Image

Merge pull request #31 from pascaliske/renovate/crazy-max-ghaction-gi… #94

Summary
Jobs
- Build
- Scan
Run details
- Usage
- Workflow file

Annotations

10 errors and 11 warnings

CVE-2022-3094 - HIGH severity - flooding with UPDATE requests may lead to DoS vulnerability in bind-libs

CVE-2022-3736 - HIGH severity - sending specific queries to the resolver may cause a DoS vulnerability in bind-libs

CVE-2022-3924 - HIGH severity - sending specific queries to the resolver may cause a DoS vulnerability in bind-libs

CVE-2022-3094 - HIGH severity - flooding with UPDATE requests may lead to DoS vulnerability in bind-tools

CVE-2022-3736 - HIGH severity - sending specific queries to the resolver may cause a DoS vulnerability in bind-tools

CVE-2022-3924 - HIGH severity - sending specific queries to the resolver may cause a DoS vulnerability in bind-tools

CVE-2022-1304 - HIGH severity - out-of-bounds read/write via crafted filesystem vulnerability in libcom_err

CVE-2022-3996 - HIGH severity - openssl: double locking leads to denial of service vulnerability in libcrypto3

CVE-2022-4450 - HIGH severity - double free after calling PEM_read_bio_ex vulnerability in libcrypto3

CVE-2023-0215 - HIGH severity - use-after-free following BIO_new_NDEF vulnerability in libcrypto3

The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

CVE-2022-4203 - MEDIUM severity - read buffer overflow in X.509 certificate verification vulnerability in libcrypto3

CVE-2022-4304 - MEDIUM severity - timing attack in RSA Decryption implementation vulnerability in libcrypto3

CVE-2023-0465 - MEDIUM severity - Invalid certificate policies in leaf certificates are silently ignored vulnerability in libcrypto3

CVE-2023-0466 - MEDIUM severity - Certificate policy check not enabled vulnerability in libcrypto3

CVE-2023-1255 - MEDIUM severity - Input buffer over-read in AES-XTS implementation on 64 bit ARM vulnerability in libcrypto3

CVE-2023-2650 - MEDIUM severity - Possible DoS translating ASN.1 object identifiers vulnerability in libcrypto3

CVE-2023-2975 - MEDIUM severity - AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries vulnerability in libcrypto3

CVE-2023-3446 - MEDIUM severity - Excessive time spent checking DH keys and parameters vulnerability in libcrypto3

CVE-2023-3817 - MEDIUM severity - Excessive time spent checking DH q parameter value vulnerability in libcrypto3

CVE-2022-4203 - MEDIUM severity - read buffer overflow in X.509 certificate verification vulnerability in libssl3

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #31 from pascaliske/renovate/crazy-max-ghaction-gi… #94

Scan

Merge pull request #31 from pascaliske/renovate/crazy-max-ghaction-gi… #94

Jobs

Run details

Annotations

The logs for this run have expired and are no longer available.

Re-running jobs...