Update shiftleft.yml #8
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Checking analysis of application
|
| ID | CVSS | Rating | Title |
|---|---|---|---|
| 77 | 9.0 | critical | SQL Injection: Attacker-controlled Data to SQL Database via password in WebController.login |
| 78 | 9.0 | critical | SQL Injection: Attacker-controlled Data to SQL Database via username in WebController.login |
| 1848 | 9.0 | critical | XML External Entities: Attacker-controlled Data Parsed as XML via body in WebController.issue |
| 68 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via username to Log in WebController.login |
| 69 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via amount to Log in WebController.transfer |
| 70 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via password to Log in WebController.loginSuccess |
| 71 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via amount to Log in WebController.transfer |
| 72 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked to Log in WebController.jwt |
| 73 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via username to Log in WebController.loginSuccess |
| 74 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via password to Log in WebController.login |
| Severity rating | Count |
|---|---|
| Critical | 3 |
| High | 10 |
| Medium | 0 |
| Low | 0 |
| Category | Count |
|---|---|
| Sensitive Data Leak | 7 |
| SQL Injection | 2 |
| XML External Entities | 1 |
| Server-Side Request Forgery | 1 |
| Deserialization | 1 |
| Cross-Site Scripting | 1 |
| OWASP 2021 Category | Count |
|---|---|
| A01-Broken-Access-Control | 7 |
| A03-Injection | 3 |
| A10-Server-Side-Request-Forgery-(Ssrf) | 1 |
| A08-Software-And-Data-Integrity-Failures | 1 |
| A05-Security-Misconfiguration | 1 |
No reachable SCA findings: FAIL
(5 matched vulnerabilities; configured threshold is 0).
Findings:
| ID | CVSS | Rating | CVE | Title |
|---|---|---|---|---|
| 87 | 7.5 | high | CVE-2021-25122 | When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request … |
| 114 | 7.5 | high | CVE-2020-13934 | h2c does not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException c… |
| 132 | 7.5 | high | CVE-2020-17527 | While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP requ… |
| 85 | 7.0 | high | CVE-2020-9484 | When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the… |
| 88 | 7.0 | high | CVE-2021-25329 | The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a con… |
| Severity rating | Count |
|---|---|
| Critical | 0 |
| High | 5 |
| Medium | 0 |
| Low | 0 |
| CVE | Count |
|---|---|
| CVE-2021-25329 | 1 |
| CVE-2021-25122 | 1 |
| CVE-2020-17527 | 1 |
| CVE-2020-13934 | 1 |
| CVE-2020-9484 | 1 |
No critical or high container findings: FAIL
(36 matched vulnerabilities; configured threshold is 0).
First 10 findings:
| ID | CVSS | Rating | CVE | Title |
|---|---|---|---|---|
| 2193 | 9.0 | critical | CVE-2019-14697 | musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library c… |
| 2204 | 9.0 | critical | CVE-2019-12900 | BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. |
| 2214 | 9.0 | critical | CVE-2019-8457 | SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. |
| 2190 | 7.0 | high | CVE-2020-14363 | An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application com… |
| 2215 | 7.0 | high | CVE-2020-11655 | SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo objec… |
| 2251 | 7.0 | high | CVE-2020-15999 | Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted … |
| 2252 | 7.0 | high | CVE-2019-2201 | In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to … |
| 2256 | 7.0 | high | CVE-2020-28196 | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/a… |
| 2263 | 7.0 | high | CVE-2020-1967 | Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference a… |
| 2264 | 7.0 | high | CVE-2020-1971 | The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provid… |
| Severity rating | Count |
|---|---|
| Critical | 3 |
| High | 33 |
| Medium | 0 |
| Low | 0 |
3 rules failed.
|
Checking analysis of application
|
| ID | CVSS | Rating | Title |
|---|---|---|---|
| 77 | 9.0 | critical | SQL Injection: Attacker-controlled Data to SQL Database via password in WebController.login |
| 78 | 9.0 | critical | SQL Injection: Attacker-controlled Data to SQL Database via username in WebController.login |
| 1848 | 9.0 | critical | XML External Entities: Attacker-controlled Data Parsed as XML via body in WebController.issue |
| 68 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via username to Log in WebController.login |
| 69 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via amount to Log in WebController.transfer |
| 70 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via password to Log in WebController.loginSuccess |
| 71 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via amount to Log in WebController.transfer |
| 72 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked to Log in WebController.jwt |
| 73 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via username to Log in WebController.loginSuccess |
| 74 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via password to Log in WebController.login |
| Severity rating | Count |
|---|---|
| Critical | 3 |
| High | 10 |
| Medium | 0 |
| Low | 0 |
| Category | Count |
|---|---|
| Sensitive Data Leak | 7 |
| SQL Injection | 2 |
| XML External Entities | 1 |
| Server-Side Request Forgery | 1 |
| Deserialization | 1 |
| Cross-Site Scripting | 1 |
| OWASP 2021 Category | Count |
|---|---|
| A01-Broken-Access-Control | 7 |
| A03-Injection | 3 |
| A10-Server-Side-Request-Forgery-(Ssrf) | 1 |
| A08-Software-And-Data-Integrity-Failures | 1 |
| A05-Security-Misconfiguration | 1 |
No reachable SCA findings: FAIL
(5 matched vulnerabilities; configured threshold is 0).
