feat : Ajout expression de réecriture du subject paramétrable #38

Merged
mlamalle merged 2 commits from rewrite_sub_expression into develop 2024-07-25 10:25:11 +02:00
Owner

Test

Lancer l'environnement local et se connecter avec test1@test.com 123456

  • Le subject est John.Locke@exemple.com
## Test Lancer l'environnement local et se connecter avec `test1@test.com` `123456` - Le subject est `John.Locke@exemple.com`
vcarroy added 1 commit 2024-07-24 16:43:02 +02:00
feat : Ajout expression de réecriture du subject paramétrable
Some checks reported warnings
Cadoles/hydra-sql/pipeline/head This commit is unstable
Cadoles/hydra-sql/pipeline/pr-develop This commit is unstable
daa5eaaa63
Owner

Symfony Security Check Report

No packages have known vulnerabilities.

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= No packages have known vulnerabilities. Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
Owner

Test report

PHP CS Fixer

Overview

State Total
Passed 0
Skipped 0
Failed 2
Error 0

Total duration: 0s

See details
Status Name Class
src/SQLLogin/SQLLoginRequest
src/Controller/MainController

Errors

`src/SQLLogin/SQLLoginRequest`

Output

applied fixers:
---------------
* concat_space```

</details>


<details>
  <summary>`src/Controller/MainController`</summary>

**Output** 

applied fixers:

  • class_attributes_separation
  • ordered_imports```
# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 0 | | Skipped | 0 | | Failed | 2 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10799; | `src/SQLLogin/SQLLoginRequest` || | &#10799; | `src/Controller/MainController` || </details> <br /> #### Errors <details> <summary>`src/SQLLogin/SQLLoginRequest`</summary> **Output** ``` applied fixers: --------------- * concat_space``` </details> <details> <summary>`src/Controller/MainController`</summary> **Output** ``` applied fixers: --------------- * class_attributes_separation * ordered_imports``` </details>
Owner

Rapport PHPStan


 [OK] No errors                                                                 


## Rapport PHPStan ``` [OK] No errors ```
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-standalone/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-standalone/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-standalone:2024.7.24-pr38.1641.daa5eaa (alpine 3.17.1)

Vulnerabilities (21)

Package ID Severity Installed Version Fixed Version
busybox CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30
busybox-binsh CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30
libcrypto3 CVE-2024-4603 MEDIUM 3.0.12-r4 3.0.13-r0
libcrypto3 CVE-2024-4741 MEDIUM 3.0.12-r4 3.0.14-r0
libcrypto3 CVE-2024-5535 MEDIUM 3.0.12-r4 3.0.14-r0
libcrypto3 CVE-2024-2511 LOW 3.0.12-r4 3.0.12-r5
libssl3 CVE-2024-4603 MEDIUM 3.0.12-r4 3.0.13-r0
libssl3 CVE-2024-4741 MEDIUM 3.0.12-r4 3.0.14-r0
libssl3 CVE-2024-5535 MEDIUM 3.0.12-r4 3.0.14-r0
libssl3 CVE-2024-2511 LOW 3.0.12-r4 3.0.12-r5
py3-setuptools CVE-2024-6345 HIGH 65.6.0-r0 70.3.0-r0
ssl_client CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30

No Misconfigurations found

Target Node.js

Vulnerabilities (2)

Package ID Severity Installed Version Fixed Version
braces CVE-2024-4068 HIGH 3.0.2 3.0.3
ws CVE-2024-37890 HIGH 8.16.0 5.2.4, 6.2.3, 7.5.10, 8.17.1

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-standalone:2024.7.24-pr38.1641.daa5eaa (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (21)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-4603</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.13-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-4741</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-5535</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-2511</td> <td>LOW</td> <td>3.0.12-r4</td> <td>3.0.12-r5</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-4603</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.13-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-4741</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-5535</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-2511</td> <td>LOW</td> <td>3.0.12-r4</td> <td>3.0.12-r5</td> </tr> <tr> <td><code>py3-setuptools</code></td> <td>CVE-2024-6345</td> <td>HIGH</td> <td>65.6.0-r0</td> <td>70.3.0-r0</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>Node.js</code></h3> <h4>Vulnerabilities (2)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>braces</code></td> <td>CVE-2024-4068</td> <td>HIGH</td> <td>3.0.2</td> <td>3.0.3</td> </tr> <tr> <td><code>ws</code></td> <td>CVE-2024-37890</td> <td>HIGH</td> <td>8.16.0</td> <td>5.2.4, 6.2.3, 7.5.10, 8.17.1</td> </tr> </table> <h4>No Misconfigurations found</h4>
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-base/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-base/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-base:2024.7.24-pr38.1641.daa5eaa (alpine 3.17.1)

