Merge pull request #149 from crazy-max/dependabot/npm_and_yarn/action… #1522
crazy-maxAnnotations
6 errors, 28 warnings, and 6 notices
|
threshold (alpine:3.10)
Container image is unhealthy. Following your desired severity threshold (HIGH), the job has been marked as failed.
|
|
annotations (alpine:3.9)
CVE-2021-23840 - HIGH severity - openssl: integer overflow in CipherUpdate vulnerability in libcrypto1.1
|
|
annotations (alpine:3.9)
CVE-2021-3450 - HIGH severity - openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT vulnerability in libcrypto1.1
|
|
annotations (alpine:3.9)
CVE-2021-23840 - HIGH severity - openssl: integer overflow in CipherUpdate vulnerability in libssl1.1
|
|
annotations (alpine:3.9)
CVE-2021-3450 - HIGH severity - openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT vulnerability in libssl1.1
|
|
threshold (alpine:3.9)
Container image is unhealthy. Following your desired severity threshold (HIGH), the job has been marked as failed.
|
|
tarball
Dockerfile not provided. Skipping sarif scan result.
|
|
annotations (moby/buildkit:master)
Dockerfile not provided. Skipping sarif scan result.
|
|
annotations (moby/buildkit:master)
CVE-2024-24791 - MEDIUM severity - The net/http HTTP/1.1 client mishandled the case where a server respon ... vulnerability in stdlib
|
|
annotations (moby/buildkit:master)
CVE-2024-34155 - MEDIUM severity - Calling any of the Parse functions on Go source code which contains de ... vulnerability in stdlib
|
|
annotations (moby/buildkit:master)
CVE-2024-34156 - MEDIUM severity - Calling Decoder.Decode on a message which contains deeply nested struc ... vulnerability in stdlib
|
|
annotations (moby/buildkit:master)
CVE-2024-34158 - MEDIUM severity - Calling Parse on a "// +build" build tag line with deeply nested expre ... vulnerability in stdlib
|
|
annotations (moby/buildkit:master)
CVE-2024-24791 - MEDIUM severity - The net/http HTTP/1.1 client mishandled the case where a server respon ... vulnerability in stdlib
|
|
annotations (moby/buildkit:master)
CVE-2024-34155 - MEDIUM severity - Calling any of the Parse functions on Go source code which contains de ... vulnerability in stdlib
|
|
annotations (moby/buildkit:master)
CVE-2024-34156 - MEDIUM severity - Calling Decoder.Decode on a message which contains deeply nested struc ... vulnerability in stdlib
|
|
annotations (moby/buildkit:master)
CVE-2024-34158 - MEDIUM severity - Calling Parse on a "// +build" build tag line with deeply nested expre ... vulnerability in stdlib
|
|
annotations (moby/buildkit:master)
CVE-2024-24791 - MEDIUM severity - The net/http HTTP/1.1 client mishandled the case where a server respon ... vulnerability in stdlib
|
|
image (alpine:3.9)
Dockerfile not provided. Skipping sarif scan result.
|
|
threshold (alpine:3.10)
Dockerfile not provided. Skipping sarif scan result.
|
|
threshold (alpine:latest)
Dockerfile not provided. Skipping sarif scan result.
|
|
annotations (alpine:latest)
Dockerfile not provided. Skipping sarif scan result.
|
|
annotations (alpine:3.9)
Dockerfile not provided. Skipping sarif scan result.
|
|
annotations (alpine:3.9)
CVE-2020-1971 - MEDIUM severity - openssl: EDIPARTYNAME NULL pointer de-reference vulnerability in libcrypto1.1
|
|
annotations (alpine:3.9)
CVE-2021-23841 - MEDIUM severity - openssl: NULL pointer dereference in X509_issuer_and_serial_hash() vulnerability in libcrypto1.1
|
|
annotations (alpine:3.9)
CVE-2021-3449 - MEDIUM severity - openssl: NULL pointer dereference in signature_algorithms processing vulnerability in libcrypto1.1
|
|
annotations (alpine:3.9)
CVE-2020-1971 - MEDIUM severity - openssl: EDIPARTYNAME NULL pointer de-reference vulnerability in libssl1.1
|
|
annotations (alpine:3.9)
CVE-2021-23841 - MEDIUM severity - openssl: NULL pointer dereference in X509_issuer_and_serial_hash() vulnerability in libssl1.1
|
|
annotations (alpine:3.9)
CVE-2021-3449 - MEDIUM severity - openssl: NULL pointer dereference in signature_algorithms processing vulnerability in libssl1.1
|
|
annotations (alpine:3.9)
CVE-2020-28928 - MEDIUM severity - In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ... vulnerability in musl
|
|
annotations (alpine:3.9)
CVE-2020-28928 - MEDIUM severity - In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ... vulnerability in musl-utils
|
|
threshold (alpine:3.9)
Dockerfile not provided. Skipping sarif scan result.
|
|
threshold (moby/buildkit:master)
Dockerfile not provided. Skipping sarif scan result.
|
|
image (alpine:latest)
Dockerfile not provided. Skipping sarif scan result.
|
|
image (moby/buildkit:master)
Dockerfile not provided. Skipping sarif scan result.
|
|
annotations (moby/buildkit:master)
CVE-2024-9143 - LOW severity - Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with u ... vulnerability in libcrypto3
|
|
annotations (moby/buildkit:master)
CVE-2024-9143 - LOW severity - Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with u ... vulnerability in libssl3
|
|
annotations (alpine:latest)
CVE-2024-9143 - LOW severity - Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with u ... vulnerability in libcrypto3
|
|
annotations (alpine:latest)
CVE-2024-9143 - LOW severity - Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with u ... vulnerability in libssl3
|
|
annotations (alpine:3.9)
CVE-2021-23839 - LOW severity - openssl: incorrect SSLv2 rollback protection vulnerability in libcrypto1.1
|
|
annotations (alpine:3.9)
CVE-2021-23839 - LOW severity - openssl: incorrect SSLv2 rollback protection vulnerability in libssl1.1
|