CVE-2020-28928

GitHub Action for setup toolchains for cross compilation and cross testing for Rust.

setup-cross-toolchain-action GitHub Action for setup toolchains for cross compilation and cross testing for Rust Usage Inputs Example workflow: Basic usage Example workflow: Multiple targets Example workflow: Doctest Example workflow: Tier 3 targets Platform Support Linux (GNU) Linux (musl) Linux (uClibc) Android FreeBSD NetBSD WASI Windows (MinGW) Windows (LLVM MinGW)

Demonstrate how you can use image scanner called Trivy as a golang library

Description Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive vulnerability scanner for containers and other artifacts A software vulnerability is a glitch, flaw, or weakness present in the software or in an Operating System Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc) and application dependencies (Bundler,

AWS ECR client to automated push to ECR and handling of vulnerability

aws-ecr-client AWS ECR client for automated push to ECR and handling of vulnerability scanning results Features: Automatically gets authorization token for ECR repo Can push image to "scanning silo" ECR repo before pushing image to the actual repo (recommended) Can push image only to "scanning silo" ECR repo and skip pushing image to the actual repo (useful

psono ci client

psonoci PSONO CI Client PSONO is a secure Open Source Password Manager, which can be self hosted by anyone so you have to trust no one psonoci allows a secure access to your psono passwords (and other values) within your CI process Usage psonoci --help psonoci 040 Bernd Kaiser Psono CI Client (githubcom/meldron/psonoci) USAGE: psonoci [FLAGS] [OPTIONS] --api-

My Journey Part 1 Managed to run through the first group of instructions simply through following the instructions Moved the dockerfile and all relevant files into the root file ran using simple docker calls inside windows terminal powershell Called using postman call to local host api Finding more trouble on the second part whilst trying to make the dockerfile even smaller P

A rode collector for clair scans

collector-clair A rode collector for clair scans Running standalone clair scanner Download the clair scanner githubcom/arminc/clair-scanner/releases Get the DB started up as well as the scanner: docker run -p 5432:5432 -d --name db arminc/clair-db:latest docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:latest```

Product Report: Django-NV Generated By Admin User (admin) on 12/23/2021 07:55PM UTC Number of vulnerabilities found: 15 VULNERABILITIES DESCRIPTION VULNERABILITY ID : 9 TITLE: Starting a Process With a Shell, Possible Injection Detected, Security Issue SEVERITY: High RECOMMENDED TIME TO RESOLVE THE ISSUE: 30 days DESCRIPTION: An SQL injection attack consists of insertion or &l