gitsecure-test3's People
Contributors
Watchers
gitsecure-test3's Issues
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
For Dockerfile: Dockerfile Stage: stage-0
✅ OS Packages Safe
✅ Pip Packages Safe
❌ Node Packages Safe
❌ Java Packages Safe
Detailed Package Analysis
OS Packages [Expand for more information]
Python Packages [Expand for more information]
Node Packages [Expand for more information]
Package Name: Version :
CVEs
Java Packages [Expand for more information]
Package Name: org.apache.tomcat:tomcat Version : 7.0.98
CVEs
CVE ID: CVE-2020-1935
Severity: MODERATE
Fixed in Version: 7.0.100
Description: In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE ID: GHSA-qxf4-chvg-4r8r
Severity: MODERATE
Fixed in Version: 7.0.100
Description: In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE ID: CVE-2019-17569
Severity: LOW
Fixed in Version: 7.0.100
Description: The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE ID: GHSA-767j-jfh2-jvrc
Severity: LOW
Fixed in Version: 7.0.100
Description: The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
GitSecure Auto-remediation
PR Created at: #94
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
GitSecure CIS Benchmark Evaluation
Docker CIS Community Edition 1.13
| Control ID | Section | Description |
|---|---|---|
| CM-6 | Configuration Management | Configuration Settings |
| CA-2 | Security Assessment and Authorization | Security Assessments |
Dockerfile: deploy/redis.yaml
| ID | Rule | Compliant? |
|---|---|---|
| 5.14 | Ensure 'on-failure' container restart policy is set to '5' | ? |
| 5.27 | Ensure docker commands always get the latest version of the image | ? |
| 5.13 | Ensure incoming container traffic is binded to a specific host interface | ? |
| 5.26 | Ensure container health is checked at runtime | ? |
| 5.30 | Ensure the host's user namespaces is not shared | ? |
| 5.8 | Ensure only needed ports are open on the container | ? |
| 5.17 | Ensure host devices are not directly exposed to containers | ? |
| 5.20 | Ensure the host's UTS namespace is not shared | ? |
| 5.31 | Ensure the Docker socket is not mounted inside any containers | ✔️ |
| 5.2 | Ensure SELinux security options are set, if applicable | ? |
| 5.7 | Ensure privileged ports are not mapped within containers | ✔️ |
| 5.10 | Ensure memory usage for container is limited | ❌ |
| 5.11 | Ensure CPU priority is set appropriately on the container | ❌ |
| 5.15 | Ensure the host's process namespace is not shared | ✔️ |
| 5.18 | Ensure the default ulimit is overwritten at runtime, only if needed | ? |
| 5.24 | Ensure cgroup usage is confirmed | ? |
| 5.25 | Ensure the container is restricted from acquiring additional privileges | ? |
| 5.1 | Ensure AppArmor Profile is Enabled | ? |
| 5.6 | Ensure ssh is not run within containers | ? |
| 5.21 | Ensure the default seccomp profile is not Disabled | ? |
| 5.28 | Ensure PIDs cgroup limit is used | ? |
| 5.3 | Ensure Linux Kernel Capabilities are restricted within containers | ✔️ |
| 5.9 | Ensure the host's network namespace is not shared | ✔️ |
| 5.19 | Ensure mount propagation mode is not set to shared | ? |
| 5.22 | Ensure docker exec commands are not used with privileged option | ? |
| 5.23 | Ensure docker exec commands are not used with user option | ? |
| 5.4 | Ensure privileged containers are not used | ✔️ |
| 5.5 | Ensure sensitive host system directories are not mounted on containers | ✔️ |
| 5.12 | Ensure the container's root filesystem is mounted as read only | ? |
| 5.16 | Ensure the host's IPC namespace is not shared | ✔️ |
