corefile .io
prod --:--:-- UTC
SIGSEGV

SIGSEGV in prod-checkout-api

acme-checkout · us-east-1 · 03:17:04 UTC · case CF-4211

37s mean time to core dump
cloud resource → container → image → Dockerfile → commit → line

    Security findings — corefile.io repository, HEAD

    This table mirrors a live wizcli scan dir run, one-to-one: same rule IDs, weakness classes, and file:line. Run the scan in the terminal and it lands on exactly these five HIGH findings — WARN_BY_POLICY.

    Build provenance

    Artifactcheckout-api@sha256:9f2c…be1a
    Builderci-runner-07 · SLSA L2
    Sourcegit@…/acme/checkout-api.git · commit 4d1f0e2
    Signedcosign · verified
    “You can't trust code that you did not totally create yourself.” — Ken Thompson, Reflections on Trusting Trust, 1984