Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update image-scan-analysis.yml #25

Closed
wants to merge 177 commits into from
Closed

Update image-scan-analysis.yml #25

wants to merge 177 commits into from

Conversation

sookeke
Copy link
Owner

@sookeke sookeke commented Sep 17, 2021

No description provided.

@sookeke
Update image-scan-analysis.yml
0386291
@sookeke
Update image-scan-analysis.yml
855b7dc
@sookeke
Update image-scan-analysis.yml
e50dc3d
@sookeke
Update image-scan-analysis.yml
39b3495
@sookeke
Update image-scan-analysis.yml
121dc92
@sookeke
Update image-scan-analysis.yml
62748fe
@sookeke
Update image-scan-analysis.yml
30f2c91
@sookeke
Update image-scan-analysis.yml
2b423bc
@sookeke
Update image-scan-analysis.yml
1f91c96
@sookeke
Update image-scan-analysis.yml
dba1a7b
@sookeke
Update image-scan-analysis.yml
fe9d831
@sookeke
Update image-scan-analysis.yml
997b6e9
@sookeke
Update image-scan-analysis.yml
c719a73
@sookeke
Create Image_scan_comment.yml
7032f36
@sookeke
Update image-scan-analysis.yml
0999f7b
@sookeke
Update image-scan-analysis.yml
4b20d81
@sookeke
Update Image_scan_comment.yml
386ee27
@sookeke
Rename Image_scan_comment.yml to comment.yml
babd341
@sookeke
Update image-scan-analysis.yml
1ad848a
@sookeke
Update image-scan-analysis.yml
ba7ae79
@sookeke
Update image-scan-analysis.yml
6a2c874
@sookeke
Update image-scan-analysis.yml
fdad254
@sookeke
Update image-scan-analysis.yml
b7b2e7d
@sookeke
Update image-scan-analysis.yml
0b52a1c
@sookeke
Update image-scan-analysis.yml
646fca6
@sookeke
Update image-scan-analysis.yml
58ad22d
@sookeke
Update image-scan-analysis.yml
5861bcd
@sookeke
Update image-scan-analysis.yml
16478bc
@sookeke
Update image-scan-analysis.yml
1ce043f
@sookeke
Update image-scan-analysis.yml
d88b68f
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
Repository owner deleted a comment from github-actions bot Sep 24, 2021
@github-actions
Copy link

github-actions bot commented Sep 24, 2021
edited

image-registry.apps.silver.devops.gov.bc.ca/jenkins-agent-dotnet:latest vulnerability report

