Skip to content

Commit e6cb440

Browse files
actions-useractions-user
committed
chore: update security scan results
 - Updated scan data from workflow run 133 - Scan mode: git-only - Total scanned: 173 - Total vulnerabilities: 504
1 parent 3f84ecd commit e6cb440

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

43 files changed

+188
-104
lines changed

data/master-286b8cb76d.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"release_version": "master-286b8cb76d",
3-
"scan_date": "2025-11-12T00:27:13.356542Z",
3+
"scan_date": "2025-11-13T00:27:22.132519Z",
44
"tool_version": "0.21.0",
55
"total_components": 0,
66
"vulnerabilities": [

data/release_v5.0-d9f9b7d8ed.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"release_version": "release/v5.0-d9f9b7d8ed",
3-
"scan_date": "2025-11-12T00:26:23.847550Z",
3+
"scan_date": "2025-11-13T00:27:12.915179Z",
44
"tool_version": "0.21.0",
55
"total_components": 0,
66
"vulnerabilities": [

data/release_v5.1-71c7d4a7f4.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"release_version": "release/v5.1-71c7d4a7f4",
3-
"scan_date": "2025-11-12T00:26:48.140076Z",
3+
"scan_date": "2025-11-13T00:26:40.511976Z",
44
"tool_version": "0.21.0",
55
"total_components": 0,
66
"vulnerabilities": [

data/release_v5.2-72d06017df.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"release_version": "release/v5.2-72d06017df",
3-
"scan_date": "2025-11-12T00:26:32.275636Z",
3+
"scan_date": "2025-11-13T00:26:32.947657Z",
44
"tool_version": "0.21.0",
55
"total_components": 0,
66
"vulnerabilities": [

data/release_v5.3-cb920e3225.json

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
{
2+
"release_version": "release/v5.3-cb920e3225",
3+
"scan_date": "2025-11-13T00:26:48.324019Z",
4+
"tool_version": "0.21.0",
5+
"total_components": 0,
6+
"vulnerabilities": [
7+
{
8+
"cve_id": "CVE-2025-54764",
9+
"component": "mbed_tls",
10+
"component_version": "3.6.4",
11+
"severity": "MEDIUM",
12+
"score": "6.2",
13+
"vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
14+
"description": "Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd.",
15+
"link": "https://nvd.nist.gov/vuln/detail/CVE-2025-54764"
16+
},
17+
{
18+
"cve_id": "CVE-2025-59438",
19+
"component": "mbed_tls",
20+
"component_version": "3.6.4",
21+
"severity": "MEDIUM",
22+
"score": "5.3",
23+
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
24+
"description": "Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.",
25+
"link": "https://nvd.nist.gov/vuln/detail/CVE-2025-59438"
26+
}
27+
],
28+
"summary": {
29+
"total_vulnerabilities": 2,
30+
"by_severity": {
31+
"CRITICAL": 0,
32+
"HIGH": 0,
33+
"MEDIUM": 2,
34+
"LOW": 0
35+
}
36+
},
37+
"metadata": {
38+
"scanner": "esp-idf-security-dashboard",
39+
"scan_method": "git-release-branch",
40+
"docker_image": null
41+
}
42+
}

data/release_v5.4-aac5b37fa3.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"release_version": "release/v5.4-aac5b37fa3",
3-
"scan_date": "2025-11-12T00:26:40.630088Z",
3+
"scan_date": "2025-11-13T00:27:04.837850Z",
44
"tool_version": "0.21.0",
55
"total_components": 0,
66
"vulnerabilities": [

data/release_v5.5-d1e854920a.json

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
{
2+
"release_version": "release/v5.5-d1e854920a",
3+
"scan_date": "2025-11-13T00:26:56.760266Z",
4+
"tool_version": "0.21.0",
5+
"total_components": 0,
6+
"vulnerabilities": [
7+
{
8+
"cve_id": "CVE-2025-54764",
9+
"component": "mbed_tls",
10+
"component_version": "3.6.4",
11+
"severity": "MEDIUM",
12+
"score": "6.2",
13+
"vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
14+
"description": "Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd.",
15+
"link": "https://nvd.nist.gov/vuln/detail/CVE-2025-54764"
16+
},
17+
{
18+
"cve_id": "CVE-2025-59438",
19+
"component": "mbed_tls",
20+
"component_version": "3.6.4",
21+
"severity": "MEDIUM",
22+
"score": "5.3",
23+
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
24+
"description": "Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.",
25+
"link": "https://nvd.nist.gov/vuln/detail/CVE-2025-59438"
26+
}
27+
],
28+
"summary": {
29+
"total_vulnerabilities": 2,
30+
"by_severity": {
31+
"CRITICAL": 0,
32+
"HIGH": 0,
33+
"MEDIUM": 2,
34+
"LOW": 0
35+
}
36+
},
37+
"metadata": {
38+
"scanner": "esp-idf-security-dashboard",
39+
"scan_method": "git-release-branch",
40+
"docker_image": null
41+
}
42+
}

