2024-11-23T10:02:14Z INFO [vulndb] Need to update DB 2024-11-23T10:02:14Z INFO [vulndb] Downloading vulnerability DB... 2024-11-23T10:02:14Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-23T10:02:15Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 248.134µs, allowed: 44000/minute\n\n" 2024-11-23T10:02:15Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 248.134µs, allowed: 44000/minute

CVE-2024-34156 - HIGH severity - encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion vulnerability in stdlib

CVE-2024-34156 - HIGH severity - encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion vulnerability in stdlib

CVE-2024-34156 - HIGH severity - encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion vulnerability in stdlib

CVE-2024-34156 - HIGH severity - encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion vulnerability in stdlib

2024-11-23T10:02:24Z INFO [vulndb] Need to update DB 2024-11-23T10:02:24Z INFO [vulndb] Downloading vulnerability DB... 2024-11-23T10:02:24Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-23T10:02:24Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 314.056µs, allowed: 44000/minute\n\n" 2024-11-23T10:02:24Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 314.056µs, allowed: 44000/minute

2024-11-23T10:02:25Z INFO [vulndb] Need to update DB 2024-11-23T10:02:25Z INFO [vulndb] Downloading vulnerability DB... 2024-11-23T10:02:25Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-23T10:02:25Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 151.783µs, allowed: 44000/minute\n\n" 2024-11-23T10:02:25Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 151.783µs, allowed: 44000/minute

2024-11-23T10:02:27Z INFO [vulndb] Need to update DB 2024-11-23T10:02:27Z INFO [vulndb] Downloading vulnerability DB... 2024-11-23T10:02:27Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-23T10:02:27Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 777.125µs, allowed: 44000/minute\n\n" 2024-11-23T10:02:27Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 777.125µs, allowed: 44000/minute

Container image is unhealthy. Following your desired severity threshold (HIGH), the job has been marked as failed.

Container image is unhealthy. Following your desired severity threshold (HIGH), the job has been marked as failed.

2024-11-23T10:03:03Z INFO [vulndb] Need to update DB 2024-11-23T10:03:03Z INFO [vulndb] Downloading vulnerability DB... 2024-11-23T10:03:03Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-23T10:03:03Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 640.213µs, allowed: 44000/minute\n\n" 2024-11-23T10:03:03Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 640.213µs, allowed: 44000/minute

2024-11-23T10:03:13Z INFO [vulndb] Need to update DB 2024-11-23T10:03:13Z INFO [vulndb] Downloading vulnerability DB... 2024-11-23T10:03:13Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-23T10:03:13Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 386.744µs, allowed: 44000/minute\n\n" 2024-11-23T10:03:13Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 386.744µs, allowed: 44000/minute

2024-11-23T10:03:14Z INFO [vulndb] Need to update DB 2024-11-23T10:03:14Z INFO [vulndb] Downloading vulnerability DB... 2024-11-23T10:03:14Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-23T10:03:15Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="oci download error: failed to fetch the layer: GET https://ghcr.io/v2/aquasecurity/trivy-db/blobs/sha256:3fbb4de38e5ab5f174304927afaf8c8bf243247b28f0a1ee4ca4c704f30a30f1: TOOMANYREQUESTS: retry-after: 751.793µs, allowed: 44000/minute" 2024-11-23T10:03:15Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * oci download error: failed to fetch the layer: GET https://ghcr.io/v2/aquasecurity/trivy-db/blobs/sha256:3fbb4de38e5ab5f174304927afaf8c8bf243247b28f0a1ee4ca4c704f30a30f1: TOOMANYREQUESTS: retry-after: 751.793µs, allowed: 44000/minute

Dockerfile not provided. Skipping sarif scan result.

CVE-2024-24791 - MEDIUM severity - net/http: Denial of service due to improper 100-continue handling in net/http vulnerability in stdlib

CVE-2024-34155 - MEDIUM severity - go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion vulnerability in stdlib

CVE-2024-34158 - MEDIUM severity - go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion vulnerability in stdlib

CVE-2024-24791 - MEDIUM severity - net/http: Denial of service due to improper 100-continue handling in net/http vulnerability in stdlib

CVE-2024-34155 - MEDIUM severity - go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion vulnerability in stdlib

CVE-2024-34158 - MEDIUM severity - go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion vulnerability in stdlib

CVE-2024-24791 - MEDIUM severity - net/http: Denial of service due to improper 100-continue handling in net/http vulnerability in stdlib

CVE-2024-34155 - MEDIUM severity - go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion vulnerability in stdlib

CVE-2024-34158 - MEDIUM severity - go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion vulnerability in stdlib

Dockerfile not provided. Skipping sarif scan result.

Dockerfile not provided. Skipping sarif scan result.

Dockerfile not provided. Skipping sarif scan result.

CVE-2024-9143 - LOW severity - openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access vulnerability in libcrypto3