| 5.29 | Ensure Docker's default bridge docker0 is not used | ? |
Dockerfile: deploy/deploy.yaml
| ID | Rule | Compliant? |
|---|---|---|
| 5.8 | Ensure only needed ports are open on the container | ? |
| 5.17 | Ensure host devices are not directly exposed to containers | ? |
| 5.20 | Ensure the host's UTS namespace is not shared | ? |
| 5.31 | Ensure the Docker socket is not mounted inside any containers | ✔️ |
| 5.2 | Ensure SELinux security options are set, if applicable | ? |
| 5.7 | Ensure privileged ports are not mapped within containers | ✔️ |
| 5.10 | Ensure memory usage for container is limited | ❌ |
| 5.11 | Ensure CPU priority is set appropriately on the container | ✔️ |
| 5.15 | Ensure the host's process namespace is not shared | ✔️ |
| 5.18 | Ensure the default ulimit is overwritten at runtime, only if needed | ? |
| 5.24 | Ensure cgroup usage is confirmed | ? |
| 5.25 | Ensure the container is restricted from acquiring additional privileges | ? |
| 5.1 | Ensure AppArmor Profile is Enabled | ? |
| 5.6 | Ensure ssh is not run within containers | ? |
| 5.21 | Ensure the default seccomp profile is not Disabled | ? |
| 5.28 | Ensure PIDs cgroup limit is used | ? |
| 5.3 | Ensure Linux Kernel Capabilities are restricted within containers | ✔️ |
| 5.9 | Ensure the host's network namespace is not shared | ✔️ |
| 5.19 | Ensure mount propagation mode is not set to shared | ? |
| 5.22 | Ensure docker exec commands are not used with privileged option | ? |
| 5.23 | Ensure docker exec commands are not used with user option | ? |
| 5.4 | Ensure privileged containers are not used | ✔️ |
| 5.5 | Ensure sensitive host system directories are not mounted on containers | ✔️ |
| 5.12 | Ensure the container's root filesystem is mounted as read only | ? |
| 5.16 | Ensure the host's IPC namespace is not shared | ✔️ |
| 5.29 | Ensure Docker's default bridge docker0 is not used | ? |
| 5.14 | Ensure 'on-failure' container restart policy is set to '5' | ? |
| 5.27 | Ensure docker commands always get the latest version of the image | ? |
| 5.13 | Ensure incoming container traffic is binded to a specific host interface | ? |
| 5.26 | Ensure container health is checked at runtime | ? |
| 5.30 | Ensure the host's user namespaces is not shared | ? |
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
For Dockerfile: Dockerfile Stage: stage-0
✅ OS Packages Safe
✅ Pip Packages Safe
❌ Node Packages Safe
❌ Java Packages Safe
Detailed Package Analysis
OS Packages [Expand for more information]
Python Packages [Expand for more information]
Node Packages [Expand for more information]
Package Name: Version :
CVEs
Java Packages [Expand for more information]
Package Name: org.apache.tomcat:tomcat Version : 7.0.98
CVEs
CVE ID: CVE-2020-1935
Severity: MODERATE
Fixed in Version: 7.0.100
Description: In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE ID: GHSA-qxf4-chvg-4r8r
Severity: MODERATE
Fixed in Version: 7.0.100
Description: In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE ID: CVE-2019-17569
Severity: LOW
Fixed in Version: 7.0.100
Description: The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE ID: GHSA-767j-jfh2-jvrc
Severity: LOW
Fixed in Version: 7.0.100
Description: The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
For Dockerfile: Dockerfile Stage: stage-0
✅ OS Packages Safe
✅ Pip Packages Safe
✅ Node Packages Safe
❌ Java Packages Safe
Detailed Package Analysis
OS Packages [Expand for more information]
Python Packages [Expand for more information]
Node Packages [Expand for more information]
