Skip to content

BRE-609/workflow-changes#123

Merged
mandreko-bitwarden merged 2 commits into
mainfrom
bre-609
Jun 9, 2025
Merged

BRE-609/workflow-changes#123
mandreko-bitwarden merged 2 commits into
mainfrom
bre-609

Conversation

@mandreko-bitwarden
Copy link
Copy Markdown
Contributor

@mandreko-bitwarden mandreko-bitwarden commented Jun 6, 2025

Ticket

missed as part of the original effort for:
https://bitwarden.atlassian.net/browse/BRE-609

Description

update workflows to be compliant with pull_request_target workflow linter rule ahead of changing rule log level to error

@mandreko-bitwarden mandreko-bitwarden requested a review from a team as a code owner June 6, 2025 15:08
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Jun 6, 2025
edited
Loading

Logo
Checkmarx One – Scan Summary & Details85e1f714-70f8-497c-8153-1bfec4393b97

New Issues (5)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
CRITICAL CVE-2025-31651 Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.12
detailsRecommended version: 10.1.41
Description: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability was found within Apache Tomcat. For a subset of unlikely rewrite rule c...
Attack Vector: NETWORK
Attack Complexity: LOW

ID: 4PEQzDsKk6MuPVMoBJRSj%2F2EuFgGS4BC7x7CvZ3Q3mU%3D
Vulnerable Package
HIGH CVE-2024-13009 Maven-org.eclipse.jetty:jetty-server-9.4.49.v20220914
detailsRecommended version: 9.4.57.v20241219
Description: In Eclipse Jetty versions 9.4.0.M0 prior to 9.4.57.v20241219, a buffer may be incorrectly released when a gzip error occurs during the inflation of...
Attack Vector: NETWORK
Attack Complexity: LOW

ID: HTexkfRE53xuMtOE6%2BjnWDy4lyL0WaRD2aGggWyULDY%3D
Vulnerable Package
HIGH CVE-2025-1948 Maven-org.eclipse.jetty.http2:http2-common-9.4.49.v20220914
detailsDescription: In Eclipse Jetty, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter "SETTINGS_MAX_HEADER_LIST_SIZE". The Jetty HTTP...
Attack Vector: NETWORK
Attack Complexity: LOW

ID: mraOxV9huyiL0BSrtZADe6rlK1nOwdt7bZNHKG%2FiHrU%3D
Vulnerable Package
HIGH CVE-2025-31650 Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.12
detailsRecommended version: 10.1.41
Description: Improper Input Validation vulnerability was found in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in inc...
Attack Vector: NETWORK
Attack Complexity: LOW

ID: H%2BhMlTz3P7ZiXrAivAAW8hYRtQdc2Evno%2BfUwWQbJog%3D
Vulnerable Package
HIGH CVE-2025-46701 Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.12
detailsRecommended version: 10.1.41
Description: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that a...
Attack Vector: NETWORK
Attack Complexity: LOW

ID: rY7fQoi7RmCHCf73jYXr%2BLBZe5S2kF%2FA3%2F%2FYprL9gE8%3D
Vulnerable Package

@mandreko-bitwarden mandreko-bitwarden merged commit bb67e87 into main Jun 9, 2025
7 checks passed
@mandreko-bitwarden mandreko-bitwarden deleted the bre-609 branch June 9, 2025 13:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@abergs abergs abergs approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mandreko-bitwarden @abergs