audio/gospt
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.12.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: src/youtube/youtube.go:107:36: youtube.Search calls youtube.NewService, which eventually calls http2.ConfigureTransports
#2: src/commands/commands.go:1061:35: commands.isNoActiveError calls http2.ConnectionError.Error
#3: src/gctx/context.go:23:25: gctx.Context.Println calls fmt.Sprint, which eventually calls http2.ErrCode.String
#4: src/gctx/context.go:23:25: gctx.Context.Println calls fmt.Sprint, which eventually calls http2.FrameHeader.String
#5: src/gctx/context.go:23:25: gctx.Context.Println calls fmt.Sprint, which eventually calls http2.FrameType.String
#6: src/auth/auth.go:111:24: auth.GetClient calls http.Server.ListenAndServe, which eventually calls http2.Framer.ReadFrame
#7: src/auth/auth.go:111:24: auth.GetClient calls http.Server.ListenAndServe, which eventually calls http2.Framer.WriteContinuation
#8: src/auth/auth.go:111:24: auth.GetClient calls http.Server.ListenAndServe, which eventually calls http2.Framer.WriteData
#9: src/auth/auth.go:111:24: auth.GetClient calls http.Server.ListenAndServe, which eventually calls http2.Framer.WriteHeaders
#10: src/auth/auth.go:111:24: auth.GetClient calls http.Server.ListenAndServe, which eventually calls http2.Framer.WritePing
#11: src/auth/auth.go:111:24: auth.GetClient calls http.Server.ListenAndServe, which eventually calls http2.Framer.WriteRSTStream
#12: src/auth/auth.go:111:24: auth.GetClient calls http.Server.ListenAndServe, which eventually calls http2.Framer.WriteSettings
#13: src/auth/auth.go:111:24: auth.GetClient calls http.Server.ListenAndServe, which eventually calls http2.Framer.WriteSettingsAck
#14: src/auth/auth.go:111:24: auth.GetClient calls http.Server.ListenAndServe, which eventually calls http2.Framer.WriteWindowUpdate
#15: src/commands/commands.go:1061:35: commands.isNoActiveError calls http2.GoAwayError.Error
#16: src/gctx/context.go:23:25: gctx.Context.Println calls fmt.Sprint, which eventually calls http2.Setting.String
#17: src/gctx/context.go:23:25: gctx.Context.Println calls fmt.Sprint, which eventually calls http2.SettingID.String
#18: src/auth/auth.go:111:24: auth.GetClient calls http.Server.ListenAndServe, which eventually calls http2.SettingsFrame.ForeachSetting
#19: src/commands/commands.go:1061:35: commands.isNoActiveError calls http2.StreamError.Error
#20: src/auth/auth.go:82:43: auth.GetClient calls http.Transport.RoundTrip, which eventually calls http2.Transport.NewClientConn
#21: src/auth/auth.go:82:43: auth.GetClient calls http.Transport.RoundTrip, which eventually calls http2.Transport.RoundTrip
#22: src/commands/commands.go:1030:12: commands.Commands.PrintPlaying calls fmt.Printf, which eventually calls http2.chunkWriter.Write
#23: src/commands/commands.go:1061:35: commands.isNoActiveError calls http2.connError.Error
#24: src/gctx/context.go:23:25: gctx.Context.Println calls fmt.Sprint, which eventually calls http2.duplicatePseudoHeaderError.Error
#25: src/youtube/youtube.go:112:26: youtube.Search calls youtube.SearchListCall.Do, which calls http2.gzipReader.Close
#26: src/commands/commands.go:1261:33: commands.Commands.activateDevice calls io.ReadAll, which calls http2.gzipReader.Read
#27: src/gctx/context.go:23:25: gctx.Context.Println calls fmt.Sprint, which eventually calls http2.headerFieldNameError.Error
#28: src/gctx/context.go:23:25: gctx.Context.Println calls fmt.Sprint, which eventually calls http2.headerFieldValueError.Error
#29: src/auth/auth.go:82:43: auth.GetClient calls http.Transport.RoundTrip, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#30: src/gctx/context.go:23:25: gctx.Context.Println calls fmt.Sprint, which eventually calls http2.pseudoHeaderError.Error
#31: src/commands/commands.go:1030:12: commands.Commands.PrintPlaying calls fmt.Printf, which eventually calls http2.stickyErrWriter.Write
#32: src/youtube/youtube.go:112:26: youtube.Search calls youtube.SearchListCall.Do, which calls http2.transportResponseBody.Close
#33: src/commands/commands.go:1261:33: commands.Commands.activateDevice calls io.ReadAll, which calls http2.transportResponseBody.Read
#34: src/gctx/context.go:23:25: gctx.Context.Println calls fmt.Sprint, which eventually calls http2.writeData.String
Vulnerability #2: GO-2024-2611
Infinite loop in JSON unmarshaling in google.golang.org/protobuf
More info: https://pkg.go.dev/vuln/GO-2024-2611
Module: google.golang.org/protobuf
Found in: google.golang.org/protobuf@v1.31.0
Fixed in: google.golang.org/protobuf@v1.33.0
Example traces found:
#1: src/youtube/youtube.go:112:26: youtube.Search calls youtube.SearchListCall.Do, which eventually calls json.Decoder.Peek
#2: src/youtube/youtube.go:112:26: youtube.Search calls youtube.SearchListCall.Do, which eventually calls json.Decoder.Read
#3: src/youtube/youtube.go:112:26: youtube.Search calls youtube.SearchListCall.Do, which eventually calls protojson.Unmarshal
Your code is affected by 2 vulnerabilities from 2 modules.
This scan also found 2 vulnerabilities in packages you import and 4
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
chat/matterircd
=== Symbol Results ===
Vulnerability #1: GO-2024-3340
Mattermost Data Amplification vulnerability in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3340
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #2: GO-2024-3338
Mattermost Race Condition vulnerability in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3338
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #3: GO-2024-3337
Mattermost Improper Validation of Specified Type of Input vulnerability in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3337
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #4: GO-2024-3334
Mattermost Server Resource Exhaustion in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3334
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #5: GO-2024-3235
Mattermost server allows authenticated user to delete arbitrary post in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3235
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #6: GO-2024-3234
Mattermost Server vulnerable to application crash from attacker-generated
large response in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3234
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #7: GO-2024-3233
Mattermost Server Path Traversal vulnerability that leads to Cross-Site
Request Forgery in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3233
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #8: GO-2024-3232
Mattermost Server allows user to get private channel names in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3232
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #9: GO-2024-3227
Mattermost incorrectly issues two sessions when using desktop SSO in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3227
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #10: GO-2024-3164
Mattermost fails to strip `embeds` from `metadata` when broadcasting
`posted` events in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3164
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #11: GO-2024-3097
Mattermost Cross-Site Request Forgery vulnerability in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3097
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #12: GO-2024-3096
Mattermost allows remote/synthetic users to create sessions, reset passwords
in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3096
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #13: GO-2024-3094
Mattermost doesn't restrict which roles can promote a user as system admin
in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3094
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #14: GO-2024-3093
Mattermost doesn't redact remote users' original email addresses in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3093
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #15: GO-2024-3092
Mattermost allows unsolicited invites to expose access to local channels in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3092
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #16: GO-2024-3091
Mattermost allows user with systems manager role with read-only access to
teams to perform write operations on teams in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3091
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #17: GO-2024-3090
Mattermost allows team admin user without "Add Team Members" permission to
disable invite URL in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3090
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #18: GO-2024-3089
Mattermost allows guest user with read access to upload files to a channel
in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3089
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #19: GO-2024-3032
Mattermost did not properly restrict channel creation in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3032
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #20: GO-2024-3031
Mattermost allows a remote actor to make an arbitrary local channel
read-only in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3031
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #21: GO-2024-3030
Mattermost failed to properly validate synced reactions in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3030
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #22: GO-2024-3028
Mattermost failed to properly validate that the channel that comes from the
sync message is a shared channel in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3028
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #23: GO-2024-3025
Mattermost failed to disallow the modification of local users when syncing
users in shared channels in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3025
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #24: GO-2024-3024
Mattermost allows a user on a remote to set their remote username prop to an
arbitrary string in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3024
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #25: GO-2024-3023
Mattermost allows remote actor to create/update/delete posts in arbitrary
channels in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3023
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #26: GO-2024-3022
Mattermost allows remote actor to set arbitrary RemoteId values for synced
users in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3022
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #27: GO-2024-3020
Mattermost allows a remote actor to permanently delete local data by abusing
dangerous error handling in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-3020
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #28: GO-2024-2707
Mattermost Server Improper Access Control in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2707
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #29: GO-2024-2706
Mattermost Server Improper Access Control in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2706
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #30: GO-2024-2696
Mattermost fails to authenticate the source of certain types of post actions
in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2696
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #31: GO-2024-2695
Mattermost Server doesn't limit the number of user preferences in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2695
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #32: GO-2024-2635
Mattermost incorrectly allows access individual posts in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2635
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #33: GO-2024-2595
Mattermost fails to properly restrict the access of files attached to posts
in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2595
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #34: GO-2024-2594
Mattermost fails to limit the number of role names in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2594
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #35: GO-2024-2593
Mattermost fails to check the "invite_guest" permission in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2593
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #36: GO-2024-2592
Mattermost allows attackers access to posts in channels they are not a
member of in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2592
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #37: GO-2024-2591
Mattermost post fetching without auditing in compliance export in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2591
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #38: GO-2024-2590
Mattermost leaks details of AD/LDAP groups of a teams in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2590
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #39: GO-2024-2589
Mattermost denial of service through long emoji value in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2589
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #40: GO-2024-2588
Mattermost race condition in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2588
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #41: GO-2024-2566
Mattermost fails to check the required permissions in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2566
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #42: GO-2024-2541
Mattermost vulnerable to denial of service via large number of emoji
reactions in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2541
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #43: GO-2024-2450
Mattermost viewing archived public channels permissions vulnerability in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2450
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#7: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #44: GO-2024-2448
Mattermost notified all users in the channel when using WebSockets to
respond individually in github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2448
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #45: GO-2024-2446
Mattermost Cross-site Scripting vulnerability in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2446
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Vulnerability #46: GO-2024-2444
Mattermost allows demoted guests to change group names in
github.com/mattermost/mattermost-server
More info: https://pkg.go.dev/vuln/GO-2024-2444
Module: github.com/mattermost/mattermost-server/v6
Found in: github.com/mattermost/mattermost-server/v6@v6.7.2
Fixed in: N/A
Example traces found:
#1: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls filestore.init
#2: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls i18n.init
#3: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls jsonutils.init
#4: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls markdown.init
#5: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.Warn
#6: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls mlog.init
#7: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls mlog.init
#8: bridge/mattermost/mattermost.go:1512:35: mattermost.Mattermost.GetLastSentMsgs calls fmt.Sprintf, which eventually calls mlog.shouldQuote
#9: mm-go-irckit/server_commands.go:698:77: mm.CmdTopic calls model.AppError.Error
#10: bridge/mattermost/mattermost.go:622:37: mattermost.Mattermost.GetChannel calls model.Channel.IsGroupOrDirect
#11: bridge/mattermost/mattermost.go:623:29: mattermost.Mattermost.GetChannel calls model.Channel.IsOpen
#12: bridge/mattermost/mattermost.go:204:43: mattermost.Mattermost.Invite calls model.Client4.AddChannelMember
#13: bridge/mattermost/mattermost.go:1395:51: mattermost.Mattermost.UpdateLastViewedUser calls model.Client4.CreateDirectChannel
#14: bridge/mattermost/mattermost.go:332:38: mattermost.Mattermost.MsgChannelThread calls model.Client4.CreatePost
#15: bridge/mattermost/mattermost.go:365:35: mattermost.Mattermost.ModifyPost calls model.Client4.DeletePost
#16: bridge/mattermost/mattermost.go:409:38: mattermost.Mattermost.RemoveReaction calls model.Client4.DeleteReaction
#17: bridge/mattermost/mattermost.go:614:45: mattermost.Mattermost.GetChannel calls model.Client4.GetChannel
#18: bridge/mattermost/mattermost.go:1438:26: mattermost.Mattermost.GetChannelID calls matterclient.Client.GetChannelID, which eventually calls model.Client4.GetChannelByName
#19: bridge/mattermost/mattermost.go:1375:27: mattermost.Mattermost.GetLastViewedAt calls matterclient.Client.GetLastViewedAt, which calls model.Client4.GetChannelMember
#20: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetChannelsForTeamForUser
#21: bridge/mattermost/mattermost.go:1411:26: mattermost.Mattermost.GetFileLinks calls matterclient.Client.GetFileLinks, which calls model.Client4.GetFileLink
#22: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetMe
#23: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetPing
#24: bridge/mattermost/mattermost.go:342:42: mattermost.Mattermost.MsgChannelThread calls model.Client4.GetPost
#25: bridge/mattermost/mattermost.go:1434:27: mattermost.Mattermost.GetPostThread calls matterclient.Client.GetPostThread, which calls model.Client4.GetPostThreadWithOpts
#26: bridge/mattermost/mattermost.go:1430:22: mattermost.Mattermost.GetPosts calls matterclient.Client.GetPosts, which calls model.Client4.GetPostsForChannel
#27: bridge/mattermost/mattermost.go:1382:27: mattermost.Mattermost.GetPostsSince calls matterclient.Client.GetPostsSince, which calls model.Client4.GetPostsSince
#28: bridge/mattermost/mattermost.go:482:22: mattermost.Mattermost.GetChannelName calls matterclient.Client.UpdateChannels, which eventually calls model.Client4.GetPublicChannelsForTeam
#29: bridge/mattermost/mattermost.go:217:42: mattermost.Mattermost.Join calls model.Client4.GetTeamByName
#30: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetTeamsForUser
#31: bridge/mattermost/mattermost.go:628:34: mattermost.Mattermost.GetUser calls matterclient.Client.GetUser, which calls model.Client4.GetUser
#32: bridge/mattermost/mattermost.go:637:53: mattermost.Mattermost.GetUserByUsername calls model.Client4.GetUserByUsername
#33: bridge/mattermost/mattermost.go:436:23: mattermost.Mattermost.StatusUser calls matterclient.Client.GetStatus, which calls model.Client4.GetUserStatus
#34: bridge/mattermost/mattermost.go:524:58: mattermost.Mattermost.GetChannelUsers calls model.Client4.GetUsersInChannel
#35: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.GetUsersInTeam
#36: bridge/mattermost/mattermost.go:440:25: mattermost.Mattermost.StatusUsers calls matterclient.Client.GetStatuses, which calls model.Client4.GetUsersStatusesByIds
#37: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.Login
#38: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.Client4.LoginWithMFA
#39: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.Client4.Logout
#40: bridge/mattermost/mattermost.go:427:39: mattermost.Mattermost.SetTopic calls model.Client4.PatchChannel
#41: bridge/mattermost/mattermost.go:373:36: mattermost.Mattermost.ModifyPost calls model.Client4.PatchPost
#42: bridge/mattermost/mattermost.go:448:45: mattermost.Mattermost.Kick calls model.Client4.RemoveUserFromChannel
#43: bridge/mattermost/mattermost.go:392:39: mattermost.Mattermost.AddReaction calls model.Client4.SaveReaction
#44: bridge/mattermost/mattermost.go:1407:25: mattermost.Mattermost.SearchPosts calls matterclient.Client.SearchPosts, which calls model.Client4.SearchPosts
#45: bridge/mattermost/mattermost.go:1415:42: mattermost.Mattermost.SearchUsers calls model.Client4.SearchUsers
#46: bridge/mattermost/mattermost.go:469:28: mattermost.Mattermost.Nick calls matterclient.Client.UpdateUserNick, which calls model.Client4.UpdateUser
#47: bridge/mattermost/mattermost.go:457:43: mattermost.Mattermost.SetStatus calls model.Client4.UpdateUserStatus
#48: bridge/mattermost/mattermost.go:1397:32: mattermost.Mattermost.UpdateLastViewedUser calls matterclient.Client.UpdateLastViewed, which calls model.Client4.ViewChannel
#49: mm-go-irckit/userbridge.go:1076:67: mm.User.saveLastViewedAt calls model.GetMillis
#50: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewAPIv4Client
#51: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.NewWebSocketClientWithDialer
#52: bridge/mattermost/mattermost.go:1035:53: mattermost.Mattermost.handleWsActionPost calls model.Post.Attachments
#53: mm-go-irckit/userbridge.go:709:23: mm.User.addUserToChannelWorker calls model.Post.GetProps
#54: bridge/mattermost/mattermost.go:330:15: mattermost.Mattermost.MsgChannelThread calls model.Post.SetProps
#55: bridge/mattermost/mattermost.go:276:21: mattermost.Mattermost.Logout calls matterclient.Client.Logout, which calls model.WebSocketClient.Close
#56: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.Listen
#57: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketClient.SendMessage
#58: config/config.go:23:26: config.LoadConfig calls viper.Viper.ReadInConfig, which eventually calls model.WebSocketClient.pingHandler
#59: bridge/mattermost/mattermost.go:155:32: mattermost.Mattermost.handleWsMessage calls model.WebSocketEvent.EventType
#60: bridge/mattermost/mattermost.go:191:39: mattermost.Mattermost.checkWsActionMessage calls model.WebSocketEvent.GetBroadcast
#61: bridge/mattermost/mattermost.go:848:58: mattermost.Mattermost.handleWsActionPost calls model.WebSocketEvent.GetData
#62: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketEvent.IsValid
#63: bridge/mattermost/mattermost.go:117:20: mattermost.Mattermost.loginToMattermost calls matterclient.Client.Login, which eventually calls model.WebSocketResponse.IsValid
#64: mm-go-irckit/channel.go:9:2: mm.init calls model.init
#65: mm-go-irckit/channel.go:9:2: mm.init calls model.init, which calls timezones.init
Your code is affected by 46 vulnerabilities from 1 module.
This scan also found 1 vulnerability in packages you import and 4
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
chat/neonmodem
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.27.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: system/discourse/discourse.go:317:43: discourse.System.LoadPost calls html.Converter.ConvertString, which eventually calls html.Parse
Your code is affected by 1 vulnerability from 1 module.
This scan found no other vulnerabilities in packages you import or modules you
require.
Use '-show verbose' for more details.
chat/ssh-chat
=== Symbol Results ===
Vulnerability #1: GO-2023-2402
Man-in-the-middle attacker can compromise integrity of secure channel in
golang.org/x/crypto
More info: https://pkg.go.dev/vuln/GO-2023-2402
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@v0.0.0-20200420104511-884d27f42877
Fixed in: golang.org/x/crypto@v0.17.0
Example traces found:
#1: sshd/client.go:42:33: sshd.ConnectShell calls ssh.Client.NewSession
#2: sshd/client.go:36:23: sshd.ConnectShell calls ssh.Dial
#3: sshd/net.go:49:2: sshd.SSHListener.handleConn calls ssh.DiscardRequests
#4: sshd/net.go:43:55: sshd.SSHListener.handleConn calls ssh.NewServerConn
#5: sshd/terminal.go:222:13: sshd.Terminal.listen calls ssh.Request.Reply
#6: sshd/client.go:46:2: sshd.ConnectShell calls ssh.Session.Close
#7: sshd/client.go:70:30: sshd.ConnectShell calls ssh.Session.SendRequest
#8: sshd/client.go:65:21: sshd.ConnectShell calls ssh.Session.Shell
#9: cmd/ssh-chat/cmd.go:243:14: ssh.main calls fmt.Fprintln, which eventually calls ssh.channel.Read
#10: sshd/terminal/terminal.go:954:17: terminal.Terminal.SetBracketedPasteMode calls io.WriteString, which calls ssh.channel.Write
#11: cmd/ssh-chat/cmd.go:243:14: ssh.main calls fmt.Fprintln, which eventually calls ssh.extChannel.Read
Vulnerability #2: GO-2022-0968
Panic on malformed packets in golang.org/x/crypto/ssh
More info: https://pkg.go.dev/vuln/GO-2022-0968
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@v0.0.0-20200420104511-884d27f42877
Fixed in: golang.org/x/crypto@v0.0.0-20211202192323-5770296d904e
Example traces found:
#1: sshd/client.go:36:23: sshd.ConnectShell calls ssh.Dial
#2: sshd/net.go:43:55: sshd.SSHListener.handleConn calls ssh.NewServerConn
Vulnerability #3: GO-2021-0356
Denial of service via crafted Signer in golang.org/x/crypto/ssh
More info: https://pkg.go.dev/vuln/GO-2021-0356
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@v0.0.0-20200420104511-884d27f42877
Fixed in: golang.org/x/crypto@v0.0.0-20220314234659-1baeb1ce4c0b
Example traces found:
#1: cmd/ssh-chat/cmd.go:122:19: ssh.main calls ssh.ServerConfig.AddHostKey
Vulnerability #4: GO-2021-0227
Panic on crafted authentication request message in golang.org/x/crypto/ssh
More info: https://pkg.go.dev/vuln/GO-2021-0227
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@v0.0.0-20200420104511-884d27f42877
Fixed in: golang.org/x/crypto@v0.0.0-20201216223049-8b5274cf687f
Example traces found:
#1: sshd/net.go:43:55: sshd.SSHListener.handleConn calls ssh.NewServerConn
Your code is affected by 4 vulnerabilities from 1 module.
