Data ingestion logs #3358
Data ingestion logs #3358
Conversation
|
| GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
|---|---|---|---|---|---|
| 21507479 | Triggered | JSON Web Token | e2273b6 | libs/utils/src/main/java/com/akto/data_actor/ClientActor.java | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secret safely. Learn here the best practices.
- Revoke and rotate this secret.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
![devsecopsbot[bot]](https://avatars.githubusercontent.com/in/963709?s=60&v=4){kind=small}
There was a problem hiding this comment.
🤖 AI Security analysis: "Automated checks reported no security findings in the changed files. Residual risk remains from unscanned areas (runtime, dependencies, secrets). Run targeted scans before merge."
| Risk Level | AI Score |
|---|---|
| 🟢 NO RISK | 0.0/100 |
Top 0 security issues / 0 total (Critical: 0, High: 0, Medium: 0, Low: 0)
| Title | Location | Recommendation |
|---|---|---|
| — | — | No issues to display |
gauravakto
force-pushed
the
data-ingestion-logs
branch
from
123387c to
fd029bb
Compare
There was a problem hiding this comment.
🤖 AI Security analysis: "Automated analysis found no security issues in the proposed changes. Residual risk remains from undetected vulnerabilities, dependency changes, or logic regressions; treat this as low but not zero risk. Recommend targeted manual review and CI security scans before merging."
| Risk Level | AI Score |
|---|---|
| 🟢 NO RISK | 0.0/100 |
Top 0 security issues / 0 total (Critical: 0, High: 0, Medium: 0, Low: 0)
| Title | Location | Recommendation |
|---|---|---|
| — | — | No issues to display |
send to threat kafka directly
There was a problem hiding this comment.
🤖 AI Security analysis: "Multiple medium-severity third-party dependency vulnerabilities in data-ingestion-service pom.xml (Commons FileUpload, Commons IO, Commons Lang) allow denial-of-service via malformed uploads or XML, plus path traversal/uncontrolled recursion from untrusted input, risking availability and local file exposure."
| Risk Level | AI Score |
|---|---|
| 🟡 MODERATE | 55.0/100 |
Top 5 security issues / 6 total (Critical: 0, High: 0, Medium: 6, Low: 0)
| Title | Location | Recommendation |
|---|---|---|
 CVE-2021-29425: apache-commons-io: Limited path traversal in Apache Commons IO… |
apps/data-ingestion-service/pom.xml:1 |
apps/data-ingestion-service/pom.xml: commons-io:[email protected] |
| CVE-2023-24998: FileUpload: FileUpload DoS with excessive parts |
apps/data-ingestion-service/pom.xml:1 |
apps/data-ingestion-service/pom.xml: commons-fileupload:[email protected] |
| CVE-2024-47554: apache-commons-io: Possible denial of service attack on untrust… |
apps/data-ingestion-service/pom.xml:1 |
apps/data-ingestion-service/pom.xml: commons-io:[email protected] |
| CVE-2025-48924: commons-lang/commons-lang: org.apache.commons/commons-lang3: Un… |
apps/data-ingestion-service/pom.xml:1 |
apps/data-ingestion-service/pom.xml: org.apache.commons:[email protected] |
| CVE-2025-48976: apache-commons-fileupload: Apache Commons FileUpload DoS via pa… |
apps/data-ingestion-service/pom.xml:1 |
apps/data-ingestion-service/pom.xml: commons-fileupload:[email protected] |
No description provided.