Update build_container_image.yml reference to feat-print-dep-versions #5

Sign in to view logs

GitHub Actions / forge-k8s:main-linux-arm64 scan results succeeded Jan 10, 2024 in 0s

1 fail in 0s

1 tests ±0 0 ✅ ±0 0s ⏱️ ±0s
4 suites ±0 0 💤 ±0
1 files ±0 1 ❌ ±0

Results for commit d9a987e. ± Comparison against earlier commit 9137e91.

Annotations

Check warning on line 0 in tough-cookie-2.5.0

github-actions / forge-k8s:main-linux-arm64 scan results

[MEDIUM] CVE-2023-26136 (tough-cookie-2.5.0) failed

trivy-junit-results.xml

Raw output


            tough-cookie: prototype pollution in cookie memstore
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.

View more details on GitHub Actions