Skip to content

chore(deps): update wetransform/gha-workflows action to v2.2.0 #19

chore(deps): update wetransform/gha-workflows action to v2.2.0

chore(deps): update wetransform/gha-workflows action to v2.2.0 #19

Triggered via pull request June 21, 2024 10:01
Status Failure
Total duration 1m 47s
Artifacts 3

build.yml

on: pull_request
Fit to window
Zoom out
Zoom in

Annotations

9 errors
1.[CRITICAL] CVE-2017-11467: 1#L1
OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injection
1.[CRITICAL] CVE-2017-11467: 1#L1
OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injection
1.[CRITICAL] CVE-2015-7501: 1#L1
apache-commons-collections: InvokerTransformer code execution during deserialisation
1.[CRITICAL] CVE-2015-7501: 1#L1
apache-commons-collections: InvokerTransformer code execution during deserialisation
8.[CRITICAL] CVE-2024-1597: 8#L1
pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE
8.[CRITICAL] CVE-2024-1597: 8#L1
pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE
RELEASE.[CRITICAL] CVE-2022-22965: RELEASE#L1
spring-framework: RCE via Data Binding on JDK 9+
RELEASE.[CRITICAL] CVE-2022-22965: RELEASE#L1
spring-framework: RCE via Data Binding on JDK 9+
build / build / run
❌ Tests reported 8 failures

Artifacts

Produced during runtime
Name Size
SBOM (CycloneDX) [run] Expired
95.4 KB
Vulnerability report (HTML) [run] Expired
22.7 KB
wetransform-os~conversion-hale~EENNDT.dockerbuild Expired
23.9 KB