Skip to content

Merge pull request #80 from pascaliske/renovate/actions-setup-node-4.x #162

Merge pull request #80 from pascaliske/renovate/actions-setup-node-4.x

Merge pull request #80 from pascaliske/renovate/actions-setup-node-4.x #162

Triggered via push July 10, 2024 05:20
Status Success
Total duration 41s
Artifacts 1

image.yml

on: push
Fit to window
Zoom out
Zoom in

Annotations

10 errors, 12 warnings, and 4 notices
Scan
CVE-2022-32221 - CRITICAL severity - curl: POST following PUT confusion vulnerability in curl
Scan
CVE-2023-23914 - CRITICAL severity - curl: HSTS ignored on multiple requests vulnerability in curl
Scan
CVE-2023-38545 - CRITICAL severity - curl: heap based buffer overflow in the SOCKS5 proxy handshake vulnerability in curl
Scan
CVE-2022-42915 - HIGH severity - curl: HTTP proxy double-free vulnerability in curl
Scan
CVE-2022-42916 - HIGH severity - curl: HSTS bypass via IDN vulnerability in curl
Scan
CVE-2022-43551 - HIGH severity - curl: HSTS bypass via IDN vulnerability in curl
Scan
CVE-2023-27533 - HIGH severity - curl: TELNET option IAC injection vulnerability in curl
Scan
CVE-2023-27534 - HIGH severity - curl: SFTP path ~ resolving discrepancy vulnerability in curl
Scan
CVE-2023-28319 - HIGH severity - curl: use after free in SSH sha256 fingerprint check vulnerability in curl
Scan
CVE-2023-38039 - HIGH severity - curl: out of heap memory issue due to missing limit on header quantity vulnerability in curl
Scan
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
Scan
CVE-2023-42366 - MEDIUM severity - busybox: A heap-buffer-overflow vulnerability in busybox
Scan
CVE-2022-43552 - MEDIUM severity - curl: Use-after-free triggered by an HTTP proxy deny response vulnerability in curl
Scan
CVE-2023-23915 - MEDIUM severity - curl: HSTS amnesia with --parallel vulnerability in curl
Scan
CVE-2023-23916 - MEDIUM severity - curl: HTTP multi-header compression denial of service vulnerability in curl
Scan
CVE-2023-27535 - MEDIUM severity - curl: FTP too eager connection reuse vulnerability in curl
Scan
CVE-2023-27536 - MEDIUM severity - curl: GSS delegation too eager connection re-use vulnerability in curl
Scan
CVE-2023-27537 - MEDIUM severity - curl: HSTS double-free vulnerability in curl
Scan
CVE-2023-27538 - MEDIUM severity - curl: SSH connection too eager reuse still vulnerability in curl
Scan
CVE-2023-28320 - MEDIUM severity - curl: siglongjmp race condition may lead to crash vulnerability in curl
Scan
CVE-2023-28321 - MEDIUM severity - curl: IDN wildcard match may lead to Improper Cerificate Validation vulnerability in curl
Build
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
Scan
CVE-2023-28322 - LOW severity - curl: more POST-after-PUT confusion vulnerability in curl
Scan
CVE-2023-38546 - LOW severity - curl: cookie injection with none file vulnerability in curl
Scan
CVE-2023-28322 - LOW severity - curl: more POST-after-PUT confusion vulnerability in libcurl
Scan
CVE-2023-38546 - LOW severity - curl: cookie injection with none file vulnerability in libcurl

Artifacts

Produced during runtime
Name Size
pascaliske~docker-cloudflare-dyndns~U3G2BW.dockerbuild Expired
18.3 KB