Findings:
| ID | CVSS | Rating | CVE | Title |
|---|---|---|---|---|
| 87 | 7.5 | high | CVE-2021-25122 | When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request … |
| 114 | 7.5 | high | CVE-2020-13934 | h2c does not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException c… |
| 132 | 7.5 | high | CVE-2020-17527 | While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP requ… |
| 85 | 7.0 | high | CVE-2020-9484 | When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the… |
| 88 | 7.0 | high | CVE-2021-25329 | The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a con… |
| Severity rating | Count |
|---|---|
| Critical | 0 |
| High | 5 |
| Medium | 0 |
| Low | 0 |
| CVE | Count |
|---|---|
| CVE-2021-25329 | 1 |
| CVE-2021-25122 | 1 |
| CVE-2020-17527 | 1 |
| CVE-2020-13934 | 1 |
| CVE-2020-9484 | 1 |
No critical or high container findings: FAIL
(36 matched vulnerabilities; configured threshold is 0).
First 10 findings:
| ID | CVSS | Rating | CVE | Title |
|---|---|---|---|---|
| 2193 | 9.0 | critical | CVE-2019-14697 | musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library c… |
| 2204 | 9.0 | critical | CVE-2019-12900 | BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. |
| 2214 | 9.0 | critical | CVE-2019-8457 | SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. |
| 2190 | 7.0 | high | CVE-2020-14363 | An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application com… |
| 2215 | 7.0 | high | CVE-2020-11655 | SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo objec… |
| 2251 | 7.0 | high | CVE-2020-15999 | Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted … |
| 2252 | 7.0 | high | CVE-2019-2201 | In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to … |
| 2256 | 7.0 | high | CVE-2020-28196 | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/a… |
| 2263 | 7.0 | high | CVE-2020-1967 | Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference a… |
| 2264 | 7.0 | high | CVE-2020-1971 | The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provid… |
| Severity rating | Count |
|---|---|
| Critical | 3 |
| High | 33 |
| Medium | 0 |
| Low | 0 |
3 rules failed.
|
Checking analysis of application
|
| ID | CVSS | Rating | Title |
|---|---|---|---|
| 77 | 9.0 | critical | SQL Injection: Attacker-controlled Data to SQL Database via password in WebController.login |
| 78 | 9.0 | critical | SQL Injection: Attacker-controlled Data to SQL Database via username in WebController.login |
| 1848 | 9.0 | critical | XML External Entities: Attacker-controlled Data Parsed as XML via body in WebController.issue |
| 68 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via username to Log in WebController.login |
| 69 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via amount to Log in WebController.transfer |
| 70 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via password to Log in WebController.loginSuccess |
| 71 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via amount to Log in WebController.transfer |
| 72 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked to Log in WebController.jwt |
| 73 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via username to Log in WebController.loginSuccess |
| 74 | 8.0 | high | Sensitive Data Leak: Sensitive Data is Leaked via password to Log in WebController.login |
| Severity rating | Count |
|---|---|
| Critical | 3 |
| High | 10 |
| Medium | 0 |
| Low | 0 |
| Category | Count |
|---|---|
| Sensitive Data Leak | 7 |
| SQL Injection | 2 |
| XML External Entities | 1 |
| Server-Side Request Forgery | 1 |
| Deserialization | 1 |
| Cross-Site Scripting | 1 |
| OWASP 2021 Category | Count |
|---|---|
| A01-Broken-Access-Control | 7 |
| A03-Injection | 3 |
| A10-Server-Side-Request-Forgery-(Ssrf) | 1 |
| A08-Software-And-Data-Integrity-Failures | 1 |
| A05-Security-Misconfiguration | 1 |
No reachable SCA findings: FAIL
(5 matched vulnerabilities; configured threshold is 0).
Findings:
| ID | CVSS | Rating | CVE | Title |
|---|---|---|---|---|
| 87 | 7.5 | high | CVE-2021-25122 | When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request … |
| 114 | 7.5 | high | CVE-2020-13934 | h2c does not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException c… |
| 132 | 7.5 | high | CVE-2020-17527 | While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP requ… |
| 85 | 7.0 | high | CVE-2020-9484 | When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the… |
| 88 | 7.0 | high | CVE-2021-25329 | The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a con… |
| Severity rating | Count |
|---|---|
| Critical | 0 |
| High | 5 |
| Medium | 0 |
| Low | 0 |
| CVE | Count |
|---|---|
| CVE-2021-25329 | 1 |
| CVE-2021-25122 | 1 |
| CVE-2020-17527 | 1 |
| CVE-2020-13934 | 1 |
| CVE-2020-9484 | 1 |
No critical or high container findings: FAIL
(36 matched vulnerabilities; configured threshold is 0).
First 10 findings:
| ID | CVSS | Rating | CVE | Title |
|---|---|---|---|---|
| 2193 | 9.0 | critical | CVE-2019-14697 | musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library c… |
| 2204 | 9.0 | critical | CVE-2019-12900 | BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. |
| 2214 | 9.0 | critical | CVE-2019-8457 | SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. |
| 2190 | 7.0 | high | CVE-2020-14363 | An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application com… |
| 2215 | 7.0 | high | CVE-2020-11655 | SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo objec… |
| 2251 | 7.0 | high | CVE-2020-15999 | Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted … |
| 2252 | 7.0 | high | CVE-2019-2201 | In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to … |
| 2256 | 7.0 | high | CVE-2020-28196 | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/a… |
| 2263 | 7.0 | high | CVE-2020-1967 | Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference a… |
| 2264 | 7.0 | high | CVE-2020-1971 | The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provid… |
| Severity rating | Count |
|---|---|
| Critical | 3 |
| High | 33 |
| Medium | 0 |
| Low | 0 |
3 rules failed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.