Check logs 20.1 Week 1 #5290

cnlucas · 2022-11-30T18:56:58Z

Log review needs to be completed per the Security Event Review Checklist (https://github.com/fecgov/FEC/wiki/Security-Event-Review-Checklist)

Ref: [Check logs sprint 19 Innovation week 3]
#5283

cnlucas · 2022-12-07T16:19:29Z

FEC-CMS:
package.json: None
requirements.txt: Snyk Low: Setuptools) #5488
2 Snyk Medium: Pillow) #5497
1 High gitpython Remote Code Execution (RCE) fecgov/fec-cms#5509

OPENFEC:
package.json: None
requirements.txt: Snyk Low: Setuptools) #5286
1 High gitpython Remote Code Execution (RCE) #5509
1 Medium certifi Insufficient Verification of Data Authenticity #5298
flyway: 2 Medium com.h2database:h2 Information Exposure
org.postgresql:postgresql Information Exposure #5295

FEC-EREGS:
package.json: None
requirements.txt: Snyk Low: Setuptools) #727

FEC-PATTERN-LIBRARY:
package.json: None

Search logs:
Ok

Cloud.gov Dashboard:
Ok 8 accounts

Off-boarding:
None in Github or Cloud.gov this week

cnlucas added the Security: general General security concern or issue label Nov 30, 2022

cnlucas added this to the Sprint 20.1 milestone Nov 30, 2022

cnlucas mentioned this issue Nov 30, 2022

Check logs 20.1 Week 2 #5291

Closed

1 task

rfultz assigned cnlucas Dec 6, 2022

cnlucas closed this as completed Dec 7, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Check logs 20.1 Week 1 #5290

Check logs 20.1 Week 1 #5290

cnlucas commented Nov 30, 2022

cnlucas commented Dec 7, 2022 •

edited

Check logs 20.1 Week 1 #5290

Check logs 20.1 Week 1 #5290

Comments

cnlucas commented Nov 30, 2022

cnlucas commented Dec 7, 2022 • edited

cnlucas commented Dec 7, 2022 •

edited