-
Notifications
You must be signed in to change notification settings - Fork 106
Open
Labels
vulnerabilitiesSomething in the repository is a security vulnerability.Something in the repository is a security vulnerability.
Description
Vulnerability Description
The Dockerfile, kubernetes and helm configs are failing when trivy config
is executed in CI using the marketplace action.
Steps to Reproduce
- Commit a change to the repository
- The GHA CI pipeline executes and the
sast-iac-trivy-hadolint
job executes which scans the IAC for security vulnerabilities - CI Execution fails since vulnerabilites of different severities are found
Impact
The pipeline fails because of vulnerabiliteis which imposes secutity risk.
Suggested Mitigation or Fix
Fix the code to mitigate static infra code analysis found by trivy.
CVSS Score (Optional):
Available in the CI execution
Metadata
Metadata
Assignees
Labels
vulnerabilitiesSomething in the repository is a security vulnerability.Something in the repository is a security vulnerability.