Cadoles
/
hydra-sql
21
0
Fork 0
Code Issues 4 Pull Requests 1 Projects Releases Wiki Activity

issue-14: modification Dockerfile + structure k8S (à compléter) #15

Closed
rmasson wants to merge 5 commits from issue-14 into develop
pull from: issue-14
merge into: Cadoles:develop
Conversation 26 Commits 5 Files Changed 45 +499 -2348
rmasson commented 2023-06-14 15:01:33 +02:00
Owner
Copy Link

Modification du Dokerfile
Utilisation de l'image symfony8.1 de symfony-containers

Mise en place de la structure pour kubernetes

images publiées sur harbor:

standalone:

reg.cadoles.com/rmasson/hydra-sql-standalone:0.0.3-dev-issue-14-20230615

kube:

reg.cadoles.com/rmasson/hydra-sql-kube:0.0.3-dev-issue-14-20230615

Ce sont des images non stables, uniquement pour test

Modification du Dokerfile Utilisation de l'image symfony8.1 de symfony-containers Mise en place de la structure pour kubernetes ## images publiées sur harbor: ### standalone: reg.cadoles.com/rmasson/hydra-sql-standalone:0.0.3-dev-issue-14-20230615 ### kube: reg.cadoles.com/rmasson/hydra-sql-kube:0.0.3-dev-issue-14-20230615 Ce sont des images non stables, uniquement pour test
rmasson added 1 commit 2023-06-14 15:01:40 +02:00
Cadoles/hydra-sql/pipeline/head There was a failure building this commit Details
Cadoles/hydra-sql/pipeline/pr-develop This commit is unstable Details
01ab325531 issue-14: modification Dockerfile + structure k8S (à compléter)
jenkins commented 2023-06-14 15:02:45 +02:00
Owner
Copy Link

Symfony Security Check Report

3 packages have known vulnerabilities.

guzzlehttp/psr7 (2.4.3)

symfony/http-kernel (v5.4.16)

symfony/security-bundle (v5.4.11)

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= 3 packages have known vulnerabilities. guzzlehttp/psr7 (2.4.3) ----------------------- * [CVE-2023-29197][]: Improper header validation symfony/http-kernel (v5.4.16) ----------------------------- * [CVE-2022-24894][]: Prevent storing cookie headers in HttpCache symfony/security-bundle (v5.4.11) --------------------------------- * [CVE-2022-24895][]: Possible CSRF token fixation [CVE-2023-29197]: https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw [CVE-2022-24894]: https://symfony.com/cve-2022-24894 [CVE-2022-24895]: https://symfony.com/cve-2022-24895 Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
jenkins commented 2023-06-14 15:02:46 +02:00
Owner
Copy Link

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
jenkins commented 2023-06-14 15:02:50 +02:00
Owner
Copy Link

Rapport PHPStan


 [OK] No errors
## Rapport PHPStan ``` [OK] No errors ```
rmasson force-pushed issue-14 from 01ab325531 to 6e3f0e7a61 2023-06-14 16:15:17 +02:00 Compare
jenkins commented 2023-06-14 16:16:17 +02:00
Owner
Copy Link

Symfony Security Check Report

No packages have known vulnerabilities.

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= No packages have known vulnerabilities. Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
jenkins commented 2023-06-14 16:16:18 +02:00
Owner
Copy Link

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
jenkins commented 2023-06-14 16:16:21 +02:00
Owner
Copy Link

Rapport PHPStan


 [OK] No errors
## Rapport PHPStan ``` [OK] No errors ```
rmasson requested review from bgaude 2023-06-14 16:28:25 +02:00
rmasson added 1 commit 2023-06-15 15:38:22 +02:00
Cadoles/hydra-sql/pipeline/pr-develop This commit looks good Details
22231f791f issue-14: structure kubernetes
jenkins commented 2023-06-15 15:39:32 +02:00
Owner
Copy Link

Symfony Security Check Report

No packages have known vulnerabilities.

