el8_5        rpm        CVE-2021-3712        Medium    
openssl                               1:1.1.1k-4.el8                                              1:1.1.1k-7.el8_6        rpm        CVE-2022-1292        Medium    
openssl                               1:1.1.1k-4.el8                                              1:1.1.1k-7.el8_6        rpm        CVE-2022-2097        Medium    
openssl                               1:1.1.1k-4.el8                                              1:1.1.1k-7.el8_6        rpm        CVE-2022-2068        Medium    
openssl                               1:1.1.1k-4.el8                                              1:1.1.1k-6.el8_5        rpm        CVE-2022-0778        High      
openssl-libs                          1:1.1.1k-4.el8                                              1:1.1.1k-5.el8_5        rpm        CVE-2021-3712        Medium    
openssl-libs                          1:1.1.1k-4.el8                                              1:1.1.1k-7.el8_6        rpm        CVE-2022-2068        Medium    
openssl-libs                          1:1.1.1k-4.el8                                              1:1.1.1k-7.el8_6        rpm        CVE-2022-2097        Medium    
openssl-libs                          1:1.1.1k-4.el8                                              1:1.1.1k-7.el8_6        rpm        CVE-2022-1292        Medium    
openssl-libs                          1:1.1.1k-4.el8                                              1:1.1.1k-6.el8_5        rpm        CVE-2022-0778        High      
oslo.utils                            4.12.0                                                                              python     CVE-2022-0718        Medium    
pcre2                                 10.32-2.el8                                                 0:10.32-3.el8_6         rpm        CVE-2022-1586        Medium    
pip                                   19.3.1                                                      21.1                    python     GHSA-5xp3-jfq3-5q8x  Medium    
pip                                   9.0.3                                                       19.2                    python     GHSA-gpvv-69j7-gwj8  High      
pip                                   9.0.3                                                       21.1                    python     GHSA-5xp3-jfq3-5q8x  Medium    
pip                                   21.0.1                                                      21.1                    python     GHSA-5xp3-jfq3-5q8x  Medium    
platform-python                       3.6.8-41.el8                                                                        rpm        CVE-2020-10735       Medium    
platform-python                       3.6.8-41.el8                                                                        rpm        CVE-2021-28861       Medium    
platform-python                       3.6.8-41.el8                                                0:3.6.8-45.el8          rpm        CVE-2021-3737        Low       
platform-python                       3.6.8-41.el8                                                (won't fix)             rpm        CVE-2019-9674        Low       
platform-python                       3.6.8-41.el8                                                0:3.6.8-47.el8_6        rpm        CVE-2022-0391        Medium    
platform-python                       3.6.8-41.el8                                                                        rpm        CVE-2007-4559        Medium    
platform-python                       3.6.8-41.el8                                                0:3.6.8-45.el8          rpm        CVE-2021-4189        Medium    
platform-python                       3.6.8-41.el8                                                                        rpm        CVE-2022-45061       Medium    
platform-python                       3.6.8-41.el8                                                0:3.6.8-47.el8_6        rpm        CVE-2015-20107       Medium    
platform-python-pip                   9.0.3-20.el8                                                (won't fix)             rpm        CVE-2018-20225       Low       
procps-ng                             3.3.15-6.el8                                                (won't fix)             rpm        CVE-2018-1121        Low       
protobuf-c                            1.3.0-6.el8                                                                         rpm        CVE-2022-33070       Low       
python3-libs                          3.6.8-41.el8                                                (won't fix)             rpm        CVE-2019-9674        Low       
python3-libs                          3.6.8-41.el8                                                                        rpm        CVE-2020-10735       Medium    
python3-libs                          3.6.8-41.el8                                                0:3.6.8-45.el8          rpm        CVE-2021-3737        Low       
python3-libs                          3.6.8-41.el8                                                                        rpm        CVE-2021-28861       Medium    
python3-libs                          3.6.8-41.el8                                                                        rpm        CVE-2007-4559        Medium    
python3-libs                          3.6.8-41.el8                                                0:3.6.8-45.el8          rpm        CVE-2021-4189        Medium    
python3-libs                          3.6.8-41.el8                                                0:3.6.8-47.el8_6        rpm        CVE-2022-0391        Medium    
python3-libs                          3.6.8-41.el8                                                                        rpm        CVE-2022-45061       Medium    
python3-libs                          3.6.8-41.el8                                                0:3.6.8-47.el8_6        rpm        CVE-2015-20107       Medium    
python3-libxml2                       2.9.7-9.el8_4.2                                             0:2.9.7-15.el8          rpm        CVE-2016-3709        Medium    
python3-libxml2                       2.9.7-9.el8_4.2                                             0:2.9.7-12.el8_5        rpm        CVE-2022-23308       Medium    
python3-libxml2                       2.9.7-9.el8_4.2                                                                     rpm        CVE-2022-40304       Medium    
python3-libxml2                       2.9.7-9.el8_4.2                                             0:2.9.7-13.el8_6.1      rpm        CVE-2022-29824       Medium    
