Devguard-Pipeline

quay.io/jetstack/cert-manager-acmesolver

devguard-action

ghcr.io/l3montree-dev/devguard-postgresql

devguard-scanner

 Devguard-Pipeline

ghcr.io/l3montree-dev/devguard-operator

devguard-documentation

devguard

devguard-web

docker.io/oryd/kratos

DevGuard Operator

ghcr.io/l3montree-dev/devguard

Devguard

openCode

Robot User

Tim Bastin

refoo0

L3montree Cybersecurity

Controlled by an Kubernetes Operator. Asset quay.io/jetstack/cert-manager-acmesolver

Controlled by an Kubernetes Operator. Asset ghcr.io/l3montree-dev/devguard-postgresql

The scanner component of the devguard project

This is a scan for Devguard CI/CD components in a GitLab project, aimed at testing whether these components function correctly.

Controlled by an Kubernetes Operator. Asset ghcr.io/l3montree-dev/devguard-operator

The documentation for the DevGuard Project

Controlled by an Kubernetes Operator. Asset docker.io/oryd/kratos

Manage your CVEs seamlessly, Integrate your Vulnerability Scanners, Documentation made easy, Compliance to security Frameworks - OWASP Incubating Project

CVE	Risk	Asset	Accepted at	Justification
CVE-2024-6119	4.25	devguard	Tue Dec 03 2024	You are right. We are using a reverse proxy. Devguard starts with plain http handler. Using a Service-Mesh should be encouraged.
CVE-2024-28863	3	devguard-web	Tue Dec 03 2024	We cannot update this dependency. It is deep down in nodejs. Since we are not generating any subfolders or untaring anything, this can be accepted.

L3montree Cybersecurity
Organization
/Devguard
Project

Accepted Vulnerabilities