Update AdminController.java #37

shiftleft-chuck · 2022-04-27T17:38:29Z

No description provided.

github-actions · 2022-04-27T17:40:39Z

Checking analysis of application `shiftleft-java-demo` against 2 build rules.

Using sl version 0.9.1254 (d701df3323055d3e9349935b3f5d38f382b962f4).

Checking new findings between scans 17 and 18.

Results per rule:

allow-zero-findings: FAIL (2 matched vulnerabilities; configured threshold is 0)

New findings:

ID	Severity	Title
291	critical	pkg:maven/org.apache.tomcat.embed/[email protected]
292	critical	Deserialization: Attacker-controlled Data Used in Unsafe Deserialization Function via `auth` in `AdminController.doPostLogin`

Severity	Count
Critical	2
Moderate	0
Info	0

Finding Type	Count
Vuln	1
Secret	0
Insight	0
Extscan	0
Oss_vuln	1
Container	0
Package	0

reachable-oss-vuln: FAIL (1 matched vulnerabilities; configured threshold is 0)

New findings:

ID Severity Title

291 critical pkg:maven/org.apache.tomcat.embed/[email protected]

Severity Count

Critical 1

Moderate 0

Info 0

2 rules failed.

Update AdminController.java

c357f36

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update AdminController.java #37

Update AdminController.java #37

Uh oh!

shiftleft-chuck commented Apr 27, 2022

Uh oh!

github-actions bot commented Apr 27, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Update AdminController.java #37

Are you sure you want to change the base?

Update AdminController.java #37

Uh oh!

Conversation

shiftleft-chuck commented Apr 27, 2022

Uh oh!

github-actions bot commented Apr 27, 2022

Checking analysis of application shiftleft-java-demo against 2 build rules.

Checking new findings between scans 17 and 18.

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Checking analysis of application `shiftleft-java-demo` against 2 build rules.