python3-libxml2                       2.9.7-9.el8_4.2                                                                     rpm        CVE-2022-40303       Medium    
python3-pip-wheel                     9.0.3-20.el8                                                (won't fix)             rpm        CVE-2018-20225       Low       
python3-rpm                           4.14.3-19.el8                                                                       rpm        CVE-2021-35937       Medium    
python3-rpm                           4.14.3-19.el8                                                                       rpm        CVE-2021-35938       Medium    
python3-rpm                           4.14.3-19.el8                                               0:4.14.3-19.el8_5.2     rpm        CVE-2021-3521        Medium    
python3-rpm                           4.14.3-19.el8                                                                       rpm        CVE-2021-35939       Medium    
python3-unbound                       1.7.3-17.el8                                                                        rpm        CVE-2022-3204        Medium    
python3-unbound                       1.7.3-17.el8                                                (won't fix)             rpm        CVE-2019-25033       Medium    
python3-unbound                       1.7.3-17.el8                                                0:1.16.2-2.el8          rpm        CVE-2022-30698       Medium    
python3-unbound                       1.7.3-17.el8                                                0:1.16.2-2.el8          rpm        CVE-2022-30699       Medium    
python3-unbound                       1.7.3-17.el8                                                (won't fix)             rpm        CVE-2019-16866       Low       
python38                              3.8.8-4.module+el8.5.0+12205+a865257a                                               rpm        CVE-2007-4559        Medium    
python38                              3.8.8-4.module+el8.5.0+12205+a865257a                                               rpm        CVE-2020-10735       Medium    
python38                              3.8.8-4.module+el8.5.0+12205+a865257a                                               rpm        CVE-2021-28861       Medium    
python38                              3.8.8-4.module+el8.5.0+12205+a865257a                                               rpm        CVE-2022-45061       Medium    
python38-libs                         3.8.8-4.module+el8.5.0+12205+a865257a                                               rpm        CVE-2022-45061       Medium    
python38-libs                         3.8.8-4.module+el8.5.0+12205+a865257a                                               rpm        CVE-2007-4559        Medium    
python38-libs                         3.8.8-4.module+el8.5.0+12205+a865257a                                               rpm        CVE-2020-10735       Medium    
python38-libs                         3.8.8-4.module+el8.5.0+12205+a865257a                                               rpm        CVE-2021-28861       Medium    
rpm                                   4.14.3                                                                              python     CVE-2021-35939       High      
rpm                                   4.14.3                                                                              python     CVE-2021-35938       High      
rpm                                   4.14.3-19.el8                                                                       rpm        CVE-2021-35937       Medium    
rpm                                   4.14.3-19.el8                                                                       rpm        CVE-2021-35938       Medium    
rpm                                   4.14.3-19.el8                                                                       rpm        CVE-2021-35939       Medium    
rpm                                   4.14.3                                                                              python     CVE-2021-3521        Medium    
rpm                                   4.14.3                                                                              python     CVE-2021-3421        Medium    
rpm                                   4.14.3-19.el8                                               0:4.14.3-19.el8_5.2     rpm        CVE-2021-3521        Medium    
rpm                                   4.14.3                                                                              python     CVE-2021-20266       Medium    
rpm                                   4.14.3                                                                              python     CVE-2021-35937       Medium    
rpm-build-libs                        4.14.3-19.el8                                                                       rpm        CVE-2021-35937       Medium    
rpm-build-libs                        4.14.3-19.el8                                                                       rpm        CVE-2021-35939       Medium    
rpm-build-libs                        4.14.3-19.el8                                                                       rpm        CVE-2021-35938       Medium    
rpm-build-libs                        4.14.3-19.el8                                               0:4.14.3-19.el8_5.2     rpm        CVE-2021-3521        Medium    
rpm-libs                              4.14.3-19.el8                                                                       rpm        CVE-2021-35939       Medium    
rpm-libs                              4.14.3-19.el8                                               0:4.14.3-19.el8_5.2     rpm        CVE-2021-3521        Medium    
rpm-libs                              4.14.3-19.el8                                                                       rpm        CVE-2021-35937       Medium    
rpm-libs                              4.14.3-19.el8                                                                       rpm        CVE-2021-35938       Medium    
runc                                  1.0.2-1.module+el8.5.0+12582+56d94c81                       (won't fix)             rpm        CVE-2021-43784       Low       
runc                                  1.0.2-1.module+el8.5.0+12582+56d94c81                                               rpm        CVE-2022-30630       Medium    
runc                                  1.0.2-1.module+el8.5.0+12582+56d94c81                                               rpm        CVE-2022-30631       Medium    
