Closed naveensrinivasan closed 4 months ago
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.
The output here is quite verbose - is it possible to dedupe some of these that are repeated?
https://github.com/defenseunicorns/uds-package-gitlab/security/code-scanning?query=pr%3A98+is%3Aopen
There also seem to be some that are titled as "medium" or "low" but labeled as "critical" or "high"
Image corresponding to the CVE- all of these CVEs have which image is reporting the CVE. registry1.dso.mil_ironbank_redhat_ubi_ubi9_9.3:1
https://github.com/defenseunicorns/uds-package-gitlab/security/code-scanning/10337
Duplicate issue - All the zlib issues are from different containers.https://github.com/defenseunicorns/uds-package-gitlab/security/code-scanning?query=pr%3A98+is%3Aopen+zlib
Critical Issue having low in the title - The https://github.com/defenseunicorns/uds-package-gitlab/security/code-scanning/10212 is low because of the probability of exploiting the Vulnerability, and that is the reason low with Vuln being still critical.
Some help from ChatGPT for low
TL;DR:
closing this do to becoming stale (we can reopen / readdress later)
Description
Related Issue
Fixes #
Relates to #
Type of change
Checklist before merging