fix: use aws mirror for trivy db #387
test.yaml
on: pull_request
image-ok
/
Build and push
30s
image-vulnerable
/
Build and push
30s
image-with-extra-tags
/
Build and push
36s
Annotations
10 errors and 10 warnings
image-vulnerable / Build and push
HIGH CVE-2022-28391 busybox: busybox: remote attackers may execute arbitrary code if netstat is used (https://avd.aquasec.com/nvd/cve-2022-28391)
|
image-vulnerable / Build and push
CRITICAL CVE-2022-22822 expat: expat: Integer overflow in addBinding in xmlparse.c (https://avd.aquasec.com/nvd/cve-2022-22822)
|
image-vulnerable / Build and push
CRITICAL CVE-2022-22823 expat: expat: Integer overflow in build_model in xmlparse.c (https://avd.aquasec.com/nvd/cve-2022-22823)
|
image-vulnerable / Build and push
CRITICAL CVE-2022-22824 expat: expat: Integer overflow in defineAttribute in xmlparse.c (https://avd.aquasec.com/nvd/cve-2022-22824)
|
image-vulnerable / Build and push
CRITICAL CVE-2022-23852 expat: expat: Integer overflow in function XML_GetBuffer (https://avd.aquasec.com/nvd/cve-2022-23852)
|
image-vulnerable / Build and push
CRITICAL CVE-2022-25235 expat: expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (https://avd.aquasec.com/nvd/cve-2022-25235)
|
image-vulnerable / Build and push
CRITICAL CVE-2022-25236 expat: expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution (https://avd.aquasec.com/nvd/cve-2022-25236)
|
image-vulnerable / Build and push
CRITICAL CVE-2022-25315 expat: expat: Integer overflow in storeRawNames() (https://avd.aquasec.com/nvd/cve-2022-25315)
|
image-vulnerable / Build and push
HIGH CVE-2021-45960 expat: expat: Large number of prefixed XML attributes on a single tag can crash libexpat (https://avd.aquasec.com/nvd/cve-2021-45960)
|
image-vulnerable / Build and push
HIGH CVE-2021-46143 expat: expat: Integer overflow in doProlog in xmlparse.c (https://avd.aquasec.com/nvd/cve-2021-46143)
|
image-vulnerable / Build and push
MEDIUM CVE-2022-25313 expat: expat: Stack exhaustion in doctype parsing (https://avd.aquasec.com/nvd/cve-2022-25313)
|
image-vulnerable / Build and push
MEDIUM CVE-2021-37750 krb5-libs: krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field (https://avd.aquasec.com/nvd/cve-2021-37750)
|
image-vulnerable / Build and push
MEDIUM CVE-2022-2097 libcrypto1.1: openssl: AES OCB fails to encrypt some bytes (https://avd.aquasec.com/nvd/cve-2022-2097)
|
image-vulnerable / Build and push
MEDIUM CVE-2022-4304 libcrypto1.1: openssl: timing attack in RSA Decryption implementation (https://avd.aquasec.com/nvd/cve-2022-4304)
|
image-vulnerable / Build and push
MEDIUM CVE-2023-0465 libcrypto1.1: openssl: Invalid certificate policies in leaf certificates are silently ignored (https://avd.aquasec.com/nvd/cve-2023-0465)
|
image-vulnerable / Build and push
MEDIUM CVE-2023-2650 libcrypto1.1: openssl: Possible DoS translating ASN.1 object identifiers (https://avd.aquasec.com/nvd/cve-2023-2650)
|
image-vulnerable / Build and push
MEDIUM CVE-2023-3446 libcrypto1.1: openssl: Excessive time spent checking DH keys and parameters (https://avd.aquasec.com/nvd/cve-2023-3446)
|
image-vulnerable / Build and push
MEDIUM CVE-2023-3817 libcrypto1.1: OpenSSL: Excessive time spent checking DH q parameter value (https://avd.aquasec.com/nvd/cve-2023-3817)
|
image-vulnerable / Build and push
MEDIUM CVE-2023-5678 libcrypto1.1: openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow (https://avd.aquasec.com/nvd/cve-2023-5678)
|
image-vulnerable / Build and push
MEDIUM CVE-2022-2097 libssl1.1: openssl: AES OCB fails to encrypt some bytes (https://avd.aquasec.com/nvd/cve-2022-2097)
|
Artifacts
Produced during runtime
Name | Size | |
---|---|---|
nrkno~github-workflow-docker-build-push~9XO7LU.dockerbuild
|
14.3 KB |
|
nrkno~github-workflow-docker-build-push~EYQGWE.dockerbuild
|
14.4 KB |
|
nrkno~github-workflow-docker-build-push~F3FK5E.dockerbuild
|
19.7 KB |
|