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= No packages have known vulnerabilities. Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
jenkins commented 2023-06-15 15:39:33 +02:00
Owner
Copy Link

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
jenkins commented 2023-06-15 15:39:37 +02:00
Owner
Copy Link

Rapport PHPStan


 [OK] No errors
## Rapport PHPStan ``` [OK] No errors ```
bgaude requested review from pcaseiro 2023-06-16 09:26:42 +02:00
rmasson commented 2023-06-16 11:34:33 +02:00
Author
Owner
Copy Link

images publiées sur harbor:
standalone:
reg.cadoles.com/rmasson/hydra-sql-standalone:0.0.4-dev-issue-14-20230615
ou
reg.cadoles.com/rmasson/hydra-sql-standalone:latest

kube:
reg.cadoles.com/rmasson/hydra-sql-kube:0.0.4-dev-issue-14-20230615
ou
reg.cadoles.com/rmasson/hydra-sql-kube:latest

Ce sont des images non stables, uniquement pour test sans redis.

images publiées sur harbor: standalone: reg.cadoles.com/rmasson/hydra-sql-standalone:0.0.4-dev-issue-14-20230615 ou reg.cadoles.com/rmasson/hydra-sql-standalone:latest kube: reg.cadoles.com/rmasson/hydra-sql-kube:0.0.4-dev-issue-14-20230615 ou reg.cadoles.com/rmasson/hydra-sql-kube:latest Ce sont des images non stables, uniquement pour test sans redis.
rmasson added 1 commit 2023-06-16 13:46:23 +02:00
Cadoles/hydra-sql/pipeline/pr-develop There was a failure building this commit Details
a823ac7d0e issue-14: optimisation dockerfile
jenkins commented 2023-06-16 13:47:34 +02:00
Owner
Copy Link

Symfony Security Check Report

No packages have known vulnerabilities.

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= No packages have known vulnerabilities. Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
jenkins commented 2023-06-16 13:47:35 +02:00
Owner
Copy Link

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
jenkins commented 2023-06-16 13:47:38 +02:00
Owner
Copy Link

Rapport PHPStan


 [OK] No errors
## Rapport PHPStan ``` [OK] No errors ```
jenkins commented 2023-06-16 13:47:51 +02:00
Owner
Copy Link

Validation du Dockerfile ./misc/docker/Dockerfile
## Validation du Dockerfile `./misc/docker/Dockerfile` ``` ```
rmasson added 1 commit 2023-06-16 14:00:25 +02:00
Cadoles/hydra-sql/pipeline/pr-develop This commit is unstable Details
87fe4ad16a issue-14: paramétrage Jenkinsfile
jenkins commented 2023-06-16 14:00:49 +02:00
Owner
Copy Link

Symfony Security Check Report

No packages have known vulnerabilities.

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= No packages have known vulnerabilities. Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
jenkins commented 2023-06-16 14:00:49 +02:00
Owner
Copy Link

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
jenkins commented 2023-06-16 14:00:52 +02:00
Owner
Copy Link

Rapport PHPStan


 [OK] No errors
## Rapport PHPStan ``` [OK] No errors ```
jenkins commented 2023-06-16 14:01:06 +02:00
Owner
Copy Link

Validation du Dockerfile ./misc/images/hydra-sql-standalone/Dockerfile
## Validation du Dockerfile `./misc/images/hydra-sql-standalone/Dockerfile` ``` ```
jenkins commented 2023-06-16 14:02:32 +02:00
Owner
Copy Link

