Skip to content

Commit 6717413

Browse files
afsmeiraafsmeira
authored
tests: Add new expected vulnerabilities to test results
* tests: Add new expected vulnerabilities to test results * fix: Change DB update schedule
1 parent 952e219 commit 6717413

File tree

2 files changed

+26
-2
lines changed

2 files changed

+26
-2
lines changed

.circleci/config.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -62,8 +62,8 @@ workflows:
6262
update_vulnerability_dbs:
6363
triggers:
6464
- schedule:
65-
# this is running at 3am everyday to avoid doing it at midnight (same time as nightly)
66-
cron: "0 3 * * *"
65+
# this is running at 2am everyday to avoid doing it at midnight (same time as nightly)
66+
cron: "0 2 * * *"
6767
filters:
6868
branches:
6969
only:

docs/multiple-tests/pattern-vulnerability/results.xml

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,30 @@
2222
message="Insecure dependency golang/github.com/ollama/ollama@v0.1.46 (CVE-2024-45436: Ollama can extract members of a ZIP archive outside of the parent directory) (update to 0.1.47)"
2323
severity="error"
2424
/>
25+
<error
26+
source="vulnerability"
27+
line="8"
28+
message="Insecure dependency golang/github.com/ollama/ollama@v0.1.46 (CVE-2024-12055: ollama: DoS using malicious gguf model file in ollama/ollama) (no fix available)"
29+
severity="error"
30+
/>
31+
<error
32+
source="vulnerability"
33+
line="8"
34+
message="Insecure dependency golang/github.com/ollama/ollama@v0.1.46 (CVE-2024-12886: ollama: Out-Of-Memory (OOM) Vulnerability in ollama/ollama) (no fix available)"
35+
severity="error"
36+
/>
37+
<error
38+
source="vulnerability"
39+
line="8"
40+
message="Insecure dependency golang/github.com/ollama/ollama@v0.1.46 (CVE-2025-0315: ollama: Allocation of Resources Without Limits or Throttling in ollama/ollama) (no fix available)"
41+
severity="error"
42+
/>
43+
<error
44+
source="vulnerability"
45+
line="8"
46+
message="Insecure dependency golang/github.com/ollama/ollama@v0.1.46 (CVE-2025-0317: ollama: Divide By Zero in ollama/ollama) (no fix available)"
47+
severity="error"
48+
/>
2549
<!-- stdlib -->
2650
<error
2751
source="vulnerability"

0 commit comments

Comments
 (0)