Skip to content

DockerHub detector: ignore matches from Docker-Upload-Uuid header #3676

New issue
New issue
Open
#4219
Open
DockerHub detector: ignore matches from Docker-Upload-Uuid header#3676
#4219
Assignees
shahzadhaider1
Labels
enhancement
@rgmz

Description

@rgmz
rgmz
opened on Nov 26, 2024 Β· edited by rgmz
Contributor

This creates a large number of false positives + ratelimiting.

Found unverified result πŸ·πŸ”‘β“
Verification issue: unexpected response status 429
Detector Type: Dockerhub
Decoder Type: PLAIN
Raw result: Connection:3d2d2ca6-2d54-4a4f-b34f-15aa9b6bf5aa
Commit: b0ac5c5496204e2287bbf8ad6e5ecee2057df57d
Email: Shiwei Zhang <shizh@microsoft.com>
File: distribution-spec/v1.1/azurecontainerregistry/report.html
Line: 366
Link: https://github.com/jfrog/oci-conformance/blob/b0ac5c5496204e2287bbf8ad6e5ecee2057df57d/distribution-spec/v1.1/azurecontainerregistry/report.html#L366
Repository: https://github.com/jfrog/oci-conformance.git
Timestamp: 2024-06-27 04:54:15 +0000

Activity

rgmz
added
enhancement
on Nov 26, 2024
rgmz

rgmz commented on Dec 2, 2024

@rgmz
rgmz
on Dec 2, 2024
ContributorAuthor

Also the username should be filtered to ensure it's not a part of the/a UUID:

Found unverified result πŸ·πŸ”‘β“
Verification issue: unexpected response status 429
Detector Type: Dockerhub
Decoder Type: ESCAPED_UNICODE
Raw result: 96990475:f915eb2c-2e28-4b43-99bd-d85bb492a22e
Commit: 4b2c4abd80eb2263f6345749c570158170648c5c
File: sdk/containerregistry/Azure.Containers.ContainerRegistry/tests/SessionRecords/ContainerRegistryBlobClientLiveTests/CanDownloadBlobToStreamInUnequalChunksAsync.json
Line: 139
Link: https://github.com/Azure/azure-sdk-for-net/blob/4b2c4abd80eb2263f6345749c570158170648c5c/sdk/containerregistry/Azure.Containers.ContainerRegistry/tests/SessionRecords/ContainerRegistryBlobClientLiveTests/CanDownloadBlobToStreamInUnequalChunksAsync.json#L139
Repository: https://github.com/Azure/azure-sdk-for-net.git
Timestamp: 2023-01-12 00:55:05 +0000

The username is matching from:

        "X-Ms-Correlation-Request-Id": "96990475-ceda-4799-b683-3bd269c7d4ba",
shahzadhaider1
self-assigned this
on Jun 10, 2025
shahzadhaider1
linked a pull request that will close this issueRefine Dockerhub Detector for Improved Accuracy & Coverage #4219on Jun 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

enhancement

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

    Development

    Participants

    @rgmz@shahzadhaider1

    Issue actions
      DockerHub detector: ignore matches from `Docker-Upload-Uuid` header Β· Issue #3676 Β· trufflesecurity/trufflehog