Skip to content

ci: add PR workflow for checking dependencies #8

ci: add PR workflow for checking dependencies

ci: add PR workflow for checking dependencies #8

Triggered via pull request October 10, 2023 21:29
@stemplerstempler
synchronize #43
ci/trivy
Status Failure
Total duration 2m 8s
Artifacts 1

check.yml

on: pull_request
Fit to window
Zoom out
Zoom in

Annotations

10 errors
13.[CRITICAL] CVE-2017-5929: 13#L1
logback: Serialization vulnerability in SocketServer and ServerSocketReceiver
13.[CRITICAL] CVE-2017-5929: 13#L1
logback: Serialization vulnerability in SocketServer and ServerSocketReceiver
171.[CRITICAL] CVE-2021-23463: 171#L1
XXE injection vulnerability
171.[CRITICAL] CVE-2021-42392: 171#L1
h2: Remote Code Execution in Console
171.[CRITICAL] CVE-2022-23221: 171#L1
Loading of custom classes from remote servers through JNDI
1.[CRITICAL] CVE-2017-11467: 1#L1
OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injection
5.[CRITICAL] CVE-2013-7285: 5#L1
XStream: remote code execution due to insecure XML deserialization
5.[CRITICAL] CVE-2021-21342: 5#L1
XStream: SSRF via crafted input stream
5.[CRITICAL] CVE-2021-21344: 5#L1
XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet
5.[CRITICAL] CVE-2021-21345: 5#L1
XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry

Artifacts

Produced during runtime
Name Size
Vulnerability report (HTML) Expired
852 KB