This scan also found 3 vulnerabilities in packages you import and 3
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
databases/influxdb
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20191209160850-c0dbc17a3553
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.ConnectionError.Error
#2: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.ErrCode.String
#3: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.FrameHeader.String
#4: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.FrameType.String
#5: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.Framer.ReadFrame
#6: query/iterator.gen.go:11603:13: query.booleanCloseInterruptIterator.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteContinuation
#7: query/iterator.gen.go:11603:13: query.booleanCloseInterruptIterator.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteData
#8: query/iterator.gen.go:11603:13: query.booleanCloseInterruptIterator.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteHeaders
#9: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.Framer.WritePing
#10: query/iterator.gen.go:11603:13: query.booleanCloseInterruptIterator.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteRSTStream
#11: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.Framer.WriteSettings
#12: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.Framer.WriteSettingsAck
#13: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.Framer.WriteWindowUpdate
#14: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.GoAwayError.Error
#15: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.Setting.String
#16: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.SettingID.String
#17: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.SettingsFrame.ForeachSetting
#18: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.StreamError.Error
#19: tsdb/engine/tsm1/wal.go:1067:25: tsm1.WALSegmentWriter.Write calls bufio.Writer.Write, which calls http2.chunkWriter.Write
#20: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.connError.Error
#21: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.duplicatePseudoHeaderError.Error
#22: client/v2/client.go:702:18: client.duplexReader.Close calls http2.gzipReader.Close
#23: client/v2/client.go:693:19: client.duplexReader.Read calls http2.gzipReader.Read
#24: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.headerFieldNameError.Error
#25: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.headerFieldValueError.Error
#26: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.pseudoHeaderError.Error
#27: tsdb/engine/tsm1/wal.go:1067:25: tsm1.WALSegmentWriter.Write calls bufio.Writer.Write, which calls http2.stickyErrWriter.Write
#28: client/v2/client.go:702:18: client.duplexReader.Close calls http2.transportResponseBody.Close
#29: client/v2/client.go:693:19: client.duplexReader.Read calls http2.transportResponseBody.Read
#30: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.writeData.String
Vulnerability #2: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20191209160850-c0dbc17a3553
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: client/v2/client.go:702:18: client.duplexReader.Close calls http2.transportResponseBody.Close, which eventually calls hpack.Decoder.Write
#2: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.ConnectionError.Error
#3: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.ErrCode.String
#4: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.FrameHeader.String
#5: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.FrameType.String
#6: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.Framer.ReadFrame
#7: query/iterator.gen.go:11603:13: query.booleanCloseInterruptIterator.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteContinuation
#8: query/iterator.gen.go:11603:13: query.booleanCloseInterruptIterator.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteData
#9: query/iterator.gen.go:11603:13: query.booleanCloseInterruptIterator.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteHeaders
#10: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.Framer.WritePing
#11: query/iterator.gen.go:11603:13: query.booleanCloseInterruptIterator.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteRSTStream
#12: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.Framer.WriteSettings
#13: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.Framer.WriteSettingsAck
#14: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.Framer.WriteWindowUpdate
#15: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.GoAwayError.Error
#16: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.Setting.String
#17: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.SettingID.String
#18: storage/reads/datatypes/storage_common.pb.go:1404:31: datatypes.storageClient.TagValues calls grpc.ClientConn.NewStream, which eventually calls http2.SettingsFrame.ForeachSetting
#19: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.StreamError.Error
#20: tsdb/engine/tsm1/wal.go:1067:25: tsm1.WALSegmentWriter.Write calls bufio.Writer.Write, which calls http2.chunkWriter.Write
#21: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.connError.Error
#22: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.duplicatePseudoHeaderError.Error
#23: client/v2/client.go:702:18: client.duplexReader.Close calls http2.gzipReader.Close
#24: client/v2/client.go:693:19: client.duplexReader.Read calls http2.gzipReader.Read
#25: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.headerFieldNameError.Error
#26: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.headerFieldValueError.Error
#27: tsdb/engine/tsm1/compact.go:1244:24: tsm1.TSMErrors.Error calls http2.pseudoHeaderError.Error
#28: tsdb/engine/tsm1/wal.go:1067:25: tsm1.WALSegmentWriter.Write calls bufio.Writer.Write, which calls http2.stickyErrWriter.Write
#29: client/v2/client.go:702:18: client.duplexReader.Close calls http2.transportResponseBody.Close
#30: client/v2/client.go:693:19: client.duplexReader.Read calls http2.transportResponseBody.Read
#31: cmd/influxd/run/config.go:146:23: run.Config.FromToml calls toml.Decode, which eventually calls http2.writeData.String
Vulnerability #3: GO-2022-0322
Uncontrolled resource consumption in github.com/prometheus/client_golang
More info: https://pkg.go.dev/vuln/GO-2022-0322
Module: github.com/prometheus/client_golang
Found in: github.com/prometheus/client_golang@v1.0.0
Fixed in: github.com/prometheus/client_golang@v1.11.1
Example traces found:
#1: services/httpd/handler.go:228:64: httpd.NewHandler calls promhttp.Handler
#2: services/httpd/response_writer.go:108:10: httpd.responseWriter.Flush calls promhttp.flusherDelegator.Flush
#3: client/v2/client.go:736:10: client.ChunkedResponse.NextResponse calls io.Copy, which eventually calls promhttp.readerFromDelegator.ReadFrom
#4: services/httpd/response_writer.go:93:21: httpd.bytesCountWriter.Write calls promhttp.responseWriterDelegator.Write
#5: services/httpd/response_logger.go:50:17: httpd.responseLogger.WriteHeader calls promhttp.responseWriterDelegator.WriteHeader
#6: services/httpd/handler.go:451:18: httpd.Handler.ServeHTTP calls pat.PatternServeMux.ServeHTTP, which eventually calls promhttp.sanitizeMethod
Vulnerability #4: GO-2020-0015
Infinite loop when decoding some inputs in golang.org/x/text
More info: https://pkg.go.dev/vuln/GO-2020-0015
Module: golang.org/x/text
Found in: golang.org/x/text@v0.3.2
Fixed in: golang.org/x/text@v0.3.3
Example traces found:
#1: cmd/influxd/run/config.go:128:30: run.Config.FromTomlFile calls transform.Bytes, which eventually calls unicode.bomOverride.Transform
Your code is affected by 4 vulnerabilities from 3 modules.
This scan also found 8 vulnerabilities in packages you import and 14
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
databases/mysqld_exporter
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.17.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: mysqld_exporter.go:220:24: mysqld_exporter.main calls log.jsonLogger.Log, which eventually calls http2.ErrCode.String
#2: mysqld_exporter.go:220:24: mysqld_exporter.main calls log.jsonLogger.Log, which eventually calls http2.FrameType.String
#3: mysqld_exporter.go:220:24: mysqld_exporter.main calls log.jsonLogger.Log, which eventually calls http2.Setting.String
#4: mysqld_exporter.go:220:24: mysqld_exporter.main calls log.jsonLogger.Log, which eventually calls http2.SettingID.String
#5: mysqld_exporter.go:217:15: mysqld_exporter.main calls kingpin.Parse, which eventually calls http2.chunkWriter.Write
#6: mysqld_exporter.go:220:24: mysqld_exporter.main calls log.jsonLogger.Log, which eventually calls http2.duplicatePseudoHeaderError.Error
#7: mysqld_exporter.go:220:24: mysqld_exporter.main calls log.jsonLogger.Log, which eventually calls http2.headerFieldNameError.Error
#8: mysqld_exporter.go:220:24: mysqld_exporter.main calls log.jsonLogger.Log, which eventually calls http2.headerFieldValueError.Error
#9: mysqld_exporter.go:220:24: mysqld_exporter.main calls log.jsonLogger.Log, which eventually calls http2.pseudoHeaderError.Error
#10: mysqld_exporter.go:220:24: mysqld_exporter.main calls log.jsonLogger.Log, which eventually calls http2.writeData.String
Your code is affected by 1 vulnerability from 1 module.
This scan also found 0 vulnerabilities in packages you import and 4
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
databases/postgres_exporter
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.17.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: collector/pg_stat_database.go:276:26: collector.PGStatDatabaseCollector.Update calls log.jsonLogger.Log, which eventually calls http2.ErrCode.String
#2: collector/pg_stat_database.go:276:26: collector.PGStatDatabaseCollector.Update calls log.jsonLogger.Log, which eventually calls http2.FrameType.String
#3: collector/pg_stat_database.go:276:26: collector.PGStatDatabaseCollector.Update calls log.jsonLogger.Log, which eventually calls http2.Setting.String
#4: collector/pg_stat_database.go:276:26: collector.PGStatDatabaseCollector.Update calls log.jsonLogger.Log, which eventually calls http2.SettingID.String
#5: cmd/postgres_exporter/postgres_exporter.go:159:14: postgres_exporter.dumpMaps calls fmt.Printf, which eventually calls http2.chunkWriter.Write
#6: collector/pg_stat_database.go:276:26: collector.PGStatDatabaseCollector.Update calls log.jsonLogger.Log, which eventually calls http2.duplicatePseudoHeaderError.Error
#7: collector/pg_stat_database.go:276:26: collector.PGStatDatabaseCollector.Update calls log.jsonLogger.Log, which eventually calls http2.headerFieldNameError.Error
#8: collector/pg_stat_database.go:276:26: collector.PGStatDatabaseCollector.Update calls log.jsonLogger.Log, which eventually calls http2.headerFieldValueError.Error
#9: collector/pg_stat_database.go:276:26: collector.PGStatDatabaseCollector.Update calls log.jsonLogger.Log, which eventually calls http2.pseudoHeaderError.Error
#10: collector/pg_stat_database.go:276:26: collector.PGStatDatabaseCollector.Update calls log.jsonLogger.Log, which eventually calls http2.writeData.String
Your code is affected by 1 vulnerability from 1 module.
This scan also found 0 vulnerabilities in packages you import and 4
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
databases/sqlc
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.21.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: internal/ext/process/gen.go:56:22: process.Runner.Invoke calls http2.ConnectionError.Error
#2: internal/cmd/createdb.go:104:14: cmd.CreateDB calls fmt.Fprintln, which eventually calls http2.ErrCode.String
#3: internal/cmd/createdb.go:104:14: cmd.CreateDB calls fmt.Fprintln, which eventually calls http2.FrameHeader.String
#4: internal/cmd/createdb.go:104:14: cmd.CreateDB calls fmt.Fprintln, which eventually calls http2.FrameType.String
#5: internal/rpc/interceptor.go:12:16: rpc.UnaryInterceptor calls grpc.invoke, which eventually calls http2.Framer.ReadFrame
#6: internal/rpc/interceptor.go:12:16: rpc.UnaryInterceptor calls grpc.invoke, which eventually calls http2.Framer.WriteContinuation
#7: internal/rpc/interceptor.go:12:16: rpc.UnaryInterceptor calls grpc.invoke, which eventually calls http2.Framer.WriteData
#8: internal/rpc/interceptor.go:12:16: rpc.UnaryInterceptor calls grpc.invoke, which eventually calls http2.Framer.WriteHeaders
#9: internal/rpc/interceptor.go:12:16: rpc.UnaryInterceptor calls grpc.invoke, which eventually calls http2.Framer.WritePing
#10: internal/rpc/interceptor.go:12:16: rpc.UnaryInterceptor calls grpc.invoke, which eventually calls http2.Framer.WriteRSTStream
#11: internal/rpc/interceptor.go:12:16: rpc.UnaryInterceptor calls grpc.invoke, which eventually calls http2.Framer.WriteSettings
#12: internal/rpc/interceptor.go:12:16: rpc.UnaryInterceptor calls grpc.invoke, which eventually calls http2.Framer.WriteSettingsAck
#13: internal/rpc/interceptor.go:12:16: rpc.UnaryInterceptor calls grpc.invoke, which eventually calls http2.Framer.WriteWindowUpdate
#14: internal/ext/process/gen.go:56:22: process.Runner.Invoke calls http2.GoAwayError.Error
#15: internal/cmd/createdb.go:104:14: cmd.CreateDB calls fmt.Fprintln, which eventually calls http2.Setting.String
#16: internal/cmd/createdb.go:104:14: cmd.CreateDB calls fmt.Fprintln, which eventually calls http2.SettingID.String
#17: internal/rpc/interceptor.go:12:16: rpc.UnaryInterceptor calls grpc.invoke, which eventually calls http2.SettingsFrame.ForeachSetting
#18: internal/ext/process/gen.go:56:22: process.Runner.Invoke calls http2.StreamError.Error
#19: cmd/sqlc-gen-json/main.go:43:19: sqlc.run calls bufio.Writer.Flush, which calls http2.chunkWriter.Write
#20: internal/ext/process/gen.go:56:22: process.Runner.Invoke calls http2.connError.Error
#21: internal/ext/process/gen.go:56:22: process.Runner.Invoke calls http2.duplicatePseudoHeaderError.Error
#22: internal/ext/wasm/wasm.go:103:2: wasm.Runner.fetch calls http2.gzipReader.Close
#23: internal/engine/postgresql/parse.go:150:29: postgresql.Parser.Parse calls io.ReadAll, which calls http2.gzipReader.Read
#24: internal/ext/process/gen.go:56:22: process.Runner.Invoke calls http2.headerFieldNameError.Error
#25: internal/ext/process/gen.go:56:22: process.Runner.Invoke calls http2.headerFieldValueError.Error
#26: internal/ext/process/gen.go:56:22: process.Runner.Invoke calls http2.pseudoHeaderError.Error
#27: cmd/sqlc-gen-json/main.go:43:19: sqlc.run calls bufio.Writer.Flush, which calls http2.stickyErrWriter.Write
#28: internal/ext/wasm/wasm.go:103:2: wasm.Runner.fetch calls http2.transportResponseBody.Close
#29: internal/engine/postgresql/parse.go:150:29: postgresql.Parser.Parse calls io.ReadAll, which calls http2.transportResponseBody.Read
#30: internal/cmd/createdb.go:104:14: cmd.CreateDB calls fmt.Fprintln, which eventually calls http2.writeData.String
Your code is affected by 1 vulnerability from 1 module.
This scan also found 0 vulnerabilities in packages you import and 2
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
devel/fq
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.28.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: format/xml/html.go:226:33: xml.decodeHTML calls html.ParseWithOptions
Your code is affected by 1 vulnerability from 1 module.
This scan also found 0 vulnerabilities in packages you import and 1
vulnerability in modules you require, but your code doesn't appear to call these
vulnerabilities.
Use '-show verbose' for more details.
devel/go-tools
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.30.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: cmd/html2article/conv.go:35:25: html2article.convert calls html.Parse
Your code is affected by 1 vulnerability from 1 module.
This scan found no other vulnerabilities in packages you import or modules you
require.
Use '-show verbose' for more details.
devel/syft
=== Symbol Results ===
Vulnerability #1: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.7.1
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls retryablehttp.Client.Do
Vulnerability #2: GO-2024-2719
Cosign malicious artifacts can cause machine-wide DoS in
github.com/sigstore/cosign
More info: https://pkg.go.dev/vuln/GO-2024-2719
Module: github.com/sigstore/cosign
Found in: github.com/sigstore/cosign@v1.13.1
Fixed in: N/A
Example traces found:
#1: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls all.init
#2: cmd/syft/cli/attest/attest.go:232:42: attest.generateAttestation calls attestation.GenerateStatement
#3: cmd/syft/cli/attest/attest.go:17:2: attest.init calls attestation.init
#4: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls blob.LoadFileOrURL
#5: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls blob.UnrecognizedSchemeError.Error
#6: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which calls blob.init
#7: cmd/syft/cli/attest/attest.go:397:30: attest.uploadToTlog calls bundle.EntryToBundle
#8: cmd/syft/cli/attest/attest.go:18:2: attest.init calls bundle.init
#9: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls cosign.ConfirmPrompt
#10: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls cosign.GeneratePrivateKey
#11: cmd/syft/cli/attest/password.go:53:32: attest.fetchPassword calls cosign.GetPassFromTerm
#12: cmd/syft/cli/attest/password.go:24:32: attest.selectPassFunc calls cosign.LoadPrivateKey
#13: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation
#14: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls cosign.TrustedCert
#15: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls cosign.VerificationError.Error
#16: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls cosign.init
#17: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init
#18: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls ctl.ContainsSCT
#19: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls ctl.VerifyEmbeddedSCT
#20: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls ctl.VerifySCT
#21: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls ctl.init
#22: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls ctutil.GetCTLogID
#23: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls ctutil.VerifySCT
#24: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls ctutil.init
#25: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations, which eventually calls empty.Signatures
#26: cmd/syft/cli/attest/attest.go:20:2: attest.init calls remote.init, which calls empty.init
#27: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls filesystem.filesystem.Enabled
#28: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls filesystem.filesystem.Provide
#29: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls filesystem.init
#30: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls fulcio.NewSigner
#31: cmd/syft/cli/attest/attest.go:378:37: attest.uploadToTlog calls signature.PublicKeyPem, which calls fulcio.Signer.PublicKey
#32: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls fulcio.init
#33: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls fulcio.init
#34: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls fulcioroots.init
#35: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls fulcioverifier.NewSigner
#36: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls fulcioverifier.init
#37: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls git.GetProvider
#38: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which calls git.init
#39: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls github.Gh.GetSecret
#40: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which eventually calls github.New
#41: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls github.githubActions.Enabled
#42: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls github.githubActions.Provide
#43: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which eventually calls github.init
#44: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls github.init
#45: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls gitlab.Gl.GetSecret
#46: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which eventually calls gitlab.New
#47: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which calls gitlab.init
#48: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls google.googleImpersonate.Enabled
#49: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls google.googleImpersonate.Provide
#50: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls google.googleWorkloadIdentity.Enabled
#51: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls google.googleWorkloadIdentity.Provide
#52: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls google.init
#53: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls kubernetes.GetKeyPairSecret
#54: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which calls kubernetes.init
#55: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls layout.init
#56: cmd/syft/cli/attest/attest.go:341:48: attest.uploadAttestation calls mutate.AttachAttestationToEntity
#57: cmd/syft/cli/attest/attest.go:19:2: attest.init calls mutate.init
#58: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations, which calls mutate.signedImage.Attestations
#59: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations, which calls mutate.signedImageIndex.Attestations
#60: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations, which eventually calls oci.DockerMediaTypes
#61: cmd/syft/cli/attest/attest.go:21:2: attest.init calls static.init, which calls oci.init
#62: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls options.UserAgent
#63: internal/config/attest.go:8:2: config.init calls options.init
#64: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls payload.init
#65: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pivkey.GetKeyWithSlot
#66: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pivkey.Key.Certificate
#67: cmd/syft/cli/attest/attest.go:102:2: attest.Run calls sign.SignerVerifier.Close, which calls pivkey.Key.Close
#68: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pivkey.Key.SignerVerifier
#69: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls pivkey.init
#70: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pkcs11key.GetKeyWithURIConfig
#71: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pkcs11key.Key.Certificate
#72: cmd/syft/cli/attest/attest.go:102:2: attest.Run calls sign.SignerVerifier.Close, which calls pkcs11key.Key.Close
#73: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pkcs11key.Key.SignerVerifier
#74: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pkcs11key.NewPkcs11UriConfig
#75: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pkcs11key.Pkcs11UriConfig.Parse
#76: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which calls pkcs11key.init
#77: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls providers.Enabled
#78: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls providers.Provide
#79: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls providers.ProvideFrom
#80: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls providers.Register
#81: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls providers.init
#82: cmd/syft/cli/attest/attest.go:385:37: attest.uploadToTlog calls rekor.NewClient
#83: cmd/syft/cli/attest/attest.go:14:2: attest.init calls rekor.init
#84: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls rekor.init
#85: cmd/syft/cli/attest/attest.go:269:41: attest.publishAttestation calls remote.ResolveDigest
#86: cmd/syft/cli/attest/attest.go:336:35: attest.uploadAttestation calls remote.SignedEntity
#87: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations
#88: cmd/syft/cli/attest/attest.go:20:2: attest.init calls remote.init
#89: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls remote.init
#90: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts
#91: cmd/syft/cli/attest/attest.go:102:2: attest.Run calls sign.SignerVerifier.Close
#92: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init
#93: cmd/syft/cli/attest/attest.go:378:37: attest.uploadToTlog calls signature.PublicKeyPem
#94: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls signature.SignerVerifierFromKeyRef
#95: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init
#96: cmd/syft/cli/attest/attest.go:20:2: attest.init calls remote.init, which calls signature.init
#97: cmd/syft/cli/attest/attest.go:21:2: attest.init calls static.init, which calls signed.init
#98: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls spiffe.init
#99: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls spiffe.spiffe.Enabled
#100: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls spiffe.spiffe.Provide
#101: cmd/syft/cli/attest/attest.go:331:35: attest.uploadAttestation calls static.NewAttestation
#102: cmd/syft/cli/attest/attest.go:330:39: attest.uploadAttestation calls static.WithBundle
#103: cmd/syft/cli/attest/attest.go:305:43: attest.uploadAttestation calls static.WithCertChain
#104: cmd/syft/cli/attest/attest.go:303:51: attest.uploadAttestation calls static.WithLayerMediaType
#105: cmd/syft/cli/attest/attest.go:21:2: attest.init calls static.init
#106: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations, which eventually calls static.staticLayer.Annotations
#107: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls static.staticLayer.Compressed
#108: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls static.staticLayer.DiffID
#109: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls static.staticLayer.Digest
#110: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls static.staticLayer.MediaType
#111: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls static.staticLayer.Size
#112: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls static.staticLayer.Uncompressed
#113: cmd/syft/cli/attest/attest.go:23:2: attest.init calls types.init
#114: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls walk.init
Vulnerability #3: GO-2024-2718
Cosign malicious attachments can cause system-wide denial of service in
github.com/sigstore/cosign
More info: https://pkg.go.dev/vuln/GO-2024-2718
Module: github.com/sigstore/cosign
Found in: github.com/sigstore/cosign@v1.13.1
Fixed in: N/A
Example traces found:
#1: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls all.init
#2: cmd/syft/cli/attest/attest.go:232:42: attest.generateAttestation calls attestation.GenerateStatement
#3: cmd/syft/cli/attest/attest.go:17:2: attest.init calls attestation.init
#4: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls blob.LoadFileOrURL
#5: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls blob.UnrecognizedSchemeError.Error
#6: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which calls blob.init
#7: cmd/syft/cli/attest/attest.go:397:30: attest.uploadToTlog calls bundle.EntryToBundle
#8: cmd/syft/cli/attest/attest.go:18:2: attest.init calls bundle.init
#9: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls cosign.ConfirmPrompt
#10: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls cosign.GeneratePrivateKey
#11: cmd/syft/cli/attest/password.go:53:32: attest.fetchPassword calls cosign.GetPassFromTerm
#12: cmd/syft/cli/attest/password.go:24:32: attest.selectPassFunc calls cosign.LoadPrivateKey
#13: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation
#14: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls cosign.TrustedCert
#15: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls cosign.VerificationError.Error
#16: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls cosign.init
#17: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init
#18: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls ctl.ContainsSCT
#19: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls ctl.VerifyEmbeddedSCT
#20: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls ctl.VerifySCT
#21: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls ctl.init
#22: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls ctutil.GetCTLogID
#23: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls ctutil.VerifySCT
#24: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls ctutil.init
#25: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations, which eventually calls empty.Signatures
#26: cmd/syft/cli/attest/attest.go:20:2: attest.init calls remote.init, which calls empty.init
#27: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls filesystem.filesystem.Enabled
#28: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls filesystem.filesystem.Provide
#29: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls filesystem.init
#30: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls fulcio.NewSigner
#31: cmd/syft/cli/attest/attest.go:378:37: attest.uploadToTlog calls signature.PublicKeyPem, which calls fulcio.Signer.PublicKey
#32: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls fulcio.init
#33: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls fulcio.init
#34: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls fulcioroots.init
#35: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls fulcioverifier.NewSigner
#36: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls fulcioverifier.init
#37: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls git.GetProvider
#38: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which calls git.init
#39: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls github.Gh.GetSecret
#40: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which eventually calls github.New
#41: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls github.githubActions.Enabled
#42: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls github.githubActions.Provide
#43: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which eventually calls github.init
#44: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls github.init
#45: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls gitlab.Gl.GetSecret
#46: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which eventually calls gitlab.New