|         LIBRARY          | VULNERABILITY ID | SEVERITY |    INSTALLED VERSION    |      FIXED VERSION      |                 TITLE                 |
+--------------------------+------------------+----------+-------------------------+-------------------------+---------------------------------------+
| bind-libs                | CVE-2020-8625    | HIGH     | 32:9.11.4-26.P2.el7_9.3 | 32:9.11.4-26.P2.el7_9.4 | bind: Buffer overflow in the SPNEGO   |
|                          |                  |          |                         |                         | implementation affecting GSSAPI       |
|                          |                  |          |                         |                         | security policy negotiation...        |
|                          |                  |          |                         |                         | -->avd.aquasec.com/nvd/cve-2020-8625  |
+                          +------------------+          +                         +-------------------------+---------------------------------------+
|                          | CVE-2021-25215   |          |                         | 32:9.11.4-26.P2.el7_9.5 | bind: An assertion check              |
|                          |                  |          |                         |                         | can fail while answering              |
|                          |                  |          |                         |                         | queries for DNAME records...          |
|                          |                  |          |                         |                         | -->avd.aquasec.com/nvd/cve-2021-25215 |
+--------------------------+------------------+          +                         +-------------------------+---------------------------------------+
| bind-libs-lite           | CVE-2020-8625    |          |                         | 32:9.11.4-26.P2.el7_9.4 | bind: Buffer overflow in the SPNEGO   |
|                          |                  |          |                         |                         | implementation affecting GSSAPI       |
|                          |                  |          |                         |                         | security policy negotiation...        |
|                          |                  |          |                         |                         | -->avd.aquasec.com/nvd/cve-2020-8625  |
+                          +------------------+          +                         +-------------------------+---------------------------------------+
|                          | CVE-2021-25215   |          |                         | 32:9.11.4-26.P2.el7_9.5 | bind: An assertion check              |
|                          |                  |          |                         |                         | can fail while answering              |
|                          |                  |          |                         |                         | queries for DNAME records...          |
|                          |                  |          |                         |                         | -->avd.aquasec.com/nvd/cve-2021-25215 |
+--------------------------+------------------+          +                         +-------------------------+---------------------------------------+
| bind-license             | CVE-2020-8625    |          |                         | 32:9.11.4-26.P2.el7_9.4 | bind: Buffer overflow in the SPNEGO   |
|                          |                  |          |                         |                         | implementation affecting GSSAPI       |
|                          |                  |          |                         |                         | security policy negotiation...        |
|                          |                  |          |                         |                         | -->avd.aquasec.com/nvd/cve-2020-8625  |
+                          +------------------+          +                         +-------------------------+---------------------------------------+
|                          | CVE-2021-25215   |          |                         | 32:9.11.4-26.P2.el7_9.5 | bind: An assertion check              |
|                          |                  |          |                         |                         | can fail while answering              |
|                          |                  |          |                         |                         | queries for DNAME records...          |
|                          |                  |          |                         |                         | -->avd.aquasec.com/nvd/cve-2021-25215 |
+--------------------------+------------------+          +                         +-------------------------+---------------------------------------+
| bind-utils               | CVE-2020-8625    |          |                         | 32:9.11.4-26.P2.el7_9.4 | bind: Buffer overflow in the SPNEGO   |
|                          |                  |          |                         |                         | implementation affecting GSSAPI       |
|                          |                  |          |                         |                         | security policy negotiation...        |
|                          |                  |          |                         |                         | -->avd.aquasec.com/nvd/cve-2020-8625  |
+                          +------------------+          +                         +-------------------------+---------------------------------------+
|                          | CVE-2021-25215   |          |                         | 32:9.11.4-26.P2.el7_9.5 | bind: An assertion check              |
|                          |                  |          |                         |                         | can fail while answering              |
|                          |                  |          |                         |                         | queries for DNAME records...          |
|                          |                  |          |                         |                         | -->avd.aquasec.com/nvd/cve-2021-25215 |
+--------------------------+------------------+          +-------------------------+-------------------------+---------------------------------------+
| glib2                    | CVE-2021-27219   |          | 2.56.1-8.el7            | 2.56.1-9.el7_9          | glib: integer overflow in             |
|                          |                  |          |                         |                         | g_bytes_new function on               |
|                          |                  |          |                         |                         | 64-bit platforms due to an...         |
|                          |                  |          |                         |                         | -->avd.aquasec.com/nvd/cve-2021-27219 |
+--------------------------+------------------+          +-------------------------+-------------------------+---------------------------------------+
| java-11-openjdk-headless | CVE-2021-2388    |          | 1:11.0.9.11-2.el7_9     | 1:11.0.12.0.7-0.el7_9   | OpenJDK: Incorrect                    |
|                          |                  |          |                         |                         | comparison during range check         |
|                          |                  |          |                         |                         | elimination (Hotspot, 8264066)        |
|                          |                  |          |                         |                         | -->avd.aquasec.com/nvd/cve-2021-2388  |
+--------------------------+------------------+----------+-------------------------+-------------------------+---------------------------------------+"```