Vulnerabilities (20)

Package ID Severity Installed Version Fixed Version
busybox CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30
busybox-binsh CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30
libcrypto3 CVE-2024-4603 MEDIUM 3.0.12-r4 3.0.13-r0
libcrypto3 CVE-2024-4741 MEDIUM 3.0.12-r4 3.0.14-r0
libcrypto3 CVE-2024-5535 MEDIUM 3.0.12-r4 3.0.14-r0
libcrypto3 CVE-2024-2511 LOW 3.0.12-r4 3.0.12-r5
libssl3 CVE-2024-4603 MEDIUM 3.0.12-r4 3.0.13-r0
libssl3 CVE-2024-4741 MEDIUM 3.0.12-r4 3.0.14-r0
libssl3 CVE-2024-5535 MEDIUM 3.0.12-r4 3.0.14-r0
libssl3 CVE-2024-2511 LOW 3.0.12-r4 3.0.12-r5
ssl_client CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30

No Misconfigurations found

Target Node.js

Vulnerabilities (2)

Package ID Severity Installed Version Fixed Version
braces CVE-2024-4068 HIGH 3.0.2 3.0.3
ws CVE-2024-37890 HIGH 8.16.0 5.2.4, 6.2.3, 7.5.10, 8.17.1

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-base:2024.7.24-pr38.1641.daa5eaa (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (20)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-4603</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.13-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-4741</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-5535</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-2511</td> <td>LOW</td> <td>3.0.12-r4</td> <td>3.0.12-r5</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-4603</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.13-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-4741</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-5535</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-2511</td> <td>LOW</td> <td>3.0.12-r4</td> <td>3.0.12-r5</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>Node.js</code></h3> <h4>Vulnerabilities (2)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>braces</code></td> <td>CVE-2024-4068</td> <td>HIGH</td> <td>3.0.2</td> <td>3.0.3</td> </tr> <tr> <td><code>ws</code></td> <td>CVE-2024-37890</td> <td>HIGH</td> <td>8.16.0</td> <td>5.2.4, 6.2.3, 7.5.10, 8.17.1</td> </tr> </table> <h4>No Misconfigurations found</h4>
vcarroy added 1 commit 2024-07-25 09:49:03 +02:00
Fix : retrait de l'expression dans la config d'exemple
Some checks reported warnings
Cadoles/hydra-sql/pipeline/pr-develop This commit is unstable
fa77278c55
Owner

Symfony Security Check Report

No packages have known vulnerabilities.

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= No packages have known vulnerabilities. Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
Owner

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
Owner

Rapport PHPStan


 [OK] No errors                                                                 


## Rapport PHPStan ``` [OK] No errors ```
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-standalone/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-standalone/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-standalone:2024.7.25-pr38.948.fa77278 (alpine 3.17.1)

Vulnerabilities (21)

Package ID Severity Installed Version Fixed Version
busybox CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30
busybox-binsh CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30
libcrypto3 CVE-2024-4603 MEDIUM 3.0.12-r4 3.0.13-r0
libcrypto3 CVE-2024-4741 MEDIUM 3.0.12-r4 3.0.14-r0
libcrypto3 CVE-2024-5535 MEDIUM 3.0.12-r4 3.0.14-r0
libcrypto3 CVE-2024-2511 LOW 3.0.12-r4 3.0.12-r5
libssl3 CVE-2024-4603 MEDIUM 3.0.12-r4 3.0.13-r0
libssl3 CVE-2024-4741 MEDIUM 3.0.12-r4 3.0.14-r0
libssl3 CVE-2024-5535 MEDIUM 3.0.12-r4 3.0.14-r0
libssl3 CVE-2024-2511 LOW 3.0.12-r4 3.0.12-r5
py3-setuptools CVE-2024-6345 HIGH 65.6.0-r0 70.3.0-r0
ssl_client CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30

No Misconfigurations found

Target Node.js

Vulnerabilities (2)