#47: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which calls gitlab.init
#48: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls google.googleImpersonate.Enabled
#49: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls google.googleImpersonate.Provide
#50: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls google.googleWorkloadIdentity.Enabled
#51: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls google.googleWorkloadIdentity.Provide
#52: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls google.init
#53: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls kubernetes.GetKeyPairSecret
#54: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which calls kubernetes.init
#55: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls layout.init
#56: cmd/syft/cli/attest/attest.go:341:48: attest.uploadAttestation calls mutate.AttachAttestationToEntity
#57: cmd/syft/cli/attest/attest.go:19:2: attest.init calls mutate.init
#58: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations, which calls mutate.signedImage.Attestations
#59: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations, which calls mutate.signedImageIndex.Attestations
#60: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations, which eventually calls oci.DockerMediaTypes
#61: cmd/syft/cli/attest/attest.go:21:2: attest.init calls static.init, which calls oci.init
#62: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls options.UserAgent
#63: internal/config/attest.go:8:2: config.init calls options.init
#64: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls payload.init
#65: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pivkey.GetKeyWithSlot
#66: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pivkey.Key.Certificate
#67: cmd/syft/cli/attest/attest.go:102:2: attest.Run calls sign.SignerVerifier.Close, which calls pivkey.Key.Close
#68: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pivkey.Key.SignerVerifier
#69: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls pivkey.init
#70: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pkcs11key.GetKeyWithURIConfig
#71: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pkcs11key.Key.Certificate
#72: cmd/syft/cli/attest/attest.go:102:2: attest.Run calls sign.SignerVerifier.Close, which calls pkcs11key.Key.Close
#73: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pkcs11key.Key.SignerVerifier
#74: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pkcs11key.NewPkcs11UriConfig
#75: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls pkcs11key.Pkcs11UriConfig.Parse
#76: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init, which calls pkcs11key.init
#77: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls providers.Enabled
#78: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls providers.Provide
#79: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls providers.ProvideFrom
#80: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls providers.Register
#81: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls providers.init
#82: cmd/syft/cli/attest/attest.go:385:37: attest.uploadToTlog calls rekor.NewClient
#83: cmd/syft/cli/attest/attest.go:14:2: attest.init calls rekor.init
#84: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls rekor.init
#85: cmd/syft/cli/attest/attest.go:269:41: attest.publishAttestation calls remote.ResolveDigest
#86: cmd/syft/cli/attest/attest.go:336:35: attest.uploadAttestation calls remote.SignedEntity
#87: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations
#88: cmd/syft/cli/attest/attest.go:20:2: attest.init calls remote.init
#89: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls remote.init
#90: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts
#91: cmd/syft/cli/attest/attest.go:102:2: attest.Run calls sign.SignerVerifier.Close
#92: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init
#93: cmd/syft/cli/attest/attest.go:378:37: attest.uploadToTlog calls signature.PublicKeyPem
#94: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls signature.SignerVerifierFromKeyRef
#95: cmd/syft/cli/attest/attest.go:20:2: attest.init calls remote.init, which calls signature.init
#96: cmd/syft/cli/attest/attest.go:22:2: attest.init calls signature.init
#97: cmd/syft/cli/attest/attest.go:21:2: attest.init calls static.init, which calls signed.init
#98: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which eventually calls spiffe.init
#99: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls spiffe.spiffe.Enabled
#100: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls spiffe.spiffe.Provide
#101: cmd/syft/cli/attest/attest.go:331:35: attest.uploadAttestation calls static.NewAttestation
#102: cmd/syft/cli/attest/attest.go:330:39: attest.uploadAttestation calls static.WithBundle
#103: cmd/syft/cli/attest/attest.go:305:43: attest.uploadAttestation calls static.WithCertChain
#104: cmd/syft/cli/attest/attest.go:303:51: attest.uploadAttestation calls static.WithLayerMediaType
#105: cmd/syft/cli/attest/attest.go:21:2: attest.init calls static.init
#106: cmd/syft/cli/attest/attest.go:347:35: attest.uploadAttestation calls remote.WriteAttestations, which eventually calls static.staticLayer.Annotations
#107: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls static.staticLayer.Compressed
#108: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls static.staticLayer.DiffID
#109: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls static.staticLayer.Digest
#110: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls static.staticLayer.MediaType
#111: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls static.staticLayer.Size
#112: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls static.staticLayer.Uncompressed
#113: cmd/syft/cli/attest/attest.go:23:2: attest.init calls types.init
#114: cmd/syft/cli/attest/attest.go:15:2: attest.init calls sign.init, which calls walk.init
Vulnerability #4: GO-2024-2698
Archiver Path Traversal vulnerability in github.com/mholt/archiver
More info: https://pkg.go.dev/vuln/GO-2024-2698
Module: github.com/mholt/archiver/v3
Found in: github.com/mholt/archiver/v3@v3.5.1
Fixed in: N/A
Example traces found:
#1: syft/source/source.go:302:50: source.fileAnalysisPath calls archiver.ByExtension
#2: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.Bz2.String
#3: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.Gz.String
#4: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls archiver.IllegalPathError.Error
#5: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.Lz4.String
#6: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.Rar.String
#7: syft/source/source.go:467:49: source.unarchiveToTmp calls archiver.Rar.Unarchive
#8: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.Snappy.String
#9: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.Tar.String
#10: syft/source/source.go:467:49: source.unarchiveToTmp calls archiver.Tar.Unarchive
#11: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.TarBrotli.String
#12: syft/source/source.go:467:49: source.unarchiveToTmp calls archiver.TarBrotli.Unarchive
#13: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.TarBz2.String
#14: syft/source/source.go:467:49: source.unarchiveToTmp calls archiver.TarBz2.Unarchive
#15: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.TarGz.String
#16: syft/source/source.go:467:49: source.unarchiveToTmp calls archiver.TarGz.Unarchive
#17: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.TarLz4.String
#18: syft/source/source.go:467:49: source.unarchiveToTmp calls archiver.TarLz4.Unarchive
#19: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.TarSz.String
#20: syft/source/source.go:467:49: source.unarchiveToTmp calls archiver.TarSz.Unarchive
#21: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.TarXz.String
#22: syft/source/source.go:467:49: source.unarchiveToTmp calls archiver.TarXz.Unarchive
#23: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.TarZstd.String
#24: syft/source/source.go:467:49: source.unarchiveToTmp calls archiver.TarZstd.Unarchive
#25: internal/file/tar_file_traversal.go:54:31: file.ExtractGlobsFromTarToUniqueTempFile calls archiver.Walk
#26: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.Xz.String
#27: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.Zip.String
#28: syft/source/source.go:467:49: source.unarchiveToTmp calls archiver.Zip.Unarchive
#29: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls archiver.Zstd.String
#30: syft/source/source.go:17:2: source.init calls archiver.init
Vulnerability #5: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20221012135044-0b7e1fb9d458
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.ConfigureTransports
#2: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.ConnectionError.Error
#3: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#4: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#5: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.FrameType.String
#6: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.ReadFrame
#7: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteContinuation
#8: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteData
#9: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteHeaders
#10: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WritePing
#11: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteRSTStream
#12: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteSettings
#13: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteSettingsAck
#14: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteWindowUpdate
#15: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.GoAwayError.Error
#16: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.Setting.String
#17: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.SettingID.String
#18: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.SettingsFrame.ForeachSetting
#19: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.StreamError.Error
#20: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls http2.Transport.NewClientConn
#21: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls http2.Transport.RoundTrip
#22: syft/file/digest_cataloger.go:95:19: file.DigestsFromFile calls io.Copy, which eventually calls http2.chunkWriter.Write
#23: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.connError.Error
#24: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.duplicatePseudoHeaderError.Error
#25: internal/version/update.go:56:2: version.fetchLatestApplicationVersion calls http2.gzipReader.Close
#26: syft/formats/formats.go:117:23: formats.Decode calls io.ReadAll, which calls http2.gzipReader.Read
#27: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.headerFieldNameError.Error
#28: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.headerFieldValueError.Error
#29: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#30: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.pseudoHeaderError.Error
#31: syft/file/digest_cataloger.go:95:19: file.DigestsFromFile calls io.Copy, which eventually calls http2.stickyErrWriter.Write
#32: internal/version/update.go:56:2: version.fetchLatestApplicationVersion calls http2.transportResponseBody.Close
#33: syft/formats/formats.go:117:23: formats.Decode calls io.ReadAll, which calls http2.transportResponseBody.Read
#34: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #6: GO-2024-2490
Path traversal in github.com/anchore/stereoscope
More info: https://pkg.go.dev/vuln/GO-2024-2490
Module: github.com/anchore/stereoscope
Found in: github.com/anchore/stereoscope@v0.0.0-20221208011002-c5ff155d72f1
Fixed in: github.com/anchore/stereoscope@v0.0.1
Example traces found:
#1: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls file.UntarToDirectory
Vulnerability #7: GO-2023-2402
Man-in-the-middle attacker can compromise integrity of secure channel in
golang.org/x/crypto
More info: https://pkg.go.dev/vuln/GO-2023-2402
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@v0.0.0-20220926161630-eccd6366d1be
Fixed in: golang.org/x/crypto@v0.17.0
Example traces found:
#1: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls ssh.Client.Dial
#2: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls ssh.Dial
#3: internal/version/update.go:56:2: version.fetchLatestApplicationVersion calls ssh.channel.Close
#4: syft/file/digest_cataloger.go:95:19: file.DigestsFromFile calls io.Copy, which eventually calls ssh.channel.Read
#5: syft/file/digest_cataloger.go:95:19: file.DigestsFromFile calls io.Copy, which eventually calls ssh.channel.Write
Vulnerability #8: GO-2023-1795
malformed proposed intoto entries can cause a panic in
github.com/sigstore/rekor
More info: https://pkg.go.dev/vuln/GO-2023-1795
Module: github.com/sigstore/rekor
Found in: github.com/sigstore/rekor@v0.12.1-0.20220915152154-4bb6f441c1b2
Fixed in: github.com/sigstore/rekor@v1.2.0
Example traces found:
#1: cmd/syft/cli/attest/attest.go:385:37: attest.uploadToTlog calls rekor.NewClient, which calls client.GetRekorClient
#2: cmd/syft/cli/attest/attest.go:385:37: attest.uploadToTlog calls rekor.NewClient, which eventually calls client.New
#3: cmd/syft/cli/attest/attest.go:385:37: attest.uploadToTlog calls rekor.NewClient, which calls client.WithUserAgent
#4: cmd/syft/cli/attest/attest.go:14:2: attest.init calls rekor.init, which calls client.init
#5: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init
#6: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls client.roundTripper.RoundTrip
#7: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.Client.CreateLogEntry
#8: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.Client.GetLogEntryByUUID
#9: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls entries.CreateLogEntryBadRequest.Error
#10: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls entries.CreateLogEntryBadRequest.String
#11: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls entries.CreateLogEntryConflict.Error
#12: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls entries.CreateLogEntryConflict.String
#13: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls entries.CreateLogEntryDefault.Error
#14: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls entries.CreateLogEntryDefault.String
#15: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.CreateLogEntryParams.SetProposedEntry
#16: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.CreateLogEntryParams.WriteToRequest
#17: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.CreateLogEntryReader.ReadResponse
#18: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls entries.GetLogEntryByUUIDDefault.Error
#19: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls entries.GetLogEntryByUUIDDefault.String
#20: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls entries.GetLogEntryByUUIDNotFound.Error
#21: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls entries.GetLogEntryByUUIDNotFound.String
#22: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.GetLogEntryByUUIDParams.SetEntryUUID
#23: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.GetLogEntryByUUIDParams.WriteToRequest
#24: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.GetLogEntryByUUIDReader.ReadResponse
#25: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which eventually calls entries.New
#26: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.NewCreateLogEntryParamsWithContext
#27: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.NewGetLogEntryByUUIDParamsWithContext
#28: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which calls entries.init
#29: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls hashedrekord.init
#30: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which eventually calls index.New
#31: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which calls index.init
#32: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls intoto.init
#33: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls log.init
#34: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls minisign.init
#35: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Alpine.MarshalJSON
#36: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Alpine.UnmarshalBinary
#37: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Cose.MarshalJSON
#38: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Cose.UnmarshalBinary
#39: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Error.UnmarshalBinary
#40: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Hashedrekord.MarshalBinary
#41: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Hashedrekord.MarshalJSON
#42: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Hashedrekord.UnmarshalBinary
#43: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Helm.MarshalJSON
#44: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Helm.UnmarshalBinary
#45: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Intoto.MarshalBinary
#46: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Intoto.MarshalJSON
#47: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Intoto.UnmarshalBinary
#48: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Jar.MarshalJSON
#49: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Jar.UnmarshalBinary
#50: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rekord.MarshalJSON
#51: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rekord.UnmarshalBinary
#52: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rfc3161.MarshalJSON
#53: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rfc3161.UnmarshalBinary
#54: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rpm.MarshalJSON
#55: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rpm.UnmarshalBinary
#56: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.SearchLogQuery.MarshalJSON
#57: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.TUF.MarshalJSON
#58: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.TUF.UnmarshalBinary
#59: cmd/syft/cli/attest/attest.go:25:2: attest.init calls models.init
#60: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls pgp.init
#61: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls pkcs7.init
#62: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls pki.init
#63: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls pubkey.Client.GetPublicKey
#64: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls pubkey.GetPublicKeyDefault.Error
#65: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls pubkey.GetPublicKeyDefault.String
#66: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls pubkey.GetPublicKeyParams.WriteToRequest
#67: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls pubkey.GetPublicKeyReader.ReadResponse
#68: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which eventually calls pubkey.New
#69: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which calls pubkey.init
#70: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls ssh.init
#71: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which eventually calls tlog.New
#72: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which calls tlog.init
#73: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls tuf.init
#74: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls types.NewProposedEntry
#75: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls types.NewSemVerEntryFactoryMap
#76: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls types.SemVerEntryFactoryMap.SetEntryFactory
#77: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls types.init
#78: cmd/syft/cli/attest/attest.go:14:2: attest.init calls rekor.init, which eventually calls util.init
#79: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls v0.init
#80: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls v0.init
#81: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls x509.init
Vulnerability #9: GO-2023-1754
Rekor's compressed archives can result in OOM conditions in
github.com/sigstore/rekor
More info: https://pkg.go.dev/vuln/GO-2023-1754
Module: github.com/sigstore/rekor
Found in: github.com/sigstore/rekor@v0.12.1-0.20220915152154-4bb6f441c1b2
Fixed in: github.com/sigstore/rekor@v1.1.1
Example traces found:
#1: cmd/syft/cli/attest/attest.go:385:37: attest.uploadToTlog calls rekor.NewClient, which calls client.GetRekorClient
#2: cmd/syft/cli/attest/attest.go:385:37: attest.uploadToTlog calls rekor.NewClient, which eventually calls client.New
#3: cmd/syft/cli/attest/attest.go:385:37: attest.uploadToTlog calls rekor.NewClient, which calls client.WithUserAgent
#4: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init
#5: cmd/syft/cli/attest/attest.go:14:2: attest.init calls rekor.init, which calls client.init
#6: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls client.roundTripper.RoundTrip
#7: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.Client.CreateLogEntry
#8: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.Client.GetLogEntryByUUID
#9: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls entries.CreateLogEntryBadRequest.Error
#10: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls entries.CreateLogEntryBadRequest.String
#11: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls entries.CreateLogEntryConflict.Error
#12: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls entries.CreateLogEntryConflict.String
#13: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls entries.CreateLogEntryDefault.Error
#14: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls entries.CreateLogEntryDefault.String
#15: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.CreateLogEntryParams.SetProposedEntry
#16: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.CreateLogEntryParams.WriteToRequest
#17: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.CreateLogEntryReader.ReadResponse
#18: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls entries.GetLogEntryByUUIDDefault.Error
#19: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls entries.GetLogEntryByUUIDDefault.String
#20: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls entries.GetLogEntryByUUIDNotFound.Error
#21: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls entries.GetLogEntryByUUIDNotFound.String
#22: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.GetLogEntryByUUIDParams.SetEntryUUID
#23: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.GetLogEntryByUUIDParams.WriteToRequest
#24: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.GetLogEntryByUUIDReader.ReadResponse
#25: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which eventually calls entries.New
#26: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.NewCreateLogEntryParamsWithContext
#27: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls entries.NewGetLogEntryByUUIDParamsWithContext
#28: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which calls entries.init
#29: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls hashedrekord.init
#30: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which eventually calls index.New
#31: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which calls index.init
#32: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls intoto.init
#33: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls log.init
#34: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls minisign.init
#35: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Alpine.MarshalJSON
#36: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Alpine.UnmarshalBinary
#37: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Cose.MarshalJSON
#38: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Cose.UnmarshalBinary
#39: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Error.UnmarshalBinary
#40: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Hashedrekord.MarshalBinary
#41: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Hashedrekord.MarshalJSON
#42: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Hashedrekord.UnmarshalBinary
#43: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Helm.MarshalJSON
#44: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Helm.UnmarshalBinary
#45: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Intoto.MarshalBinary
#46: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Intoto.MarshalJSON
#47: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Intoto.UnmarshalBinary
#48: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Jar.MarshalJSON
#49: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Jar.UnmarshalBinary
#50: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rekord.MarshalJSON
#51: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rekord.UnmarshalBinary
#52: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rfc3161.MarshalJSON
#53: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rfc3161.UnmarshalBinary
#54: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rpm.MarshalJSON
#55: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.Rpm.UnmarshalBinary
#56: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.SearchLogQuery.MarshalJSON
#57: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.TUF.MarshalJSON
#58: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls models.TUF.UnmarshalBinary
#59: cmd/syft/cli/attest/attest.go:25:2: attest.init calls models.init
#60: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls pgp.init
#61: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls pkcs7.init
#62: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls pki.init
#63: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls pubkey.Client.GetPublicKey
#64: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls pubkey.GetPublicKeyDefault.Error
#65: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls pubkey.GetPublicKeyDefault.String
#66: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls pubkey.GetPublicKeyParams.WriteToRequest
#67: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls pubkey.GetPublicKeyReader.ReadResponse
#68: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which eventually calls pubkey.New
#69: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which calls pubkey.init
#70: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls ssh.init
#71: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which eventually calls tlog.New
#72: cmd/syft/cli/attest/attest.go:24:2: attest.init calls client.init, which calls tlog.init
#73: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls tuf.init
#74: cmd/syft/cli/attest/attest.go:320:44: attest.uploadAttestation calls cosign.TLogUploadInTotoAttestation, which eventually calls types.NewProposedEntry
#75: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls types.NewSemVerEntryFactoryMap
#76: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls types.SemVerEntryFactoryMap.SetEntryFactory
#77: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls types.init
#78: cmd/syft/cli/attest/attest.go:14:2: attest.init calls rekor.init, which eventually calls util.init
#79: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls v0.init
#80: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which calls v0.init
#81: cmd/syft/cli/attest/attest.go:16:2: attest.init calls cosign.init, which eventually calls x509.init
Vulnerability #10: GO-2023-1701
Docker Swarm encrypted overlay network with a single endpoint is
unauthenticated in github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2023-1701
Module: github.com/docker/docker
Found in: github.com/docker/docker@v20.10.17+incompatible
Fixed in: github.com/docker/docker@v20.10.24+incompatible
Example traces found:
#1: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls api.init
#2: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls blkiodev.init
#3: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls client.CheckRedirect
#4: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImageInspectWithRaw
#5: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImagePull
#6: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImageSave
#7: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which calls client.Client.Ping
#8: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.IsErrNotFound
#9: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.NewClientWithOpts
#10: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithAPIVersionNegotiation
#11: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithDialContext
#12: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithHost
#13: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls client.errConnectionFailed.Error
#14: ui/event_handlers.go:19:2: ui.init calls docker.init, which calls client.init
#15: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls client.objectNotFoundError.Error
#16: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls container.init
#17: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls errdefs.FromStatusCode
#18: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.IsNotFound
#19: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.IsUnauthorized
#20: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.NotImplemented
#21: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errConflict.Unwrap
#22: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errForbidden.Unwrap
#23: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errInvalidParameter.Unwrap
#24: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotFound.Unwrap
#25: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotImplemented.Unwrap
#26: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotModified.Unwrap
#27: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errSystem.Unwrap
#28: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnauthorized.Unwrap
#29: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnavailable.Unwrap
#30: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnknown.Unwrap
#31: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls errdefs.init
#32: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls events.init
#33: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls filters.init
#34: syft/source/all_layers_resolver.go:10:2: source.init calls image.init, which eventually calls homedir.Get
#35: cmd/syft/cli/commands.go:7:2: cli.init calls cmd.init, which eventually calls homedir.init
#36: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls image.init
#37: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls mount.init
#38: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls network.init
#39: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls registry.init
#40: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls runtime.init
#41: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls strslice.init
#42: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls swarm.init
#43: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls time.init
#44: ui/event_handlers.go:19:2: ui.init calls docker.init, which calls types.init
#45: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls versions.GreaterThan
#46: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls versions.LessThan
#47: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls versions.init
#48: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls volume.init
Vulnerability #11: GO-2023-1700
Docker Swarm encrypted overlay network traffic may be unencrypted in
github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2023-1700
Module: github.com/docker/docker
Found in: github.com/docker/docker@v20.10.17+incompatible
Fixed in: github.com/docker/docker@v20.10.24+incompatible
Example traces found:
#1: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls api.init
#2: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls blkiodev.init
#3: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls client.CheckRedirect
#4: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImageInspectWithRaw
#5: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImagePull
#6: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImageSave
#7: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which calls client.Client.Ping
#8: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.IsErrNotFound
#9: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.NewClientWithOpts
#10: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithAPIVersionNegotiation
#11: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithDialContext
#12: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithHost
#13: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls client.errConnectionFailed.Error
#14: ui/event_handlers.go:19:2: ui.init calls docker.init, which calls client.init
#15: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls client.objectNotFoundError.Error
#16: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls container.init
#17: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls errdefs.FromStatusCode
#18: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.IsNotFound
#19: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.IsUnauthorized
#20: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.NotImplemented
#21: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errConflict.Unwrap
#22: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errForbidden.Unwrap
#23: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errInvalidParameter.Unwrap
#24: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotFound.Unwrap
#25: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotImplemented.Unwrap
#26: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotModified.Unwrap
#27: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errSystem.Unwrap
#28: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnauthorized.Unwrap
#29: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnavailable.Unwrap
#30: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnknown.Unwrap
#31: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls errdefs.init
#32: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls events.init
#33: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls filters.init
#34: syft/source/all_layers_resolver.go:10:2: source.init calls image.init, which eventually calls homedir.Get
#35: cmd/syft/cli/commands.go:7:2: cli.init calls cmd.init, which eventually calls homedir.init
#36: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls image.init
#37: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls mount.init
#38: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls network.init
#39: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls registry.init
#40: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls runtime.init
#41: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls strslice.init
#42: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls swarm.init
#43: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls time.init
#44: ui/event_handlers.go:19:2: ui.init calls docker.init, which calls types.init
#45: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls versions.GreaterThan
#46: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls versions.LessThan
#47: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls versions.init
#48: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls volume.init
Vulnerability #12: GO-2023-1699
Docker Swarm encrypted overlay network may be unauthenticated in
github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2023-1699
Module: github.com/docker/docker
Found in: github.com/docker/docker@v20.10.17+incompatible
Fixed in: github.com/docker/docker@v20.10.24+incompatible
Example traces found:
#1: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls api.init
#2: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls blkiodev.init
#3: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls client.CheckRedirect
#4: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImageInspectWithRaw
#5: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImagePull
#6: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImageSave
#7: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which calls client.Client.Ping
#8: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.IsErrNotFound
#9: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.NewClientWithOpts
#10: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithAPIVersionNegotiation
#11: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithDialContext
#12: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithHost
#13: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls client.errConnectionFailed.Error
#14: ui/event_handlers.go:19:2: ui.init calls docker.init, which calls client.init
#15: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls client.objectNotFoundError.Error
#16: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls container.init
#17: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls errdefs.FromStatusCode
#18: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.IsNotFound
#19: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.IsUnauthorized
#20: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.NotImplemented
#21: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errConflict.Unwrap
#22: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errForbidden.Unwrap
#23: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errInvalidParameter.Unwrap
#24: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotFound.Unwrap
#25: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotImplemented.Unwrap
#26: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotModified.Unwrap
#27: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errSystem.Unwrap
#28: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnauthorized.Unwrap
#29: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnavailable.Unwrap
#30: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnknown.Unwrap
#31: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls errdefs.init
#32: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls events.init
#33: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls filters.init
#34: syft/source/all_layers_resolver.go:10:2: source.init calls image.init, which eventually calls homedir.Get
#35: cmd/syft/cli/commands.go:7:2: cli.init calls cmd.init, which eventually calls homedir.init
#36: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls image.init
#37: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls mount.init
#38: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls network.init
#39: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls registry.init
#40: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls runtime.init
#41: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls strslice.init
#42: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls swarm.init
#43: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls time.init
#44: ui/event_handlers.go:19:2: ui.init calls docker.init, which calls types.init
#45: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls versions.GreaterThan
#46: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls versions.LessThan
#47: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls versions.init
#48: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls volume.init
Vulnerability #13: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20221012135044-0b7e1fb9d458
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: internal/version/update.go:56:2: version.fetchLatestApplicationVersion calls http2.transportResponseBody.Close, which eventually calls hpack.Decoder.Write
#2: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.ConfigureTransports
#3: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.ConnectionError.Error
#4: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#5: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#6: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.FrameType.String
#7: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.ReadFrame
#8: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteContinuation
#9: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteData
#10: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteHeaders
#11: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WritePing
#12: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteRSTStream
#13: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteSettings
#14: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteSettingsAck
#15: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.Framer.WriteWindowUpdate
#16: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.GoAwayError.Error
#17: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.Setting.String
#18: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.SettingID.String
#19: cmd/syft/cli/attest/attest.go:98:35: attest.Run calls sign.SignerFromKeyOpts, which eventually calls http2.SettingsFrame.ForeachSetting
#20: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.StreamError.Error
#21: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls http2.Transport.NewClientConn
#22: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls http2.Transport.RoundTrip
#23: syft/file/digest_cataloger.go:95:19: file.DigestsFromFile calls io.Copy, which eventually calls http2.chunkWriter.Write
#24: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.connError.Error
#25: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.duplicatePseudoHeaderError.Error
#26: internal/version/update.go:56:2: version.fetchLatestApplicationVersion calls http2.gzipReader.Close
#27: syft/formats/formats.go:117:23: formats.Decode calls io.ReadAll, which calls http2.gzipReader.Read
#28: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.headerFieldNameError.Error
#29: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.headerFieldValueError.Error
#30: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#31: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls http2.pseudoHeaderError.Error
#32: syft/file/digest_cataloger.go:95:19: file.DigestsFromFile calls io.Copy, which eventually calls http2.stickyErrWriter.Write
#33: internal/version/update.go:56:2: version.fetchLatestApplicationVersion calls http2.transportResponseBody.Close
#34: syft/formats/formats.go:117:23: formats.Decode calls io.ReadAll, which calls http2.transportResponseBody.Read
#35: syft/source/directory_resolver.go:324:20: source.directoryResolver.String calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #14: GO-2022-1107
Container build can leak any path on the host into the container in
github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2022-1107
Module: github.com/docker/docker
Found in: github.com/docker/docker@v20.10.17+incompatible
Fixed in: github.com/docker/docker@v20.10.20+incompatible
Example traces found:
#1: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls api.init
#2: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls blkiodev.init
#3: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls client.CheckRedirect
#4: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImageInspectWithRaw
#5: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImagePull
#6: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImageSave
#7: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which calls client.Client.Ping
#8: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.IsErrNotFound
#9: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.NewClientWithOpts
#10: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithAPIVersionNegotiation
#11: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithDialContext
#12: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithHost
#13: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls client.errConnectionFailed.Error
#14: ui/event_handlers.go:19:2: ui.init calls docker.init, which calls client.init
#15: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls client.objectNotFoundError.Error
#16: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls container.init
#17: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls errdefs.FromStatusCode
#18: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.IsNotFound
#19: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.IsUnauthorized
#20: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.NotImplemented
#21: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errConflict.Unwrap
#22: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errForbidden.Unwrap
#23: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errInvalidParameter.Unwrap
#24: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotFound.Unwrap
#25: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotImplemented.Unwrap
#26: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotModified.Unwrap
#27: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errSystem.Unwrap
#28: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnauthorized.Unwrap
#29: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnavailable.Unwrap
#30: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnknown.Unwrap
#31: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls errdefs.init
#32: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls events.init
#33: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls filters.init
#34: syft/source/all_layers_resolver.go:10:2: source.init calls image.init, which eventually calls homedir.Get
#35: cmd/syft/cli/commands.go:7:2: cli.init calls cmd.init, which eventually calls homedir.init
#36: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls image.init
#37: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls mount.init
#38: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls network.init
#39: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls registry.init
#40: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls runtime.init
#41: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls strslice.init
#42: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls swarm.init
#43: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls time.init
#44: ui/event_handlers.go:19:2: ui.init calls docker.init, which calls types.init
#45: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls versions.GreaterThan
#46: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls versions.LessThan
#47: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls versions.init
#48: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls volume.init
Vulnerability #15: GO-2022-0985
Docker supplementary group permissions not set up properly, allowing
attackers to bypass primary group restrictions in github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2022-0985
Module: github.com/docker/docker
Found in: github.com/docker/docker@v20.10.17+incompatible
Fixed in: github.com/docker/docker@v20.10.18+incompatible
Example traces found:
#1: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls api.init
#2: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls blkiodev.init
#3: internal/version/update.go:52:24: version.fetchLatestApplicationVersion calls http.Client.Do, which eventually calls client.CheckRedirect
#4: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImageInspectWithRaw
#5: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImagePull
#6: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.Client.ImageSave
#7: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which calls client.Client.Ping
#8: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls client.IsErrNotFound
#9: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.NewClientWithOpts
#10: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithAPIVersionNegotiation
#11: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithDialContext
#12: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls client.WithHost
#13: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls client.errConnectionFailed.Error
#14: ui/event_handlers.go:19:2: ui.init calls docker.init, which calls client.init
#15: cmd/syft/main.go:15:23: syft.main calls cobra.Command.Execute, which eventually calls client.objectNotFoundError.Error
#16: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls container.init
#17: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls errdefs.FromStatusCode
#18: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.IsNotFound
#19: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.IsUnauthorized
#20: syft/source/source.go:171:44: source.getImageWithRetryStrategy calls stereoscope.GetImageFromSource, which eventually calls errdefs.NotImplemented
#21: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errConflict.Unwrap
#22: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errForbidden.Unwrap
#23: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errInvalidParameter.Unwrap
#24: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotFound.Unwrap
#25: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotImplemented.Unwrap
#26: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errNotModified.Unwrap
#27: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errSystem.Unwrap
#28: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnauthorized.Unwrap
#29: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnavailable.Unwrap
#30: syft/source/directory_resolver.go:356:17: source.directoryResolver.FilesByPath calls errors.As, which eventually calls errdefs.errUnknown.Unwrap
#31: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls errdefs.init
#32: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls events.init
#33: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls filters.init
#34: syft/source/all_layers_resolver.go:10:2: source.init calls image.init, which eventually calls homedir.Get
#35: cmd/syft/cli/commands.go:7:2: cli.init calls cmd.init, which eventually calls homedir.init
#36: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls image.init
#37: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls mount.init
#38: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls network.init
#39: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls registry.init
#40: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls runtime.init
#41: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls strslice.init
#42: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls swarm.init
#43: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls time.init
#44: ui/event_handlers.go:19:2: ui.init calls docker.init, which calls types.init
#45: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls versions.GreaterThan
#46: syft/source/source.go:72:64: source.ParseInputWithName calls image.DetermineDefaultImagePullSource, which eventually calls versions.LessThan
#47: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls versions.init
#48: ui/event_handlers.go:19:2: ui.init calls docker.init, which eventually calls volume.init
Your code is affected by 15 vulnerabilities from 8 modules.
This scan also found 11 vulnerabilities in packages you import and 6
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
filesystems/kubo
=== Symbol Results ===
Vulnerability #1: GO-2024-3302
ICMP Packet Too Large Injection Attack on Linux in
github.com/quic-go/quic-go
More info: https://pkg.go.dev/vuln/GO-2024-3302
Module: github.com/quic-go/quic-go
Found in: github.com/quic-go/quic-go@v0.38.1
Fixed in: github.com/quic-go/quic-go@v0.48.2
Platforms: linux
Example traces found:
#1: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls quic.StreamError.Error
#2: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.connMultiplexer.RemoveConn
#3: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.oobConn.ReadPacket
#4: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.packetHandlerMap.Close
#5: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.packetHandlerMap.GetStatelessResetToken
#6: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.receiveStream.CancelRead
#7: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which calls quic.receiveStream.Read
#8: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.sendStream.CancelWrite
#9: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.sendStream.Write
#10: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.setDF
#11: test/cli/harness/nodes.go:23:11: harness.Nodes.ForEachPar calls errgroup.Group.Go, which eventually calls quic.stream.Close
Vulnerability #2: GO-2024-3218
Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT
abuse in github.com/libp2p/go-libp2p-kad-dht
More info: https://pkg.go.dev/vuln/GO-2024-3218
Module: github.com/libp2p/go-libp2p-kad-dht
Found in: github.com/libp2p/go-libp2p-kad-dht@v0.24.4
Fixed in: N/A
Example traces found:
#1: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which calls config.Config.Apply
#2: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which calls config.Config.ApplyFallbacks
#3: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which calls config.Config.Validate
#4: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer, which eventually calls config.EmptyQueryFilter
#5: routing/delegated.go:317:16: routing.createDHT calls libp2p.New, which eventually calls config.EmptyRTFilter
#6: routing/composer.go:104:41: routing.Composer.SearchValue calls fullrt.FullRT.SearchValue, which calls config.GetQuorum
#7: routing/delegated.go:18:2: routing.init calls fullrt.init, which calls config.init
#8: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls crawler.DefaultCrawler.Run
#9: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which calls crawler.NewDefaultCrawler
#10: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which calls crawler.WithParallelism
#11: routing/delegated.go:18:2: routing.init calls fullrt.init, which calls crawler.init
#12: routing/composer.go:30:32: routing.Composer.Provide calls libp2p.IpfsDHT.Provide, which eventually calls crawler.messageSender.SendMessage
#13: routing/composer.go:84:34: routing.Composer.PutValue calls libp2p.IpfsDHT.PutValue, which eventually calls crawler.messageSender.SendRequest
#14: routing/composer.go:122:38: routing.Composer.Bootstrap calls libp2p.composableParallel.Bootstrap, which eventually calls dual.DHT.Bootstrap
#15: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.composableParallel.FindPeer, which eventually calls dual.DHT.FindPeer
#16: routing/composer.go:70:49: routing.Composer.FindProvidersAsync calls libp2p.composableParallel.FindProvidersAsync, which eventually calls dual.DHT.FindProvidersAsync
#17: routing/composer.go:94:39: routing.Composer.GetValue calls libp2p.composableParallel.GetValue, which eventually calls dual.DHT.GetValue
#18: routing/composer.go:122:38: routing.Composer.Bootstrap calls libp2p.composableParallel.Bootstrap, which eventually calls dual.DHT.Provide
#19: routing/composer.go:122:38: routing.Composer.Bootstrap calls libp2p.composableParallel.Bootstrap, which eventually calls dual.DHT.PutValue
#20: routing/composer.go:104:41: routing.Composer.SearchValue calls libp2p.composableParallel.SearchValue, which eventually calls dual.DHT.SearchValue
#21: core/commands/dht.go:123:24: commands.init calls dual.DHT.WANActive
#22: routing/delegated.go:17:2: routing.init calls dual.init
#23: routing/delegated.go:325:19: routing.createFullRT calls fullrt.DHTOption
#24: routing/composer.go:122:38: routing.Composer.Bootstrap calls fullrt.FullRT.Bootstrap
#25: routing/composer.go:75:41: routing.Composer.FindPeer calls fullrt.FullRT.FindPeer
#26: routing/composer.go:70:49: routing.Composer.FindProvidersAsync calls fullrt.FullRT.FindProvidersAsync
#27: routing/composer.go:94:39: routing.Composer.GetValue calls fullrt.FullRT.GetValue
#28: routing/delegated.go:317:16: routing.createDHT calls libp2p.New, which eventually calls fullrt.FullRT.Host
#29: routing/composer.go:30:32: routing.Composer.Provide calls fullrt.FullRT.Provide
#30: routing/composer.go:46:24: routing.Composer.ProvideMany calls fullrt.FullRT.ProvideMany
#31: routing/composer.go:84:34: routing.Composer.PutValue calls fullrt.FullRT.PutValue
#32: routing/composer.go:61:20: routing.Composer.Ready calls fullrt.FullRT.Ready
#33: routing/composer.go:104:41: routing.Composer.SearchValue calls fullrt.FullRT.SearchValue
#34: core/commands/stat_dht.go:88:28: commands.init calls fullrt.FullRT.Stat
#35: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT
#36: routing/delegated.go:18:2: routing.init calls fullrt.init
#37: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls fullrt.runCrawler
#38: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls fullrt.runCrawler
#39: routing/composer.go:84:34: routing.Composer.PutValue calls libp2p.IpfsDHT.PutValue, which eventually calls internal.CtxMutex.Lock
#40: routing/composer.go:84:34: routing.Composer.PutValue calls libp2p.IpfsDHT.PutValue, which eventually calls internal.CtxMutex.Unlock
#41: routing/composer.go:75:41: routing.Composer.FindPeer calls fullrt.FullRT.FindPeer, which eventually calls internal.KeyAsAttribute
#42: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls internal.LoggableProviderRecordBytes.String
#43: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls internal.LoggableRecordKeyBytes.String
#44: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls internal.LoggableRecordKeyString.String
#45: routing/composer.go:84:34: routing.Composer.PutValue calls libp2p.IpfsDHT.PutValue, which eventually calls internal.NewCtxMutex
#46: routing/composer.go:70:49: routing.Composer.FindProvidersAsync calls fullrt.FullRT.FindProvidersAsync, which eventually calls internal.StartSpan
#47: routing/delegated.go:18:2: routing.init calls fullrt.init, which calls internal.init
#48: routing/delegated.go:315:21: routing.createDHT calls libp2p.BootstrapPeers
#49: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which calls libp2p.BootstrapPeers
#50: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.BootstrapPeers
#51: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.BucketSize
#52: routing/delegated.go:329:18: routing.createFullRT calls libp2p.BucketSize
#53: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.Concurrency
#54: routing/delegated.go:311:18: routing.createDHT calls libp2p.Concurrency
#55: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.Datastore
#56: routing/delegated.go:313:16: routing.createDHT calls libp2p.Datastore
#57: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.EnableOptimisticProvide
#58: routing/composer.go:122:38: routing.Composer.Bootstrap calls libp2p.IpfsDHT.Bootstrap
#59: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer
#60: routing/composer.go:70:49: routing.Composer.FindProvidersAsync calls libp2p.IpfsDHT.FindProvidersAsync
#61: core/commands/dht.go:135:43: commands.init calls libp2p.IpfsDHT.GetClosestPeers
#62: routing/composer.go:94:39: routing.Composer.GetValue calls libp2p.IpfsDHT.GetValue
#63: routing/composer.go:30:32: routing.Composer.Provide calls libp2p.IpfsDHT.Provide
#64: routing/composer.go:84:34: routing.Composer.PutValue calls libp2p.IpfsDHT.PutValue
#65: core/commands/stat_dht.go:133:26: commands.init calls libp2p.IpfsDHT.RoutingTable
#66: routing/composer.go:104:41: routing.Composer.SearchValue calls libp2p.IpfsDHT.SearchValue
#67: routing/composer.go:70:49: routing.Composer.FindProvidersAsync calls fullrt.FullRT.FindProvidersAsync, which eventually calls libp2p.LookupTerminationReason.String
#68: routing/delegated.go:312:11: routing.createDHT calls libp2p.Mode
#69: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.Mode
#70: routing/delegated.go:317:16: routing.createDHT calls libp2p.New
#71: routing/delegated.go:303:68: routing.createDHT calls libp2p.NewRTPeerDiversityFilter
#72: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.OptimisticProvideJobsPoolSize
#73: routing/delegated.go:305:44: routing.createDHT calls libp2p.ProtocolExtension
#74: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.ProtocolExtension
#75: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.PublicRoutingTableFilter
