We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ghcr.io/wmo-im/wis2box-webapp:latest (alpine 3.20.0) ==================================================== Total: 0 (HIGH: 0, CRITICAL: 0) Node.js (node-pkg) ================== Total: 2 (HIGH: 2, CRITICAL: 0) ┌────────────────────────────────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├────────────────────────────────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼────────────────────────────────────────────────────────┤ │ @apidevtools/json-schema-ref-parser (package.json) │ CVE-2024-29651 │ HIGH │ fixed │ 11.1.0 │ 11.2.0 │ json-schema-ref-parser: Prototype pollution issue │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-29651 │ ├────────────────────────────────────────────────────┼────────────────┤ │ ├───────────────────┼───────────────┼────────────────────────────────────────────────────────┤ │ braces (package.json) │ CVE-2024-4068 │ │ │ 3.0.2 │ 3.0.3 │ braces: fails to limit the number of characters it can │ │ │ │ │ │ │ │ handle │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-4068 │ └────────────────────────────────────────────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴────────────────────────────────────────────────────────┘ wis2box-webapp/node_modules/@esbuild/linux-x64/bin/esbuild (gobinary) ===================================================================== Total: 4 (HIGH: 3, CRITICAL: 1) ┌─────────┬────────────────┬──────────┬────────┬───────────────────┬──────────────────────────────────┬──────────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├─────────┼────────────────┼──────────┼────────┼───────────────────┼──────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ stdlib │ CVE-2024-24790 │ CRITICAL │ fixed │ 1.20.5 │ 1.21.11, 1.22.4 │ golang: net/netip: Unexpected behavior from Is methods for │ │ │ │ │ │ │ │ IPv4-mapped IPv6 addresses │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-24790 │ │ ├────────────────┼──────────┤ │ ├──────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ │ CVE-2023-39325 │ HIGH │ │ │ 1.20.10, 1.21.3 │ golang: net/http, x/net/http2: rapid stream resets can cause │ │ │ │ │ │ │ │ excessive work (CVE-2023-44487) │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-39325 │ │ ├────────────────┤ │ │ ├──────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ │ CVE-2023-45[28](https://github.com/wmo-im/wis2box/actions/runs/9644247386/job/26705514969?pr=699#step:6:29)3 │ │ │ │ 1.20.11, 1.21.4, 1.20.12, 1.21.5 │ The filepath package does not recognize paths with a \??\ │ │ │ │ │ │ │ │ prefix as... │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-45283 │ │ ├────────────────┤ │ │ ├──────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ │ CVE-2023-45288 │ │ │ │ 1.21.9, 1.22.2 │ golang: net/http, x/net/http2: unlimited number of │ │ │ │ │ │ │ │ CONTINUATION frames causes DoS │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-[45](https://github.com/wmo-im/wis2box/actions/runs/9644247386/job/26705514969?pr=699#step:6:46)288 │ └─────────┴────────────────┴──────────┴────────┴───────────────────┴──────────────────────────────────┴──────────────────────────────────────────────────────────────┘
GHA result here https://github.com/wmo-im/wis2box/actions/runs/9644247386/job/26705514969?pr=699
The text was updated successfully, but these errors were encountered:
In support of #652
Sorry, something went wrong.
maaikelimper
david-i-berry
RoryPTB
No branches or pull requests
GHA result here https://github.com/wmo-im/wis2box/actions/runs/9644247386/job/26705514969?pr=699
The text was updated successfully, but these errors were encountered: