Skip to content

Security vulnerability scan #368

Security vulnerability scan

Security vulnerability scan #368

Triggered via schedule December 13, 2023 02:06
Status Failure
Total duration 3m 38s
Artifacts

vulnerability-scan.yml

on: schedule
Matrix: scan
Fit to window
Zoom out
Zoom in

Annotations

40 errors
scan (release-2.2)
persistence.ChaincodePackageParser.Parse calls ioutil.ReadAll, which eventually calls internal.chunkedReader.Read
scan (release-2.2)
chaincode.Packager.Package calls filepath.Abs
scan (release-2.2)
nwo.Network.StartSession calls filepath.Base
scan (release-2.2)
externalbuilder.ValidPath calls filepath.Clean
scan (release-2.2)
peer.GetServerConfig calls filepath.Dir
scan (release-2.2)
persistence.ChaincodePackageParser.Parse calls tar.Reader.Next, which calls filepath.IsLocal
scan (release-2.2)
nwo.Network.CACertsBundlePath calls filepath.Join
scan (release-2.2)
golang.DescribeCode calls filepath.Rel
scan (release-2.2)
chaincode.Packager.Package calls filepath.Split
scan (release-2.2)
externalbuilder.Start calls exec.Cmd.Start, which eventually calls filepath.VolumeName
scan (release-2.4)
channelparticipation.doBody calls io.ReadAll, which eventually calls internal.chunkedReader.Read
scan (release-2.4)
chaincode.Packager.Package calls filepath.Abs
scan (release-2.4)
nwo.Network.StartSession calls filepath.Base
scan (release-2.4)
externalbuilder.ValidPath calls filepath.Clean
scan (release-2.4)
peer.GetServerConfig calls filepath.Dir
scan (release-2.4)
gendoc.main calls packages.Load, which eventually calls filepath.EvalSymlinks
scan (release-2.4)
persistence.ParseChaincodePackage calls tar.Reader.Next, which calls filepath.IsLocal
scan (release-2.4)
nwo.Network.OrdererClientConn calls filepath.Join
scan (release-2.4)
golang.DescribeCode calls filepath.Rel
scan (release-2.4)
chaincode.Packager.Package calls filepath.Split
scan (main)
persistence.ParseChaincodePackage calls io.ReadAll, which eventually calls internal.chunkedReader.Read
scan (main)
chaincode.Packager.Package calls filepath.Abs
scan (main)
nwo.Network.StartSession calls filepath.Base
scan (main)
externalbuilder.ValidPath calls filepath.Clean
scan (main)
peer.GetServerConfig calls filepath.Dir
scan (main)
persistence.ParseChaincodePackage calls tar.Reader.Next, which calls filepath.IsLocal
scan (main)
nwo.Network.OrdererCert calls filepath.Join
scan (main)
golang.DescribeCode calls filepath.Rel
scan (main)
chaincode.Packager.Package calls filepath.Split
scan (main)
externalbuilder.Start calls exec.Cmd.Start, which eventually calls filepath.VolumeName
scan (release-2.5)
channelparticipation.doBody calls io.ReadAll, which eventually calls internal.chunkedReader.Read
scan (release-2.5)
chaincode.Packager.Package calls filepath.Abs
scan (release-2.5)
nwo.Network.StartSession calls filepath.Base
scan (release-2.5)
externalbuilder.ValidPath calls filepath.Clean
scan (release-2.5)
peer.GetServerConfig calls filepath.Dir
scan (release-2.5)
persistence.ParseChaincodePackage calls tar.Reader.Next, which calls filepath.IsLocal
scan (release-2.5)
nwo.Network.OrdererClientConn calls filepath.Join
scan (release-2.5)
golang.DescribeCode calls filepath.Rel
scan (release-2.5)
chaincode.Packager.Package calls filepath.Split
scan (release-2.5)
externalbuilder.Start calls exec.Cmd.Start, which eventually calls filepath.VolumeName