Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update pom.xml #52

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update pom.xml #52

wants to merge 1 commit into from

Conversation

pedromprdias2
Copy link
Owner

No description provided.

@pedromprdias2
Copy link
Owner Author

Logo
Checkmarx AST – Scan Summary & Details935ddd62-2321-4861-b1fb-236014f74723

New Issues

Severity Issue File / Package Scan Engine
HIGH ALB Listening on HTTP /terraform_examples/positive2.tf: 70 CxKICS
HIGH ALB Listening on HTTP /terraform_examples/positive1.tf: 9 CxKICS
HIGH CVE-2014-0114 Maven-commons-beanutils:commons-beanutils-1.8.0 CxSCA
HIGH CVE-2016-5007 Maven-org.springframework.security:spring-security-config-3.2.4.RELEASE CxSCA
HIGH CVE-2017-1000048 Npm-qs-6.0.0 CxSCA
HIGH CVE-2018-1272 Maven-org.springframework:spring-core-3.2.4.RELEASE CxSCA
HIGH CVE-2019-10744 Npm-lodash-4.17.11 CxSCA
HIGH CVE-2019-11272 Maven-org.springframework.security:spring-security-core-3.2.4.RELEASE CxSCA
HIGH CVE-2020-7212 Pip-urllib3-1.25.7 CxSCA
HIGH CVE-2020-8203 Npm-lodash-4.17.11 CxSCA
HIGH CVE-2021-23337 Npm-lodash-4.17.11 CxSCA
HIGH CVE-2021-33503 Pip-urllib3-1.25.7 CxSCA
HIGH CVE-2022-22965 Maven-org.springframework:spring-core-3.2.4.RELEASE CxSCA
HIGH CVE-2022-22965 Maven-org.springframework:spring-beans-3.2.8.RELEASE CxSCA
HIGH Cx0b414307-5d4b Npm-lodash-4.17.11 CxSCA
HIGH Cx191416a7-eb64 Npm-momnet-2.29.1 CxSCA
HIGH Cx1b75ed25-032c Npm-ua-parser-js-0.7.29 CxSCA
HIGH Cx214f1789-c1e1 Npm-ua-parser-js-0.7.29 CxSCA
HIGH Cx2337e8b5-a251 Npm-scs-0.0.1 CxSCA
HIGH Cx2d57dc6f-d45c Npm-ua-parser-js-0.7.29 CxSCA
HIGH Cx35497f66-1271 Npm-scs-0.0.1 CxSCA
HIGH Cx3b419b19-bd3d Npm-flow-dev-tools-99.10.9 CxSCA
HIGH Cx49c80dd6-7a62 Npm-node-ipc-9.2.2 CxSCA
HIGH Cx4f83a617-d534 Npm-flow-dev-tools-99.10.9 CxSCA
HIGH Cx52f45e3b-946f Npm-ua-parser-js-0.7.29 CxSCA
HIGH Cx53184b93-3a8d Npm-scs-0.0.1 CxSCA
HIGH Cx538e98ac-4c27 Npm-scs-0.0.1 CxSCA
HIGH Cx700682f9-893e Npm-momnet-2.29.1 CxSCA
HIGH Cx9bc093dc-8007 Npm-scs-0.0.1 CxSCA
HIGH Cxad4c2499-b02f Npm-scs-0.0.1 CxSCA
HIGH Cxb8de80d9-0654 Npm-ua-parser-js-0.7.29 CxSCA
HIGH Cxbd45c2b9-4622 Npm-ua-parser-js-0.7.29 CxSCA
HIGH Cxcc09496a-59c8 Npm-js-yaml-3.6.1 CxSCA
HIGH Cxd1df8707-be05 Npm-ua-parser-js-0.7.29 CxSCA
HIGH Cxdca8e59f-8bfe Npm-inflight-1.0.6 CxSCA
HIGH Cxe0aba705-4a77 Npm-ua-parser-js-0.7.29 CxSCA
HIGH Cxe323e959-69d9 Npm-node-ipc-9.2.2 CxSCA
HIGH Cxec49316b-56df Npm-js-yaml-3.6.1 CxSCA
HIGH Cxf5f7fab6-4853 Npm-flow-dev-tools-99.10.9 CxSCA
HIGH EC2 Instance Has Public IP /terraform_examples/negative2.tf: 83, 96, 109 CxKICS
HIGH EC2 Instance Has Public IP /terraform_examples/positive2.tf: 82, 95, 108 CxKICS
HIGH Missing User Instruction /Dockerfile: 1 CxKICS
HIGH Run Using Upgrade Commands /Dockerfile: 5 CxKICS
