github-actions[bot]
commented
3 months ago 
Checkmarx One – Scan Summary & Details – 54311255-fe16-43d3-806f-1266870da707
Policy Management Violations
| Policy Name | Rule(s) | Break Build |
|---|---|---|
| [SAST-ML0] Not allowed NEW Sast vulnerabilities | true |
New Issues
| Severity | Issue | Source File / Package | Checkmarx Insight |
|---|---|---|---|
 |
Unpinned Actions Full Length Commit SHA | /test-ui-windows.yml: 33 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /checkmarx-one-scan.yml: 19 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /dependabot-auto-merge.yml: 23 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /release.yml: 136 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /delete-dev-releases.yml: 28 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /pr-label.yml: 15 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /test-ui-ubuntu.yml: 33 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /dependabot-auto-merge.yml: 14 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /test-ui-mac.yml: 34 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /ci.yml: 38 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
Fixed Issues
| Severity | Issue | Source File / Package |
|---|---|---|
 |
CVE-2019-17571 | Gradle-log4j:log4j-1.2.17 |
|
CVE-2021-4104 | Gradle-log4j:log4j-1.2.17 |
|
CVE-2022-23302 | Gradle-log4j:log4j-1.2.17 |
|
CVE-2022-23305 | Gradle-log4j:log4j-1.2.17 |
|
CVE-2022-23307 | Gradle-log4j:log4j-1.2.17 |
|
CVE-2020-15250 | Gradle-junit:junit-4.10 |
|
CVE-2020-15250 | Gradle-junit:junit-4.12 |
 |
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /src/main/java/com/checkmarx/intellij/Utils.java: 42 |
|
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /src/main/java/com/checkmarx/intellij/Utils.java: 42 |
|
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /src/main/java/com/checkmarx/intellij/Utils.java: 42 |
|
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /src/main/java/com/checkmarx/intellij/Utils.java: 42 |
sarahCx
By submitting a PR to this repository, you agree to the terms within the Checkmarx Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.
Description
Rename the plugin to "Checkmarx One" to distinguish it from the SAST plugin
References
https://checkmarx.atlassian.net/browse/AST-34937
Testing
Do not need
Checklist