You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are security researchers and we are looking for insecure coding patterns and configurations in the microservice architecture repositories. In your repository, we have found instances of hard-coded passwords. According to CWE, "A hard-coded password typically leads to a significant authentication failure that can be difficult for the system administrator to detect."
Definitely isn't correct to have hard-coded passwords. Actually, this is a "non-production ready" project and I'm trying to improve it from time to time. So I will keep your issue open for a while, but my intention is to fix it at some point.
Greetings,
We are security researchers and we are looking for insecure coding patterns and configurations in the microservice architecture repositories. In your repository, we have found instances of hard-coded passwords. According to CWE, "A hard-coded password typically leads to a significant authentication failure that can be difficult for the system administrator to detect."
Hopefully, you agree and will fix it.
Source: https://github.com/brunojensen/chainsaw-kube/blob/master/chainsaw-user-service/src/main/resources/application.yaml
The text was updated successfully, but these errors were encountered: