Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update access token for flowfuse dockerhub #282

Merged
merged 1 commit into from
Jan 18, 2024

Update access token for flowfuse dockerhub

5f9df0a
Select commit
Loading
Failed to load commit list.
Sign in for the full log view
Merged

Update access token for flowfuse dockerhub #282

Update access token for flowfuse dockerhub
5f9df0a
Select commit
Loading
Failed to load commit list.
GitHub Actions / node-red:3.1.x-main-linux-arm64 scan results succeeded Jan 18, 2024 in 0s

3 fail in 0s

3 tests   0 ✅  0s ⏱️
2 suites  0 💤
1 files    3 ❌

Results for commit 5f9df0a.

Annotations

Check warning on line 0 in libcrypto3-3.1.4-r3

See this annotation in the file changed.

@github-actions github-actions / node-red:3.1.x-main-linux-arm64 scan results

[MEDIUM] CVE-2023-6237 (libcrypto3-3.1.4-r3) failed 

trivy-junit-results.xml
Raw output 
openssl: Excessive time spent checking invalid RSA public keys
A flaw was found in OpenSSL. When the EVP_PKEY_public_check() function is called in RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is a large prime, this computation takes a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack.

Check warning on line 0 in libssl3-3.1.4-r3

See this annotation in the file changed.

@github-actions github-actions / node-red:3.1.x-main-linux-arm64 scan results

[MEDIUM] CVE-2023-6237 (libssl3-3.1.4-r3) failed 

trivy-junit-results.xml
Raw output 
openssl: Excessive time spent checking invalid RSA public keys
A flaw was found in OpenSSL. When the EVP_PKEY_public_check() function is called in RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is a large prime, this computation takes a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack.

Check warning on line 0 in openssl-3.1.4-r3

See this annotation in the file changed.

@github-actions github-actions / node-red:3.1.x-main-linux-arm64 scan results

[MEDIUM] CVE-2023-6237 (openssl-3.1.4-r3) failed 

trivy-junit-results.xml
Raw output 
openssl: Excessive time spent checking invalid RSA public keys
A flaw was found in OpenSSL. When the EVP_PKEY_public_check() function is called in RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is a large prime, this computation takes a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack.
View more details on GitHub Actions