Identified Risks
This table shows all the identified risks for this repository.
Filename | Message | Scanner |
|---|---|---|
.github/workflows/dependency-risk-identification.yml | Ensure top-level permissions are not set to write-all | iac |
.github/workflows/code-risk-identification.yml | Ensure top-level permissions are not set to write-all | iac |
.github/workflows/software-composition-analysis.yml | Ensure top-level permissions are not set to write-all | iac |
.github/workflows/sast.yml | Ensure top-level permissions are not set to write-all | iac |
.github/workflows/secret-scanning.yml | Ensure top-level permissions are not set to write-all | iac |
.github/workflows/container-scanning.yml | Ensure top-level permissions are not set to write-all | iac |
.github/workflows/deploy.yml | Ensure top-level permissions are not set to write-all | iac |
.github/workflows/build-image.yml | Ensure top-level permissions are not set to write-all | iac |
.github/workflows/iac.yml | Ensure top-level permissions are not set to write-all | iac |
.github/workflows/sign.yml | Ensure top-level permissions are not set to write-all | iac |
leaks-baseline.json | generic-api-key has detected secret for file leaks-baseline.json at commit 59b5719ab78ed94ce540b6445e54c2644b447832. | secret-scanning |
leaks-baseline.json | generic-api-key has detected secret for file leaks-baseline.json at commit 59b5719ab78ed94ce540b6445e54c2644b447832. | secret-scanning |
leaks-baseline.json | generic-api-key has detected secret for file leaks-baseline.json at commit 59b5719ab78ed94ce540b6445e54c2644b447832. | secret-scanning |
leaks-baseline.json | generic-api-key has detected secret for file leaks-baseline.json at commit 59b5719ab78ed94ce540b6445e54c2644b447832. | secret-scanning |
leaks-baseline.json | generic-api-key has detected secret for file leaks-baseline.json at commit 59b5719ab78ed94ce540b6445e54c2644b447832. | secret-scanning |
leaks-baseline.json | generic-api-key has detected secret for file leaks-baseline.json at commit 59b5719ab78ed94ce540b6445e54c2644b447832. | secret-scanning |
leaks-baseline.json | generic-api-key has detected secret for file leaks-baseline.json at commit 59b5719ab78ed94ce540b6445e54c2644b447832. | secret-scanning |
leaks-baseline.json | generic-api-key has detected secret for file leaks-baseline.json at commit 59b5719ab78ed94ce540b6445e54c2644b447832. | secret-scanning |
leaks-baseline.json | generic-api-key has detected secret for file leaks-baseline.json at commit 59b5719ab78ed94ce540b6445e54c2644b447832. | secret-scanning |
Dockerfile | Ensure that a user for the container has been created | iac |
Dockerfile | Ensure that HEALTHCHECK instructions have been added to container images | iac |
/github/workspace/Dockerfile | By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'. | sast |
.github/workflows/attest.yml | Ensure top-level permissions are not set to write-all | iac |
Showing 1 of 1 pages (23 items)