MEDIUM ALB Not Dropping Invalid Headers /terraform_examples/negative2.tf: 49 CxKICS
MEDIUM ALB Not Dropping Invalid Headers /terraform_examples/positive1.tf: 15 CxKICS
MEDIUM ALB Not Dropping Invalid Headers /terraform_examples/negative1.tf: 15 CxKICS
MEDIUM ALB Not Dropping Invalid Headers /terraform_examples/positive2.tf: 49 CxKICS
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 5 CxKICS
MEDIUM CVE-2014-3578 Maven-org.springframework:spring-core-3.2.4.RELEASE CxSCA
MEDIUM CVE-2019-3795 Maven-org.springframework.security:spring-security-core-3.2.4.RELEASE CxSCA
MEDIUM CVE-2020-15250 Maven-junit:junit-4.8.1 CxSCA
MEDIUM CVE-2020-26137 Pip-urllib3-1.25.7 CxSCA
MEDIUM CVE-2020-28500 Npm-lodash-4.17.11 CxSCA
MEDIUM CVE-2020-5408 Maven-org.springframework.security:spring-security-core-3.2.4.RELEASE CxSCA
MEDIUM CVE-2021-22060 Maven-org.springframework:spring-core-3.2.4.RELEASE CxSCA
MEDIUM CVE-2022-22950 Maven-org.springframework:spring-expression-3.2.8.RELEASE CxSCA
MEDIUM CVE-2022-22950 Maven-org.springframework:spring-core-3.2.4.RELEASE CxSCA
MEDIUM Cx09fcb18c-d537 Npm-strong-type-0.1.6 CxSCA
MEDIUM Cx0afa125c-6f81 Npm-scs-0.0.1 CxSCA
MEDIUM Cx3fe736fd-5146 Npm-momnet-2.29.1 CxSCA
MEDIUM Cx72474d17-8c8b Npm-ua-parser-js-0.7.29 CxSCA
MEDIUM Cxd01a6f65-5ccf Npm-node-ipc-9.2.2 CxSCA
MEDIUM Cxfcbdedde-199a Npm-event-pubsub-5.0.3 CxSCA
MEDIUM Cxfd87d098-885c Npm-node-ipc-9.2.2 CxSCA
MEDIUM IAM Access Analyzer Undefined /terraform_examples/negative1.tf: 1 CxKICS
MEDIUM VPC FlowLogs Disabled /terraform_examples/positive2.tf: 26 CxKICS
MEDIUM VPC FlowLogs Disabled /terraform_examples/negative2.tf: 26 CxKICS
MEDIUM VPC Without Network Firewall /terraform_examples/positive2.tf: 26 CxKICS
MEDIUM VPC Without Network Firewall /terraform_examples/negative2.tf: 26 CxKICS
LOW ALB Deletion Protection Disabled /terraform_examples/positive2.tf: 49 CxKICS
LOW ALB Deletion Protection Disabled /terraform_examples/negative2.tf: 49 CxKICS
LOW ALB Deletion Protection Disabled /terraform_examples/positive1.tf: 15 CxKICS
LOW ALB Deletion Protection Disabled /terraform_examples/negative1.tf: 15 CxKICS
LOW EC2 Instance Using Default Security Group /terraform_examples/positive2.tf: 83, 96, 109 CxKICS
LOW EC2 Instance Using Default Security Group /terraform_examples/negative2.tf: 84, 97, 110 CxKICS
LOW Healthcheck Instruction Missing /Dockerfile: 1 CxKICS
LOW Shield Advanced Not In Use /terraform_examples/positive2.tf: 49 CxKICS
LOW Shield Advanced Not In Use /terraform_examples/negative1.tf: 15 CxKICS
LOW Shield Advanced Not In Use /terraform_examples/positive1.tf: 15 CxKICS
LOW Shield Advanced Not In Use /terraform_examples/negative2.tf: 49 CxKICS

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@pedromprdias2