Check logs Sprint 25.2 Week 2

[pkfec]

Log review needs to be completed per the Security Event Review Checklist (https://github.com/fecgov/FEC/wiki/Security-Event-Review-Checklist)

Ref: #5843

• Check booting workers
• Check memory usage
• Make new tickets for sprint 25.3 weeks 1 and 2
  (Note: Copy above links in a browser to view the metrics)

[tmpayton]

FEC-CMS: 8
package.json: 3
[Snyk Medium dompurify Template Injection] (fecgov/fec-cms#6206)
[node-fetch] (fecgov/fec-cms#6307)
watchify

requirements.txt: 5
[Snyk Medium - [email protected] Regular Expression Denial of Service (ReDoS)] (fecgov/fec-cms#6268)
[Snyk Medium - requests@[email protected] Always-Incorrect Control Flow Implementation] (fecgov/fec-cms#6285)
[Snyk Medium - [email protected] Cross-site Scripting (XSS)] (fecgov/fec-cms#6250)
[Snyk Medium - [email protected] Regular Expression Denial of Service (ReDoS)] (fecgov/fec-cms#6269)
Wagtail

openFEC: 4
flyway: 0
package.json: 0
requirements.txt: 4
[Snyk Low] - Log Injection in [email protected]
[Snyk Medium] - requests Always-Incorrect Control Flow Implementation](#5845)
[Snyk: Med Resource Exhaustion] (#5853)
[Snyk: Med Cross-site Scripting] (#5854)

FEC-PATTERN-LIBRARY: 2
package.json: 2
[dompurify] (fecgov/fec-pattern-library#223)
[node-fetch] (fecgov/fec-pattern-library#224)

Search logs:
No "User changes" found in the past week.
Deployer accounts from cloud.gov dashboard: 10