Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug #12968: base url provided in module referential #1895

Merged
merged 1 commit into from
Jun 10, 2024
Merged

Bug #12968: base url provided in module referential #1895

merged 1 commit into from
Jun 10, 2024

Conversation

laedanrex
Copy link
Contributor

No description provided.

@laedanrex laedanrex added the bug Something isn't working label Jun 6, 2024
@laedanrex laedanrex added this to the IT 137 milestone Jun 6, 2024
@laedanrex laedanrex self-assigned this Jun 6, 2024
@vitam-devops
Copy link
Collaborator

vitam-devops commented Jun 6, 2024
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailsf4bfeb6d-7d8a-4e1d-8d06-8a19051fbcdd

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2019-15599 Npm-tree-kill-1.2.1 Vulnerable Package
HIGH CVE-2020-28502 Npm-xmlhttprequest-ssl-1.5.5 Vulnerable Package
HIGH CVE-2020-36048 Npm-engine.io-3.2.1 Vulnerable Package
HIGH CVE-2020-36049 Npm-socket.io-parser-3.2.0 Vulnerable Package
HIGH CVE-2020-7660 Npm-serialize-javascript-1.9.1 Vulnerable Package
HIGH CVE-2020-7788 Npm-ini-1.3.5 Vulnerable Package
HIGH CVE-2021-21306 Npm-marked-1.2.9 Vulnerable Package
HIGH CVE-2021-31597 Npm-xmlhttprequest-ssl-1.5.5 Vulnerable Package
HIGH CVE-2022-2421 Npm-socket.io-parser-3.2.0 Vulnerable Package
HIGH CVE-2023-45133 Npm-babel-traverse-6.26.0 Vulnerable Package
MEDIUM CVE-2019-16769 Npm-serialize-javascript-1.9.1 Vulnerable Package
MEDIUM CVE-2020-15366 Npm-ajv-6.10.0 Vulnerable Package
MEDIUM CVE-2020-15366 Npm-ajv-5.5.2 Vulnerable Package
MEDIUM CVE-2020-28481 Npm-socket.io-2.1.1 Vulnerable Package
MEDIUM CVE-2020-7693 Npm-sockjs-0.3.19 Vulnerable Package
MEDIUM CVE-2021-23364 Npm-browserslist-4.5.5 Vulnerable Package
MEDIUM CVE-2022-21704 Npm-log4js-4.5.1 Vulnerable Package
MEDIUM CVE-2022-41940 Npm-engine.io-3.2.1 Vulnerable Package
MEDIUM CVE-2024-28849 Npm-follow-redirects-1.15.5 Vulnerable Package
LOW Logging of Sensitive Data /ansible.cfg: [2](https://github.com/ProgrammeVitam/vitam-ui/blob/11854-clean-base-url-referential//deployment/pki/scripts/lib/ansible.cfg# L2) To keep sensitive values out of logs, tasks that expose them need to be marked defining 'no_log' and setting to True
LOW Logging of Sensitive Data /ansible.cfg: [1](https://github.com/ProgrammeVitam/vitam-ui/blob/11854-clean-base-url-referential//deployment/ansible.cfg# L1) To keep sensitive values out of logs, tasks that expose them need to be marked defining 'no_log' and setting to True
LOW Logging of Sensitive Data /ansible.cfg: [2](https://github.com/ProgrammeVitam/vitam-ui/blob/11854-clean-base-url-referential//tools/docker/mongo/ansible.cfg# L2) To keep sensitive values out of logs, tasks that expose them need to be marked defining 'no_log' and setting to True

Fixed Issues

Severity Issue Source File / Package
HIGH CVE-2023-28154 Npm-webpack-5.50.0

@laedanrex laedanrex changed the title Story #11854 (clean code): base url provided in module referential Story #12968: base url provided in module referential Jun 7, 2024
@laedanrex laedanrex force-pushed the 11854-clean-base-url-referential branch from afbccce to 318cf5d Compare June 7, 2024 13:24
@laedanrex laedanrex changed the title Story #12968: base url provided in module referential Bug #12968: base url provided in module referential Jun 7, 2024
@laedanrex laedanrex merged commit 78e4be2 into develop Jun 10, 2024
8 checks passed
@laedanrex laedanrex deleted the 11854-clean-base-url-referential branch June 10, 2024 13:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Regzox Regzox Regzox approved these changes

@ebernard ebernard ebernard approved these changes

Assignees

@laedanrex laedanrex

Labels
bug Something isn't working
Projects
None yet
Milestone
IT 137
Development

Successfully merging this pull request may close these issues.
4 participants
@laedanrex @vitam-devops @ebernard @Regzox