chore(deps): update actions/checkout digest to b4ffde6 #126
Annotations
10 errors, 12 warnings, and 2 notices
Scan
CVE-2022-32221 - CRITICAL severity - POST following PUT confusion vulnerability in curl
|
Scan
CVE-2023-23914 - CRITICAL severity - HSTS ignored on multiple requests vulnerability in curl
|
Scan
CVE-2022-42915 - HIGH severity - HTTP proxy double-free vulnerability in curl
|
Scan
CVE-2022-42916 - HIGH severity - HSTS bypass via IDN vulnerability in curl
|
Scan
CVE-2022-43551 - HIGH severity - HSTS bypass via IDN vulnerability in curl
|
Scan
CVE-2023-27533 - HIGH severity - TELNET option IAC injection vulnerability in curl
|
Scan
CVE-2023-27534 - HIGH severity - SFTP path ~ resolving discrepancy vulnerability in curl
|
Scan
CVE-2023-28319 - HIGH severity - use after free in SSH sha256 fingerprint check vulnerability in curl
|
Scan
CVE-2023-38039 - HIGH severity - out of heap memory issue due to missing limit on header quantity vulnerability in curl
|
Scan
CVE-2023-38545 - HIGH severity - a heap based buffer overflow in the SOCKS5 proxy handshake vulnerability in curl
|
Scan
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
Scan
CVE-2022-43552 - MEDIUM severity - Use-after-free triggered by an HTTP proxy deny response vulnerability in curl
|
Scan
CVE-2023-23915 - MEDIUM severity - HSTS amnesia with --parallel vulnerability in curl
|
Scan
CVE-2023-23916 - MEDIUM severity - HTTP multi-header compression denial of service vulnerability in curl
|
Scan
CVE-2023-27535 - MEDIUM severity - FTP too eager connection reuse vulnerability in curl
|
Scan
CVE-2023-27536 - MEDIUM severity - GSS delegation too eager connection re-use vulnerability in curl
|
Scan
CVE-2023-27537 - MEDIUM severity - curl: HSTS double-free vulnerability in curl
|
Scan
CVE-2023-27538 - MEDIUM severity - SSH connection too eager reuse still vulnerability in curl
|
Scan
CVE-2023-28320 - MEDIUM severity - siglongjmp race condition may lead to crash vulnerability in curl
|
Scan
CVE-2023-28321 - MEDIUM severity - IDN wildcard match may lead to Improper Cerificate Validation vulnerability in curl
|
Scan
CVE-2023-38546 - MEDIUM severity - cookie injection with none file vulnerability in curl
|
Build
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
Scan
CVE-2023-28322 - LOW severity - more POST-after-PUT confusion vulnerability in curl
|
Scan
CVE-2023-28322 - LOW severity - more POST-after-PUT confusion vulnerability in libcurl
|