Java Packages [Expand for more information]
Package Name: org.apache.tomcat:tomcat Version : 7.0.98
CVEs
CVE ID: CVE-2020-1935
Severity: MODERATE
Fixed in Version: 7.0.100
Description: In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE ID: GHSA-qxf4-chvg-4r8r
Severity: MODERATE
Fixed in Version: 7.0.100
Description: In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE ID: CVE-2019-17569
Severity: LOW
Fixed in Version: 7.0.100
Description: The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE ID: GHSA-767j-jfh2-jvrc
Severity: LOW
Fixed in Version: 7.0.100
Description: The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
For Dockerfile: /Dockerfile
✅ OS Packages Safe
✅ Pip Packages Safe
✅ Node Packages Safe
✅ Java Packages Safe
Detailed Package Analysis
OS Packages [Expand for more information]
Python Packages [Expand for more information]
Node Packages [Expand for more information]
Java Packages [Expand for more information]
For Dockerfile: /Dockerfile
❌ OS Packages Safe
✅ Pip Packages Safe
✅ Node Packages Safe
✅ Java Packages Safe
Detailed Package Analysis
OS Packages [Expand for more information]
Package Name: python2.7 | Current Version: 2.7.16-2 (VULNERABLE)
CVE Vulnerabilities:
Recommended update : 2.7.16-2+deb10u1
-
CVE-2019-9740
Severity: Unknown
Fixed in: 2.7.16-2+deb10u1 -
CVE-2019-9947
Severity: Unknown
Fixed in: 2.7.16-2+deb10u1 -
CVE-2019-16056
Severity: Unknown
Fixed in: 2.7.16-2+deb10u1 -
CVE-2019-10160
Severity: Negligible
Fixed in: 2.7.16-2+deb10u1 -
CVE-2019-16935
Severity: Low
Fixed in: 2.7.16-2+deb10u1 -
CVE-2018-20852
Severity: Unknown
Fixed in: 2.7.16-2+deb10u1
Package Name: openssl | Current Version: 1.1.1c-1 (VULNERABLE)
CVE Vulnerabilities:
Recommended update : 1.1.1d-0+deb10u1
-
CVE-2019-1547
Severity: Unknown
Fixed in: 1.1.1d-0+deb10u1 -
CVE-2019-1563
Severity: Unknown
Fixed in: 1.1.1d-0+deb10u1
Package Name: curl | Current Version: 7.64.0-4 (VULNERABLE)
CVE Vulnerabilities:
Recommended update : 7.64.0-4+deb10u1
-
CVE-2019-5482
Severity: Unknown
Fixed in: 7.64.0-4+deb10u1 -
CVE-2019-5481
Severity: Negligible
Fixed in: 7.64.0-4+deb10u1
Package Name: e2fsprogs | Current Version: 1.44.5-1 (VULNERABLE)
CVE Vulnerabilities:
Recommended update : 1.44.5-1+deb10u3
-
CVE-2019-5188
Severity: Unknown
Fixed in: 1.44.5-1+deb10u3 -
CVE-2019-5094
Severity: Unknown
Fixed in: 1.44.5-1+deb10u2
Python Packages [Expand for more information]
Node Packages [Expand for more information]
Java Packages [Expand for more information]
GitSecure Auto-remediation
PR Created at: #100
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
GitSecure Bill-of-Material Report
GitSecure Bill of Material
| Control ID | Section | Description |
|---|---|---|
| CM-8 | Configuration Management | Information System Component Inventory |
Download Bill of Material Report: [JSON Format]
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
GitSecure Bill-of-Material Report
GitSecure Bill of Material
| Control ID | Section | Description |
|---|---|---|
| CM-8 | Configuration Management | Information System Component Inventory |
Download Bill of Material Report: [JSON Format]
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
GitSecure Bill-of-Material Report
GitSecure Bill of Material
| Control ID | Section | Description |
|---|---|---|
| CM-8 | Configuration Management | Information System Component Inventory |
Download Bill of Material Report: [JSON Format]
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
Deployment Manifest Vulnerabilities Found
❌ Vulnerabilities found in manifest images.
See package details below.
