Security vulnerability scan

Security vulnerability scan #409

Triggered via schedule January 23, 2024 02:07

denyeart

⁠ c2e608c

main

Status Failure

Total duration 2m 45s

Artifacts –

vulnerability-scan.yml

on: schedule

Matrix: scan

Annotations

40 errors

scan (release-2.4)

channelparticipation.doBody calls io.ReadAll, which eventually calls internal.chunkedReader.Read

scan (release-2.4)

chaincode.Packager.Package calls filepath.Abs

scan (release-2.4)

chaincode.Packager.Package calls filepath.Abs

scan (release-2.4)

nwo.Network.StartSession calls filepath.Base

scan (release-2.4)

nwo.Network.StartSession calls filepath.Base

scan (release-2.4)

externalbuilder.ValidPath calls filepath.Clean

scan (release-2.4)

externalbuilder.ValidPath calls filepath.Clean

scan (release-2.4)

peer.GetServerConfig calls filepath.Dir

scan (release-2.4)

peer.GetServerConfig calls filepath.Dir

scan (release-2.4)

gendoc.main calls packages.Load, which eventually calls filepath.EvalSymlinks

scan (main)

persistence.ParseChaincodePackage calls io.ReadAll, which eventually calls internal.chunkedReader.Read

scan (main)

chaincode.Packager.Package calls filepath.Abs

scan (main)

chaincode.Packager.Package calls filepath.Abs

scan (main)

nwo.Network.StartSession calls filepath.Base

scan (main)

nwo.Network.StartSession calls filepath.Base

scan (main)

externalbuilder.ValidPath calls filepath.Clean

scan (main)

externalbuilder.ValidPath calls filepath.Clean

scan (main)

peer.GetServerConfig calls filepath.Dir

scan (main)

peer.GetServerConfig calls filepath.Dir

scan (main)

persistence.ParseChaincodePackage calls tar.Reader.Next, which calls filepath.IsLocal

scan (release-2.2)

persistence.ChaincodePackageParser.Parse calls ioutil.ReadAll, which eventually calls internal.chunkedReader.Read

scan (release-2.2)

chaincode.Packager.Package calls filepath.Abs

scan (release-2.2)

chaincode.Packager.Package calls filepath.Abs

scan (release-2.2)

nwo.Network.StartSession calls filepath.Base

scan (release-2.2)

nwo.Network.StartSession calls filepath.Base

scan (release-2.2)

externalbuilder.ValidPath calls filepath.Clean

scan (release-2.2)

externalbuilder.ValidPath calls filepath.Clean

scan (release-2.2)

peer.GetServerConfig calls filepath.Dir

scan (release-2.2)

peer.GetServerConfig calls filepath.Dir

scan (release-2.2)

persistence.ChaincodePackageParser.Parse calls tar.Reader.Next, which calls filepath.IsLocal

scan (release-2.5)

channelparticipation.doBody calls io.ReadAll, which eventually calls internal.chunkedReader.Read

scan (release-2.5)

chaincode.Packager.Package calls filepath.Abs

scan (release-2.5)

chaincode.Packager.Package calls filepath.Abs

scan (release-2.5)

nwo.Network.StartSession calls filepath.Base

scan (release-2.5)

nwo.Network.StartSession calls filepath.Base

scan (release-2.5)

externalbuilder.ValidPath calls filepath.Clean

scan (release-2.5)

externalbuilder.ValidPath calls filepath.Clean

scan (release-2.5)

peer.GetServerConfig calls filepath.Dir

scan (release-2.5)

peer.GetServerConfig calls filepath.Dir

scan (release-2.5)

persistence.ParseChaincodePackage calls tar.Reader.Next, which calls filepath.IsLocal

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security vulnerability scan #409

Summary