#76: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.QueryFilter
#77: routing/delegated.go:301:38: routing.createDHT calls libp2p.QueryFilter
#78: routing/composer.go:104:41: routing.Composer.SearchValue calls fullrt.FullRT.SearchValue, which eventually calls libp2p.Quorum
#79: routing/composer.go:94:39: routing.Composer.GetValue calls fullrt.FullRT.GetValue, which calls libp2p.Quorum
#80: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.RoutingTableFilter
#81: routing/delegated.go:302:26: routing.createDHT calls libp2p.RoutingTableFilter
#82: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.RoutingTablePeerDiversityFilter
#83: routing/delegated.go:303:39: routing.createDHT calls libp2p.RoutingTablePeerDiversityFilter
#84: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which eventually calls libp2p.Validator
#85: routing/delegated.go:314:16: routing.createDHT calls libp2p.Validator
#86: routing/delegated.go:16:2: routing.init calls libp2p.init
#87: test/cli/harness/node.go:473:20: harness.Node.SwarmAddrsWithoutPeerIDs calls multiaddr.ForEach, which calls libp2p.isRelayAddr
#88: routing/composer.go:84:34: routing.Composer.PutValue calls libp2p.IpfsDHT.PutValue, which eventually calls metrics.UpsertMessageType
#89: routing/delegated.go:16:2: routing.init calls libp2p.init, which calls metrics.init
#90: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which calls net.NewMessageSenderImpl
#91: routing/delegated.go:18:2: routing.init calls fullrt.init, which calls net.init
#92: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls multierr.multiError.Error, which eventually calls net.init
#93: routing/delegated.go:317:16: routing.createDHT calls libp2p.New, which eventually calls net.messageSenderImpl.OnDisconnect
#94: routing/composer.go:30:32: routing.Composer.Provide calls libp2p.IpfsDHT.Provide, which eventually calls net.messageSenderImpl.SendMessage
#95: routing/composer.go:84:34: routing.Composer.PutValue calls libp2p.IpfsDHT.PutValue, which eventually calls net.messageSenderImpl.SendRequest
#96: routing/composer.go:30:32: routing.Composer.Provide calls libp2p.IpfsDHT.Provide, which eventually calls netsize.Estimator.NetworkSize
#97: routing/composer.go:30:32: routing.Composer.Provide calls libp2p.IpfsDHT.Provide, which eventually calls netsize.Estimator.Track
#98: routing/delegated.go:317:16: routing.createDHT calls libp2p.New, which eventually calls netsize.NewEstimator
#99: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer, which eventually calls netsize.NormedDistance
#100: tracing/tracing.go:32:44: tracing.NewTracerProvider calls tracing.NewSpanExporters, which eventually calls netsize.Track
#101: tracing/tracing.go:32:44: tracing.NewTracerProvider calls tracing.NewSpanExporters, which eventually calls netsize.garbageCollect
#102: routing/delegated.go:16:2: routing.init calls libp2p.init, which calls netsize.init
#103: core/coreunix/metadata.go:22:35: coreunix.AddMetadataTo calls unixfs.BytesForMetadata, which eventually calls pb.Message.Marshal
#104: routing/composer.go:46:24: routing.Composer.ProvideMany calls fullrt.FullRT.ProvideMany, which eventually calls pb.Message.MarshalTo
#105: core/coreunix/metadata.go:56:29: coreunix.Metadata calls unixfs.MetadataFromBytes, which eventually calls pb.Message.Reset
#106: routing/composer.go:46:24: routing.Composer.ProvideMany calls fullrt.FullRT.ProvideMany, which eventually calls pb.Message.Size
#107: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls pb.Message.String
#108: core/coreunix/metadata.go:56:29: coreunix.Metadata calls unixfs.MetadataFromBytes, which eventually calls pb.Message.Unmarshal
#109: core/coreunix/metadata.go:22:35: coreunix.AddMetadataTo calls unixfs.BytesForMetadata, which eventually calls pb.Message.XXX_Marshal
#110: core/coreunix/metadata.go:22:35: coreunix.AddMetadataTo calls unixfs.BytesForMetadata, which eventually calls pb.Message.XXX_Size
#111: core/coreunix/metadata.go:56:29: coreunix.Metadata calls unixfs.MetadataFromBytes, which eventually calls pb.Message.XXX_Unmarshal
#112: routing/composer.go:46:24: routing.Composer.ProvideMany calls fullrt.FullRT.ProvideMany, which eventually calls pb.Message_MessageType.String
#113: routing/composer.go:46:24: routing.Composer.ProvideMany calls fullrt.FullRT.ProvideMany, which eventually calls pb.NewMessage
#114: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which calls pb.NewProtocolMessenger
#115: routing/composer.go:75:41: routing.Composer.FindPeer calls fullrt.FullRT.FindPeer, which eventually calls pb.ProtocolMessenger.GetClosestPeers
#116: routing/composer.go:75:41: routing.Composer.FindPeer calls fullrt.FullRT.FindPeer, which eventually calls pb.ProtocolMessenger.GetProviders
#117: routing/composer.go:75:41: routing.Composer.FindPeer calls fullrt.FullRT.FindPeer, which eventually calls pb.ProtocolMessenger.GetValue
#118: routing/composer.go:30:32: routing.Composer.Provide calls libp2p.IpfsDHT.Provide, which eventually calls pb.ProtocolMessenger.PutProvider
#119: routing/composer.go:84:34: routing.Composer.PutValue calls libp2p.IpfsDHT.PutValue, which eventually calls pb.ProtocolMessenger.PutValue
#120: routing/composer.go:46:24: routing.Composer.ProvideMany calls fullrt.FullRT.ProvideMany, which calls pb.RawPeerInfosToPBPeers
#121: routing/delegated.go:18:2: routing.init calls fullrt.init, which calls pb.init
#122: routing/delegated.go:323:25: routing.createFullRT calls fullrt.NewFullRT, which calls providers.NewProviderManager
#123: routing/composer.go:30:32: routing.Composer.Provide calls fullrt.FullRT.Provide, which calls providers.ProviderManager.AddProvider
#124: test/cli/harness/run.go:83:20: harness.Runner.Run calls exec.Cmd.Start, which eventually calls providers.ProviderManager.Close
#125: routing/composer.go:70:49: routing.Composer.FindProvidersAsync calls fullrt.FullRT.FindProvidersAsync, which eventually calls providers.ProviderManager.GetProviders
#126: routing/delegated.go:18:2: routing.init calls fullrt.init, which calls providers.init
#127: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer, which eventually calls qpeerset.NewQueryPeerset
#128: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer, which eventually calls qpeerset.QueryPeerset.GetClosestInStates
#129: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer, which eventually calls qpeerset.QueryPeerset.GetClosestNInStates
#130: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer, which eventually calls qpeerset.QueryPeerset.GetReferrer
#131: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer, which eventually calls qpeerset.QueryPeerset.GetState
#132: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer, which eventually calls qpeerset.QueryPeerset.NumHeard
#133: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer, which eventually calls qpeerset.QueryPeerset.NumWaiting
#134: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer, which eventually calls qpeerset.QueryPeerset.SetState
#135: routing/composer.go:75:41: routing.Composer.FindPeer calls libp2p.IpfsDHT.FindPeer, which eventually calls qpeerset.QueryPeerset.TryAdd
#136: routing/delegated.go:16:2: routing.init calls libp2p.init, which calls qpeerset.init
#137: repo/fsrepo/migrations/versions.go:64:12: migrations.DistVersions calls sort.Sort, which calls qpeerset.sortedQueryPeerset.Len
#138: repo/fsrepo/migrations/versions.go:64:12: migrations.DistVersions calls sort.Sort, which eventually calls qpeerset.sortedQueryPeerset.Less
#139: repo/fsrepo/migrations/versions.go:64:12: migrations.DistVersions calls sort.Sort, which eventually calls qpeerset.sortedQueryPeerset.Swap
#140: routing/delegated.go:317:16: routing.createDHT calls libp2p.New, which eventually calls rtrefresh.NewRtRefreshManager
#141: test/cli/harness/run.go:83:20: harness.Runner.Run calls exec.Cmd.Start, which eventually calls rtrefresh.RtRefreshManager.Close
#142: routing/composer.go:122:38: routing.Composer.Bootstrap calls libp2p.IpfsDHT.Bootstrap, which calls rtrefresh.RtRefreshManager.RefreshNoWait
#143: routing/delegated.go:317:16: routing.createDHT calls libp2p.New, which calls rtrefresh.RtRefreshManager.Start
#144: routing/delegated.go:16:2: routing.init calls libp2p.init, which calls rtrefresh.init
#145: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls rtrefresh.loggableRawKeyString.String
Vulnerability #3: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.14.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls http2.ConnectionError.Error
#2: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls http2.ErrCode.String
#3: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls http2.FrameHeader.String
#4: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls http2.FrameType.String
#5: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls http2.Framer.ReadFrame
#6: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteContinuation
#7: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteData
#8: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteHeaders
#9: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls http2.Framer.WritePing
#10: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteRSTStream
#11: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteSettings
#12: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteSettingsAck
#13: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteWindowUpdate
#14: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls http2.GoAwayError.Error
#15: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls http2.Setting.String
#16: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls http2.SettingID.String
#17: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls http2.SettingsFrame.ForeachSetting
#18: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls http2.StreamError.Error
#19: core/commands/get.go:277:18: commands.identityWriteCloser.Write calls bufio.Writer.Write, which calls http2.chunkWriter.Write
#20: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls http2.connError.Error
#21: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls http2.duplicatePseudoHeaderError.Error
#22: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:134:2: ipfsfetcher.IpfsFetcher.Fetch calls http2.gzipReader.Close
#23: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http2.gzipReader.Read
#24: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls http2.headerFieldNameError.Error
#25: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls http2.headerFieldValueError.Error
#26: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls http2.pseudoHeaderError.Error
#27: core/commands/get.go:277:18: commands.identityWriteCloser.Write calls bufio.Writer.Write, which calls http2.stickyErrWriter.Write
#28: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:134:2: ipfsfetcher.IpfsFetcher.Fetch calls http2.transportResponseBody.Close
#29: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http2.transportResponseBody.Read
#30: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls http2.writeData.String
Vulnerability #4: GO-2024-2682
Denial of service via connection starvation in github.com/quic-go/quic-go
More info: https://pkg.go.dev/vuln/GO-2024-2682
Module: github.com/quic-go/quic-go
Found in: github.com/quic-go/quic-go@v0.38.1
Fixed in: github.com/quic-go/quic-go@v0.42.0
Example traces found:
#1: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.receiveStream.CancelRead
#2: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which calls quic.receiveStream.Read
#3: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.sendStream.CancelWrite
Vulnerability #5: GO-2024-2459
Denial of service via path validation in github.com/quic-go/quic-go
More info: https://pkg.go.dev/vuln/GO-2024-2459
Module: github.com/quic-go/quic-go
Found in: github.com/quic-go/quic-go@v0.38.1
Fixed in: github.com/quic-go/quic-go@v0.38.2
Example traces found:
#1: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls ackhandler.SendMode.String
#2: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls ackhandler.init
#3: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls multierr.multiError.Error, which eventually calls ackhandler.init
#4: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls congestion.init
#5: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls flowcontrol.init
#6: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls flowcontrol.streamFlowController.Abandon
#7: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls flowcontrol.streamFlowController.AddBytesRead
#8: core/commands/pin/pin.go:748:14: pin.PinVerifyRes.Format calls fmt.Fprintf, which eventually calls handshake.addConnToClientHelloInfo
#9: core/commands/pin/pin.go:748:14: pin.PinVerifyRes.Format calls fmt.Fprintf, which eventually calls handshake.addConnToClientHelloInfo
#10: core/commands/pin/pin.go:748:14: pin.PinVerifyRes.Format calls fmt.Fprintf, which eventually calls handshake.cryptoSetup.accept0RTT
#11: core/commands/pin/pin.go:748:14: pin.PinVerifyRes.Format calls fmt.Fprintf, which eventually calls handshake.cryptoSetup.getDataForSessionTicket
#12: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls handshake.cryptoSetup.handleDataFromSessionState
#13: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls handshake.cryptoSetup.marshalDataForSessionState
#14: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls handshake.init
#15: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls http3.WriteCapsule
#16: repo/fsrepo/fsrepo.go:746:19: fsrepo.FSRepo.SwarmKey calls io.ReadAll, which calls http3.exactReader.Read
#17: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which calls http3.init
#18: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls linkedlist.List[github.com/quic-go/quic-go.byteInterval].Front[github.com/quic-go/quic-go.byteInterval]
#19: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls linkedlist.NewPool[github.com/quic-go/quic-go.byteInterval]
#20: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls multierr.multiError.Error, which eventually calls linkedlist.NewPool[github.com/quic-go/quic-go.byteInterval]
#21: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls multierr.multiError.Error, which eventually calls linkedlist.NewPool[github.com/quic-go/quic-go/internal/ackhandler.interval]
#22: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls linkedlist.NewPool[github.com/quic-go/quic-go/internal/ackhandler.interval]
#23: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls linkedlist.init
#24: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls logging.connTracerMultiplexer.DroppedPacket
#25: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls logging.init
#26: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls logutils.init
#27: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls protocol.ConnectionID.Bytes
#28: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls protocol.ConnectionID.String
#29: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls protocol.ECN.String
#30: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls protocol.EncryptionLevel.String
#31: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls protocol.KeyPhaseBit.String
#32: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls protocol.PacketType.String
#33: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls protocol.ParseConnectionID
#34: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls protocol.Perspective.Opposite
#35: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls protocol.ReadConnectionID
#36: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls protocol.StreamID.InitiatedBy
#37: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls protocol.StreamID.StreamNum
#38: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls protocol.StreamID.Type
#39: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls protocol.StreamNum.StreamID
#40: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls protocol.VersionNumber.String
#41: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls protocol.init
#42: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls qerr.ApplicationError.Error
#43: test/cli/harness/node.go:545:17: harness.Node.GatewayURL calls errors.Is, which eventually calls qerr.ApplicationError.Is
#44: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls qerr.HandshakeTimeoutError.Error
#45: test/cli/harness/node.go:545:17: harness.Node.GatewayURL calls errors.Is, which eventually calls qerr.HandshakeTimeoutError.Is
#46: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls qerr.HandshakeTimeoutError.Temporary
#47: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls qerr.HandshakeTimeoutError.Timeout
#48: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls qerr.IdleTimeoutError.Error
#49: test/cli/harness/node.go:545:17: harness.Node.GatewayURL calls errors.Is, which eventually calls qerr.IdleTimeoutError.Is
#50: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls qerr.IdleTimeoutError.Temporary
#51: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls qerr.IdleTimeoutError.Timeout
#52: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls qerr.StatelessResetError.Error
#53: test/cli/harness/node.go:545:17: harness.Node.GatewayURL calls errors.Is, which eventually calls qerr.StatelessResetError.Is
#54: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls qerr.StatelessResetError.Temporary
#55: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls qerr.StatelessResetError.Timeout
#56: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls qerr.TransportError.Error
#57: test/cli/harness/node.go:545:17: harness.Node.GatewayURL calls errors.Is, which eventually calls qerr.TransportError.Is
#58: test/cli/harness/node.go:545:17: harness.Node.GatewayURL calls errors.Is, which eventually calls qerr.TransportError.Unwrap
#59: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls qerr.VersionNegotiationError.Error
#60: test/cli/harness/node.go:545:17: harness.Node.GatewayURL calls errors.Is, which eventually calls qerr.VersionNegotiationError.Is
#61: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls qerr.init
#62: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls qlog.connectionTracer.DroppedPacket
#63: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls qlog.init
#64: core/commands/pin/pin.go:748:14: pin.PinVerifyRes.Format calls fmt.Fprintf, which eventually calls qtls.SetupConfigForServer
#65: core/commands/pin/pin.go:748:14: pin.PinVerifyRes.Format calls fmt.Fprintf, which eventually calls qtls.SetupConfigForServer
#66: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls qtls.clientSessionCache.Get
#67: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls qtls.clientSessionCache.Put
#68: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls qtls.init
#69: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.ReadPacket
#70: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.ReadPacket
#71: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls quic.StreamError.Error
#72: test/cli/harness/node.go:545:17: harness.Node.GatewayURL calls errors.Is, which eventually calls quic.StreamError.Is
#73: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.closeLocal
#74: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.closeRemote
#75: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls quic.deadlineError.Error
#76: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls quic.deadlineError.Temporary
#77: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls quic.deadlineError.Timeout
#78: test/cli/harness/node.go:545:17: harness.Node.GatewayURL calls errors.Is, which eventually calls quic.deadlineError.Unwrap
#79: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.destroyImpl
#80: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls quic.errCloseForRecreating.Error
#81: core/corehttp/corehttp.go:71:27: corehttp.ListenAndServe calls net.Listen, which eventually calls quic.forceSetReceiveBuffer
#82: core/corehttp/corehttp.go:71:27: corehttp.ListenAndServe calls net.Listen, which eventually calls quic.forceSetSendBuffer
#83: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.getMultiplexer
#84: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls quic.headerParseError.Error
#85: test/cli/harness/node.go:545:17: harness.Node.GatewayURL calls errors.Is, which eventually calls quic.headerParseError.Unwrap
#86: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which calls quic.init
#87: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.init
#88: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls multierr.multiError.Error, which eventually calls quic.init#1
#89: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls multierr.multiError.Error, which eventually calls quic.init#1
#90: core/corehttp/corehttp.go:71:27: corehttp.ListenAndServe calls net.Listen, which eventually calls quic.inspectReadBuffer
#91: core/corehttp/corehttp.go:71:27: corehttp.ListenAndServe calls net.Listen, which eventually calls quic.inspectWriteBuffer
#92: core/corehttp/corehttp.go:71:27: corehttp.ListenAndServe calls net.Listen, which eventually calls quic.isGSOSupported
#93: core/corehttp/corehttp.go:71:27: corehttp.ListenAndServe calls net.Listen, which eventually calls quic.newConn
#94: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.receiveStream.CancelRead
#95: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which calls quic.receiveStream.Read
#96: test/cli/harness/nodes.go:23:11: harness.Nodes.ForEachPar calls errgroup.Group.Go, which eventually calls quic.receiveStream.SetReadDeadline
#97: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls quic.receiveStream.StreamID
#98: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.sendStream.CancelWrite
#99: test/cli/harness/nodes.go:23:11: harness.Nodes.ForEachPar calls errgroup.Group.Go, which eventually calls quic.sendStream.SetWriteDeadline
#100: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.sendStream.Write
#101: core/corehttp/corehttp.go:71:27: corehttp.ListenAndServe calls net.Listen, which eventually calls quic.setDF
#102: test/cli/harness/nodes.go:23:11: harness.Nodes.ForEachPar calls errgroup.Group.Go, which eventually calls quic.stream.Close
#103: test/cli/harness/nodes.go:23:11: harness.Nodes.ForEachPar calls errgroup.Group.Go, which eventually calls quic.stream.SetDeadline
#104: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls quic.stream.StreamID
#105: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls quic.streamError.Error
#106: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls quic.streamOpenErr.Temporary
#107: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls quic.streamOpenErr.Timeout
#108: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.wrapConn
#109: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quic.wrapConn
#110: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls quicvarint.Append
#111: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls quicvarint.Len
#112: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls quicvarint.NewWriter
#113: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls quicvarint.Read
#114: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls quicvarint.init
#115: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls ringbuffer.RingBuffer[github.com/quic-go/quic-go/internal/protocol.StreamID].PushBack[github.com/quic-go/quic-go/internal/protocol.StreamID]
#116: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls ringbuffer.init
#117: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls utils.Max[time.Duration]
#118: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls utils.NewTimer
#119: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls utils.RTTStats.SetInitialRTT
#120: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls utils.RTTStats.SmoothedRTT
#121: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls utils.Timer.Chan
#122: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls utils.Timer.Reset
#123: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls utils.Timer.SetRead
#124: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls utils.Timer.Stop
#125: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls utils.bigEndian.ReadUint16
#126: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls utils.defaultLogger.Debug
#127: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls utils.defaultLogger.Debugf
#128: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls utils.defaultLogger.Errorf
#129: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls utils.defaultLogger.Infof
#130: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls utils.defaultLogger.WithPrefix
#131: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls utils.init
#132: tracing/tracing.go:32:44: tracing.NewTracerProvider calls tracing.NewSpanExporters, which eventually calls wire.AcksPacket
#133: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls wire.GetStreamFrame
#134: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls wire.IsLongHeaderPacket
#135: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls wire.IsPotentialQUICPacket
#136: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls wire.ParseConnectionID
#137: repo/fsrepo/migrations/ipfsfetcher/ipfsfetcher.go:140:16: ipfsfetcher.IpfsFetcher.Close calls sync.Once.Do, which eventually calls wire.StreamFrame.DataLen
#138: client/rpc/response.go:25:28: rpc.trailerReader.Read calls io.LimitedReader.Read, which eventually calls wire.StreamFrame.PutBack
#139: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls wire.TransportParameters.MarshalForSessionTicket
#140: client/rpc/requestbuilder.go:97:17: rpc.requestBuilder.Option calls fmt.Sprint, which eventually calls wire.TransportParameters.String
#141: client/rpc/response.go:25:28: rpc.trailerReader.Read calls http.readWriteCloserBody.Read, which eventually calls wire.TransportParameters.UnmarshalFromSessionTicket
#142: core/commands/pin/pin.go:748:14: pin.PinVerifyRes.Format calls fmt.Fprintf, which eventually calls wire.TransportParameters.ValidFor0RTT
#143: core/node/libp2p/transport.go:12:2: libp2p.init calls webtransport.init, which eventually calls wire.init
#144: core/corerepo/gc.go:143:28: corerepo.MultiError.Error calls multierr.multiError.Error, which eventually calls wire.init#1
#145: repo/fsrepo/datastores.go:128:12: fsrepo.MountDatastoreConfig calls sort.Slice, which eventually calls wire.unmarshal
Your code is affected by 5 vulnerabilities from 3 modules.
This scan also found 5 vulnerabilities in packages you import and 3
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
graphics/didder
=== Symbol Results ===
Vulnerability #1: GO-2024-2937
Panic when parsing invalid palette-color images in golang.org/x/image
More info: https://pkg.go.dev/vuln/GO-2024-2937
Module: golang.org/x/image
Found in: golang.org/x/image@v0.0.0-20210220032944-ac19c3e999fb
Fixed in: golang.org/x/image@v0.18.0
Example traces found:
#1: subcommand_helpers.go:197:28: didder.getInputImage calls imaging.Decode, which eventually calls tiff.Decode
Vulnerability #2: GO-2023-1990
Excessive CPU consumption when decoding 0-height images in
golang.org/x/image/tiff
More info: https://pkg.go.dev/vuln/GO-2023-1990
Module: golang.org/x/image
Found in: golang.org/x/image@v0.0.0-20210220032944-ac19c3e999fb
Fixed in: golang.org/x/image@v0.10.0
Example traces found:
#1: subcommand_helpers.go:197:28: didder.getInputImage calls imaging.Decode, which eventually calls tiff.Decode
Vulnerability #3: GO-2023-1989
Excessive resource consumption in golang.org/x/image/tiff
More info: https://pkg.go.dev/vuln/GO-2023-1989
Module: golang.org/x/image
Found in: golang.org/x/image@v0.0.0-20210220032944-ac19c3e999fb
Fixed in: golang.org/x/image@v0.10.0
Example traces found:
#1: subcommand_helpers.go:197:28: didder.getInputImage calls imaging.Decode, which eventually calls tiff.Decode
Vulnerability #4: GO-2023-1572
Denial of service via crafted TIFF image in golang.org/x/image/tiff
More info: https://pkg.go.dev/vuln/GO-2023-1572
Module: golang.org/x/image
Found in: golang.org/x/image@v0.0.0-20210220032944-ac19c3e999fb
Fixed in: golang.org/x/image@v0.5.0
Example traces found:
#1: subcommand_helpers.go:197:28: didder.getInputImage calls imaging.Decode, which eventually calls tiff.Decode
Your code is affected by 4 vulnerabilities from 1 module.
This scan found no other vulnerabilities in packages you import or modules you
require.
Use '-show verbose' for more details.
mail/aerc
=== Symbol Results ===
Vulnerability #1: GO-2024-2937
Panic when parsing invalid palette-color images in golang.org/x/image
More info: https://pkg.go.dev/vuln/GO-2024-2937
Module: golang.org/x/image
Found in: golang.org/x/image@v0.15.0
Fixed in: golang.org/x/image@v0.18.0
Example traces found:
#1: app/msgviewer.go:582:30: app.decodeImage calls image.Decode, which calls tiff.Decode
Your code is affected by 1 vulnerability from 1 module.
This scan also found 0 vulnerabilities in packages you import and 1
vulnerability in modules you require, but your code doesn't appear to call these
vulnerabilities.
Use '-show verbose' for more details.
net/amfora
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.17.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: subscriptions/subscriptions.go:128:39: subscriptions.GetFeed calls gofeed.Parser.Parse, which eventually calls html.Parse
Your code is affected by 1 vulnerability from 1 module.
This scan also found 0 vulnerabilities in packages you import and 1
vulnerability in modules you require, but your code doesn't appear to call these
vulnerabilities.
Use '-show verbose' for more details.
net/ddns-route53
=== Symbol Results ===
Vulnerability #1: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.7.5
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: pkg/wanip/client.go:142:22: wanip.Client.getIP calls http.Client.Do, which eventually calls retryablehttp.RoundTripper.RoundTrip
Your code is affected by 1 vulnerability from 1 module.
