Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatic coin-definitions update #259

Closed
wants to merge 1 commit into from
Closed

Automatic coin-definitions update #259

wants to merge 1 commit into from

Conversation

watchman-pre-prod[bot]
Copy link

Automatic coin-definitions update

@watchman-pre-prod watchman-pre-prod bot requested review from a team as code owners February 27, 2025 14:37
@sstephanou-bc
Copy link

Logo
Checkmarx One – Scan Summary & Details870ee7fb-a6e7-43d7-bba1-ddb4886d3537

New Issues (27)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2024-45338 Go-golang.org/x/net-v0.10.0
detailsRecommended version: v0.32.1-0.20241218192430-8e66b04771e3
Description: An attacker can craft an input to the "Parse" function, that will be processed non-linearly with respect to its length, resulting in extremely slow...
Attack Vector: NETWORK
Attack Complexity: LOW
Vulnerable Package
HIGH Passwords And Secrets - Generic Token /info.json: 19108
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /info.json: 7973
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /info.json: 1948
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /en.json: 2873
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /en.json: 3134
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /en.json: 2872
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /en.json: 280
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /en.json: 391
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /info.json: 6
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /info.json: 4
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /info.json: 14358
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /en.json: 1934
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /prices.json: 1495
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /en.json: 1596
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /prices.json: 2677
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /info.json: 14353
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /info.json: 15663
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /info.json: 9663
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /info.json: 1393
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /en.json: 3823
detailsQuery to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Token /en.json: 2105
detailsQuery to find passwords and secrets in infrastructure code.
LOW Unpinned Actions Full Length Commit SHA /upload-s3.yml: 58
detailsPinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
LOW Unpinned Actions Full Length Commit SHA /codeql.yml: 61
detailsPinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
LOW Unpinned Actions Full Length Commit SHA /upload-s3.yml: 46
detailsPinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
LOW Unpinned Actions Full Length Commit SHA /codeql.yml: 47
detailsPinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
LOW Unpinned Actions Full Length Commit SHA /upload-s3.yml: 28
detailsPinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...

@vlenoir-bc vlenoir-bc closed this Feb 27, 2025
@vlenoir-bc vlenoir-bc deleted the automatic-update-versions-he6c9907aeb79cc5821df branch February 27, 2025 14:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sstephanou-bc @vlenoir-bc