github-actions[bot]
commented
4 months ago 
Checkmarx One – Scan Summary & Details – 3dd7f295-1a2a-4226-86da-9bb4769c0536
Policy Management Violations
| Policy Name | Rule(s) | Break Build |
|---|---|---|
| [SAST-ML0] Not allowed NEW Sast vulnerabilities | true |
New Issues
| Severity | Issue | Source File / Package | Checkmarx Insight |
|---|---|---|---|
 |
Cleartext_Submission_of_Sensitive_Information | /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 34 | Attack Vector |
|
Cleartext_Submission_of_Sensitive_Information | /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 34 | Attack Vector |
|
Cleartext_Submission_of_Sensitive_Information | /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 34 | Attack Vector |
|
Unpinned Actions Full Length Commit SHA | /dependabot-auto-merge.yml: 23 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /cd.yml: 53 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /ast-scan.yml: 12 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
Fixed Issues
| Severity | Issue | Source File / Package |
|---|---|---|
|
Unpinned Actions Full Length Commit SHA | /ci.yml: 40 |
|
Unpinned Actions Full Length Commit SHA | /manual-tag.yml: 23 |
|
Unpinned Actions Full Length Commit SHA | /release.yml: 42 |
|
Unpinned Actions Full Length Commit SHA | /release.yml: 53 |
|
Unpinned Actions Full Length Commit SHA | /cd.yml: 24 |
|
Unpinned Actions Full Length Commit SHA | /cd.yml: 17 |
|
Unpinned Actions Full Length Commit SHA | /cd.yml: 55 |
|
Unpinned Actions Full Length Commit SHA | /cd.yml: 34 |
Testing done
Submitter checklist