runc                                  1.0.2-1.module+el8.5.0+12582+56d94c81                                               rpm        CVE-2022-30632       Medium    
runc                                  1.0.2-1.module+el8.5.0+12582+56d94c81                                               rpm        CVE-2022-32189       Low       
runc                                  1.0.2-1.module+el8.5.0+12582+56d94c81                                               rpm        CVE-2022-41715       Medium    
runc                                  1.0.2-1.module+el8.5.0+12582+56d94c81                                               rpm        CVE-2022-30629       Low       
runc                                  1.0.2-1.module+el8.5.0+12582+56d94c81                       (won't fix)             rpm        CVE-2021-34558       Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-1962        Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-32148       Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                   (won't fix)             rpm        CVE-2021-34558       Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-41715       Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-30631       Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-30630       Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                   (won't fix)             rpm        CVE-2021-33198       Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                   (won't fix)             rpm        CVE-2021-3114        Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-27664       Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2020-28362       Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-32189       Low       
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-2880        Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-30632       Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                   (won't fix)             rpm        CVE-2020-8945        Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-1705        Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-2879        Medium    
skopeo                                1:1.4.2-0.1.module+el8.5.0+12582+56d94c81                                           rpm        CVE-2022-30629       Low       
sqlite-libs                           3.26.0-15.el8                                               (won't fix)             rpm        CVE-2019-19244       Low       
sqlite-libs                           3.26.0-15.el8                                               0:3.26.0-16.el8_6       rpm        CVE-2020-35527       Medium    
sqlite-libs                           3.26.0-15.el8                                                                       rpm        CVE-2022-35737       Medium    
sqlite-libs                           3.26.0-15.el8                                               (won't fix)             rpm        CVE-2019-9936        Low       
sqlite-libs                           3.26.0-15.el8                                               (won't fix)             rpm        CVE-2019-9937        Low       
sqlite-libs                           3.26.0-15.el8                                               0:3.26.0-16.el8_6       rpm        CVE-2020-35525       Low       
systemd                               239-51.el8                                                  (won't fix)             rpm        CVE-2021-3997        Medium    
systemd                               239-51.el8                                                  0:239-58.el8_6.4        rpm        CVE-2022-2526        High      
systemd                               239-51.el8                                                  (won't fix)             rpm        CVE-2018-20839       Medium    
systemd                               239-51.el8                                                                          rpm        CVE-2022-3821        Medium    
systemd-libs                          239-51.el8                                                  (won't fix)             rpm        CVE-2018-20839       Medium    
systemd-libs                          239-51.el8                                                                          rpm        CVE-2022-3821        Medium    
systemd-libs                          239-51.el8                                                  0:239-58.el8_6.4        rpm        CVE-2022-2526        High      
systemd-libs                          239-51.el8                                                  (won't fix)             rpm        CVE-2021-3997        Medium    
systemd-pam                           239-51.el8                                                  (won't fix)             rpm        CVE-2018-20839       Medium    
systemd-pam                           239-51.el8                                                  (won't fix)             rpm        CVE-2021-3997        Medium    
systemd-pam                           239-51.el8                                                  0:239-58.el8_6.4        rpm        CVE-2022-2526        High      
systemd-pam                           239-51.el8                                                                          rpm        CVE-2022-3821        Medium    
tar                                   2:1.30-5.el8                                                (won't fix)             rpm        CVE-2005-2541        Medium    
tar                                   2:1.30-5.el8                                                (won't fix)             rpm        CVE-2019-9923        Low       
tar                                   2:1.30-5.el8                                                (won't fix)             rpm        CVE-2021-20193       Medium    
unbound-libs                          1.7.3-17.el8                                                (won't fix)             rpm        CVE-2019-16866       Low       
unbound-libs                          1.7.3-17.el8                                                0:1.16.2-2.el8          rpm        CVE-2022-30698       Medium    
unbound-libs                          1.7.3-17.el8                                                0:1.16.2-2.el8          rpm        CVE-2022-30699       Medium    
unbound-libs                          1.7.3-17.el8                                                (won't fix)             rpm        CVE-2019-25033       Medium    
unbound-libs                          1.7.3-17.el8                                                                        rpm        CVE-2022-3204        Medium    
urllib3                               1.24.2                                                                              python     CVE-2019-11236       Medium    