Validation de l'image reg.cadoles.com/cadoles/hydra-sql:87fe4ad

+------------------------+------------------+----------+-------------------+---------------+---------------------------------------+
        LIBRARY         | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION |                 TITLE                 |
+------------------------+------------------+----------+-------------------+---------------+---------------------------------------+
 json5 (package.json)   | CVE-2022-46175   | HIGH     | 2.2.1             | 1.0.2, 2.2.2  | Prototype Pollution in                |
                        |                  |          |                   |               | JSON5 via Parse Method                |
                        |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2022-46175 |
+------------------------+------------------+          +-------------------+---------------+---------------------------------------+
 webpack (package.json) | CVE-2023-28154   |          | 5.75.0            | 5.76.0        | avoid cross-realm objects             |
                        |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-28154 |
+------------------------+------------------+----------+-------------------+---------------+---------------------------------------+
+---------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
          LIBRARY          | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION |                TITLE                 |
+---------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
 github.com/aws/aws-sdk-go | CVE-2020-8911    | MEDIUM   | v1.44.206         |               | aws/aws-sdk-go: CBC padding          |
                           |                  |          |                   |               | oracle issue in AWS S3               |
                           |                  |          |                   |               | Crypto SDK for golang...             |
                           |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2020-8911 |
+                           +------------------+----------+                   +---------------+--------------------------------------+
                           | CVE-2020-8912    | LOW      |                   |               | aws-sdk-go: In-band key              |
                           |                  |          |                   |               | negotiation issue in AWS             |
                           |                  |          |                   |               | S3 Crypto SDK for golang...          |
                           |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2020-8912 |
+---------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
## Validation de l'image `reg.cadoles.com/cadoles/hydra-sql:87fe4ad` ``` +------------------------+------------------+----------+-------------------+---------------+---------------------------------------+ LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | +------------------------+------------------+----------+-------------------+---------------+---------------------------------------+ json5 (package.json) | CVE-2022-46175 | HIGH | 2.2.1 | 1.0.2, 2.2.2 | Prototype Pollution in | | | | | | JSON5 via Parse Method | | | | | | -->avd.aquasec.com/nvd/cve-2022-46175 | +------------------------+------------------+ +-------------------+---------------+---------------------------------------+ webpack (package.json) | CVE-2023-28154 | | 5.75.0 | 5.76.0 | avoid cross-realm objects | | | | | | -->avd.aquasec.com/nvd/cve-2023-28154 | +------------------------+------------------+----------+-------------------+---------------+---------------------------------------+ +---------------------------+------------------+----------+-------------------+---------------+--------------------------------------+ LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | +---------------------------+------------------+----------+-------------------+---------------+--------------------------------------+ github.com/aws/aws-sdk-go | CVE-2020-8911 | MEDIUM | v1.44.206 | | aws/aws-sdk-go: CBC padding | | | | | | oracle issue in AWS S3 | | | | | | Crypto SDK for golang... | | | | | | -->avd.aquasec.com/nvd/cve-2020-8911 | + +------------------+----------+ +---------------+--------------------------------------+ | CVE-2020-8912 | LOW | | | aws-sdk-go: In-band key | | | | | | negotiation issue in AWS | | | | | | S3 Crypto SDK for golang... | | | | | | -->avd.aquasec.com/nvd/cve-2020-8912 | +---------------------------+------------------+----------+-------------------+---------------+--------------------------------------+ ```
pcaseiro commented 2023-06-19 10:20:08 +02:00
Owner
Copy Link

Application non fonctionnelle.

500

Failed to connect to localhost port 4445 after 0 ms: Couldn't connect to server for "http://localhost:4445/admin/oauth2/auth/requests/login?login_challenge=aa8a4d1469df4744847db52890b735fb".

L'application ne prends pas en compte les variables d'environnement.
Dans l'env du conteneur j'ai :

dev-mse-hydra-sql-7f9fdc94d7-z24kw:/app# env | grep HYDRA_ADMIN_BASE
HYDRA_ADMIN_BASE_URL=http://dev-mse-hydra:4445
dev-mse-hydra-sql-7f9fdc94d7-z24kw:/app#

Pourtant l'erreur indique que l'application cherche à communiquer avec "http://localhost:4445"

Application non fonctionnelle. ``` 500 Failed to connect to localhost port 4445 after 0 ms: Couldn't connect to server for "http://localhost:4445/admin/oauth2/auth/requests/login?login_challenge=aa8a4d1469df4744847db52890b735fb". ``` L'application ne prends pas en compte les variables d'environnement. Dans l'env du conteneur j'ai : ``` dev-mse-hydra-sql-7f9fdc94d7-z24kw:/app# env | grep HYDRA_ADMIN_BASE HYDRA_ADMIN_BASE_URL=http://dev-mse-hydra:4445 dev-mse-hydra-sql-7f9fdc94d7-z24kw:/app# ``` Pourtant l'erreur indique que l'application cherche à communiquer avec "http://localhost:4445"
pcaseiro commented 2023-06-19 13:36:53 +02:00
Owner
Copy Link

Avec la bonne configuration côté hydra-sql c'est tout bon.

Avec la bonne configuration côté hydra-sql c'est tout bon.
mlamalle added 1 commit 2023-11-02 08:37:24 +01:00
Cadoles/hydra-sql/pipeline/pr-develop There was a failure building this commit Details
Cadoles/hydra-sql/pipeline/head This commit is unstable Details
9abc04fd25 add health path
jenkins commented 2023-11-02 08:38:36 +01:00
Owner
Copy Link

Symfony Security Check Report

No packages have known vulnerabilities.

