Merge branch 'main' of github.com:FlowFuse/helm into feat-probes · FlowFuse/helm@0820cff · GitHub

GitHub Actions / forge-k8s:main-linux-arm64 scan results succeeded Jan 31, 2024 in 0s

1 fail in 0s

1 tests 0 ✅ 0s ⏱️
4 suites 0 💤
1 files 1 ❌

Results for commit 0820cff.

Annotations

Check warning on line 0 in tough-cookie-2.5.0

github-actions / forge-k8s:main-linux-arm64 scan results

[MEDIUM] CVE-2023-26136 (tough-cookie-2.5.0) failed

trivy-junit-results.xml

Raw output


            tough-cookie: prototype pollution in cookie memstore
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.

View more details on GitHub Actions