Scruteur hub securite Posture multi-projets

Vue d'ensemble

Posture de securite agregee de tous les projets.

Critical
0
High
1
Medium
0
Low
0

Repartition par scanner

Evolution des findings par scan

Projets les plus a risque

Findings

Severite Finding Projet Scanner Statut Actions
high shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators CVE-2026-9277 spham/scruteur trivy confirmed
info Detected a Generic API Key, potentially exposing access to various services and sensitive operations. spham/scruteur gitleaks detected
info Detected a Generic API Key, potentially exposing access to various services and sensitive operations. spham/scruteur gitleaks detected
high jinja2: Jinja has a sandbox breakout through malicious filenames CVE-2024-56201 spham/scruteur trivy resolved
high jinja2: Jinja has a sandbox breakout through indirect reference to format method CVE-2024-56326 spham/scruteur trivy resolved
medium jinja2: Jinja sandbox breakout through attr filter selecting format method CVE-2025-27516 spham/scruteur trivy resolved
low pygments: Pygments: Denial of Service via inefficient regular expression processing in AdlLexer CVE-2026-4539 spham/scruteur trivy resolved
low python-certifi: Remove root certificates from `GLOBALTRUST` from the root store CVE-2024-39689 spham/scruteur trivy resolved
medium Internationalized Domain Names in Applications (IDNA) for Python provi ... CVE-2026-45409 spham/scruteur trivy resolved
medium requests: subsequent requests to the same host ignore cert verification CVE-2024-35195 spham/scruteur trivy resolved
medium requests: Requests vulnerable to .netrc credentials leak via malicious URLs CVE-2024-47081 spham/scruteur trivy resolved
medium requests: Requests: Security bypass due to predictable temporary file creation CVE-2026-25645 spham/scruteur trivy resolved
high pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools CVE-2024-6345 spham/scruteur trivy resolved
high setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 spham/scruteur trivy resolved
high urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 spham/scruteur trivy resolved
high urllib3: urllib3 Streaming API improperly handles highly compressed data CVE-2025-66471 spham/scruteur trivy resolved
high urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API) CVE-2026-21441 spham/scruteur trivy resolved
medium urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers CVE-2026-44431 spham/scruteur trivy resolved
medium urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 spham/scruteur trivy resolved
medium urllib3: urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation CVE-2025-50181 spham/scruteur trivy resolved