-
Hello Team,
In the deploy files there is a bad configuration in the nginx alias where it is possible to perform a traversal path to access files on the server running the QA-Board. An attacker can …
-
Git config file was not placed in correspondent folder of the project. Instead, it is placed in the home directory.
2bleO updated
3 years ago
-
Link to the tool: https://... (minimum 1 required):
[link] https://github.com/intigriti/misconfig-mapper [/link]
List of tags separated by comma: tag1,tag2,tag3... (required):
[tags] misconf…
-
Issue: https://avd.aquasec.com/misconfig/kubernetes/general/avd-ksv-0020/
Runs with UID 10000 to avoid conflicts with the host’s user table.
Links : https://kubesec.io/basics/containers-sec…
-
Issue: https://avd.aquasec.com/misconfig/kubernetes/general/avd-ksv-0014/
Root file system is not read-only
An immutable root file system prevents applications from writing to their local disk.…
-
Issue: https://avd.aquasec.com/misconfig/kubernetes/general/avd-ksv-0021/
Runs with GID 10000 to avoid conflicts with the host’s user table.
Links : https://kubesec.io/basics/containers-securit…
-
Yesterday the Azure DevOps Task trivy@1 had a change in code and stopped working. The check is still the same, we did not change anything. Before we had the following result in our pipeline:
>/tmp/…
-
if sending thousands of request per second to jboss or nginx, sequentially as fast as we can (eg in WebAppMonitor), we observe a failure after 8k requests (almost exactly 8160 requests on my machine).…
-
Hello expert,
I am trying to upload a SARIF file generated by a trivy scan. Whereas the SARIF file is generated, the upload of the file in the security tab failed with the message:
```
Run github…
-
no-install-recommends' flag is missed
apt-get' install should use `--no-install-recommends` to minimise image size
See https://avd.aquasec.com/misconfig/ds029