feature: updates to trivy code scanner · cisagov/cset@a78ca24

Triggered via pull request September 15, 2024 05:51

itsmostafa

synchronize #4073

feature/update-trivy-analysis

Status Success

Total duration 7m 8s

Artifacts –

trivy-analysis.yml

on: pull_request

Annotations

10 warnings

.NET Analysis: CSETWebApi/CSETWeb_Api/CSETWebCore.CryptoBuffer/EncryptionBuffer.cs#L39

'Rfc2898DeriveBytes.Rfc2898DeriveBytes(string, byte[], int)' is obsolete: 'The default hash algorithm and iteration counts in Rfc2898DeriveBytes constructors are outdated and insecure. Use a constructor that accepts the hash algorithm and the number of iterations.' (https://aka.ms/dotnet-warnings/SYSLIB0041)

.NET Analysis: CSETWebApi/CSETWeb_Api/CSETWebCore.CryptoBuffer/EncryptionBuffer.cs#L56

'Rfc2898DeriveBytes.Rfc2898DeriveBytes(byte[], byte[], int)' is obsolete: 'The default hash algorithm and iteration counts in Rfc2898DeriveBytes constructors are outdated and insecure. Use a constructor that accepts the hash algorithm and the number of iterations.' (https://aka.ms/dotnet-warnings/SYSLIB0041)

.NET Analysis: CSETWebApi/CSETWeb_Api/CSETWebCore.CryptoBuffer/EncryptionBuffer.cs#L67

'Rfc2898DeriveBytes.Rfc2898DeriveBytes(byte[], byte[], int)' is obsolete: 'The default hash algorithm and iteration counts in Rfc2898DeriveBytes constructors are outdated and insecure. Use a constructor that accepts the hash algorithm and the number of iterations.' (https://aka.ms/dotnet-warnings/SYSLIB0041)

.NET Analysis: CSETWebApi/CSETWeb_Api/CSETWebCore.CryptoBuffer/EncryptionBuffer.cs#L73

'Rfc2898DeriveBytes.Rfc2898DeriveBytes(string, byte[], int)' is obsolete: 'The default hash algorithm and iteration counts in Rfc2898DeriveBytes constructors are outdated and insecure. Use a constructor that accepts the hash algorithm and the number of iterations.' (https://aka.ms/dotnet-warnings/SYSLIB0041)

.NET Analysis: CSETWebApi/CSETWeb_Api/CSETWebCore.CryptoBuffer/EncryptionBuffer.cs#L80

'Rfc2898DeriveBytes.Rfc2898DeriveBytes(string, byte[], int)' is obsolete: 'The default hash algorithm and iteration counts in Rfc2898DeriveBytes constructors are outdated and insecure. Use a constructor that accepts the hash algorithm and the number of iterations.' (https://aka.ms/dotnet-warnings/SYSLIB0041)

.NET Analysis: CSETWebApi/CSETWeb_Api/CSETWebCore.CryptoBuffer/CryptoCommon.cs#L25

'AesCryptoServiceProvider' is obsolete: 'Derived cryptographic types are obsolete. Use the Create method on the base type instead.' (https://aka.ms/dotnet-warnings/SYSLIB0021)

.NET Analysis: CSETWebApi/CSETWeb_Api/CSETWebCore.CryptoBuffer/CryptoCommon.cs#L28

'RijndaelManaged' is obsolete: 'The Rijndael and RijndaelManaged types are obsolete. Use Aes instead.' (https://aka.ms/dotnet-warnings/SYSLIB0022)

.NET Analysis: CSETWebApi/CSETWeb_Api/CSETWebCore.CryptoBuffer/CryptoCommon.cs#L32

'RC2CryptoServiceProvider' is obsolete: 'Derived cryptographic types are obsolete. Use the Create method on the base type instead.' (https://aka.ms/dotnet-warnings/SYSLIB0021)

.NET Analysis: CSETWebApi/CSETWeb_Api/CSETWebCore.CryptoBuffer/CryptoCommon.cs#L35

'DESCryptoServiceProvider' is obsolete: 'Derived cryptographic types are obsolete. Use the Create method on the base type instead.' (https://aka.ms/dotnet-warnings/SYSLIB0021)

.NET Analysis: CSETWebApi/CSETWeb_Api/CSETWebCore.CryptoBuffer/CryptoCommon.cs#L38

'TripleDESCryptoServiceProvider' is obsolete: 'Derived cryptographic types are obsolete. Use the Create method on the base type instead.' (https://aka.ms/dotnet-warnings/SYSLIB0021)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feature: updates to trivy code scanner #47

Summary

feature: updates to trivy code scanner #47

Jobs

Run details

trivy-analysis.yml

Annotations