This scan also found 1 vulnerability in packages you import and 2
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/dnscontrol
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.7.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: providers/hedns/hednsProvider.go:326:48: hedns.hednsProvider.GetZoneRecords calls goquery.NewDocumentFromReader, which calls html.Parse
Vulnerability #2: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.7.1
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: providers/vultr/vultrProvider.go:80:52: vultr.vultrProvider.GetZoneRecords calls govultr.DomainRecordsServiceHandler.List, which eventually calls retryablehttp.Client.Do
#2: providers/hedns/hednsProvider.go:319:35: hedns.hednsProvider.GetZoneRecords calls http.Client.Get, which eventually calls retryablehttp.RoundTripper.RoundTrip
Vulnerability #3: GO-2024-2918
Azure Identity Libraries Elevation of Privilege Vulnerability in
github.com/Azure/azure-sdk-for-go/sdk/azidentity
More info: https://pkg.go.dev/vuln/GO-2024-2918
Module: github.com/Azure/azure-sdk-for-go/sdk/azidentity
Found in: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.2.1
Fixed in: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0
Example traces found:
#1: providers/azuredns/azureDnsProvider.go:874:40: azuredns.azurednsProvider.EnsureZoneExists calls armdns.ZonesClient.CreateOrUpdate, which eventually calls azidentity.ClientSecretCredential.GetToken
Vulnerability #4: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.7.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: pkg/acme/vaultStorage.go:24:48: acme.makeVaultStorage calls api.DefaultConfig, which calls http2.ConfigureTransport
#2: providers/gcloud/gcloudProvider.go:92:30: gcloud.New calls dns.NewService, which eventually calls http2.ConfigureTransports
#3: providers/axfrddns/axfrddnsProvider.go:249:26: axfrddns.axfrddnsProvider.FetchZoneRecords calls http2.ConnectionError.Error
#4: providers/axfrddns/axfrddnsProvider.go:371:15: axfrddns.axfrddnsProvider.GetDomainCorrections calls fmt.Fprintln, which eventually calls http2.ErrCode.String
#5: providers/axfrddns/axfrddnsProvider.go:371:15: axfrddns.axfrddnsProvider.GetDomainCorrections calls fmt.Fprintln, which eventually calls http2.FrameHeader.String
#6: providers/axfrddns/axfrddnsProvider.go:371:15: axfrddns.axfrddnsProvider.GetDomainCorrections calls fmt.Fprintln, which eventually calls http2.FrameType.String
#7: providers/axfrddns/axfrddnsProvider.go:249:26: axfrddns.axfrddnsProvider.FetchZoneRecords calls http2.GoAwayError.Error
#8: providers/axfrddns/axfrddnsProvider.go:371:15: axfrddns.axfrddnsProvider.GetDomainCorrections calls fmt.Fprintln, which eventually calls http2.Setting.String
#9: providers/axfrddns/axfrddnsProvider.go:371:15: axfrddns.axfrddnsProvider.GetDomainCorrections calls fmt.Fprintln, which eventually calls http2.SettingID.String
#10: providers/axfrddns/axfrddnsProvider.go:249:26: axfrddns.axfrddnsProvider.FetchZoneRecords calls http2.StreamError.Error
#11: providers/powerdns/dns.go:136:41: powerdns.powerdnsProvider.EnsureZoneExists calls zones.client.GetZone, which eventually calls http2.Transport.NewClientConn
#12: providers/powerdns/dns.go:136:41: powerdns.powerdnsProvider.EnsureZoneExists calls zones.client.GetZone, which eventually calls http2.Transport.RoundTrip
#13: pkg/diff2/diff2.go:224:13: diff2.ChangeList.String calls fmt.Fprintf, which eventually calls http2.chunkWriter.Write
#14: providers/axfrddns/axfrddnsProvider.go:249:26: axfrddns.axfrddnsProvider.FetchZoneRecords calls http2.connError.Error
#15: providers/hedns/hednsProvider.go:319:35: hedns.hednsProvider.GetZoneRecords calls http.Client.Get, which eventually calls http2.duplicatePseudoHeaderError.Error
#16: providers/hedns/hednsProvider.go:323:2: hedns.hednsProvider.GetZoneRecords calls http2.gzipReader.Close
#17: providers/gcloud/gcloudProvider.go:354:57: gcloud.gcloudProvider.EnsureZoneExists calls dns.ManagedZonesCreateCall.Do, which eventually calls http2.gzipReader.Read
#18: providers/hedns/hednsProvider.go:319:35: hedns.hednsProvider.GetZoneRecords calls http.Client.Get, which eventually calls http2.headerFieldNameError.Error
#19: providers/hedns/hednsProvider.go:319:35: hedns.hednsProvider.GetZoneRecords calls http.Client.Get, which eventually calls http2.headerFieldValueError.Error
#20: providers/powerdns/dns.go:136:41: powerdns.powerdnsProvider.EnsureZoneExists calls zones.client.GetZone, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#21: providers/hedns/hednsProvider.go:319:35: hedns.hednsProvider.GetZoneRecords calls http.Client.Get, which eventually calls http2.pseudoHeaderError.Error
#22: pkg/diff2/diff2.go:224:13: diff2.ChangeList.String calls fmt.Fprintf, which eventually calls http2.stickyErrWriter.Write
#23: providers/hedns/hednsProvider.go:323:2: hedns.hednsProvider.GetZoneRecords calls http2.transportResponseBody.Close
#24: providers/gcloud/gcloudProvider.go:354:57: gcloud.gcloudProvider.EnsureZoneExists calls dns.ManagedZonesCreateCall.Do, which eventually calls http2.transportResponseBody.Read
#25: providers/axfrddns/axfrddnsProvider.go:371:15: axfrddns.axfrddnsProvider.GetDomainCorrections calls fmt.Fprintln, which eventually calls http2.writeData.String
Vulnerability #5: GO-2024-2611
Infinite loop in JSON unmarshaling in google.golang.org/protobuf
More info: https://pkg.go.dev/vuln/GO-2024-2611
Module: google.golang.org/protobuf
Found in: google.golang.org/protobuf@v1.28.1
Fixed in: google.golang.org/protobuf@v1.33.0
Example traces found:
#1: providers/gcloud/gcloudProvider.go:354:57: gcloud.gcloudProvider.EnsureZoneExists calls dns.ManagedZonesCreateCall.Do, which eventually calls json.Decoder.Peek
#2: providers/gcloud/gcloudProvider.go:354:57: gcloud.gcloudProvider.EnsureZoneExists calls dns.ManagedZonesCreateCall.Do, which eventually calls json.Decoder.Read
#3: providers/gcloud/gcloudProvider.go:354:57: gcloud.gcloudProvider.EnsureZoneExists calls dns.ManagedZonesCreateCall.Do, which eventually calls protojson.Unmarshal
Your code is affected by 5 vulnerabilities from 4 modules.
This scan also found 5 vulnerabilities in packages you import and 2
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/dnscrypt-proxy2
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20201224014010-6772e930b67b
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: dnscrypt-proxy/xtransport.go:193:26: dnscrypt.XTransport.rebuildTransport calls http2.ConfigureTransport
#2: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.ConnectionError.Error
#3: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#4: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#5: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.FrameType.String
#6: dnscrypt-proxy/main.go:37:22: dnscrypt.main calls os.Getwd, which eventually calls http2.Framer.WriteContinuation
#7: dnscrypt-proxy/main.go:37:22: dnscrypt.main calls os.Getwd, which eventually calls http2.Framer.WriteData
#8: dnscrypt-proxy/main.go:37:22: dnscrypt.main calls os.Getwd, which eventually calls http2.Framer.WriteHeaders
#9: dnscrypt-proxy/main.go:37:22: dnscrypt.main calls os.Getwd, which eventually calls http2.Framer.WriteRSTStream
#10: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.GoAwayError.Error
#11: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.Setting.String
#12: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.SettingID.String
#13: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.StreamError.Error
#14: dnscrypt-proxy/xtransport.go:124:47: dnscrypt.XTransport.rebuildTransport calls http.Transport.CloseIdleConnections, which eventually calls http2.Transport.NewClientConn
#15: dnscrypt-proxy/xtransport.go:381:24: dnscrypt.XTransport.Fetch calls http.Client.Do, which eventually calls http2.Transport.RoundTrip
#16: dnscrypt-proxy/main.go:58:14: dnscrypt.main calls fmt.Println, which eventually calls http2.chunkWriter.Write
#17: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.connError.Error
#18: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.duplicatePseudoHeaderError.Error
#19: dnscrypt-proxy/xtransport.go:406:17: dnscrypt.XTransport.Fetch calls http2.gzipReader.Close
#20: dnscrypt-proxy/main.go:34:18: dnscrypt.main calls rand.Read, which eventually calls http2.gzipReader.Read
#21: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.headerFieldNameError.Error
#22: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.headerFieldValueError.Error
#23: dnscrypt-proxy/xtransport.go:381:24: dnscrypt.XTransport.Fetch calls http.Client.Do, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#24: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.pseudoHeaderError.Error
#25: dnscrypt-proxy/main.go:58:14: dnscrypt.main calls fmt.Println, which eventually calls http2.stickyErrWriter.Write
#26: dnscrypt-proxy/xtransport.go:406:17: dnscrypt.XTransport.Fetch calls http2.transportResponseBody.Close
#27: dnscrypt-proxy/main.go:34:18: dnscrypt.main calls rand.Read, which eventually calls http2.transportResponseBody.Read
#28: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #2: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20201224014010-6772e930b67b
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: dnscrypt-proxy/main.go:34:18: dnscrypt.main calls rand.Read, which eventually calls hpack.Decoder.Write
#2: dnscrypt-proxy/xtransport.go:193:26: dnscrypt.XTransport.rebuildTransport calls http2.ConfigureTransport
#3: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.ConnectionError.Error
#4: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#5: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#6: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.FrameType.String
#7: dnscrypt-proxy/main.go:37:22: dnscrypt.main calls os.Getwd, which eventually calls http2.Framer.WriteContinuation
#8: dnscrypt-proxy/main.go:37:22: dnscrypt.main calls os.Getwd, which eventually calls http2.Framer.WriteData
#9: dnscrypt-proxy/main.go:37:22: dnscrypt.main calls os.Getwd, which eventually calls http2.Framer.WriteHeaders
#10: dnscrypt-proxy/main.go:37:22: dnscrypt.main calls os.Getwd, which eventually calls http2.Framer.WriteRSTStream
#11: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.GoAwayError.Error
#12: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.Setting.String
#13: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.SettingID.String
#14: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.StreamError.Error
#15: dnscrypt-proxy/xtransport.go:124:47: dnscrypt.XTransport.rebuildTransport calls http.Transport.CloseIdleConnections, which eventually calls http2.Transport.NewClientConn
#16: dnscrypt-proxy/xtransport.go:381:24: dnscrypt.XTransport.Fetch calls http.Client.Do, which eventually calls http2.Transport.RoundTrip
#17: dnscrypt-proxy/main.go:58:14: dnscrypt.main calls fmt.Println, which eventually calls http2.chunkWriter.Write
#18: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.connError.Error
#19: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.duplicatePseudoHeaderError.Error
#20: dnscrypt-proxy/xtransport.go:406:17: dnscrypt.XTransport.Fetch calls http2.gzipReader.Close
#21: dnscrypt-proxy/main.go:34:18: dnscrypt.main calls rand.Read, which eventually calls http2.gzipReader.Read
#22: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.headerFieldNameError.Error
#23: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.headerFieldValueError.Error
#24: dnscrypt-proxy/xtransport.go:381:24: dnscrypt.XTransport.Fetch calls http.Client.Do, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#25: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.pseudoHeaderError.Error
#26: dnscrypt-proxy/main.go:58:14: dnscrypt.main calls fmt.Println, which eventually calls http2.stickyErrWriter.Write
#27: dnscrypt-proxy/xtransport.go:406:17: dnscrypt.XTransport.Fetch calls http2.transportResponseBody.Close
#28: dnscrypt-proxy/main.go:34:18: dnscrypt.main calls rand.Read, which eventually calls http2.transportResponseBody.Read
#29: dnscrypt-proxy/main.go:42:51: dnscrypt.main calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #3: GO-2022-0236
Panic due to large headers in net/http and golang.org/x/net/http/httpguts
More info: https://pkg.go.dev/vuln/GO-2022-0236
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20201224014010-6772e930b67b
Fixed in: golang.org/x/net@v0.0.0-20210428140749-89ef3d95e781
Example traces found:
#1: dnscrypt-proxy/xtransport.go:381:24: dnscrypt.XTransport.Fetch calls http.Client.Do, which eventually calls httpguts.HeaderValuesContainsToken
Your code is affected by 3 vulnerabilities from 1 module.
This scan also found 5 vulnerabilities in packages you import and 10
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/gh
=== Symbol Results ===
Vulnerability #1: GO-2024-3295
Violation of GitHub host security boundary when sourcing authentication
token within a codespace in github.com/cli/go-gh
More info: https://pkg.go.dev/vuln/GO-2024-3295
Module: github.com/cli/go-gh/v2
Found in: github.com/cli/go-gh/v2@v2.11.0
Fixed in: github.com/cli/go-gh/v2@v2.11.1
Example traces found:
#1: api/http_client.go:59:36: api.NewHTTPClient calls api.NewHTTPClient, which eventually calls auth.TokenForHost
#2: internal/config/config.go:243:41: config.AuthConfig.HasEnvToken calls auth.TokenFromEnvOrConfig, which calls auth.tokenForHost
Your code is affected by 1 vulnerability from 1 module.
This scan also found 2 vulnerabilities in packages you import and 0
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/hub
=== Symbol Results ===
Vulnerability #1: GO-2022-0956
Excessive resource consumption in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2022-0956
Module: gopkg.in/yaml.v2
Found in: gopkg.in/yaml.v2@v2.0.0-20190319135612-7b8349ac747c
Fixed in: gopkg.in/yaml.v2@v2.2.4
Example traces found:
#1: github/config_decoder.go:34:22: github.yamlConfigDecoder.Decode calls yaml.Unmarshal
Vulnerability #2: GO-2021-0061
Denial of service in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2021-0061
Module: gopkg.in/yaml.v2
Found in: gopkg.in/yaml.v2@v2.0.0-20190319135612-7b8349ac747c
Fixed in: gopkg.in/yaml.v2@v2.2.3
Example traces found:
#1: github/config_decoder.go:34:22: github.yamlConfigDecoder.Decode calls yaml.Unmarshal
Vulnerability #3: GO-2020-0036
Excessive resource consumption in YAML parsing in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2020-0036
Module: gopkg.in/yaml.v2
Found in: gopkg.in/yaml.v2@v2.0.0-20190319135612-7b8349ac747c
Fixed in: gopkg.in/yaml.v2@v2.2.8
Example traces found:
#1: github/config_decoder.go:34:22: github.yamlConfigDecoder.Decode calls yaml.Unmarshal
Your code is affected by 3 vulnerabilities from 1 module.
This scan also found 2 vulnerabilities in packages you import and 22
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/ipget
=== Symbol Results ===
Vulnerability #1: GO-2024-3302
ICMP Packet Too Large Injection Attack on Linux in
github.com/quic-go/quic-go
More info: https://pkg.go.dev/vuln/GO-2024-3302
Module: github.com/quic-go/quic-go
Found in: github.com/quic-go/quic-go@v0.38.1
Fixed in: github.com/quic-go/quic-go@v0.48.2
Platforms: linux
Example traces found:
#1: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls quic.StreamError.Error
#2: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.connMultiplexer.RemoveConn
#3: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.oobConn.ReadPacket
#4: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.packetHandlerMap.Close
#5: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.packetHandlerMap.GetStatelessResetToken
#6: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.receiveStream.CancelRead
#7: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls quic.receiveStream.Read
#8: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.sendStream.CancelWrite
#9: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.sendStream.Write
#10: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.setDF
#11: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.stream.Close
Vulnerability #2: GO-2024-3218
Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT
abuse in github.com/libp2p/go-libp2p-kad-dht
More info: https://pkg.go.dev/vuln/GO-2024-3218
Module: github.com/libp2p/go-libp2p-kad-dht
Found in: github.com/libp2p/go-libp2p-kad-dht@v0.24.4
Fixed in: N/A
Example traces found:
#1: node.go:15:2: ipget.init calls libp2p.init, which eventually calls config.init
#2: node.go:15:2: ipget.init calls libp2p.init, which eventually calls crawler.init
#3: node.go:15:2: ipget.init calls libp2p.init, which calls dual.init
#4: node.go:15:2: ipget.init calls libp2p.init, which calls fullrt.init
#5: main.go:123:15: ipget.main calls signal.Notify, which eventually calls fullrt.runCrawler
#6: main.go:123:15: ipget.main calls signal.Notify, which eventually calls fullrt.runCrawler
#7: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls internal.LoggableProviderRecordBytes.String
#8: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls internal.LoggableRecordKeyBytes.String
#9: node.go:13:2: ipget.init calls core.init, which eventually calls internal.init
#10: main.go:104:32: ipget.main calls coreapi.UnixfsAPI.Get, which eventually calls libp2p.LookupTerminationReason.String
#11: main.go:104:32: ipget.main calls coreapi.UnixfsAPI.Get, which eventually calls libp2p.Quorum
#12: node.go:15:2: ipget.init calls libp2p.init, which calls libp2p.init
#13: node.go:14:2: ipget.init calls coreapi.init, which eventually calls libp2p.isRelayAddr
#14: node.go:15:2: ipget.init calls libp2p.init, which eventually calls metrics.init
#15: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls net.init
#16: node.go:15:2: ipget.init calls libp2p.init, which eventually calls net.init
#17: node.go:14:2: ipget.init calls coreapi.init, which eventually calls netsize.Track
#18: node.go:14:2: ipget.init calls coreapi.init, which eventually calls netsize.garbageCollect
#19: node.go:15:2: ipget.init calls libp2p.init, which eventually calls netsize.init
#20: main.go:104:32: ipget.main calls coreapi.UnixfsAPI.Get, which eventually calls pb.Message.Reset
#21: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls pb.Message.String
#22: main.go:104:32: ipget.main calls coreapi.UnixfsAPI.Get, which eventually calls pb.Message.Unmarshal
#23: main.go:104:32: ipget.main calls coreapi.UnixfsAPI.Get, which eventually calls pb.Message.XXX_Unmarshal
#24: node.go:15:2: ipget.init calls libp2p.init, which eventually calls pb.init
#25: main.go:255:14: ipget.doCleanup calls providers.ProviderManager.Close
#26: node.go:15:2: ipget.init calls libp2p.init, which eventually calls providers.init
#27: node.go:15:2: ipget.init calls libp2p.init, which eventually calls qpeerset.init
#28: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls qpeerset.sortedQueryPeerset.Len
#29: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls qpeerset.sortedQueryPeerset.Less
#30: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls qpeerset.sortedQueryPeerset.Swap
#31: main.go:255:14: ipget.doCleanup calls rtrefresh.RtRefreshManager.Close
#32: node.go:15:2: ipget.init calls libp2p.init, which eventually calls rtrefresh.init
#33: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls rtrefresh.loggableRawKeyString.String
Vulnerability #3: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.14.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls http2.ConnectionError.Error
#2: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls http2.ErrCode.String
#3: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls http2.FrameHeader.String
#4: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls http2.FrameType.String
#5: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls http2.GoAwayError.Error
#6: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls http2.Setting.String
#7: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls http2.SettingID.String
#8: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls http2.StreamError.Error
#9: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls http2.chunkWriter.Write
#10: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls http2.connError.Error
#11: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls http2.duplicatePseudoHeaderError.Error
#12: http.go:15:39: ipget.http calls rpc.requestBuilder.Exec, which eventually calls http2.gzipReader.Close
#13: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls http2.gzipReader.Read
#14: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls http2.headerFieldNameError.Error
#15: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls http2.headerFieldValueError.Error
#16: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls http2.pseudoHeaderError.Error
#17: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls http2.stickyErrWriter.Write
#18: http.go:15:39: ipget.http calls rpc.requestBuilder.Exec, which eventually calls http2.transportResponseBody.Close
#19: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls http2.transportResponseBody.Read
#20: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls http2.writeData.String
Vulnerability #4: GO-2024-2682
Denial of service via connection starvation in github.com/quic-go/quic-go
More info: https://pkg.go.dev/vuln/GO-2024-2682
Module: github.com/quic-go/quic-go
Found in: github.com/quic-go/quic-go@v0.38.1
Fixed in: github.com/quic-go/quic-go@v0.42.0
Example traces found:
#1: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.receiveStream.CancelRead
#2: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls quic.receiveStream.Read
#3: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.sendStream.CancelWrite
Vulnerability #5: GO-2024-2459
Denial of service via path validation in github.com/quic-go/quic-go
More info: https://pkg.go.dev/vuln/GO-2024-2459
Module: github.com/quic-go/quic-go
Found in: github.com/quic-go/quic-go@v0.38.1
Fixed in: github.com/quic-go/quic-go@v0.38.2
Example traces found:
#1: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls ackhandler.SendMode.String
#2: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls ackhandler.init
#3: node.go:15:2: ipget.init calls libp2p.init, which eventually calls ackhandler.init
#4: node.go:15:2: ipget.init calls libp2p.init, which eventually calls congestion.init
#5: node.go:15:2: ipget.init calls libp2p.init, which eventually calls flowcontrol.init
#6: main.go:123:15: ipget.main calls signal.Notify, which eventually calls flowcontrol.streamFlowController.Abandon
#7: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls flowcontrol.streamFlowController.AddBytesRead
#8: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls handshake.addConnToClientHelloInfo
#9: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls handshake.addConnToClientHelloInfo
#10: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls handshake.cryptoSetup.accept0RTT
#11: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls handshake.cryptoSetup.getDataForSessionTicket
#12: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls handshake.cryptoSetup.handleDataFromSessionState
#13: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls handshake.cryptoSetup.marshalDataForSessionState
#14: node.go:15:2: ipget.init calls libp2p.init, which eventually calls handshake.init
#15: main.go:123:15: ipget.main calls signal.Notify, which eventually calls http3.WriteCapsule
#16: main.go:123:15: ipget.main calls signal.Notify, which eventually calls http3.exactReader.Read
#17: node.go:15:2: ipget.init calls libp2p.init, which eventually calls http3.init
#18: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls linkedlist.List[github.com/quic-go/quic-go.byteInterval].Front[github.com/quic-go/quic-go.byteInterval]
#19: node.go:15:2: ipget.init calls libp2p.init, which eventually calls linkedlist.NewPool[github.com/quic-go/quic-go.byteInterval]
#20: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls linkedlist.NewPool[github.com/quic-go/quic-go.byteInterval]
#21: node.go:15:2: ipget.init calls libp2p.init, which eventually calls linkedlist.NewPool[github.com/quic-go/quic-go/internal/ackhandler.interval]
#22: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls linkedlist.NewPool[github.com/quic-go/quic-go/internal/ackhandler.interval]
#23: node.go:15:2: ipget.init calls libp2p.init, which eventually calls linkedlist.init
#24: main.go:123:15: ipget.main calls signal.Notify, which eventually calls logging.connTracerMultiplexer.DroppedPacket
#25: node.go:15:2: ipget.init calls libp2p.init, which eventually calls logging.init
#26: node.go:15:2: ipget.init calls libp2p.init, which eventually calls logutils.init
#27: main.go:123:15: ipget.main calls signal.Notify, which eventually calls protocol.ConnectionID.Bytes
#28: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls protocol.ConnectionID.String
#29: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls protocol.ECN.String
#30: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls protocol.EncryptionLevel.String
#31: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls protocol.KeyPhaseBit.String
#32: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls protocol.PacketType.String
#33: main.go:123:15: ipget.main calls signal.Notify, which eventually calls protocol.ParseConnectionID
#34: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls protocol.Perspective.Opposite
#35: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls protocol.ReadConnectionID
#36: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls protocol.StreamID.InitiatedBy
#37: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls protocol.StreamID.StreamNum
#38: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls protocol.StreamID.Type
#39: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls protocol.StreamNum.StreamID
#40: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls protocol.VersionNumber.String
#41: node.go:15:2: ipget.init calls libp2p.init, which eventually calls protocol.init
#42: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls qerr.ApplicationError.Error
#43: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls qerr.ApplicationError.Is
#44: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls qerr.HandshakeTimeoutError.Error
#45: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls qerr.HandshakeTimeoutError.Is
#46: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls qerr.HandshakeTimeoutError.Temporary
#47: main.go:123:15: ipget.main calls signal.Notify, which eventually calls qerr.HandshakeTimeoutError.Timeout
#48: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls qerr.IdleTimeoutError.Error
#49: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls qerr.IdleTimeoutError.Is
#50: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls qerr.IdleTimeoutError.Temporary
#51: main.go:123:15: ipget.main calls signal.Notify, which eventually calls qerr.IdleTimeoutError.Timeout
#52: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls qerr.StatelessResetError.Error
#53: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls qerr.StatelessResetError.Is
#54: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls qerr.StatelessResetError.Temporary
#55: main.go:123:15: ipget.main calls signal.Notify, which eventually calls qerr.StatelessResetError.Timeout
#56: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls qerr.TransportError.Error
#57: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls qerr.TransportError.Is
#58: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls qerr.TransportError.Unwrap
#59: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls qerr.VersionNegotiationError.Error
#60: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls qerr.VersionNegotiationError.Is
#61: node.go:15:2: ipget.init calls libp2p.init, which eventually calls qerr.init
#62: main.go:123:15: ipget.main calls signal.Notify, which eventually calls qlog.connectionTracer.DroppedPacket
#63: node.go:15:2: ipget.init calls libp2p.init, which eventually calls qlog.init
#64: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls qtls.SetupConfigForServer
#65: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls qtls.SetupConfigForServer
#66: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls qtls.clientSessionCache.Get
#67: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls qtls.clientSessionCache.Put
#68: node.go:15:2: ipget.init calls libp2p.init, which eventually calls qtls.init
#69: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.ReadPacket
#70: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.ReadPacket
#71: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls quic.StreamError.Error
#72: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls quic.StreamError.Is
#73: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.closeLocal
#74: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.closeRemote
#75: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls quic.deadlineError.Error
#76: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls quic.deadlineError.Temporary
#77: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls quic.deadlineError.Timeout
#78: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls quic.deadlineError.Unwrap
#79: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.destroyImpl
#80: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls quic.errCloseForRecreating.Error
#81: http.go:15:39: ipget.http calls rpc.requestBuilder.Exec, which eventually calls quic.forceSetReceiveBuffer
#82: http.go:15:39: ipget.http calls rpc.requestBuilder.Exec, which eventually calls quic.forceSetSendBuffer
#83: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.getMultiplexer
#84: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls quic.headerParseError.Error
#85: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls quic.headerParseError.Unwrap
#86: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.init
#87: node.go:15:2: ipget.init calls libp2p.init, which eventually calls quic.init
#88: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls quic.init#1
#89: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls quic.init#1
#90: http.go:15:39: ipget.http calls rpc.requestBuilder.Exec, which eventually calls quic.inspectReadBuffer
#91: http.go:15:39: ipget.http calls rpc.requestBuilder.Exec, which eventually calls quic.inspectWriteBuffer
#92: http.go:15:39: ipget.http calls rpc.requestBuilder.Exec, which eventually calls quic.isGSOSupported
#93: http.go:15:39: ipget.http calls rpc.requestBuilder.Exec, which eventually calls quic.newConn
#94: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.receiveStream.CancelRead
#95: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls quic.receiveStream.Read
#96: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.receiveStream.SetReadDeadline
#97: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls quic.receiveStream.StreamID
#98: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.sendStream.CancelWrite
#99: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.sendStream.SetWriteDeadline
#100: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.sendStream.Write
#101: http.go:15:39: ipget.http calls rpc.requestBuilder.Exec, which eventually calls quic.setDF
#102: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.stream.Close
#103: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.stream.SetDeadline
#104: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls quic.stream.StreamID
#105: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls quic.streamError.Error
#106: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls quic.streamOpenErr.Temporary
#107: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls quic.streamOpenErr.Timeout
#108: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.wrapConn
#109: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quic.wrapConn
#110: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quicvarint.Append
#111: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls quicvarint.Len
#112: main.go:123:15: ipget.main calls signal.Notify, which eventually calls quicvarint.NewWriter
#113: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls quicvarint.Read
#114: node.go:15:2: ipget.init calls libp2p.init, which eventually calls quicvarint.init
#115: main.go:123:15: ipget.main calls signal.Notify, which eventually calls ringbuffer.RingBuffer[github.com/quic-go/quic-go/internal/protocol.StreamID].PushBack[github.com/quic-go/quic-go/internal/protocol.StreamID]
#116: node.go:15:2: ipget.init calls libp2p.init, which eventually calls ringbuffer.init
#117: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls utils.Max[time.Duration]
#118: main.go:123:15: ipget.main calls signal.Notify, which eventually calls utils.NewTimer
#119: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls utils.RTTStats.SetInitialRTT
#120: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls utils.RTTStats.SmoothedRTT
#121: main.go:123:15: ipget.main calls signal.Notify, which eventually calls utils.Timer.Chan
#122: main.go:123:15: ipget.main calls signal.Notify, which eventually calls utils.Timer.Reset
#123: main.go:123:15: ipget.main calls signal.Notify, which eventually calls utils.Timer.SetRead
#124: main.go:123:15: ipget.main calls signal.Notify, which eventually calls utils.Timer.Stop
#125: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls utils.bigEndian.ReadUint16
#126: main.go:123:15: ipget.main calls signal.Notify, which eventually calls utils.defaultLogger.Debug
#127: main.go:123:15: ipget.main calls signal.Notify, which eventually calls utils.defaultLogger.Debugf
#128: main.go:123:15: ipget.main calls signal.Notify, which eventually calls utils.defaultLogger.Errorf
#129: main.go:123:15: ipget.main calls signal.Notify, which eventually calls utils.defaultLogger.Infof
#130: main.go:123:15: ipget.main calls signal.Notify, which eventually calls utils.defaultLogger.WithPrefix
#131: node.go:15:2: ipget.init calls libp2p.init, which eventually calls utils.init
#132: node.go:14:2: ipget.init calls coreapi.init, which eventually calls wire.AcksPacket
#133: main.go:123:15: ipget.main calls signal.Notify, which eventually calls wire.GetStreamFrame
#134: main.go:123:15: ipget.main calls signal.Notify, which eventually calls wire.IsLongHeaderPacket
#135: main.go:123:15: ipget.main calls signal.Notify, which eventually calls wire.IsPotentialQUICPacket
#136: main.go:123:15: ipget.main calls signal.Notify, which eventually calls wire.ParseConnectionID
#137: main.go:123:15: ipget.main calls signal.Notify, which eventually calls wire.StreamFrame.DataLen
#138: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls wire.StreamFrame.PutBack
#139: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls wire.TransportParameters.MarshalForSessionTicket
#140: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls wire.TransportParameters.String
#141: main.go:255:14: ipget.doCleanup calls exec.childStdin, which eventually calls wire.TransportParameters.UnmarshalFromSessionTicket
#142: main.go:133:16: ipget.main calls cli.App.Run, which eventually calls wire.TransportParameters.ValidFor0RTT
#143: node.go:15:2: ipget.init calls libp2p.init, which eventually calls wire.init
#144: main.go:135:15: ipget.main calls fmt.Fprintln, which eventually calls wire.init#1
#145: main.go:123:15: ipget.main calls signal.Notify, which eventually calls wire.unmarshal
Your code is affected by 5 vulnerabilities from 3 modules.
