Merge pull request #38 from pascaliske/renovate/actions-setup-node-4.x #112
pascaliskeAnnotations
10 errors and 12 warnings
|
Scan
CVE-2022-3094 - HIGH severity - flooding with UPDATE requests may lead to DoS vulnerability in bind-libs
|
|
Scan
CVE-2022-3736 - HIGH severity - sending specific queries to the resolver may cause a DoS vulnerability in bind-libs
|
|
Scan
CVE-2022-3924 - HIGH severity - sending specific queries to the resolver may cause a DoS vulnerability in bind-libs
|
|
Scan
CVE-2023-3341 - HIGH severity - stack exhaustion in control channel code may lead to DoS vulnerability in bind-libs
|
|
Scan
CVE-2023-4236 - HIGH severity - an assertion failure may lead to DoS vulnerability in bind-libs
|
|
Scan
CVE-2022-3094 - HIGH severity - flooding with UPDATE requests may lead to DoS vulnerability in bind-tools
|
|
Scan
CVE-2022-3736 - HIGH severity - sending specific queries to the resolver may cause a DoS vulnerability in bind-tools
|
|
Scan
CVE-2022-3924 - HIGH severity - sending specific queries to the resolver may cause a DoS vulnerability in bind-tools
|
|
Scan
CVE-2023-3341 - HIGH severity - stack exhaustion in control channel code may lead to DoS vulnerability in bind-tools
|
|
Scan
CVE-2023-4236 - HIGH severity - an assertion failure may lead to DoS vulnerability in bind-tools
|
|
Scan
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
Scan
CVE-2022-4203 - MEDIUM severity - read buffer overflow in X.509 certificate verification vulnerability in libcrypto3
|
|
Scan
CVE-2022-4304 - MEDIUM severity - timing attack in RSA Decryption implementation vulnerability in libcrypto3
|
|
Scan
CVE-2023-0465 - MEDIUM severity - Invalid certificate policies in leaf certificates are silently ignored vulnerability in libcrypto3
|
|
Scan
CVE-2023-0466 - MEDIUM severity - Certificate policy check not enabled vulnerability in libcrypto3
|
|
Scan
CVE-2023-1255 - MEDIUM severity - Input buffer over-read in AES-XTS implementation on 64 bit ARM vulnerability in libcrypto3
|
|
Scan
CVE-2023-2650 - MEDIUM severity - Possible DoS translating ASN.1 object identifiers vulnerability in libcrypto3
|
|
Scan
CVE-2023-2975 - MEDIUM severity - AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries vulnerability in libcrypto3
|
|
Scan
CVE-2023-3446 - MEDIUM severity - Excessive time spent checking DH keys and parameters vulnerability in libcrypto3
|
|
Scan
CVE-2023-3817 - MEDIUM severity - Excessive time spent checking DH q parameter value vulnerability in libcrypto3
|
|
Scan
CVE-2022-4203 - MEDIUM severity - read buffer overflow in X.509 certificate verification vulnerability in libssl3
|
|
Build
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|