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= No packages have known vulnerabilities. Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
jenkins commented 2023-11-02 08:38:40 +01:00
Owner
Copy Link

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
jenkins commented 2023-11-02 08:38:41 +01:00
Owner
Copy Link

Rapport PHPStan


 [OK] No errors
## Rapport PHPStan ``` [OK] No errors ```
jenkins commented 2023-11-02 08:38:57 +01:00
Owner
Copy Link

Validation du Dockerfile ./misc/images/hydra-sql-standalone/Dockerfile
## Validation du Dockerfile `./misc/images/hydra-sql-standalone/Dockerfile` ``` ```
jenkins commented 2023-11-02 08:40:39 +01:00
Owner
Copy Link

Validation de l'image reg.cadoles.com/cadoles/hydra-sql:9abc04f

+-----------------+------------------+----------+-------------------+---------------+---------------------------------------+
     LIBRARY     | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION |                 TITLE                 |
+-----------------+------------------+----------+-------------------+---------------+---------------------------------------+
 curl            | CVE-2023-38545   | CRITICAL | 8.1.2-r0          | 8.4.0-r0      | heap based buffer overflow            |
                 |                  |          |                   |               | in the SOCKS5 proxy handshake         |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-38545 |
+                 +------------------+----------+                   +---------------+---------------------------------------+
                 | CVE-2023-38039   | HIGH     |                   | 8.3.0-r0      | out of heap memory issue due to       |
                 |                  |          |                   |               | missing limit on header quantity...   |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-38039 |
+                 +------------------+----------+                   +---------------+---------------------------------------+
                 | CVE-2023-38546   | LOW      |                   | 8.4.0-r0      | cookie injection with none file       |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-38546 |
+-----------------+------------------+----------+-------------------+---------------+---------------------------------------+
 libcrypto3      | CVE-2023-2975    | MEDIUM   | 3.0.9-r1          | 3.0.9-r2      | AES-SIV cipher implementation         |
                 |                  |          |                   |               | contains a bug that causes            |
                 |                  |          |                   |               | it to ignore empty...                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-2975  |
+                 +------------------+          +                   +---------------+---------------------------------------+
                 | CVE-2023-3446    |          |                   | 3.0.9-r3      | Excessive time spent checking         |
                 |                  |          |                   |               | DH keys and parameters                |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3446  |
+                 +------------------+          +                   +---------------+---------------------------------------+
                 | CVE-2023-3817    |          |                   | 3.0.10-r0     | Excessive time spent                  |
                 |                  |          |                   |               | checking DH q parameter value         |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3817  |
+                 +------------------+          +                   +---------------+---------------------------------------+
                 | CVE-2023-5363    |          |                   | 3.0.12-r0     | Incorrect cipher key                  |
                 |                  |          |                   |               | and IV length processing              |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-5363  |
+-----------------+------------------+----------+-------------------+---------------+---------------------------------------+
 libcurl         | CVE-2023-38545   | CRITICAL | 8.1.2-r0          | 8.4.0-r0      | heap based buffer overflow            |
                 |                  |          |                   |               | in the SOCKS5 proxy handshake         |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-38545 |
+                 +------------------+----------+                   +---------------+---------------------------------------+
                 | CVE-2023-38039   | HIGH     |                   | 8.3.0-r0      | out of heap memory issue due to       |
                 |                  |          |                   |               | missing limit on header quantity...   |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-38039 |
+                 +------------------+----------+                   +---------------+---------------------------------------+
                 | CVE-2023-38546   | LOW      |                   | 8.4.0-r0      | cookie injection with none file       |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-38546 |
+-----------------+------------------+----------+-------------------+---------------+---------------------------------------+
 libssl3         | CVE-2023-2975    | MEDIUM   | 3.0.9-r1          | 3.0.9-r2      | AES-SIV cipher implementation         |
                 |                  |          |                   |               | contains a bug that causes            |
                 |                  |          |                   |               | it to ignore empty...                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-2975  |
