-
## Task Description
Quarterly: Perform internal vulnerability scan
## Steps
1. Prepare the vulnerability scanning tools and ensure they're up to date
2. Identify all in-scope systems for the scan
3. …
-
I would like to request a new feature for gbounty that allows users to filter scan profiles based on vulnerability severity using a `--severity-filter` flag.
### Use Case:
In certain scenarios, us…
-
Re-ticketed from [Gitter chat](https://gitter.im/pol-is/polisDeployment?at=5ee7baf1035dfa1261215fd8) and https://github.com/actions/upload-artifact/pull/78
GitHub is working on a new tool to do aut…
-
# Summary
Google can [scan docker images](https://console.cloud.google.com/artifacts/settings) pushed to our artifact registry for vulnerabilities. This might give us early warning about security i…
-
As part of our image scanning we found that the latest JsPolicy (0.2.2) has several unaddressed CVEs
CVE ID: CVE-2023-26604,CVE-2023-50387
Vulnerabilities in libudev1
CVE-2023-42282 ([MITRE](ht…
-
Critical vulnerabilities in Docker image phpmyadmin:5.1.1
Maybe you should add a "vulnerability bot" or something to check that periodically.
https://github.com/anchore/grype
```
grype phpm…
-
[azure](https://github.com/coredns/coredns/blob/master/plugin/azure/README.md) plugin only supports Service Principal with password authentication. This is regarded insecure to authenticate with Azure…
-
e.g., https://github.com/CycloneDX/bom-examples/tree/master/VEX/Use-Cases/Case-4
For false positives like:
- https://github.com/kubernetes/kubernetes/pull/121338#issuecomment-1771341403
-
## Summary
Checking the result of Trivy scan, there is a CRITICAL CVE and a dependency should be updated.
## Steps to reproduce
When running a trivy scan on latest concourse image, it reporte…
-
- [ ] Use SAS-Github actions to run Trivy on Docker images created in build
- [ ] Add NPM audit to PR checks to catch issues early
- [ ] Delete Snyk webhook once above actions complete