urllib3                               1.24.2                                                                              python     CVE-2021-33503       High      
urllib3                               1.24.2                                                      1.24.3                  python     GHSA-r64q-w8jr-g9qp  Medium    
urllib3                               1.24.2                                                      1.25.9                  python     GHSA-wqvq-5m8c-6g24  Medium    
urllib3                               1.24.2                                                                              python     CVE-2020-26137       Medium    
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.13  rpm        CVE-2022-1154        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2126        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-3256        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2286        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2175        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2819        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.12  rpm        CVE-2022-0361        Medium    
vim-minimal                           2:8.0.1763-16.el8                                           (won't fix)             rpm        CVE-2021-3974        Low       
vim-minimal                           2:8.0.1763-16.el8                                           (won't fix)             rpm        CVE-2021-46059       Unknown   
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-3235        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-3296        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2206        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2287        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.12  rpm        CVE-2022-0261        Medium    
vim-minimal                           2:8.0.1763-16.el8                                           (won't fix)             rpm        CVE-2022-1619        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2345        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2923        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-3037        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2946        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2125        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2980        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2849        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.12  rpm        CVE-2022-0359        Medium    
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.12  rpm        CVE-2022-0392        Medium    
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-3705        Low       
vim-minimal                           2:8.0.1763-16.el8                                           (won't fix)             rpm        CVE-2021-3927        Low       
vim-minimal                           2:8.0.1763-16.el8                                           (won't fix)             rpm        CVE-2021-4166        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.4   rpm        CVE-2021-4192        Medium    
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2284        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.12  rpm        CVE-2022-0318        Medium    
vim-minimal                           2:8.0.1763-16.el8                                           (won't fix)             rpm        CVE-2022-1720        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2124        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.12  rpm        CVE-2022-0413        Medium    
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2845        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-3352        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.4   rpm        CVE-2021-4193        Medium    
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.4   rpm        CVE-2021-3984        Medium    
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-19.el8_6.4   rpm        CVE-2022-1785        Medium    
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2207        Low       
vim-minimal                           2:8.0.1763-16.el8                                           (won't fix)             rpm        CVE-2022-0351        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-19.el8_6.4   rpm        CVE-2022-1927        Medium    
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2208        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-3153        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-19.el8_6.4   rpm        CVE-2022-1897        Medium    
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2344        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2285        Low       
vim-minimal                           2:8.0.1763-16.el8                                           (won't fix)             rpm        CVE-2018-20786       Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2343        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.4   rpm        CVE-2021-3872        Medium    
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2129        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2182        Low       
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-3234        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-19.el8_6.2   rpm        CVE-2022-1629        Medium    
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2183        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-19.el8_6.2   rpm        CVE-2022-1621        Medium    
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2522        Low       
vim-minimal                           2:8.0.1763-16.el8                                           2:8.0.1763-16.el8_5.4   rpm        CVE-2021-4019        Medium    
vim-minimal                           2:8.0.1763-16.el8                                                                   rpm        CVE-2022-2210        Low       
xz-libs                               5.2.4-3.el8                                                 0:5.2.4-4.el8_6         rpm        CVE-2022-1271        High      
zlib                                  1.2.11-17.el8                                               0:1.2.11-18.el8_5       rpm        CVE-2018-25032       High      
zlib                                  1.2.11-17.el8                                               0:1.2.11-19.el8_6       rpm        CVE-2022-37434       Medium
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shawngmc