Package ID Severity Installed Version Fixed Version
braces CVE-2024-4068 HIGH 3.0.2 3.0.3
ws CVE-2024-37890 HIGH 8.16.0 5.2.4, 6.2.3, 7.5.10, 8.17.1

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-standalone:2024.7.25-pr38.948.fa77278 (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (21)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-4603</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.13-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-4741</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-5535</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-2511</td> <td>LOW</td> <td>3.0.12-r4</td> <td>3.0.12-r5</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-4603</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.13-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-4741</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-5535</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-2511</td> <td>LOW</td> <td>3.0.12-r4</td> <td>3.0.12-r5</td> </tr> <tr> <td><code>py3-setuptools</code></td> <td>CVE-2024-6345</td> <td>HIGH</td> <td>65.6.0-r0</td> <td>70.3.0-r0</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>Node.js</code></h3> <h4>Vulnerabilities (2)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>braces</code></td> <td>CVE-2024-4068</td> <td>HIGH</td> <td>3.0.2</td> <td>3.0.3</td> </tr> <tr> <td><code>ws</code></td> <td>CVE-2024-37890</td> <td>HIGH</td> <td>8.16.0</td> <td>5.2.4, 6.2.3, 7.5.10, 8.17.1</td> </tr> </table> <h4>No Misconfigurations found</h4>
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-base/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-base/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-base:2024.7.25-pr38.948.fa77278 (alpine 3.17.1)

Vulnerabilities (20)

Package ID Severity Installed Version Fixed Version
busybox CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
busybox CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30
busybox-binsh CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
busybox-binsh CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30
libcrypto3 CVE-2024-4603 MEDIUM 3.0.12-r4 3.0.13-r0
libcrypto3 CVE-2024-4741 MEDIUM 3.0.12-r4 3.0.14-r0
libcrypto3 CVE-2024-5535 MEDIUM 3.0.12-r4 3.0.14-r0
libcrypto3 CVE-2024-2511 LOW 3.0.12-r4 3.0.12-r5
libssl3 CVE-2024-4603 MEDIUM 3.0.12-r4 3.0.13-r0
libssl3 CVE-2024-4741 MEDIUM 3.0.12-r4 3.0.14-r0
libssl3 CVE-2024-5535 MEDIUM 3.0.12-r4 3.0.14-r0
libssl3 CVE-2024-2511 LOW 3.0.12-r4 3.0.12-r5
ssl_client CVE-2023-42363 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42364 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42365 MEDIUM 1.35.0-r29 1.35.0-r31
ssl_client CVE-2023-42366 MEDIUM 1.35.0-r29 1.35.0-r30

No Misconfigurations found

Target Node.js

Vulnerabilities (2)

Package ID Severity Installed Version Fixed Version
braces CVE-2024-4068 HIGH 3.0.2 3.0.3
ws CVE-2024-37890 HIGH 8.16.0 5.2.4, 6.2.3, 7.5.10, 8.17.1

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-base:2024.7.25-pr38.948.fa77278 (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (20)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>busybox-binsh</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-4603</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.13-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-4741</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-5535</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2024-2511</td> <td>LOW</td> <td>3.0.12-r4</td> <td>3.0.12-r5</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-4603</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.13-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-4741</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-5535</td> <td>MEDIUM</td> <td>3.0.12-r4</td> <td>3.0.14-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2024-2511</td> <td>LOW</td> <td>3.0.12-r4</td> <td>3.0.12-r5</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42363</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42364</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42365</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r31</td> </tr> <tr> <td><code>ssl_client</code></td> <td>CVE-2023-42366</td> <td>MEDIUM</td> <td>1.35.0-r29</td> <td>1.35.0-r30</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>Node.js</code></h3> <h4>Vulnerabilities (2)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>braces</code></td> <td>CVE-2024-4068</td> <td>HIGH</td> <td>3.0.2</td> <td>3.0.3</td> </tr> <tr> <td><code>ws</code></td> <td>CVE-2024-37890</td> <td>HIGH</td> <td>8.16.0</td> <td>5.2.4, 6.2.3, 7.5.10, 8.17.1</td> </tr> </table> <h4>No Misconfigurations found</h4>
mlamalle merged commit 18c0edbe5b into develop 2024-07-25 10:25:11 +02:00
mlamalle deleted branch rewrite_sub_expression 2024-07-25 10:25:14 +02:00
Sign in to join this conversation.
No reviewers
No Label
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Cadoles/hydra-sql#38
No description provided.