Skip to content

Update pom.xml #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hirendgithub merged 1 commit into from
Aug 12, 2025
Merged

Update pom.xml #1

hirendgithub merged 1 commit into from
Aug 12, 2025

Conversation

@hirendgithub
Copy link
Owner

@hirendgithub hirendgithub commented Aug 12, 2025

No description provided.

@hirendgithub hirendgithub merged commit 6b4b644 into main Aug 12, 2025
1 check was pending
@hirendgithub
Copy link
Owner Author

hirendgithub commented Aug 12, 2025

Logo
Checkmarx One – Scan Summary & Details68e1b22b-b883-4728-897d-6703b84f2145

New Issues (40)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
MEDIUM ALB Deletion Protection Disabled /negative1.tf: 15
detailsApplication Load Balancer should have deletion protection enabled
ID: UqF%2BHrjkqUjxkES9y%2F0w6p1zqSw%3D
MEDIUM ALB Deletion Protection Disabled /negative2.tf: 49
detailsApplication Load Balancer should have deletion protection enabled
ID: EdfZmcxjZyJAxsPTf1NaGhvzJmg%3D
MEDIUM ALB Deletion Protection Disabled /positive1.tf: 15
detailsApplication Load Balancer should have deletion protection enabled
ID: F4Et1JsFjmBaZzIHjOeXgB96%2BmA%3D
MEDIUM ALB Deletion Protection Disabled /positive2.tf: 49
detailsApplication Load Balancer should have deletion protection enabled
ID: GTKT8Z1eQJ1OQE6ucMzx1rq2PKI%3D
MEDIUM ALB Listening on HTTP /positive2.tf: 70
detailsAWS Application Load Balancer (alb) should not listen on HTTP
ID: 2tcimiIyrJsYK1Mbpa797l5tGJI%3D
MEDIUM ALB Listening on HTTP /positive1.tf: 9
detailsAWS Application Load Balancer (alb) should not listen on HTTP
ID: mYcuK3%2Be3CsT%2B0HVj4OwcC%2FTV2A%3D
MEDIUM ALB Not Dropping Invalid Headers /negative1.tf: 15
detailsIt's considered a best practice when using Application Load Balancers to drop invalid header fields
ID: ydZqpokPqXWk8kG2%2BvCAo9X38hA%3D
MEDIUM ALB Not Dropping Invalid Headers /negative2.tf: 49
detailsIt's considered a best practice when using Application Load Balancers to drop invalid header fields
ID: zeUcRZjZttTa5uIQw3BD06IK43w%3D
MEDIUM ALB Not Dropping Invalid Headers /positive2.tf: 49
detailsIt's considered a best practice when using Application Load Balancers to drop invalid header fields
ID: 4DrT3DqHGTVxGBdxbO6I77oQXC4%3D
MEDIUM ALB Not Dropping Invalid Headers /positive1.tf: 15
detailsIt's considered a best practice when using Application Load Balancers to drop invalid header fields
ID: 9qCdQCFq3d7QopRVUaDQTvTx8kw%3D
MEDIUM EC2 Instance Has Public IP /negative2.tf: 109
detailsEC2 Instance should not have a public IP address.
ID: 9H%2BkY%2BcMmNeY%2B5Mx5k4DUY2AJIo%3D
MEDIUM EC2 Instance Has Public IP /negative2.tf: 83
detailsEC2 Instance should not have a public IP address.
ID: 4iH99lcJlwIJJfQK0VFUilP6ddA%3D
MEDIUM EC2 Instance Has Public IP /positive2.tf: 82
detailsEC2 Instance should not have a public IP address.
ID: R1FuPTcQa3h5wtkqCT%2FltFFvRZc%3D
MEDIUM EC2 Instance Has Public IP /positive2.tf: 95
detailsEC2 Instance should not have a public IP address.
ID: m%2FX%2BaOFI0sXLajTBXGqZHmAwVx0%3D
MEDIUM EC2 Instance Has Public IP /negative2.tf: 96
detailsEC2 Instance should not have a public IP address.
ID: 6qCC09WLHRFXi1aC2o%2FcdTv2%2FWM%3D
MEDIUM EC2 Instance Has Public IP /positive2.tf: 108
detailsEC2 Instance should not have a public IP address.
ID: mfKzB3MGUMSOiA6t1q6Ox7YOYn4%3D
MEDIUM EC2 Instance Monitoring Disabled /positive2.tf: 108
detailsEC2 Instance should have detailed monitoring enabled. With detailed monitoring enabled data is available in 1-minute periods
ID: LfOo%2BoQer3h%2FSPw3l0JD9FWsfM8%3D
MEDIUM EC2 Instance Monitoring Disabled /negative2.tf: 96
detailsEC2 Instance should have detailed monitoring enabled. With detailed monitoring enabled data is available in 1-minute periods
ID: 9TF%2FUNiWYu3s4Gd2WrKeLWgmXkk%3D
MEDIUM EC2 Instance Monitoring Disabled /positive2.tf: 95
detailsEC2 Instance should have detailed monitoring enabled. With detailed monitoring enabled data is available in 1-minute periods
ID: hGku%2FUug3ZFNJ6vNA1M90J4GA04%3D
MEDIUM EC2 Instance Monitoring Disabled /negative2.tf: 109
detailsEC2 Instance should have detailed monitoring enabled. With detailed monitoring enabled data is available in 1-minute periods
ID: jmys8jHMQ08Pk6FbAASnQHemmK0%3D
