dragonheim/gagent
dragonheim/gagent
1
0
Fork 0
mirror of https://github.com/dragonheim/gagent.git synced 2025-04-26 06:58:59 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

cleanup: Started cleaning up the commenting format.

Browse source
This commit is contained in:
James Wells 2023-03-20 07:20:46 -07:00
parent 0de851e0e5
commit b95d3950c5
Signed by: jwells
GPG key ID: 73196D10B8E65666
10 changed files with 94 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

45
docs/VULNERABILITIES.md
View file

@ -1,27 +1,32 @@
### [Source Code Scan](#source)
IGNORED: We are not using the protocol buffers provided by gogo/protobuf
```
2022-03-16T16:27:43.221-0700 INFO Need to update DB
2022-03-16T16:27:43.221-0700 INFO Downloading DB...
26.43 MiB / 26.43 MiB [---------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00% 5.71 MiB p/s 5s
2022-03-16T16:27:49.073-0700 INFO Number of language-specific files: 1
2022-03-16T16:27:49.073-0700 INFO Detecting gomod vulnerabilities...
2023-03-15T06:59:15.989-0700 INFO Need to update DB
2023-03-15T06:59:15.989-0700 INFO DB Repository: ghcr.io/aquasecurity/trivy-db
2023-03-15T06:59:15.989-0700 INFO Downloading DB...
36.01 MiB / 36.01 MiB [-----------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00% 7.93 MiB p/s 4.7s
2023-03-15T06:59:21.791-0700 INFO Vulnerability scanning is enabled
2023-03-15T06:59:21.791-0700 INFO Secret scanning is enabled
2023-03-15T06:59:21.791-0700 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-03-15T06:59:21.791-0700 INFO Please see also https://aquasecurity.github.io/trivy/v0.37/docs/secret/scanning/#recommendation for faster secret detection
2023-03-15T06:59:25.698-0700 INFO Number of language-specific files: 1
2023-03-15T06:59:25.699-0700 INFO Detecting gomod vulnerabilities...
go.sum (gomod)
==============
Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
+--------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+--------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
| github.com/gogo/protobuf | CVE-2021-3121 | HIGH | 1.1.1 | 1.3.2 | gogo/protobuf: |
| | | | | | plugin/unmarshal/unmarshal.go |
| | | | | | lacks certain index validation |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3121 |
+--------------------------+------------------+----------+-------------------+---------------+--------------------------------------+
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
```
---
### [Image Scan](#image)
```
2023-03-15T07:05:44.377-0700 INFO Vulnerability scanning is enabled
2023-03-15T07:05:44.377-0700 INFO Secret scanning is enabled
2023-03-15T07:05:44.377-0700 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-03-15T07:05:44.377-0700 INFO Please see also https://aquasecurity.github.io/trivy/v0.37/docs/secret/scanning/#recommendation for faster secret detection
2023-03-15T07:05:44.731-0700 INFO Detected OS: alpine
2023-03-15T07:05:44.731-0700 INFO Detecting Alpine vulnerabilities...
2023-03-15T07:05:44.732-0700 INFO Number of language-specific files: 1
2023-03-15T07:05:44.732-0700 INFO Detecting gobinary vulnerabilities...
NONE
dragonheim/gagent:0.0.7 (alpine 3.17.2)
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
```