This scan also found 4 vulnerabilities in packages you import and 3
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/nats-server
=== Symbol Results ===
Vulnerability #1: GO-2022-0386
Import token permissions checking not enforced in github.com/nats-io/jwt
More info: https://pkg.go.dev/vuln/GO-2022-0386
Module: github.com/nats-io/jwt
Found in: github.com/nats-io/jwt@v1.1.0
Fixed in: github.com/nats-io/jwt@v1.2.3-0.20210314221642-a826c77dc9d2
Example traces found:
#1: server/server.go:579:18: server.Server.checkResolvePreloads calls jwt.AccountClaims.Validate
#2: server/accounts.go:1563:14: server.Account.checkActivation calls jwt.ActivationClaims.Validate
#3: server/accounts.go:1551:16: server.Account.checkActivation calls jwt.Import.Validate
Your code is affected by 1 vulnerability from 1 module.
This scan also found 0 vulnerabilities in packages you import and 6
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/obfs4proxy
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20190328230028-74de082e2cca
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: common/ntor/ntor.go:425:54: ntor.Kdf calls http2.ConnectionError.Error
#2: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#3: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#4: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.FrameType.String
#5: transports/meeklite/meek.go:201:16: meeklite.meekConn.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteContinuation
#6: transports/meeklite/meek.go:201:16: meeklite.meekConn.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteData
#7: transports/meeklite/meek.go:201:16: meeklite.meekConn.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteHeaders
#8: transports/meeklite/meek.go:201:16: meeklite.meekConn.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteRSTStream
#9: common/ntor/ntor.go:425:54: ntor.Kdf calls http2.GoAwayError.Error
#10: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.Setting.String
#11: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.SettingID.String
#12: common/ntor/ntor.go:425:54: ntor.Kdf calls http2.StreamError.Error
#13: transports/meeklite/transport.go:86:31: meeklite.roundTripper.RoundTrip calls http2.Transport.RoundTrip
#14: common/socks5/socks5.go:182:27: socks5.Request.Reply calls bufio.Writer.Write, which calls http2.chunkWriter.Write
#15: common/ntor/ntor.go:425:54: ntor.Kdf calls http2.connError.Error
#16: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.duplicatePseudoHeaderError.Error
#17: transports/meeklite/meek.go:271:19: meeklite.meekConn.roundTrip calls http2.gzipReader.Close
#18: common/ntor/ntor.go:423:23: ntor.Kdf calls io.ReadFull, which eventually calls http2.gzipReader.Read
#19: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.headerFieldNameError.Error
#20: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.headerFieldValueError.Error
#21: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.pseudoHeaderError.Error
#22: common/socks5/socks5.go:182:27: socks5.Request.Reply calls bufio.Writer.Write, which calls http2.stickyErrWriter.Write
#23: transports/meeklite/meek.go:271:19: meeklite.meekConn.roundTrip calls http2.transportResponseBody.Close
#24: common/ntor/ntor.go:423:23: ntor.Kdf calls io.ReadFull, which eventually calls http2.transportResponseBody.Read
#25: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #2: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20190328230028-74de082e2cca
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: common/ntor/ntor.go:423:23: ntor.Kdf calls io.ReadFull, which eventually calls hpack.Decoder.Write
#2: common/ntor/ntor.go:425:54: ntor.Kdf calls http2.ConnectionError.Error
#3: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#4: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#5: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.FrameType.String
#6: transports/meeklite/meek.go:201:16: meeklite.meekConn.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteContinuation
#7: transports/meeklite/meek.go:201:16: meeklite.meekConn.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteData
#8: transports/meeklite/meek.go:201:16: meeklite.meekConn.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteHeaders
#9: transports/meeklite/meek.go:201:16: meeklite.meekConn.Close calls sync.Once.Do, which eventually calls http2.Framer.WriteRSTStream
#10: common/ntor/ntor.go:425:54: ntor.Kdf calls http2.GoAwayError.Error
#11: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.Setting.String
#12: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.SettingID.String
#13: common/ntor/ntor.go:425:54: ntor.Kdf calls http2.StreamError.Error
#14: transports/meeklite/transport.go:86:31: meeklite.roundTripper.RoundTrip calls http2.Transport.RoundTrip
#15: common/socks5/socks5.go:182:27: socks5.Request.Reply calls bufio.Writer.Write, which calls http2.chunkWriter.Write
#16: common/ntor/ntor.go:425:54: ntor.Kdf calls http2.connError.Error
#17: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.duplicatePseudoHeaderError.Error
#18: transports/meeklite/meek.go:271:19: meeklite.meekConn.roundTrip calls http2.gzipReader.Close
#19: common/ntor/ntor.go:423:23: ntor.Kdf calls io.ReadFull, which eventually calls http2.gzipReader.Read
#20: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.headerFieldNameError.Error
#21: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.headerFieldValueError.Error
#22: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.pseudoHeaderError.Error
#23: common/socks5/socks5.go:182:27: socks5.Request.Reply calls bufio.Writer.Write, which calls http2.stickyErrWriter.Write
#24: transports/meeklite/meek.go:271:19: meeklite.meekConn.roundTrip calls http2.transportResponseBody.Close
#25: common/ntor/ntor.go:423:23: ntor.Kdf calls io.ReadFull, which eventually calls http2.transportResponseBody.Read
#26: transports/obfs4/obfs4.go:494:21: obfs4.obfs4Conn.Write calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #3: GO-2022-0236
Panic due to large headers in net/http and golang.org/x/net/http/httpguts
More info: https://pkg.go.dev/vuln/GO-2022-0236
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20190328230028-74de082e2cca
Fixed in: golang.org/x/net@v0.0.0-20210428140749-89ef3d95e781
Example traces found:
#1: transports/meeklite/transport.go:86:31: meeklite.roundTripper.RoundTrip calls http2.Transport.RoundTrip, which eventually calls httpguts.HeaderValuesContainsToken
Vulnerability #4: GO-2022-0229
Panic in certificate parsing in crypto/x509 and
golang.org/x/crypto/cryptobyte
More info: https://pkg.go.dev/vuln/GO-2022-0229
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@v0.0.0-20190325154230-a5d413f7728c
Fixed in: golang.org/x/crypto@v0.0.0-20200124225646-8b5121be2f68
Example traces found:
#1: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.Builder.AddUint16
#2: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.Builder.AddUint16LengthPrefixed
#3: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.Builder.AddUint24LengthPrefixed
#4: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.Builder.AddUint32
#5: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.Builder.AddUint8
#6: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.Builder.AddUint8LengthPrefixed
#7: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.Builder.BytesOrPanic
#8: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.NewBuilder
#9: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.String.Empty
#10: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.String.ReadBytes
#11: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.String.ReadUint16
#12: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.String.ReadUint16LengthPrefixed
#13: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.String.ReadUint24
#14: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.String.ReadUint24LengthPrefixed
#15: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.String.ReadUint32
#16: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.String.ReadUint8
#17: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.String.ReadUint8LengthPrefixed
#18: transports/meeklite/transport.go:163:25: meeklite.roundTripper.dialTLS calls utls.UConn.Handshake, which eventually calls cryptobyte.String.Skip
#19: transports/meeklite/meek.go:50:2: meeklite.init calls utls.init, which calls cryptobyte.init
Your code is affected by 4 vulnerabilities from 2 modules.
This scan also found 6 vulnerabilities in packages you import and 13
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/opentofu
=== Symbol Results ===
Vulnerability #1: GO-2024-2948
Code Execution on Git update in github.com/hashicorp/go-getter
More info: https://pkg.go.dev/vuln/GO-2024-2948
Module: github.com/hashicorp/go-getter
Found in: github.com/hashicorp/go-getter@v1.7.3
Fixed in: github.com/hashicorp/go-getter@v1.7.5
Example traces found:
#1: internal/getmodules/getter.go:154:19: getmodules.reusingGetter.getWithGoGetter calls getter.Client.Get
#2: tools/protobuf-compile/protobuf-compile.go:151:18: protobuf.downloadProtoc calls getter.Get
Vulnerability #2: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.7.4
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: internal/registry/client.go:224:26: registry.Client.ModuleLocation calls retryablehttp.Client.Do
#2: internal/getproviders/registry_client.go:436:31: getproviders.registryClient.getFile calls retryablehttp.Client.Get
#3: internal/httpclient/useragent.go:30:27: httpclient.userAgentRoundTripper.RoundTrip calls retryablehttp.RoundTripper.RoundTrip
Vulnerability #3: GO-2024-2800
Argument injection when fetching remote default Git branches in
github.com/hashicorp/go-getter
More info: https://pkg.go.dev/vuln/GO-2024-2800
Module: github.com/hashicorp/go-getter
Found in: github.com/hashicorp/go-getter@v1.7.3
Fixed in: github.com/hashicorp/go-getter@v1.7.4
Example traces found:
#1: internal/getmodules/getter.go:154:19: getmodules.reusingGetter.getWithGoGetter calls getter.Client.Get
#2: tools/protobuf-compile/protobuf-compile.go:151:18: protobuf.downloadProtoc calls getter.Get
Vulnerability #4: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.19.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: internal/backend/remote-state/gcs/backend.go:195:48: gcs.Backend.configure calls impersonate.CredentialsTokenSource, which eventually calls http2.ConfigureTransports
#2: internal/states/statemgr/locker.go:220:32: statemgr.LockError.Error calls http2.ConnectionError.Error
#3: internal/dag/graph.go:366:18: dag.VertexName calls http2.ErrCode.String
#4: internal/dag/graph.go:366:18: dag.VertexName calls http2.FrameHeader.String
#5: internal/dag/graph.go:366:18: dag.VertexName calls http2.FrameType.String
#6: internal/plugin/serve.go:53:14: plugin.Serve calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#7: internal/plugin/serve.go:53:14: plugin.Serve calls plugin.Serve, which eventually calls http2.Framer.WriteContinuation
#8: internal/plugin/serve.go:53:14: plugin.Serve calls plugin.Serve, which eventually calls http2.Framer.WriteData
#9: internal/plugin/serve.go:53:14: plugin.Serve calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#10: internal/plugin/serve.go:53:14: plugin.Serve calls plugin.Serve, which eventually calls http2.Framer.WriteHeaders
#11: internal/plugin/serve.go:53:14: plugin.Serve calls plugin.Serve, which eventually calls http2.Framer.WritePing
#12: internal/plugin/serve.go:53:14: plugin.Serve calls plugin.Serve, which eventually calls http2.Framer.WriteRSTStream
#13: internal/plugin/serve.go:53:14: plugin.Serve calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#14: internal/plugin/serve.go:53:14: plugin.Serve calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#15: internal/plugin/serve.go:53:14: plugin.Serve calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#16: internal/states/statemgr/locker.go:220:32: statemgr.LockError.Error calls http2.GoAwayError.Error
#17: internal/dag/graph.go:366:18: dag.VertexName calls http2.Setting.String
#18: internal/dag/graph.go:366:18: dag.VertexName calls http2.SettingID.String
#19: internal/plugin/serve.go:53:14: plugin.Serve calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#20: internal/states/statemgr/locker.go:220:32: statemgr.LockError.Error calls http2.StreamError.Error
#21: internal/backend/remote-state/cos/transport.go:66:52: cos.LogRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.Transport.NewClientConn
#22: internal/backend/remote-state/cos/transport.go:66:52: cos.LogRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.Transport.RoundTrip
#23: internal/getproviders/mock_source.go:181:16: getproviders.FakeInstallablePackageMeta calls zip.Writer.Close, which eventually calls http2.chunkWriter.Write
#24: internal/states/statemgr/locker.go:220:32: statemgr.LockError.Error calls http2.connError.Error
#25: internal/states/statemgr/locker.go:220:32: statemgr.LockError.Error calls http2.duplicatePseudoHeaderError.Error
#26: internal/backend/remote-state/http/client.go:249:2: http.httpClient.Delete calls http2.gzipReader.Close
#27: internal/legacy/tofu/state.go:1960:30: tofu.ReadState calls io.ReadAll, which calls http2.gzipReader.Read
#28: internal/states/statemgr/locker.go:220:32: statemgr.LockError.Error calls http2.headerFieldNameError.Error
#29: internal/states/statemgr/locker.go:220:32: statemgr.LockError.Error calls http2.headerFieldValueError.Error
#30: internal/backend/remote-state/cos/transport.go:66:52: cos.LogRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#31: internal/states/statemgr/locker.go:220:32: statemgr.LockError.Error calls http2.pseudoHeaderError.Error
#32: internal/getproviders/mock_source.go:181:16: getproviders.FakeInstallablePackageMeta calls zip.Writer.Close, which eventually calls http2.stickyErrWriter.Write
#33: internal/backend/remote-state/http/client.go:249:2: http.httpClient.Delete calls http2.transportResponseBody.Close
#34: internal/legacy/tofu/state.go:1960:30: tofu.ReadState calls io.ReadAll, which calls http2.transportResponseBody.Read
#35: internal/dag/graph.go:366:18: dag.VertexName calls http2.writeData.String
Vulnerability #5: GO-2024-2611
Infinite loop in JSON unmarshaling in google.golang.org/protobuf
More info: https://pkg.go.dev/vuln/GO-2024-2611
Module: google.golang.org/protobuf
Found in: google.golang.org/protobuf@v1.31.0
Fixed in: google.golang.org/protobuf@v1.33.0
Example traces found:
#1: internal/backend/remote-state/gcs/client.go:48:44: gcs.remoteClient.Get calls storage.ObjectHandle.Attrs, which eventually calls json.Decoder.Peek
#2: internal/backend/remote-state/gcs/client.go:48:44: gcs.remoteClient.Get calls storage.ObjectHandle.Attrs, which eventually calls json.Decoder.Read
#3: internal/backend/remote-state/gcs/client.go:48:44: gcs.remoteClient.Get calls storage.ObjectHandle.Attrs, which eventually calls protojson.Unmarshal
Vulnerability #6: GO-2023-2402
Man-in-the-middle attacker can compromise integrity of secure channel in
golang.org/x/crypto
More info: https://pkg.go.dev/vuln/GO-2023-2402
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@v0.16.0
Fixed in: golang.org/x/crypto@v0.17.0
Example traces found:
#1: internal/communicator/ssh/communicator.go:864:28: ssh.BastionConnectFunc calls ssh.Client.Dial
#2: internal/communicator/ssh/communicator.go:229:38: ssh.Communicator.Connect calls ssh.Client.NewSession
#3: internal/communicator/ssh/communicator.go:856:27: ssh.BastionConnectFunc calls ssh.Dial
#4: internal/communicator/ssh/provisioner.go:594:29: ssh.sshAgent.ForwardToAgent calls agent.ForwardToAgent, which eventually calls ssh.DiscardRequests
#5: internal/communicator/ssh/communicator.go:220:26: ssh.Communicator.Connect calls ssh.NewClient
#6: internal/communicator/ssh/communicator.go:208:49: ssh.Communicator.Connect calls ssh.NewClientConn
#7: internal/communicator/ssh/communicator.go:233:3: ssh.Communicator.Connect calls ssh.Session.Close
#8: internal/communicator/ssh/communicator.go:374:31: ssh.Communicator.Start calls ssh.Session.RequestPty
#9: internal/communicator/ssh/communicator.go:235:37: ssh.Communicator.Connect calls agent.RequestAgentForwarding, which calls ssh.Session.SendRequest
#10: internal/communicator/ssh/communicator.go:380:21: ssh.Communicator.Start calls ssh.Session.Start
#11: internal/communicator/ssh/communicator.go:884:14: ssh.bastionConn.Close calls ssh.channel.Close
#12: internal/builtin/provisioners/local-exec/resource_provisioner.go:180:17: local.provisioner.ProvisionResource calls exec.Cmd.Start, which eventually calls ssh.channel.CloseWrite
#13: internal/communicator/ssh/communicator.go:457:17: ssh.Communicator.UploadScript calls bytes.Buffer.ReadFrom, which calls ssh.channel.Read
#14: internal/terminal/streams.go:107:21: terminal.Streams.Eprintln calls fmt.Fprintln, which calls ssh.channel.Write
#15: internal/communicator/ssh/communicator.go:457:17: ssh.Communicator.UploadScript calls bytes.Buffer.ReadFrom, which calls ssh.extChannel.Read
#16: internal/communicator/ssh/communicator.go:276:40: ssh.Connect calls ssh.mux.SendRequest
#17: internal/communicator/ssh/communicator.go:589:14: ssh.Communicator.scpSession calls ssh.sessionStdin.Close
Your code is affected by 6 vulnerabilities from 5 modules.
This scan also found 3 vulnerabilities in packages you import and 3
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/rclone
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.27.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: backend/http/http.go:393:24: http.parse calls html.Parse
Your code is affected by 1 vulnerability from 1 module.
