Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump kics dockerfile version #124

Merged
merged 2 commits into from
Feb 5, 2025
Merged

Bump kics dockerfile version #124

merged 2 commits into from
Feb 5, 2025

Conversation

cx-monicac
Copy link
Contributor

No description provided.

@cx-monicac cx-monicac requested a review from a team as a code owner February 5, 2025 15:41
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 5, 2025

kics-logo

KICS version: v2.1.5

Category Results
CRITICAL CRITICAL 0
HIGH HIGH 1
MEDIUM MEDIUM 3
LOW LOW 1
INFO INFO 0
TRACE TRACE 0
TOTAL TOTAL 5
Metric Values
Files scanned placeholder 2
Files parsed placeholder 2
Files failed to scan placeholder 0
Total executed queries placeholder 1088
Queries failed to execute placeholder 0
Execution time placeholder 25

Queries Results

Query Name Query Id Severity Platform Cwe Category Experimental Description File Name Line Issue Type Search Key Expected Value Actual Value Resource Type Resource Name Remediation Remediation Type
Passwords And Secrets - Generic Password 487f4be7-3fd9-4506-a07a-eae252180c08 HIGH Common 798 Secret Management false Query to find passwords and secrets in infrastructure code. test/samples/positive1.tf 12 RedundantAttribute Hardcoded secret key should not appear in source Hardcoded secret key appears in source
AD Admin Not Configured For SQL Server a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b MEDIUM Terraform 732 Insecure Configurations false The Active Directory Administrator is not configured for a SQL server test/samples/positive1.tf 6 MissingAttribute azurerm_sql_server[positive2] A 'azurerm_sql_active_directory_administrator' should be defined for 'azurerm_sql_server[positive2]' A 'azurerm_sql_active_directory_administrator' is not defined for 'azurerm_sql_server[positive2]' azurerm_sql_server mysqlserver1
Admin User Enabled For Container Registry b897dfbf-322c-45a8-b67c-1e698beeaa51 MEDIUM Terraform 732 Access Control false Admin user is enabled for Container Registry test/samples/positive2.tf 11 IncorrectValue azurerm_container_registry[positive2].admin_enabled 'admin_enabled' equal 'false' 'admin_enabled' equal 'true' azurerm_container_registry containerRegistry1 {"after":"false","before":"true"} replacement
SQL Server Auditing Disabled f7e296b0-6660-4bc5-8f87-22ac4a815edf MEDIUM Terraform 778 Observability false Make sure that for SQL Servers, 'Auditing' is set to 'On' test/samples/positive1.tf 6 MissingAttribute azurerm_sql_server[positive2] 'azurerm_sql_server.positive2.extended_auditing_policy' should exist 'azurerm_sql_server.positive2.extended_auditing_policy' does not exist azurerm_sql_server mysqlserver1
SQL Server Predictable Active Directory Account Name bcd3fc01-5902-4f2a-b05a-227f9bbf5450 LOW Terraform 522 Best Practices false Azure SQL Server must avoid using predictable Active Directory Administrator Account names, like 'Admin', which means the attribute 'login' must be set to a name that is not easy to predict test/samples/positive1.tf 18 IncorrectValue azurerm_sql_active_directory_administrator[positive3].login 'azurerm_sql_active_directory_administrator[positive3].login' should not be predictable' 'azurerm_sql_active_directory_administrator[positive3].login' is predictable azurerm_sql_active_directory_administrator positive3

@amacedoo
Copy link

amacedoo commented Feb 5, 2025
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailsdda3bb81-153f-4801-8237-564d5111dd09

New Issues (1)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
MEDIUM CVE-2025-22150 Npm-undici-5.28.3
detailsRecommended version: 5.28.5
Description: Undici is an HTTP/1.1 client. In affected versions, undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is kno...
Attack Vector: NETWORK
Attack Complexity: HIGH
Vulnerable Package

cx-ruiaraujo
cx-ruiaraujo approved these changes Feb 5, 2025
View reviewed changes
Copy link
Contributor

@cx-ruiaraujo cx-ruiaraujo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@cx-monicac cx-monicac merged commit 3246fb4 into master Feb 5, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cx-ruiaraujo cx-ruiaraujo cx-ruiaraujo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cx-monicac @amacedoo @cx-ruiaraujo