MEDIUM EC2 Instance Monitoring Disabled /positive2.tf: 82
detailsEC2 Instance should have detailed monitoring enabled. With detailed monitoring enabled data is available in 1-minute periods
ID: kTGli0oKdCNrU%2BLI%2B9czk4ntUfQ%3D
MEDIUM EC2 Instance Monitoring Disabled /negative2.tf: 83
detailsEC2 Instance should have detailed monitoring enabled. With detailed monitoring enabled data is available in 1-minute periods
ID: m61OJeFGiVCS0y0Dptxvw3Qzy8Y%3D
MEDIUM EC2 Instance Using Default Security Group /positive2.tf: 109
detailsEC2 instances should not use default security group(s)
ID: nc7z1NxY5KpkORJExCo7ANUsJQQ%3D
MEDIUM EC2 Instance Using Default Security Group /positive2.tf: 83
detailsEC2 instances should not use default security group(s)
ID: IFmqa3we5I%2BYmN0GOUx1X55UNlI%3D
MEDIUM EC2 Instance Using Default Security Group /negative2.tf: 84
detailsEC2 instances should not use default security group(s)
ID: c%2FEON%2FagaTm9SgMgeRfkq0CqQVQ%3D
MEDIUM EC2 Instance Using Default Security Group /positive2.tf: 96
detailsEC2 instances should not use default security group(s)
ID: H6rxemh36ZvMz0WrbwRoiYeilJs%3D
MEDIUM EC2 Instance Using Default Security Group /negative2.tf: 110
detailsEC2 instances should not use default security group(s)
ID: B1jhmUtHJA1%2FIDftcFK2lWcEvCw%3D
MEDIUM EC2 Instance Using Default Security Group /negative2.tf: 97
detailsEC2 instances should not use default security group(s)
ID: wYZW5%2BWtfXRSLQMOC0XgaXLabOM%3D
MEDIUM VPC FlowLogs Disabled /positive2.tf: 26
detailsEvery VPC resource should have an associated Flow Log
ID: wckUjGDhRoJr5yN9InX3bh%2Bfang%3D
MEDIUM VPC FlowLogs Disabled /negative2.tf: 26
detailsEvery VPC resource should have an associated Flow Log
ID: ZfZIKE7JFO9NlPI4sNc1IT3RLFw%3D
MEDIUM VPC Without Network Firewall /positive2.tf: 26
detailsVPC should have a Network Firewall associated
ID: w%2FB4jpkXOwr%2FePoiztjtX0AvVnc%3D
MEDIUM VPC Without Network Firewall /negative2.tf: 26
detailsVPC should have a Network Firewall associated
ID: 098gCE7gXa2PAjW0M456Nr6MWXs%3D
LOW IAM Access Analyzer Not Enabled /positive2.tf: 26
detailsIAM Access Analyzer should be enabled and configured to continuously monitor resource permissions
ID: xMqNr2JhpFq1IA3ME2%2BKCb2lwWk%3D
LOW IAM Access Analyzer Not Enabled /negative1.tf: 1
detailsIAM Access Analyzer should be enabled and configured to continuously monitor resource permissions
ID: DwtBrPRIwb3e9NRGoEFUqYG1%2BRw%3D
LOW IAM Access Analyzer Not Enabled /positive1.tf: 1
detailsIAM Access Analyzer should be enabled and configured to continuously monitor resource permissions
ID: Fj2DlmNRQrfrBQuMa5eTMtfekwM%3D
LOW IAM Access Analyzer Not Enabled /negative2.tf: 26
detailsIAM Access Analyzer should be enabled and configured to continuously monitor resource permissions
ID: egSXqEl3ULp%2FjDJRQoN%2FYupnB%2BM%3D
LOW Shield Advanced Not In Use /negative1.tf: 15
detailsAWS Shield Advanced should be used for Amazon Route 53 hosted zone, AWS Global Accelerator accelerator, Elastic IP Address, Elastic Load Balancing,...
ID: lFJs722bhwIWRNnC%2ByciBDfmxys%3D
LOW Shield Advanced Not In Use /negative2.tf: 49
detailsAWS Shield Advanced should be used for Amazon Route 53 hosted zone, AWS Global Accelerator accelerator, Elastic IP Address, Elastic Load Balancing,...
ID: 2bvmTX1kv1ZBSI9Nxs2dkXMmjbU%3D
LOW Shield Advanced Not In Use /positive2.tf: 49
detailsAWS Shield Advanced should be used for Amazon Route 53 hosted zone, AWS Global Accelerator accelerator, Elastic IP Address, Elastic Load Balancing,...
ID: qlGHpxEeJHgWSxxT%2BgJKz8xiLN0%3D
LOW Shield Advanced Not In Use /positive1.tf: 15
detailsAWS Shield Advanced should be used for Amazon Route 53 hosted zone, AWS Global Accelerator accelerator, Elastic IP Address, Elastic Load Balancing,...
ID: NQnWJADU7PVwixHdfQZC7bRRG0s%3D
Fixed Issues (6)

Great job! The following issues were fixed in this Pull Request

Severity Issue Source File / Package
CRITICAL CVE-2019-17571 Maven-log4j:log4j-1.2.17
CRITICAL CVE-2022-23305 Maven-log4j:log4j-1.2.17
HIGH CVE-2021-4104 Maven-log4j:log4j-1.2.17
HIGH CVE-2022-23302 Maven-log4j:log4j-1.2.17
HIGH CVE-2022-23307 Maven-log4j:log4j-1.2.17
HIGH CVE-2023-26464 Maven-log4j:log4j-1.2.17

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hirendgithub