Skip to content

Commit

Permalink
fix(security): vulnerabilities found in cactus-rust-compiler
Browse files Browse the repository at this point in the history 
This fix will ignore AsymmetricPrivateKey (private-key)

Fixes #2042

Signed-off-by: zondervancalvez <[email protected]>
  • Loading branch information
@zondervancalvez
zondervancalvez committed Sep 19, 2023
1 parent b3a508c commit bc0b919
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions trivy-secret.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
rules:
- id: private-key
category: CategoryAsymmetricPrivateKey
title: Asymmetric Private Key
severity: HIGH
regex: (?i)-----\s*?BEGIN[ A-Z0-9_-]*?PRIVATE KEY( BLOCK)?\s*?-----(?P<secret>[A-Za-z0-9=+/\s]*?)-----\s*?END[ A-Z0-9_-]*? PRIVATE KEY( BLOCK)?\s*?-----

0 comments on commit bc0b919

Please sign in to comment.