mirror of
https://github.com/dragonheim/gagent.git
synced 2025-04-26 01:08:59 -07:00
Updating security scan with new Golang and updated modules.
This commit is contained in:
parent
af5407f2e6
commit
06147db215
GPG key ID:
73196D10B8E65666
2 changed files with 17 additions and 24 deletions
|
|
@ -1,2 +1,2 @@
|
||||||
# No impact in our project
|
# No impact in our project
|
||||||
CVE-2020-29652
|
CVE-2021-3121
|
||||||
|
|
@ -1,32 +1,25 @@
|
||||||
### [Source Code Scan](#source)
|
### [Source Code Scan](#source)
|
||||||
|
|
||||||
IGNORED: We are not using the SSH features of golang.org/x/crypto
|
IGNORED: We are not using the protocol buffers provided by gogo/protobuf
|
||||||
```
|
```
|
||||||
2021-11-13T10:25:13.188-0800 INFO Need to update DB
|
2022-03-16T16:27:43.221-0700 INFO Need to update DB
|
||||||
2021-11-13T10:25:13.188-0800 INFO Downloading DB...
|
2022-03-16T16:27:43.221-0700 INFO Downloading DB...
|
||||||
24.70 MiB / 24.70 MiB [----------------------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00% 6.04 MiB p/s 4s
|
26.43 MiB / 26.43 MiB [---------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00% 5.71 MiB p/s 5s
|
||||||
2021-11-13T10:25:18.570-0800 INFO Detected OS: unknown
|
2022-03-16T16:27:49.073-0700 INFO Number of language-specific files: 1
|
||||||
2021-11-13T10:25:18.570-0800 INFO Number of PL dependency files: 2
|
2022-03-16T16:27:49.073-0700 INFO Detecting gomod vulnerabilities...
|
||||||
2021-11-13T10:25:18.570-0800 INFO Detecting gobinary vulnerabilities...
|
|
||||||
2021-11-13T10:25:18.571-0800 INFO Detecting gomod vulnerabilities...
|
|
||||||
|
|
||||||
bin/gagent
|
go.sum (gomod)
|
||||||
==========
|
==============
|
||||||
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
|
|
||||||
|
|
||||||
|
|
||||||
go.sum
|
|
||||||
======
|
|
||||||
Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
|
Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
|
||||||
|
|
||||||
+---------------------+------------------+----------+-----------------------------------+------------------------------------+---------------------------------------+
|
+--------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
|
||||||
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
|
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
|
||||||
+---------------------+------------------+----------+-----------------------------------+------------------------------------+---------------------------------------+
|
+--------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
|
||||||
| golang.org/x/crypto | CVE-2020-29652 | HIGH | 0.0.0-20200622213623-75b288015ac9 | v0.0.0-20201216223049-8b5274cf687f | golang: crypto/ssh: crafted |
|
| github.com/gogo/protobuf | CVE-2021-3121 | HIGH | 1.1.1 | 1.3.2 | gogo/protobuf: |
|
||||||
| | | | | | authentication request can |
|
| | | | | | plugin/unmarshal/unmarshal.go |
|
||||||
| | | | | | lead to nil pointer dereference |
|
| | | | | | lacks certain index validation |
|
||||||
| | | | | | -->avd.aquasec.com/nvd/cve-2020-29652 |
|
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3121 |
|
||||||
+---------------------+------------------+----------+-----------------------------------+------------------------------------+---------------------------------------+
|
+--------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
|
||||||
```
|
```
|
||||||
---
|
---
|
||||||
### [Image Scan](#image)
|
### [Image Scan](#image)
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue