Skip to content
Kics

added flyscrape.config.js #347

Sign in to view logs

added flyscrape.config.js

added flyscrape.config.js #347

Triggered via push September 25, 2024 12:54
@HariSekhonHariSekhon
pushed 8f458c8
master
Status Failure
Total duration 1m 45s
Artifacts

kics.yaml

on: push
Kics  /  Kics Scan
1m 33s
Kics / Kics Scan
Fit to window
Zoom out
Zoom in

Annotations

1 error and 12 warnings
Kics / Kics Scan
KICS scan failed with exit code 50
Kics / Kics Scan
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
[HIGH] Container Is Privileged: vagrant-templates/kubernetes/calico.yaml#L3512
Privileged containers lack essential security restrictions and should be avoided by removing the 'privileged' flag or by changing its value to false
[HIGH] Container Is Privileged: vagrant-templates/kubernetes/calico.yaml#L3476
Privileged containers lack essential security restrictions and should be avoided by removing the 'privileged' flag or by changing its value to false
[HIGH] Container Is Privileged: vagrant-templates/kubernetes/calico.yaml#L3596
Privileged containers lack essential security restrictions and should be avoided by removing the 'privileged' flag or by changing its value to false
[HIGH] Container Is Privileged: vagrant-templates/kubernetes/calico.yaml#L3521
Privileged containers lack essential security restrictions and should be avoided by removing the 'privileged' flag or by changing its value to false
[HIGH] DB Security Group Open To Large Scope: ec2.yaml#L29
The IP address in a DB Security Group must not have more than 256 hosts.
[HIGH] Missing User Instruction: Dockerfile#L312
A user should be specified in the dockerfile, otherwise the image will run as root
[HIGH] Passwords And Secrets - Generic Token: github-workflow.yaml#L260
Query to find passwords and secrets in infrastructure code.
[HIGH] Passwords And Secrets - Generic Token: github-workflow.yaml#L531
Query to find passwords and secrets in infrastructure code.
[HIGH] Passwords And Secrets - Generic Token: workflow.yaml#L260
Query to find passwords and secrets in infrastructure code.
[HIGH] Passwords And Secrets - Generic Token: workflow.yaml#L531
Query to find passwords and secrets in infrastructure code.
Kics / Kics Scan
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/