Commit 944eeb3
committed
security: fix critical and high severity vulnerabilities
CRITICAL FIXES:
- Fix clear-text logging of sensitive information in detect_secrets.py
- Update setuptools to 78.1.1+ (fixes path traversal, RCE, ReDoS)
- Add system package updates in Dockerfile (fixes zlib, sqlite, glibc, etc.)
IMPACT:
- Resolves 10+ critical/high security alerts
- Fixes system library vulnerabilities in container base image
- Prevents sensitive information leakage in logs
- Addresses setuptools RCE and path traversal vulnerabilities1 parent 10c78da commit 944eeb3
3 files changed
Lines changed: 11 additions & 4 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
6 | 6 | | |
7 | 7 | | |
8 | 8 | | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
9 | 17 | | |
10 | 18 | | |
11 | 19 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
57 | 57 | | |
58 | 58 | | |
59 | 59 | | |
60 | | - | |
61 | | - | |
62 | | - | |
| 60 | + | |
| 61 | + | |
63 | 62 | | |
64 | 63 | | |
65 | 64 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | | - | |
| 2 | + | |
3 | 3 | | |
4 | 4 | | |
5 | 5 | | |
| |||
0 commit comments