data/scan_summary.json

Lines changed: 34 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -1,61 +1,61 @@
11
{
2-
"last_updated": "2025-11-12T00:27:13.357023Z",
2+
"last_updated": "2025-11-13T00:27:22.132995Z",
33
"scanned_versions": [
4-
"v5.3.3",
5-
"v5.3.1",
6-
"v5.1.2",
7-
"v5.0",
8-
"v5.0.6",
9-
"v5.0.9",
4+
"v5.1.5",
5+
"v5.0.2",
6+
"v5.1.3",
7+
"v5.0.3",
8+
"v5.1.6",
9+
"v5.4.3",
10+
"v5.2.2",
1011
"v5.4.1",
12+
"v5.0.7",
13+
"v5.3.3",
1114
"v5.5.1",
12-
"v5.1.6",
13-
"v5.0.2",
14-
"v5.3.4",
1515
"v5.0.4",
16+
"v5.2.1",
17+
"v5.2.5",
18+
"v5.2",
19+
"v5.0.6",
20+
"v5.4",
21+
"v5.0.5",
22+
"v5.1.2",
1623
"v5.1.1",
1724
"v5.0.1",
18-
"v5.0.5",
19-
"v5.2.5",
20-
"v5.5",
25+
"v5.3.4",
2126
"v5.2.4",
22-
"v5.0.8",
23-
"v5.2",
24-
"v5.1",
27+
"v5.2.3",
28+
"v5.5",
29+
"v5.3",
30+
"v5.3.1",
2531
"v5.4.2",
26-
"v5.0.3",
2732
"v5.1.4",
28-
"v5.0.7",
29-
"v5.2.3",
33+
"v5.0",
34+
"v5.0.8",
3035
"v5.3.2",
31-
"v5.4.3",
32-
"v5.1.3",
33-
"v5.2.2",
3436
"v5.2.6",
35-
"v5.2.1",
36-
"v5.4",
37-
"v5.1.5",
38-
"v5.3",
39-
"release/v5.0-d9f9b7d8ed",
37+
"v5.0.9",
38+
"v5.1",
4039
"release/v5.2-72d06017df",
41-
"release/v5.4-aac5b37fa3",
4240
"release/v5.1-71c7d4a7f4",
43-
"release/v5.5-8410210c9a",
44-
"release/v5.3-464e51e513",
41+
"release/v5.3-cb920e3225",
42+
"release/v5.5-d1e854920a",
43+
"release/v5.4-aac5b37fa3",
44+
"release/v5.0-d9f9b7d8ed",
4545
"master-286b8cb76d"
4646
],
4747
"failed_versions": [
48-
"release/v5.0",
4948
"release/v5.2",
50-
"release/v5.4",
5149
"release/v5.1",
52-
"release/v5.5",
5350
"release/v5.3",
51+
"release/v5.5",
52+
"release/v5.4",
53+
"release/v5.0",
5454
"master"
5555
],
5656
"total_scanned": 42,
5757
"scan_method": "git-batch",
58-
"workflow_run": "132",
58+
"workflow_run": "133",
5959
"scanner_info": {
6060
"tool": "esp-idf-security-dashboard",
6161
"esp_idf_sbom_version": "0.21.0",

data/v5.0.1.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"release_version": "v5.0.1",
3-
"scan_date": "2025-11-12T00:23:34.486040Z",
3+
"scan_date": "2025-11-13T00:24:39.540126Z",
44
"tool_version": "0.21.0",
55
"total_components": 0,
66
"vulnerabilities": [],

data/v5.0.2.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"release_version": "v5.0.2",
3-
"scan_date": "2025-11-12T00:23:07.391325Z",
3+
"scan_date": "2025-11-13T00:22:15.505857Z",
44
"tool_version": "0.21.0",
55
"total_components": 0,
66
"vulnerabilities": [],

0 commit comments

Comments
 (0)