+                 +------------------+          +                   +---------------+---------------------------------------+
                 | CVE-2023-3446    |          |                   | 3.0.9-r3      | Excessive time spent checking         |
                 |                  |          |                   |               | DH keys and parameters                |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3446  |
+                 +------------------+          +                   +---------------+---------------------------------------+
                 | CVE-2023-3817    |          |                   | 3.0.10-r0     | Excessive time spent                  |
                 |                  |          |                   |               | checking DH q parameter value         |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3817  |
+                 +------------------+          +                   +---------------+---------------------------------------+
                 | CVE-2023-5363    |          |                   | 3.0.12-r0     | Incorrect cipher key                  |
                 |                  |          |                   |               | and IV length processing              |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-5363  |
+-----------------+------------------+----------+-------------------+---------------+---------------------------------------+
 nghttp2-libs    | CVE-2023-35945   | HIGH     | 1.51.0-r0         | 1.51.0-r1     | HTTP/2 memory leak in nghttp2 codec   |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-35945 |
+                 +------------------+          +                   +---------------+---------------------------------------+
                 | CVE-2023-44487   |          |                   | 1.51.0-r2     | Multiple HTTP/2 enabled               |
                 |                  |          |                   |               | web servers are vulnerable            |
                 |                  |          |                   |               | to a DDoS attack (Rapid...            |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-44487 |
+-----------------+                  +          +-------------------+---------------+                                       +
 nginx           |                  |          | 1.22.1-r0         | 1.22.1-r1     |                                       |
                 |                  |          |                   |               |                                       |
                 |                  |          |                   |               |                                       |
                 |                  |          |                   |               |                                       |
+-----------------+------------------+----------+-------------------+---------------+---------------------------------------+
 php81           | CVE-2023-3824    | CRITICAL | 8.1.19-r0         | 8.1.22-r0     | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-common    | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-ctype     | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-curl      | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-dom       | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-fpm       | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-iconv     | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-mbstring  | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-openssl   | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-phar      | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-session   | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-simplexml | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-tokenizer | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-xml       | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-xmlwriter | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+----------+                   +               +---------------------------------------+
 php81-zip       | CVE-2023-3824    | CRITICAL |                   |               | phar Buffer mismanagement             |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3824  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3823    | HIGH     |                   |               | XML loading external entity           |
                 |                  |          |                   |               | without being enabled                 |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3823  |
+                 +------------------+----------+                   +               +---------------------------------------+
                 | CVE-2023-3247    | MEDIUM   |                   |               | Missing error check and               |
                 |                  |          |                   |               | insufficient random bytes in          |
                 |                  |          |                   |               | HTTP Digest authentication for...     |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-3247  |
+-----------------+------------------+          +-------------------+---------------+---------------------------------------+
 python3         | CVE-2023-40217   |          | 3.10.11-r0        | 3.10.13-r0    | TLS handshake bypass                  |
                 |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2023-40217 |
+-----------------+------------------+----------+-------------------+---------------+---------------------------------------+
+--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+
