empty PR

[miryamfoiferCX]

By submitting a PR to this repository, you agree to the terms within the Checkmarx Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.

Description

Describe the purpose of this PR along with any background information and the impacts of the proposed change.

References

Include supporting link to GitHub Issue/PR number

Testing

Describe how this change was tested. Be specific about anything not tested and reasons why. If this solution has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors.

Please include any manual steps for testing end-to-end or functionality not covered by unit/integration tests.

Checklist

• I have added documentation for new/changed functionality in this PR (if applicable).
• I have updated the CLI help for new/changed functionality in this PR (if applicable).
• All active GitHub checks for tests, formatting, and security are passing
• The correct base branch is being used

[miryamfoiferCX]

Checkmarx One – Scan Summary & Details – 44907961-0230-4002-9843-253342376ea0

Fixed Issues

Severity	Issue	Source File / Package
	CVE-2022-36085	Go-github.com/open-policy-agent/opa-v0.42.2
	CVE-2023-47108	Go-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc-v0.45.0
	Code_Injection	/test/integration/data/python-vul-file.py: 24
	Code_Injection	/internal/commands/data/python-vul-file.py: 24
	Code_Injection	/test/integration/data/python-vul-file.py: 24
	Code_Injection	/internal/commands/data/python-vul-file.py: 24
	Code_Injection	/test/integration/data/python-vul-file.py: 55
	Code_Injection	/internal/commands/data/python-vul-file.py: 55
	Command_Injection	/test/integration/data/python-vul-file.py: 24
	Command_Injection	/test/integration/data/python-vul-file.py: 24
	Command_Injection	/test/integration/data/python-vul-file.py: 55
	Command_Injection	/internal/commands/data/python-vul-file.py: 24
	Command_Injection	/internal/commands/data/python-vul-file.py: 24
	Command_Injection	/internal/commands/data/python-vul-file.py: 55
	Cx8bc4df28-fcf5	Npm-debug-4.3.6
	Cx8bc4df28-fcf5	Npm-debug-4.3.4
	Cxb3ca64d2-9cd1	Npm-mocha-10.0.0
	Cxb6dee8d5-b814	Go-gopkg.in/square/go-jose.v2-v2.6.0
	Cxdca8e59f-8bfe	Npm-inflight-1.0.6
	Cxf6e7f2c1-dc59	Npm-yauzl-2.10.0
	Stored_XSS	/internal/commands/data/python-vul-file.py: 36
	Stored_XSS	/test/integration/data/python-vul-file.py: 36
	Stored_XSS	/internal/commands/data/python-vul-file.py: 25
	Stored_XSS	/test/integration/data/python-vul-file.py: 25
	Stored_XSS	/internal/commands/data/python-vul-file.py: 34
	Stored_XSS	/test/integration/data/python-vul-file.py: 34
	CVE-2019-25210	Go-helm.sh/helm/v3-v3.15.2
	CVE-2023-0842	Npm-xml2js-0.4.23
	CVE-2023-49559	Go-github.com/vektah/gqlparser/v2-v2.4.5
	CVE-2024-0406	Go-github.com/mholt/archiver/v3-v3.5.1
	CVE-2024-28122	Go-github.com/lestrrat-go/jwx-v1.2.28
	CVE-2024-4067	Npm-micromatch-4.0.7
	Denial_Of_Service_Resource_Exhaustion	/internal/wrappers/client.go: 495
	Denial_Of_Service_Resource_Exhaustion	/internal/wrappers/client.go: 495
	Denial_Of_Service_Resource_Exhaustion	/internal/wrappers/codebashing-http.go: 62
	Denial_Of_Service_Resource_Exhaustion	/internal/wrappers/codebashing-http.go: 62
	Denial_Of_Service_Resource_Exhaustion	/internal/wrappers/client.go: 572
	Denial_Of_Service_Resource_Exhaustion	/internal/wrappers/client.go: 580
	Denial_Of_Service_Resource_Exhaustion	/internal/wrappers/client.go: 580
	Denial_Of_Service_Resource_Exhaustion	/internal/wrappers/client.go: 369
	Denial_Of_Service_Resource_Exhaustion	/internal/wrappers/client.go: 369
	Denial_Of_Service_Resource_Exhaustion	/internal/wrappers/bitbucketserver/bitbucket-server-http.go: 165
	Denial_Of_Service_Resource_Exhaustion	/internal/services/osinstaller/windows-utils.go: 21
