Check logs sprint 9.4 week 1 #3838

hcaofec · 2019-06-26T16:01:02Z

Log review needs to be completed for sprint 9.4 week 1 per the Security Event Review Checklist (https://github.com/fecgov/FEC/wiki/Security-Event-Review-Checklist)

lbeaufort · 2019-07-03T18:54:37Z

Vulnerabilities found this week
FEC-CMS: Total 2
package.json: 2 HIGH
Prototype Pollution: fecgov/fec-cms#3021
Prototype Pollution: fecgov/fec-cms#3022

requirements.txt: 1 MED, 1 LOW
Man-in-the-Middle (MitM) fecgov/fec-cms#3023
Cross-site Scripting (XSS)(django) : LOW fecgov/fec-cms#2944

OPENFEC: 0
package.json: 0
requirements.txt: 0
data/flyway/build.gradle: 0

FEC-EREGS: 0
package.json: 0
requirements.txt: 0

FEC-PATTERN-LIBRARY: 0
package.json: 0

Users changed this week or last:
Search logs: No new users added/removed
Cloud.gov Dashboard: 9 deployer accounts, same as last week.

hcaofec added this to the Sprint 9.4 milestone Jun 26, 2019

PaulClark2 added the Security: general General security concern or issue label Jun 27, 2019

dorothyyeager assigned lbeaufort Jul 2, 2019

lbeaufort closed this as completed Jul 3, 2019

patphongs mentioned this issue Feb 29, 2024

Epic: Stability and reliability fecgov/fec-epics#137

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Check logs sprint 9.4 week 1 #3838

Check logs sprint 9.4 week 1 #3838

hcaofec commented Jun 26, 2019

lbeaufort commented Jul 3, 2019

Check logs sprint 9.4 week 1 #3838

Check logs sprint 9.4 week 1 #3838

Comments

hcaofec commented Jun 26, 2019

lbeaufort commented Jul 3, 2019