            LIBRARY             | VULNERABILITY ID | SEVERITY | INSTALLED VERSION |     FIXED VERSION     |                 TITLE                 |
+--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+
 @babel/traverse (package.json) | CVE-2023-45133   | CRITICAL | 7.20.5            | 7.23.2, 8.0.0-alpha.4 | arbitrary code execution              |
                                |                  |          |                   |                       | -->avd.aquasec.com/nvd/cve-2023-45133 |
+--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+
 json5 (package.json)           | CVE-2022-46175   | HIGH     | 2.2.1             | 2.2.2, 1.0.2          | Prototype Pollution in                |
                                |                  |          |                   |                       | JSON5 via Parse Method                |
                                |                  |          |                   |                       | -->avd.aquasec.com/nvd/cve-2022-46175 |
+--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+
 postcss (package.json)         | CVE-2023-44270   | MEDIUM   | 8.4.20            | 8.4.31                | An issue was discovered in            |
                                |                  |          |                   |                       | PostCSS before 8.4.31. The            |
                                |                  |          |                   |                       | vulnerability af ......               |
                                |                  |          |                   |                       | -->avd.aquasec.com/nvd/cve-2023-44270 |
+--------------------------------+------------------+          +-------------------+-----------------------+---------------------------------------+
 semver (package.json)          | CVE-2022-25883   |          | 6.3.0             | 7.5.2, 6.3.1, 5.7.2   | Regular expression denial of service  |
                                |                  |          |                   |                       | -->avd.aquasec.com/nvd/cve-2022-25883 |
+                                +                  +          +-------------------+                       +                                       +
                                |                  |          | 7.3.8             |                       |                                       |
                                |                  |          |                   |                       |                                       |
+--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+
 webpack (package.json)         | CVE-2023-28154   | CRITICAL | 5.75.0            | 5.76.0                | avoid cross-realm objects             |
                                |                  |          |                   |                       | -->avd.aquasec.com/nvd/cve-2023-28154 |
+--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+
+------------------------+---------------------+----------+-------------------+------------------------+----------------------------------------------+
        LIBRARY         |  VULNERABILITY ID   | SEVERITY | INSTALLED VERSION |     FIXED VERSION      |                    TITLE                     |
+------------------------+---------------------+----------+-------------------+------------------------+----------------------------------------------+
 golang.org/x/net       | CVE-2023-39325      | HIGH     | v0.7.0            | 0.17.0                 | rapid stream resets can cause                |
                        |                     |          |                   |                        | excessive work (CVE-2023-44487)              |
                        |                     |          |                   |                        | -->avd.aquasec.com/nvd/cve-2023-39325        |
+                        +---------------------+----------+                   +------------------------+----------------------------------------------+
                        | CVE-2023-3978       | MEDIUM   |                   | 0.13.0                 | Cross site scripting                         |
                        |                     |          |                   |                        | -->avd.aquasec.com/nvd/cve-2023-3978         |
+                        +---------------------+          +                   +------------------------+----------------------------------------------+
                        | CVE-2023-44487      |          |                   | 0.17.0                 | Multiple HTTP/2 enabled                      |
                        |                     |          |                   |                        | web servers are vulnerable                   |
                        |                     |          |                   |                        | to a DDoS attack (Rapid...                   |
                        |                     |          |                   |                        | -->avd.aquasec.com/nvd/cve-2023-44487        |
+------------------------+---------------------+----------+-------------------+------------------------+----------------------------------------------+
 google.golang.org/grpc | GHSA-m425-mq94-257g | HIGH     | v1.46.2           | 1.56.3, 1.57.1, 1.58.3 | gRPC-Go HTTP/2 Rapid Reset vulnerability     |
                        |                     |          |                   |                        | -->github.com/advisories/GHSA-m425-mq94-257g |
+                        +---------------------+----------+                   +------------------------+----------------------------------------------+