@github-actions
Copy link

image-registry.apps.silver.devops.gov.bc.ca/dotnet-sdk:5.0 vulnerability report

|     LIBRARY      | VULNERABILITY ID | SEVERITY | INSTALLED VERSION |  FIXED VERSION   |                 TITLE                 |
+------------------+------------------+----------+-------------------+------------------+---------------------------------------+
| libgcrypt20      | CVE-2021-33560   | HIGH     | 1.8.4-5           | 1.8.4-5+deb10u1  | libgcrypt: mishandles ElGamal         |
|                  |                  |          |                   |                  | encryption because it lacks           |
|                  |                  |          |                   |                  | exponent blinding to address a...     |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-33560 |
+------------------+------------------+----------+-------------------+------------------+---------------------------------------+
| libgnutls30      | CVE-2021-20231   | CRITICAL | 3.6.7-4+deb10u6   | 3.6.7-4+deb10u7  | gnutls: Use after free in             |
|                  |                  |          |                   |                  | client key_share extension            |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-20231 |
+                  +------------------+          +                   +                  +---------------------------------------+
|                  | CVE-2021-20232   |          |                   |                  | gnutls: Use after free                |
|                  |                  |          |                   |                  | in client_send_params in              |
|                  |                  |          |                   |                  | lib/ext/pre_shared_key.c              |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-20232 |
+                  +------------------+----------+                   +                  +---------------------------------------+
|                  | CVE-2020-24659   | HIGH     |                   |                  | gnutls: Heap buffer                   |
|                  |                  |          |                   |                  | overflow in handshake with            |
|                  |                  |          |                   |                  | no_renegotiation alert sent           |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2020-24659 |
+------------------+------------------+          +-------------------+------------------+---------------------------------------+
| libgssapi-krb5-2 | CVE-2021-36222   |          | 1.17-3+deb10u1    | 1.17-3+deb10u2   | krb5: Sending a request containing    |
|                  |                  |          |                   |                  | PA-ENCRYPTED-CHALLENGE padata         |
|                  |                  |          |                   |                  | element without using FAST could...   |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-36222 |
+------------------+------------------+          +-------------------+------------------+---------------------------------------+
| libhogweed4      | CVE-2021-20305   |          | 3.4.1-1           | 3.4.1-1+deb10u1  | nettle: Out of bounds memory          |
|                  |                  |          |                   |                  | access in signature verification      |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-20305 |
+                  +------------------+          +                   +                  +---------------------------------------+
|                  | CVE-2021-3580    |          |                   |                  | nettle: Remote crash                  |
|                  |                  |          |                   |                  | in RSA decryption via                 |
|                  |                  |          |                   |                  | manipulated ciphertext                |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-3580  |
+------------------+------------------+          +-------------------+------------------+---------------------------------------+
| libk5crypto3     | CVE-2021-36222   |          | 1.17-3+deb10u1    | 1.17-3+deb10u2   | krb5: Sending a request containing    |
|                  |                  |          |                   |                  | PA-ENCRYPTED-CHALLENGE padata         |
|                  |                  |          |                   |                  | element without using FAST could...   |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-36222 |
+------------------+                  +          +                   +                  +                                       +
| libkrb5-3        |                  |          |                   |                  |                                       |
|                  |                  |          |                   |                  |                                       |
|                  |                  |          |                   |                  |                                       |
|                  |                  |          |                   |                  |                                       |
+------------------+                  +          +                   +                  +                                       +
| libkrb5support0  |                  |          |                   |                  |                                       |
|                  |                  |          |                   |                  |                                       |
|                  |                  |          |                   |                  |                                       |
|                  |                  |          |                   |                  |                                       |
+------------------+------------------+----------+-------------------+------------------+---------------------------------------+
| liblz4-1         | CVE-2021-3520    | CRITICAL | 1.8.3-1           | 1.8.3-1+deb10u1  | lz4: memory corruption                |
|                  |                  |          |                   |                  | due to an integer overflow            |
|                  |                  |          |                   |                  | bug caused by memmove...              |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-3520  |
+------------------+------------------+----------+-------------------+------------------+---------------------------------------+
| libnettle6       | CVE-2021-20305   | HIGH     | 3.4.1-1           | 3.4.1-1+deb10u1  | nettle: Out of bounds memory          |
|                  |                  |          |                   |                  | access in signature verification      |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-20305 |
+                  +------------------+          +                   +                  +---------------------------------------+
|                  | CVE-2021-3580    |          |                   |                  | nettle: Remote crash                  |
|                  |                  |          |                   |                  | in RSA decryption via                 |
|                  |                  |          |                   |                  | manipulated ciphertext                |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-3580  |
+------------------+------------------+----------+-------------------+------------------+---------------------------------------+
| libssl1.1        | CVE-2021-3711    | CRITICAL | 1.1.1d-0+deb10u6  | 1.1.1d-0+deb10u7 | openssl: SM2 Decryption               |
|                  |                  |          |                   |                  | Buffer Overflow                       |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-3711  |
+                  +------------------+----------+                   +                  +---------------------------------------+
|                  | CVE-2021-3712    | HIGH     |                   |                  | openssl: Read buffer overruns         |
|                  |                  |          |                   |                  | processing ASN.1 strings              |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-3712  |
+------------------+------------------+----------+                   +                  +---------------------------------------+
| openssl          | CVE-2021-3711    | CRITICAL |                   |                  | openssl: SM2 Decryption               |
|                  |                  |          |                   |                  | Buffer Overflow                       |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-3711  |
+                  +------------------+----------+                   +                  +---------------------------------------+
|                  | CVE-2021-3712    | HIGH     |                   |                  | openssl: Read buffer overruns         |
|                  |                  |          |                   |                  | processing ASN.1 strings              |
|                  |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-3712  |
+------------------+------------------+----------+-------------------+------------------+---------------------------------------+```

@sookeke sookeke closed this Sep 25, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@sookeke @codecov-commenter