Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NODE-5501 test CI #98

Closed
wants to merge 1 commit into from
Closed

NODE-5501 test CI #98

wants to merge 1 commit into from

Conversation

braek-neck
Copy link
Contributor

test

@github-actions GitHub Actions
Copy link

Overview

Image reference wallarm/node:latest node-x86_64.tar
- digest 33147c7cf00a e06917ba7902
- tag latest
- provenance dfb92e3 git-bcda8c4
- vulnerabilities critical: 1 high: 0 medium: 10 low: 1 unspecified: 2 critical: 1 high: 0 medium: 6 low: 1
- platform linux/amd64 linux/amd64
- size 235 MB 260 MB (+25 MB)
- packages 325 325
Base Image alpine:3.18 alpine:3.18
also known as:
3.18.7
- vulnerabilities critical: 0 high: 0 medium: 4 low: 0 unspecified: 2 critical: 0 high: 0 medium: 0 low: 0
Labels (2 changes)
  • ± 2 changed
  • 8 unchanged
 com.wallarm.nginx-docker.versions.aio=4.10.6
 com.wallarm.nginx-docker.versions.alpine=3.18
 com.wallarm.nginx-docker.versions.gomplate=3.11.7
 com.wallarm.nginx-docker.versions.nginx=1.24.0
 org.opencontainers.image.documentation=https://docs.wallarm.com/installation/inline/compute-instances/docker/nginx-based
-org.opencontainers.image.revision=git-dfb92e3
+org.opencontainers.image.revision=git-bcda8c4
 org.opencontainers.image.source=https://github.com/wallarm/docker-wallarm-node
 org.opencontainers.image.title=Docker official image for Wallarm Node. API security platform agent
 org.opencontainers.image.vendor=Wallarm
-org.opencontainers.image.version=4.10.6-1
+org.opencontainers.image.version=test
Packages and Vulnerabilities (7 package changes and 0 vulnerability changes)
  • ♾️ 7 packages changed
  • 310 packages unchanged
Changes for packages of type apk (7 changes)
Package Version
wallarm/node:latest		 Version
node-x86_64.tar
♾️ busybox 1.36.1-r5 1.36.1-r7
♾️ busybox-binsh 1.36.1-r5 1.36.1-r7
♾️ libcrypto3 3.1.4-r6 3.1.5-r0
♾️ libssl3 3.1.4-r6 3.1.5-r0
♾️ libxml2 2.11.7-r0 2.11.8-r0
♾️ openssl 3.1.4-r6 3.1.5-r0
♾️ ssl_client 1.36.1-r5 1.36.1-r7

@github-actions GitHub Actions
Copy link

🔍 Vulnerabilities of node-x86_64.tar

📦 Image Reference node-x86_64.tar
digestsha256:e06917ba7902c49742d09b3cb6e00c678cc3ad8b105c7909475bcc381c0f0933
vulnerabilitiescritical: 1 high: 0 medium: 0 low: 0
size260 MB
packages325
📦 Base Image alpine:3.18
also known as
  • 3.18.7
digestsha256:d9a39933bee4ccb6d934b7b5632cdf8c42658f3cecc5029681338f397142af6e
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 1 high: 0 medium: 0 low: 0 stdlib 1.22.3 (golang)

pkg:golang/[email protected]

critical : CVE--2024--24790

Affected range>=1.22.0-0
<1.22.4
Fixed version1.22.4
EPSS Score0.06%
EPSS Percentile27th percentile
Description

The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.

@braek-neck braek-neck closed this Jun 28, 2024
@braek-neck braek-neck deleted the NODE-5501-test branch June 28, 2024 09:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@braek-neck @alexey-ponomarev-clearscale