Report for: deploy/redis.yaml
Docker image: redis:3.0
Base OS image: debian 8.8
| Package | Version | CVE | Severity | Fix |
|---|---|---|---|---|
| libgcrypt20 | 1.6.3-2+deb8u3 | [CVE-2017-7526] | Medium | 1.6.3-2+deb8u4 |
| libgcrypt20 | 1.6.3-2+deb8u3 | [CVE-2018-0495] | Low | 1.6.3-2+deb8u5 |
| libgcrypt20 | 1.6.3-2+deb8u3 | [CVE-2019-13627] | Unknown | 1.6.3-2+deb8u6 |
| bash | 4.3-11+deb8u1 | [CVE-2019-9924] | High | 4.3-11+deb8u2 |
| bash | 4.3-11+deb8u1 | [CVE-2016-9401] | Low | 4.3-11+deb8u2 |
| gnupg | 1.4.18-7+deb8u3 | [CVE-2017-7526] | Medium | 1.4.18-7+deb8u4 |
| gnupg | 1.4.18-7+deb8u3 | [CVE-2018-12020] | Medium | 1.4.18-7+deb8u5 |
| e2fsprogs | 1.42.12-2+b1 | [CVE-2019-5094] | Medium | 1.42.12-2+deb8u1 |
| tar | 1.27.1-2+deb8u1 | [CVE-2018-20482] | Low | 1.27.1-2+deb8u2 |
| procps | 2:3.3.9-9 | [CVE-2018-1126] | High | 2:3.3.9-9+deb8u1 |
| procps | 2:3.3.9-9 | [CVE-2018-1123] | Medium | 2:3.3.9-9+deb8u1 |
| procps | 2:3.3.9-9 | [CVE-2018-1124] | Medium | 2:3.3.9-9+deb8u1 |
| procps | 2:3.3.9-9 | [CVE-2018-1125] | Medium | 2:3.3.9-9+deb8u1 |
| procps | 2:3.3.9-9 | [CVE-2018-1122] | Medium | 2:3.3.9-9+deb8u1 |
| sensible-utils | 0.0.9 | [CVE-2017-17512] | Medium | 0.0.9+deb8u1 |
| systemd | 215-17+deb8u7 | [CVE-2019-6454] | Medium | 215-17+deb8u10 |
| systemd | 215-17+deb8u7 | [CVE-2018-15686] | High | 215-17+deb8u8 |
| systemd | 215-17+deb8u7 | [CVE-2017-18078] | Medium | 215-17+deb8u12 |
| systemd | 215-17+deb8u7 | [CVE-2019-3815] | Low | 215-17+deb8u11 |
| systemd | 215-17+deb8u7 | [CVE-2018-1049] | Medium | 215-17+deb8u8 |
| systemd | 215-17+deb8u7 | [CVE-2018-16864] | Medium | 215-17+deb8u9 |
| systemd | 215-17+deb8u7 | [CVE-2019-3842] | Medium | 215-17+deb8u12 |
| systemd | 215-17+deb8u7 | [CVE-2018-16865] | Medium | 215-17+deb8u9 |
| systemd | 215-17+deb8u7 | [CVE-2018-15688] | High | 215-17+deb8u8 |
| apt | 1.0.9.8.4 | [CVE-2019-3462] | High | 1.0.9.8.5 |
Report for: deploy/deploy.yaml
Docker image: redis:latest
No vulnerabilities found
GitSecure Analysis Report
GitSecure Vulnerablility Report
| Control ID | Section | Description |
|---|---|---|
| RA-5 | Risk Assessment | Vulnerability Scanning |
| CA-7 | Security Assessment and Authorization | Continuous Monitoring |
| SA-12 | System and Services Acquisition | Supply Chain Protection |
| SI-2 | System and Information Integrity | Flaw Remediation |
| CM-4 | Configuration Management | Security Impact Analysis |
| CA-2 | Security Assessment and Authorization | Security Assessments |
GitSecure Bill-of-Material Report
GitSecure Bill of Material
| Control ID | Section | Description |
|---|---|---|
| CM-8 | Configuration Management | Information System Component Inventory |
Download Bill of Material Report: [JSON Format]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.