	Denial_Of_Service_Resource_Exhaustion	/internal/services/osinstaller/windows-utils.go: 21
	Denial_Of_Service_Resource_Exhaustion	/internal/wrappers/bitbucketserver/bitbucket-server-http.go: 165
	Denial_Of_Service_Resource_Exhaustion	/internal/commands/scan.go: 1470
	Insecure_Credential_Storage_Mechanism	/internal/commands/auth.go: 146
	Insecure_Credential_Storage_Mechanism	/internal/commands/auth.go: 146
	Insecure_Credential_Storage_Mechanism	/internal/params/flags.go: 74
	Insecure_Credential_Storage_Mechanism	/internal/wrappers/auth-http.go: 30
	Insecure_Credential_Storage_Mechanism	/internal/params/flags.go: 74
	Insecure_Credential_Storage_Mechanism	/internal/commands/util/usercount/bitbucket.go: 116
	Insecure_Credential_Storage_Mechanism	/internal/commands/util/usercount/bitbucket.go: 177
	Insecure_Credential_Storage_Mechanism	/internal/commands/util/usercount/bitbucket.go: 34
	Insecure_Credential_Storage_Mechanism	/internal/wrappers/bitbucketserver/bitbucket-server-http.go: 113
	Insecure_Credential_Storage_Mechanism	/internal/wrappers/bitbucketserver/bitbucket-server-http.go: 89
	Insecure_Credential_Storage_Mechanism	/internal/wrappers/bitbucketserver/bitbucket-server-http.go: 54
	Insecure_Credential_Storage_Mechanism	/internal/commands/util/usercount/bitbucket.go: 116
	Insecure_Credential_Storage_Mechanism	/internal/commands/util/usercount/bitbucket.go: 177
	Insecure_Credential_Storage_Mechanism	/internal/commands/util/usercount/bitbucket.go: 34
	Insecure_Credential_Storage_Mechanism	/internal/wrappers/bitbucketserver/bitbucket-server-http.go: 113
	Insecure_Credential_Storage_Mechanism	/internal/wrappers/bitbucketserver/bitbucket-server-http.go: 89
	Insecure_Credential_Storage_Mechanism	/internal/wrappers/bitbucketserver/bitbucket-server-http.go: 54
	Missing_HSTS_Header	/internal/commands/data/python-vul-file.py: 75
	Missing_HSTS_Header	/internal/commands/data/python-vul-file.py: 75
	Reflected_Absolute_Path_Traversal	/internal/wrappers/client.go: 580
	Reflected_Absolute_Path_Traversal	/internal/wrappers/client.go: 580
	Reflected_Absolute_Path_Traversal	/internal/wrappers/client.go: 580
	Reflected_Relative_Path_Traversal	/internal/wrappers/client.go: 580
	Reflected_Relative_Path_Traversal	/internal/wrappers/client.go: 580
	Reflected_Relative_Path_Traversal	/internal/wrappers/client.go: 580
	SSRF	/internal/wrappers/client.go: 572
	SSRF	/internal/wrappers/client.go: 373
	SSRF	/internal/wrappers/client.go: 624
	Stored_Absolute_Path_Traversal	/internal/wrappers/ntlm/proxy-ntml.go: 185
	Stored_Absolute_Path_Traversal	/internal/wrappers/client.go: 563
	Stored_Absolute_Path_Traversal	/internal/wrappers/ntlm/proxy-ntml.go: 185
	Stored_Absolute_Path_Traversal	/internal/services/osinstaller/windows-utils.go: 21
	Stored_Absolute_Path_Traversal	/internal/services/osinstaller/windows-utils.go: 21
	Stored_Absolute_Path_Traversal	/internal/commands/scan.go: 1470
	Stored_Absolute_Path_Traversal	/internal/commands/scan.go: 1470
	Stored_Absolute_Path_Traversal	/internal/commands/scan.go: 1470
	Stored_Command_Injection	/internal/commands/data/python-vul-file.py: 55
	Stored_Command_Injection	/test/integration/data/python-vul-file.py: 55
	Stored_Relative_Path_Traversal	/internal/wrappers/ntlm/proxy-ntml.go: 185
	Stored_Relative_Path_Traversal	/internal/wrappers/client.go: 563
	Stored_Relative_Path_Traversal	/internal/wrappers/ntlm/proxy-ntml.go: 185
	Stored_Relative_Path_Traversal	/internal/services/osinstaller/windows-utils.go: 21
	Stored_Relative_Path_Traversal	/internal/services/osinstaller/windows-utils.go: 21
	Stored_Relative_Path_Traversal	/internal/commands/scan.go: 1470
	Stored_Relative_Path_Traversal	/internal/commands/scan.go: 1470
	Stored_Relative_Path_Traversal	/internal/commands/scan.go: 1470