New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not merge: test PR #18

Closed

fantonangeli wants to merge 76 commits into main from KOGITO-9918-Runtime-tools-features-on-Serverless-Logic-Web-Tools-Iteration-2

Closed

Do not merge: test PR #18

Merge pull request #17 from fantonangeli/KOGITO-9965-Migrate-runtime-…

GitHub Advanced Security / CodeQL failed Jan 19, 2024 in 6s

9 new alerts including 8 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

8 high
1 medium

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 74 in packages/runtime-tools-dev-ui-webapp/server/server.js

Code scanning / CodeQL

Missing rate limiting High

This route handler performs

a file system access

, but is not rate-limited.
This route handler performs

a file system access

, but is not rate-limited.
This route handler performs

a file system access

, but is not rate-limited.

Check failure on line 84 in packages/runtime-tools-dev-ui-webapp/server/server.js

Code scanning / CodeQL

Missing rate limiting High

This route handler performs

a file system access

, but is not rate-limited.
This route handler performs

a file system access

, but is not rate-limited.

Check failure on line 85 in packages/runtime-tools-dev-ui-webapp/server/server.js

Code scanning / CodeQL

Missing rate limiting High

This route handler performs

a file system access

, but is not rate-limited.
This route handler performs

a file system access

, but is not rate-limited.
This route handler performs

a file system access

, but is not rate-limited.

Check failure on line 439 in packages/runtime-tools-dev-ui-webapp/server/MockData/controllers.js

Code scanning / CodeQL

Reflected cross-site scripting High

Cross-site scripting vulnerability due to a

user-provided value

Check failure on line 442 in packages/runtime-tools-dev-ui-webapp/server/MockData/controllers.js

Code scanning / CodeQL

Reflected cross-site scripting High

Cross-site scripting vulnerability due to a

user-provided value

Check failure on line 347 in packages/runtime-tools-dev-ui-webapp/server/MockData/controllers.js

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

Check failure on line 349 in packages/runtime-tools-dev-ui-webapp/server/MockData/controllers.js

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

Check failure on line 351 in packages/runtime-tools-dev-ui-webapp/server/MockData/controllers.js

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

Check warning on line 230 in packages/runtime-tools-dev-ui-webapp/server/MockData/controllers.js

Code scanning / CodeQL

Information exposure through a stack trace Medium

This information exposed to the user depends on

stack trace information

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Do not merge: test PR #18

Do not merge: test PR #18

9 new alerts including 8 high severity security vulnerabilities

New alerts in code changed by this pull request

Annotations

Re-running checks...