search

jenkinsci / checkmarx-ast-scanner-plugin

Jenkins Plugin for AST
https://plugins.jenkins.io/checkmarx-ast-scanner/
MIT License
2 stars 9 forks source link

AST-40305 Upgrade jenkins version from 2.375 to 2.375.4 #285

Closed tamarleviCm closed 5 months ago

tamarleviCm commented 5 months ago

https://checkmarx.atlassian.net/browse/AST-40305

Testing done

### Submitter checklist
- [x] Make sure you are opening from a **topic/feature/bugfix branch** (right side) and not your main branch!
- [x] Ensure that the pull request title represents the desired changelog entry
- [x] Please describe what you did
- [x] Link to relevant issues in GitHub or Jira
- [x] Link to relevant pull requests, esp. upstream and downstream changes
- [ ] Ensure you have provided tests - that demonstrates feature works or fixes the issue
github-actions[bot] commented 5 months ago

Logo Checkmarx One – Scan Summary & Details680de662-d38f-460c-bdbe-b43031fd7857

Policy Management Violations

Policy Name Rule(s) Break Build
[SAST-ML0] Not allowed NEW Sast vulnerabilities true

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Cleartext_Submission_of_Sensitive_Information /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 33 Attack Vector
MEDIUM Cleartext_Submission_of_Sensitive_Information /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 33 Attack Vector
MEDIUM Cleartext_Submission_of_Sensitive_Information /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 33 Attack Vector
MEDIUM Unpinned Actions Full Length Commit SHA /ast-scan.yml: 12 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: 53 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /dependabot-auto-merge.yml: 23 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...

Fixed Issues

Severity Issue Source File / Package
MEDIUM Unpinned Actions Full Length Commit SHA /ci.yml: 40
MEDIUM Unpinned Actions Full Length Commit SHA /manual-tag.yml: 23
MEDIUM Unpinned Actions Full Length Commit SHA /release.yml: 42
MEDIUM Unpinned Actions Full Length Commit SHA /release.yml: 53
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: 24
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: 17
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: 55
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: 34