From 05784dcf18b35884913aa210c3b203c1f72f54ec Mon Sep 17 00:00:00 2001 From: felipecruz91 Date: Fri, 27 Sep 2024 11:16:29 +0200 Subject: [PATCH] chore(scout): Document CUPS CVEs in high-profile vuln policy Signed-off-by: felipecruz91 Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- content/manuals/scout/policy/_index.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/content/manuals/scout/policy/_index.md b/content/manuals/scout/policy/_index.md index 596e2ec8f619..a5c63d2cd54f 100644 --- a/content/manuals/scout/policy/_index.md +++ b/content/manuals/scout/policy/_index.md @@ -145,13 +145,17 @@ The list includes the following vulnerabilities: - [CVE-2023-38545 (cURL SOCKS5 heap buffer overflow)](https://scout.docker.com/v/CVE-2023-38545) - [CVE-2023-44487 (HTTP/2 Rapid Reset)](https://scout.docker.com/v/CVE-2023-44487) - [CVE-2024-3094 (XZ backdoor)](https://scout.docker.com/v/CVE-2024-3094) +- [CVE-2024-47176 (OpenPrinting - `cups-browsed`)](https://scout.docker.com/v/CVE-2024-47176) +- [CVE-2024-47076 (OpenPrinting - `libcupsfilters`)](https://scout.docker.com/v/CVE-2024-47076) +- [CVE-2024-47175 (OpenPrinting - `libppd`)](https://scout.docker.com/v/CVE-2024-47175) +- [CVE-2024-47177 (OpenPrinting - `cups-filters`)](https://scout.docker.com/v/CVE-2024-47177) You can configure the CVEs included in this list by creating a custom policy. Custom configuration options include: - **CVEs to avoid**: Specify the CVEs that you want to avoid in your artifacts. - Default: `CVE-2014-0160`, `CVE-2021-44228`, `CVE-2023-38545`, `CVE-2023-44487`, `CVE-2024-3094` + Default: `CVE-2014-0160`, `CVE-2021-44228`, `CVE-2023-38545`, `CVE-2023-44487`, `CVE-2024-3094`, `CVE-2024-47176`, `CVE-2024-47076`, `CVE-2024-47175`, `CVE-2024-47177` - **CISA KEV**: Enable tracking of vulnerabilities from CISA's Known Exploited Vulnerabilities (KEV) catalog