                        | CVE-2023-44487      | MEDIUM   |                   | 1.58.3, 1.57.1, 1.56.3 | Multiple HTTP/2 enabled                      |
                        |                     |          |                   |                        | web servers are vulnerable                   |
                        |                     |          |                   |                        | to a DDoS attack (Rapid...                   |
                        |                     |          |                   |                        | -->avd.aquasec.com/nvd/cve-2023-44487        |
+------------------------+---------------------+----------+-------------------+------------------------+----------------------------------------------+
## Validation de l'image `reg.cadoles.com/cadoles/hydra-sql:9abc04f` ``` +-----------------+------------------+----------+-------------------+---------------+---------------------------------------+ LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | +-----------------+------------------+----------+-------------------+---------------+---------------------------------------+ curl | CVE-2023-38545 | CRITICAL | 8.1.2-r0 | 8.4.0-r0 | heap based buffer overflow | | | | | | in the SOCKS5 proxy handshake | | | | | | -->avd.aquasec.com/nvd/cve-2023-38545 | + +------------------+----------+ +---------------+---------------------------------------+ | CVE-2023-38039 | HIGH | | 8.3.0-r0 | out of heap memory issue due to | | | | | | missing limit on header quantity... | | | | | | -->avd.aquasec.com/nvd/cve-2023-38039 | + +------------------+----------+ +---------------+---------------------------------------+ | CVE-2023-38546 | LOW | | 8.4.0-r0 | cookie injection with none file | | | | | | -->avd.aquasec.com/nvd/cve-2023-38546 | +-----------------+------------------+----------+-------------------+---------------+---------------------------------------+ libcrypto3 | CVE-2023-2975 | MEDIUM | 3.0.9-r1 | 3.0.9-r2 | AES-SIV cipher implementation | | | | | | contains a bug that causes | | | | | | it to ignore empty... | | | | | | -->avd.aquasec.com/nvd/cve-2023-2975 | + +------------------+ + +---------------+---------------------------------------+ | CVE-2023-3446 | | | 3.0.9-r3 | Excessive time spent checking | | | | | | DH keys and parameters | | | | | | -->avd.aquasec.com/nvd/cve-2023-3446 | + +------------------+ + +---------------+---------------------------------------+ | CVE-2023-3817 | | | 3.0.10-r0 | Excessive time spent | | | | | | checking DH q parameter value | | | | | | -->avd.aquasec.com/nvd/cve-2023-3817 | + +------------------+ + +---------------+---------------------------------------+ | CVE-2023-5363 | | | 3.0.12-r0 | Incorrect cipher key | | | | | | and IV length processing | | | | | | -->avd.aquasec.com/nvd/cve-2023-5363 | +-----------------+------------------+----------+-------------------+---------------+---------------------------------------+ libcurl | CVE-2023-38545 | CRITICAL | 8.1.2-r0 | 8.4.0-r0 | heap based buffer overflow | | | | | | in the SOCKS5 proxy handshake | | | | | | -->avd.aquasec.com/nvd/cve-2023-38545 | + +------------------+----------+ +---------------+---------------------------------------+ | CVE-2023-38039 | HIGH | | 8.3.0-r0 | out of heap memory issue due to | | | | | | missing limit on header quantity... | | | | | | -->avd.aquasec.com/nvd/cve-2023-38039 | + +------------------+----------+ +---------------+---------------------------------------+ | CVE-2023-38546 | LOW | | 8.4.0-r0 | cookie injection with none file | | | | | | -->avd.aquasec.com/nvd/cve-2023-38546 | +-----------------+------------------+----------+-------------------+---------------+---------------------------------------+ libssl3 | CVE-2023-2975 | MEDIUM | 3.0.9-r1 | 3.0.9-r2 | AES-SIV cipher implementation | | | | | | contains a bug that causes | | | | | | it to ignore empty... | | | | | | -->avd.aquasec.com/nvd/cve-2023-2975 | + +------------------+ + +---------------+---------------------------------------+ | CVE-2023-3446 | | | 3.0.9-r3 | Excessive time spent checking | | | | | | DH keys and parameters | | | | | | -->avd.aquasec.com/nvd/cve-2023-3446 | + +------------------+ + +---------------+---------------------------------------+ | CVE-2023-3817 | | | 3.0.10-r0 | Excessive time spent | | | | | | checking DH q parameter value | | | | | | -->avd.aquasec.com/nvd/cve-2023-3817 | + +------------------+ + +---------------+---------------------------------------+ | CVE-2023-5363 | | | 3.0.12-r0 | Incorrect cipher key | | | | | | and IV length processing | | | | | | -->avd.aquasec.com/nvd/cve-2023-5363 | +-----------------+------------------+----------+-------------------+---------------+---------------------------------------+ nghttp2-libs | CVE-2023-35945 | HIGH | 1.51.0-r0 | 1.51.0-r1 | HTTP/2 memory leak in nghttp2 codec | | | | | | -->avd.aquasec.com/nvd/cve-2023-35945 | + +------------------+ + +---------------+---------------------------------------+ | CVE-2023-44487 | | | 1.51.0-r2 | Multiple HTTP/2 enabled | | | | | | web servers are vulnerable | | | | | | to a DDoS attack (Rapid... | | | | | | -->avd.aquasec.com/nvd/cve-2023-44487 | +-----------------+ + +-------------------+---------------+ + nginx | | | 1.22.1-r0 | 1.22.1-r1 | | | | | | | | | | | | | | | | | | | | +-----------------+------------------+----------+-------------------+---------------+---------------------------------------+ php81 | CVE-2023-3824 | CRITICAL | 8.1.19-r0 | 8.1.22-r0 | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-common | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-ctype | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-curl | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-dom | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-fpm | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-iconv | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-mbstring | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-openssl | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-phar | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-session | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-simplexml | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-tokenizer | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-xml | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-xmlwriter | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+----------+ + +---------------------------------------+ php81-zip | CVE-2023-3824 | CRITICAL | | | phar Buffer mismanagement | | | | | | -->avd.aquasec.com/nvd/cve-2023-3824 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3823 | HIGH | | | XML loading external entity | | | | | | without being enabled | | | | | | -->avd.aquasec.com/nvd/cve-2023-3823 | + +------------------+----------+ + +---------------------------------------+ | CVE-2023-3247 | MEDIUM | | | Missing error check and | | | | | | insufficient random bytes in | | | | | | HTTP Digest authentication for... | | | | | | -->avd.aquasec.com/nvd/cve-2023-3247 | +-----------------+------------------+ +-------------------+---------------+---------------------------------------+ python3 | CVE-2023-40217 | | 3.10.11-r0 | 3.10.13-r0 | TLS handshake bypass | | | | | | -->avd.aquasec.com/nvd/cve-2023-40217 | +-----------------+------------------+----------+-------------------+---------------+---------------------------------------+ +--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+ LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | +--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+ @babel/traverse (package.json) | CVE-2023-45133 | CRITICAL | 7.20.5 | 7.23.2, 8.0.0-alpha.4 | arbitrary code execution | | | | | | -->avd.aquasec.com/nvd/cve-2023-45133 | +--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+ json5 (package.json) | CVE-2022-46175 | HIGH | 2.2.1 | 2.2.2, 1.0.2 | Prototype Pollution in | | | | | | JSON5 via Parse Method | | | | | | -->avd.aquasec.com/nvd/cve-2022-46175 | +--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+ postcss (package.json) | CVE-2023-44270 | MEDIUM | 8.4.20 | 8.4.31 | An issue was discovered in | | | | | | PostCSS before 8.4.31. The | | | | | | vulnerability af ...... | | | | | | -->avd.aquasec.com/nvd/cve-2023-44270 | +--------------------------------+------------------+ +-------------------+-----------------------+---------------------------------------+ semver (package.json) | CVE-2022-25883 | | 6.3.0 | 7.5.2, 6.3.1, 5.7.2 | Regular expression denial of service | | | | | | -->avd.aquasec.com/nvd/cve-2022-25883 | + + + +-------------------+ + + | | | 7.3.8 | | | | | | | | | +--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+ webpack (package.json) | CVE-2023-28154 | CRITICAL | 5.75.0 | 5.76.0 | avoid cross-realm objects | | | | | | -->avd.aquasec.com/nvd/cve-2023-28154 | +--------------------------------+------------------+----------+-------------------+-----------------------+---------------------------------------+ +------------------------+---------------------+----------+-------------------+------------------------+----------------------------------------------+ LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | +------------------------+---------------------+----------+-------------------+------------------------+----------------------------------------------+ golang.org/x/net | CVE-2023-39325 | HIGH | v0.7.0 | 0.17.0 | rapid stream resets can cause | | | | | | excessive work (CVE-2023-44487) | | | | | | -->avd.aquasec.com/nvd/cve-2023-39325 | + +---------------------+----------+ +------------------------+----------------------------------------------+ | CVE-2023-3978 | MEDIUM | | 0.13.0 | Cross site scripting | | | | | | -->avd.aquasec.com/nvd/cve-2023-3978 | + +---------------------+ + +------------------------+----------------------------------------------+ | CVE-2023-44487 | | | 0.17.0 | Multiple HTTP/2 enabled | | | | | | web servers are vulnerable | | | | | | to a DDoS attack (Rapid... | | | | | | -->avd.aquasec.com/nvd/cve-2023-44487 | +------------------------+---------------------+----------+-------------------+------------------------+----------------------------------------------+ google.golang.org/grpc | GHSA-m425-mq94-257g | HIGH | v1.46.2 | 1.56.3, 1.57.1, 1.58.3 | gRPC-Go HTTP/2 Rapid Reset vulnerability | | | | | | -->github.com/advisories/GHSA-m425-mq94-257g | + +---------------------+----------+ +------------------------+----------------------------------------------+ | CVE-2023-44487 | MEDIUM | | 1.58.3, 1.57.1, 1.56.3 | Multiple HTTP/2 enabled | | | | | | web servers are vulnerable | | | | | | to a DDoS attack (Rapid... | | | | | | -->avd.aquasec.com/nvd/cve-2023-44487 | +------------------------+---------------------+----------+-------------------+------------------------+----------------------------------------------+ ```
mlamalle closed this pull request 2023-12-14 09:13:47 +01:00
Some checks failed
Cadoles/hydra-sql/pipeline/pr-develop There was a failure building this commit
Details
Cadoles/hydra-sql/pipeline/head This commit is unstable
Details

Pull request closed

Please reopen this pull request to perform a merge.
Sign in to join this conversation.
Reviewers
No reviewers
bgaude
pcaseiro
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
4 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Cadoles/hydra-sql#15
No description provided.
Delete Branch "issue-14"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?