This scan also found 1 vulnerability in packages you import and 0
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/scaleway-cli
=== Symbol Results ===
Vulnerability #1: GO-2024-2659
Data exfiltration from internal networks in github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2024-2659
Module: github.com/docker/docker
Found in: github.com/docker/docker@v25.0.4+incompatible
Fixed in: github.com/docker/docker@v25.0.5+incompatible
Example traces found:
#1: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls api.init
#2: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls archive.CopyTo
#3: internal/interactive/list.go:84:17: interactive.ListPrompt.Execute calls bubbletea.Program.Run, which eventually calls archive.Do
#4: internal/namespaces/container/v1beta1/custom_deploy.go:239:36: v1beta1.DeployStepDockerPackImage calls archive.TarWithOptions
#5: internal/namespaces/container/v1beta1/custom_deploy.go:361:2: v1beta1.DeployStepPushImage calls ioutils.ReadCloserWrapper.Close, which calls archive.cmdStream
#6: internal/namespaces/container/v1beta1/custom_deploy.go:22:2: v1beta1.init calls archive.init
#7: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls archive.nosysFileInfo.Sys
#8: internal/namespaces/container/v1beta1/custom_deploy.go:361:2: v1beta1.DeployStepPushImage calls ioutils.ReadCloserWrapper.Close, which calls archive.wrapReadCloser
#9: internal/namespaces/container/v1beta1/custom_deploy_helpers.go:16:2: v1beta1.init calls container.init, which calls blkiodev.init
#10: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls checkpoint.init
#11: internal/namespaces/container/v1beta1/custom_deploy_helpers.go:77:31: v1beta1.ContainerAttach calls http.Client.Do, which eventually calls client.CheckRedirect
#12: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ContainerAttach
#13: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ContainerCreate
#14: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ContainerInspect
#15: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ContainerRemove
#16: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ContainerStart
#17: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ContainerWait
#18: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.CopyFromContainer
#19: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.CopyToContainer
#20: internal/namespaces/container/v1beta1/custom_deploy_helpers.go:67:51: v1beta1.CustomDockerClient.ContainerAttach calls client.Client.DaemonHost
#21: internal/namespaces/container/v1beta1/custom_deploy.go:268:52: v1beta1.DeployStepDockerBuildImage calls client.Client.ImageBuild
#22: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ImageHistory
#23: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ImageInspectWithRaw
#24: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ImageLoad
#25: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ImagePull
#26: internal/namespaces/container/v1beta1/custom_deploy.go:355:55: v1beta1.DeployStepPushImage calls client.Client.ImagePush
#27: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which calls client.Client.ImageRemove
#28: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ImageSave
#29: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ImageTag
#30: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.Info
#31: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.ServerVersion
#32: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.Client.VolumeRemove
#33: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls client.IsErrNotFound
#34: internal/namespaces/container/v1beta1/custom_deploy.go:263:47: v1beta1.DeployStepDockerBuildImage calls client.NewClientWithOpts
#35: internal/namespaces/container/v1beta1/custom_deploy_helpers.go:77:31: v1beta1.ContainerAttach calls http.Client.Do, which eventually calls client.NewClientWithOpts
#36: internal/namespaces/container/v1beta1/custom_deploy.go:263:96: v1beta1.DeployStepDockerBuildImage calls client.WithAPIVersionNegotiation
#37: internal/namespaces/container/v1beta1/custom_deploy.go:263:121: v1beta1.DeployStepDockerBuildImage calls client.WithHTTPClient
#38: internal/namespaces/container/v1beta1/custom_deploy.go:309:35: v1beta1.DeployStepBuildpackBuildImage calls client.NewClient, which calls client.WithVersion
#39: internal/core/printer.go:174:45: core.Printer.Print calls client.errConnectionFailed.Error
#40: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls client.errConnectionFailed.Unwrap
#41: internal/namespaces/autocomplete/autocomplete.go:206:50: autocomplete.InstallCommandRun calls io.ReadAll, which eventually calls client.hijackedConn.Read
#42: internal/namespaces/container/v1beta1/custom_deploy_helpers.go:77:31: v1beta1.ContainerAttach calls http.Client.Do, which eventually calls client.hijackedConn.RoundTrip
#43: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init
#44: internal/core/printer.go:174:45: core.Printer.Print calls client.objectNotFoundError.Error
#45: internal/namespaces/container/v1beta1/custom_deploy.go:268:52: v1beta1.DeployStepDockerBuildImage calls client.Client.ImageBuild, which eventually calls container.Isolation.IsDefault
#46: internal/namespaces/container/v1beta1/custom_deploy_helpers.go:16:2: v1beta1.init calls container.init
#47: internal/namespaces/container/v1beta1/custom_deploy.go:268:52: v1beta1.DeployStepDockerBuildImage calls client.Client.ImageBuild, which eventually calls errdefs.Cancelled
#48: internal/namespaces/container/v1beta1/custom_deploy.go:268:52: v1beta1.DeployStepDockerBuildImage calls client.Client.ImageBuild, which eventually calls errdefs.Deadline
#49: internal/namespaces/container/v1beta1/custom_deploy.go:268:52: v1beta1.DeployStepDockerBuildImage calls client.Client.ImageBuild, which eventually calls errdefs.FromStatusCode
#50: internal/namespaces/container/v1beta1/custom_deploy.go:17:2: v1beta1.init calls client.init, which eventually calls errdefs.InvalidParameter
#51: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls errdefs.IsNotFound
#52: internal/namespaces/container/v1beta1/custom_deploy.go:355:55: v1beta1.DeployStepPushImage calls client.Client.ImagePush, which calls errdefs.IsUnauthorized
#53: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errCancelled.Cause
#54: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errCancelled.Unwrap
#55: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errConflict.Cause
#56: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errConflict.Unwrap
#57: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errDeadline.Cause
#58: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errDeadline.Unwrap
#59: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errForbidden.Cause
#60: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errForbidden.Unwrap
#61: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errInvalidParameter.Cause
#62: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errInvalidParameter.Unwrap
#63: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errNotFound.Cause
#64: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errNotFound.Unwrap
#65: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errNotImplemented.Cause
#66: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errNotImplemented.Unwrap
#67: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errNotModified.Cause
#68: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errNotModified.Unwrap
#69: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errSystem.Cause
#70: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errSystem.Unwrap
#71: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errUnauthorized.Cause
#72: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errUnauthorized.Unwrap
#73: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errUnavailable.Cause
#74: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errUnavailable.Unwrap
#75: internal/sentry/sentry.go:40:29: sentry.logAndSentry calls sentry.Hub.Recover, which eventually calls errdefs.errUnknown.Cause
#76: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls errdefs.errUnknown.Unwrap
#77: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls errdefs.init
#78: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls events.init
#79: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls filters.init
#80: internal/namespaces/container/v1beta1/custom_deploy.go:361:2: v1beta1.DeployStepPushImage calls http.http2requestBody.Close, which eventually calls homedir.Get
#81: internal/namespaces/container/v1beta1/custom_deploy.go:17:2: v1beta1.init calls client.init, which eventually calls homedir.init
#82: internal/namespaces/container/v1beta1/custom_deploy.go:239:36: v1beta1.DeployStepDockerPackImage calls archive.TarWithOptions, which eventually calls idtools.IdentityMapping.Empty
#83: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls idtools.IdentityMapping.RootPair
#84: internal/namespaces/container/v1beta1/custom_deploy.go:239:36: v1beta1.DeployStepDockerPackImage calls archive.TarWithOptions, which eventually calls idtools.IdentityMapping.ToContainer
#85: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls idtools.IdentityMapping.ToHost
#86: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls idtools.MkdirAllAndChownNew
#87: internal/namespaces/container/v1beta1/custom_deploy.go:22:2: v1beta1.init calls archive.init, which calls idtools.init
#88: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls image.init
#89: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls ioutils.NewReadCloserWrapper
#90: internal/namespaces/container/v1beta1/custom_deploy.go:239:36: v1beta1.DeployStepDockerPackImage calls archive.TarWithOptions, which eventually calls ioutils.NewWriteCloserWrapper
#91: internal/namespaces/container/v1beta1/custom_deploy.go:361:2: v1beta1.DeployStepPushImage calls ioutils.ReadCloserWrapper.Close
#92: internal/namespaces/container/v1beta1/custom_deploy.go:22:2: v1beta1.init calls archive.init, which calls ioutils.init
#93: internal/namespaces/container/v1beta1/custom_deploy.go:239:36: v1beta1.DeployStepDockerPackImage calls archive.TarWithOptions, which eventually calls ioutils.writeCloserWrapper.Close
#94: internal/namespaces/container/v1beta1/custom_deploy.go:363:45: v1beta1.DeployStepPushImage calls jsonmessage.DisplayJSONMessagesStream
#95: internal/core/printer.go:174:45: core.Printer.Print calls jsonmessage.JSONError.Error
#96: internal/namespaces/container/v1beta1/custom_deploy.go:23:2: v1beta1.init calls jsonmessage.init
#97: internal/namespaces/container/v1beta1/custom_deploy_helpers.go:16:2: v1beta1.init calls container.init, which calls mount.init
#98: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls mounts.NewLCOWParser
#99: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls mounts.NewLinuxParser
#100: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls mounts.NewWindowsParser
#101: internal/core/printer.go:174:45: core.Printer.Print calls mounts.errMountConfig.Error
#102: internal/namespaces/container/v1beta1/custom_deploy.go:17:2: v1beta1.init calls client.init, which calls mounts.init
#103: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls mounts.lcowParser.ParseMountRaw
#104: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls mounts.linuxParser.ParseMountRaw
#105: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls mounts.windowsParser.ParseMountRaw
#106: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which eventually calls multierror.init
#107: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls network.init
#108: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls pools.BufioReaderPool.Get
#109: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls pools.BufioReaderPool.NewReadCloserWrapper
#110: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls pools.BufioReaderPool.Put
#111: internal/namespaces/container/v1beta1/custom_deploy.go:239:36: v1beta1.DeployStepDockerPackImage calls archive.TarWithOptions, which eventually calls pools.BufioWriterPool.Get
#112: internal/namespaces/container/v1beta1/custom_deploy.go:239:36: v1beta1.DeployStepDockerPackImage calls archive.TarWithOptions, which eventually calls pools.BufioWriterPool.NewWriteCloserWrapper
#113: internal/namespaces/container/v1beta1/custom_deploy.go:239:36: v1beta1.DeployStepDockerPackImage calls archive.TarWithOptions, which eventually calls pools.BufioWriterPool.Put
#114: internal/namespaces/container/v1beta1/custom_deploy.go:361:2: v1beta1.DeployStepPushImage calls ioutils.ReadCloserWrapper.Close, which calls pools.NewReadCloserWrapper
#115: internal/namespaces/container/v1beta1/custom_deploy.go:239:36: v1beta1.DeployStepDockerPackImage calls archive.TarWithOptions, which eventually calls pools.NewWriteCloserWrapper
#116: internal/namespaces/container/v1beta1/custom_deploy.go:22:2: v1beta1.init calls archive.init, which calls pools.init
#117: internal/namespaces/container/v1beta1/custom_deploy.go:348:34: v1beta1.DeployStepPushImage calls json.Marshal, which eventually calls pools.newBufferPoolWithSize
#118: internal/namespaces/container/v1beta1/custom_deploy.go:348:34: v1beta1.DeployStepPushImage calls json.Marshal, which eventually calls pools.newBufioReaderPoolWithSize
#119: internal/namespaces/container/v1beta1/custom_deploy.go:348:34: v1beta1.DeployStepPushImage calls json.Marshal, which eventually calls pools.newBufioWriterPoolWithSize
#120: internal/namespaces/container/v1beta1/custom_deploy.go:17:2: v1beta1.init calls client.init, which eventually calls registry.init
#121: internal/namespaces/container/v1beta1/custom_deploy.go:20:2: v1beta1.init calls registry.init
#122: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which eventually calls runtime.init
#123: internal/namespaces/container/v1beta1/custom_deploy_helpers.go:16:2: v1beta1.init calls container.init, which calls specs.init
#124: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls stdcopy.StdCopy
#125: internal/namespaces/container/v1beta1/custom_deploy.go:348:34: v1beta1.DeployStepPushImage calls json.Marshal, which eventually calls stdcopy.init
#126: internal/namespaces/container/v1beta1/custom_deploy.go:17:2: v1beta1.init calls client.init, which eventually calls stdcopy.init
#127: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls stringid.GenerateRandomID
#128: internal/namespaces/container/v1beta1/custom_deploy.go:17:2: v1beta1.init calls client.init, which eventually calls stringid.init
#129: internal/namespaces/container/v1beta1/custom_deploy_helpers.go:16:2: v1beta1.init calls container.init, which calls strslice.init
#130: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls swarm.init
#131: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls system.Chtimes
#132: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls system.IsAbs
#133: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls system.LUtimesNano
#134: internal/namespaces/container/v1beta1/custom_deploy.go:239:36: v1beta1.DeployStepDockerPackImage calls archive.TarWithOptions, which eventually calls system.Lgetxattr
#135: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls system.Lsetxattr
#136: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls system.Mkdev
#137: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls system.Mknod
#138: internal/core/printer.go:174:45: core.Printer.Print calls system.XattrError.Error
#139: internal/namespaces/autocomplete/autocomplete.go:206:50: autocomplete.InstallCommandRun calls io.ReadAll, which eventually calls system.XattrError.Timeout
#140: internal/namespaces/container/v1beta1/custom_deploy.go:275:68: v1beta1.DeployStepDockerBuildImage calls errors.Unwrap, which calls system.XattrError.Unwrap
#141: internal/namespaces/container/v1beta1/custom_deploy.go:22:2: v1beta1.init calls archive.init, which calls system.init
#142: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls system.init
#143: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls time.init
#144: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls types.HijackedResponse.Close
#145: internal/namespaces/container/v1beta1/custom_deploy_helpers.go:105:40: v1beta1.CustomDockerClient.ContainerAttach calls types.NewHijackedResponse
#146: internal/namespaces/container/v1beta1/custom_deploy.go:19:2: v1beta1.init calls types.init
#147: internal/namespaces/container/v1beta1/custom_deploy.go:268:52: v1beta1.DeployStepDockerBuildImage calls client.Client.ImageBuild, which eventually calls versions.GreaterThan
#148: internal/namespaces/container/v1beta1/custom_deploy.go:314:24: v1beta1.DeployStepBuildpackBuildImage calls client.Client.Build, which eventually calls versions.GreaterThanOrEqualTo
#149: internal/namespaces/container/v1beta1/custom_deploy.go:268:52: v1beta1.DeployStepDockerBuildImage calls client.Client.ImageBuild, which eventually calls versions.LessThan
#150: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls versions.init
#151: internal/namespaces/container/v1beta1/custom_deploy.go:17:2: v1beta1.init calls client.init, which eventually calls volume.init
#152: internal/namespaces/container/v1beta1/custom_deploy.go:21:2: v1beta1.init calls client.init, which calls volume.init
Your code is affected by 1 vulnerability from 1 module.
This scan also found 2 vulnerabilities in packages you import and 2
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/snowflake
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.19.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: server/lib/snowflake.go:100:30: lib.Transport.Listen calls http2.ConfigureServer
#2: broker/broker.go:249:23: broker.main calls http2.ConnectionError.Error
#3: common/event/interface.go:100:20: event.EventOnCurrentNATTypeDetermined.String calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#4: common/event/interface.go:100:20: event.EventOnCurrentNATTypeDetermined.String calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#5: common/event/interface.go:100:20: event.EventOnCurrentNATTypeDetermined.String calls fmt.Sprintf, which eventually calls http2.FrameType.String
#6: common/event/interface.go:100:20: event.EventOnCurrentNATTypeDetermined.String calls fmt.Sprintf, which eventually calls http2.FrameWriteRequest.String
#7: broker/broker.go:249:23: broker.main calls http2.GoAwayError.Error
#8: broker/broker.go:332:30: broker.main calls http.Server.ListenAndServe, which eventually calls http2.Server.ServeConn
#9: common/event/interface.go:100:20: event.EventOnCurrentNATTypeDetermined.String calls fmt.Sprintf, which eventually calls http2.Setting.String
#10: common/event/interface.go:100:20: event.EventOnCurrentNATTypeDetermined.String calls fmt.Sprintf, which eventually calls http2.SettingID.String
#11: broker/broker.go:249:23: broker.main calls http2.StreamError.Error
#12: common/utls/roundtripper.go:91:44: utls.uTLSHTTPRoundTripperImpl.RoundTrip calls http2.Transport.RoundTrip
#13: client/lib/turbotunnel.go:52:19: lib.encapsulationPacketConn.WriteTo calls bufio.Writer.Flush, which calls http2.chunkWriter.Write
#14: broker/broker.go:249:23: broker.main calls http2.connError.Error
#15: broker/broker.go:249:23: broker.main calls http2.duplicatePseudoHeaderError.Error
#16: proxy/lib/snowflake.go:212:2: lib.SignalingServer.Post calls http2.gzipReader.Close
#17: client/lib/rendezvous_ampcache.go:118:36: lib.ampCacheRendezvous.Exchange calls ioutil.ReadAll, which eventually calls http2.gzipReader.Read
#18: broker/broker.go:249:23: broker.main calls http2.headerFieldNameError.Error
#19: broker/broker.go:249:23: broker.main calls http2.headerFieldValueError.Error
#20: broker/broker.go:249:23: broker.main calls http2.pseudoHeaderError.Error
#21: proxy/lib/snowflake.go:204:36: lib.SignalingServer.Post calls http.Transport.RoundTrip, which eventually calls http2.requestBody.Close
#22: common/encapsulation/encapsulation.go:96:22: encapsulation.ReadData calls io.CopyN, which eventually calls http2.requestBody.Read
#23: common/amp/armor_encoder.go:170:24: amp.elementEncoder.Close calls http2.responseWriter.Write
#24: server/lib/http.go:98:29: lib.httpHandler.ServeHTTP calls websocket.Upgrader.Upgrade, which eventually calls http2.responseWriter.WriteHeader
#25: common/amp/armor_encoder.go:170:24: amp.elementEncoder.Close calls http.http2responseWriter.Write, which eventually calls http2.responseWriter.WriteString
#26: client/lib/turbotunnel.go:52:19: lib.encapsulationPacketConn.WriteTo calls bufio.Writer.Flush, which calls http2.stickyErrWriter.Write
#27: proxy/lib/snowflake.go:212:2: lib.SignalingServer.Post calls http2.transportResponseBody.Close
#28: client/lib/rendezvous_ampcache.go:118:36: lib.ampCacheRendezvous.Exchange calls ioutil.ReadAll, which eventually calls http2.transportResponseBody.Read
#29: common/event/interface.go:100:20: event.EventOnCurrentNATTypeDetermined.String calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #2: GO-2024-2459
Denial of service via path validation in github.com/quic-go/quic-go
More info: https://pkg.go.dev/vuln/GO-2024-2459
Module: github.com/quic-go/quic-go
Found in: github.com/quic-go/quic-go@v0.39.0
Fixed in: github.com/quic-go/quic-go@v0.39.4
Example traces found:
#1: common/event/interface.go:100:20: event.EventOnCurrentNATTypeDetermined.String calls fmt.Sprintf, which eventually calls protocol.ECN.String
#2: common/event/interface.go:100:20: event.EventOnCurrentNATTypeDetermined.String calls fmt.Sprintf, which eventually calls protocol.PacketType.String
#3: common/utls/client_hello_id.go:5:2: utls.init calls utls.init, which eventually calls protocol.init
#4: common/utls/client_hello_id.go:5:2: utls.init calls utls.init, which calls quicvarint.init
Vulnerability #3: GO-2024-2453
Timing side channel in github.com/cloudflare/circl
More info: https://pkg.go.dev/vuln/GO-2024-2453
Module: github.com/cloudflare/circl
Found in: github.com/cloudflare/circl@v1.3.6
Fixed in: github.com/cloudflare/circl@v1.3.7
Example traces found:
#1: server/lib/snowflake.go:199:16: lib.SnowflakeListener.Close calls sync.Once.Do, which eventually calls common.Poly.CompressTo
Your code is affected by 3 vulnerabilities from 3 modules.
This scan also found 1 vulnerability in packages you import and 4
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/syncthing
=== Symbol Results ===
Vulnerability #1: GO-2024-3302
ICMP Packet Too Large Injection Attack on Linux in
github.com/quic-go/quic-go
More info: https://pkg.go.dev/vuln/GO-2024-3302
Module: github.com/quic-go/quic-go
Found in: github.com/quic-go/quic-go@v0.39.1
Fixed in: github.com/quic-go/quic-go@v0.48.2
Platforms: linux
Example traces found:
#1: lib/model/model.go:1935:22: model.model.Closed calls quic.StreamError.Error
#2: lib/connections/quic_listen.go:105:2: connections.quicListener.serve calls quic.Transport.Close
#3: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial
#4: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen
#5: lib/connections/quic_misc.go:111:33: connections.transportPacketConn.ReadFrom calls quic.Transport.ReadNonQUICPacket
#6: lib/connections/quic_misc.go:115:23: connections.transportPacketConn.WriteTo calls quic.Transport.WriteTo
#7: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.connMultiplexer.RemoveConn
#8: lib/connections/quic_listen.go:171:38: connections.quicListener.serve calls quic.connection.AcceptStream
#9: lib/connections/quic_misc.go:51:38: connections.quicTlsConn.Close calls quic.connection.CloseWithError
#10: lib/connections/quic_dial.go:79:39: connections.quicDialer.Dial calls quic.connection.OpenStreamSync
#11: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.oobConn.ReadPacket
#12: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.packetHandlerMap.Close
#13: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.packetHandlerMap.GetStatelessResetToken
#14: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls quic.receiveStream.Read
#15: lib/connections/limiter.go:249:24: connections.limitedWriter.Write calls quic.sendStream.Write
#16: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.setDF
#17: lib/connections/quic_misc.go:50:25: connections.quicTlsConn.Close calls quic.stream.Close
Vulnerability #2: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.17.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: lib/discover/global.go:474:30: discover.http2EnabledTransport calls http2.ConfigureTransport
#2: lib/model/model.go:1935:22: model.model.Closed calls http2.ConnectionError.Error
#3: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls http2.ErrCode.String
#4: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls http2.FrameHeader.String
#5: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls http2.FrameType.String
#6: lib/model/model.go:1935:22: model.model.Closed calls http2.GoAwayError.Error
#7: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls http2.Setting.String
#8: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls http2.SettingID.String
#9: lib/model/model.go:1935:22: model.model.Closed calls http2.StreamError.Error
#10: lib/discover/global.go:458:20: discover.contextClient.Post calls http.Client.Do, which eventually calls http2.Transport.NewClientConn
#11: lib/discover/global.go:458:20: discover.contextClient.Post calls http.Client.Do, which eventually calls http2.Transport.RoundTrip
#12: lib/config/versioningconfiguration.go:63:24: config.VersioningConfiguration.MarshalXML calls xml.Encoder.EncodeElement, which eventually calls http2.chunkWriter.Write
#13: lib/model/model.go:1935:22: model.model.Closed calls http2.connError.Error
#14: lib/model/model.go:1935:22: model.model.Closed calls http2.duplicatePseudoHeaderError.Error
#15: lib/discover/global.go:185:18: discover.globalClient.Lookup calls http2.gzipReader.Close
#16: lib/config/config.go:165:23: config.ReadJSON calls io.ReadAll, which calls http2.gzipReader.Read
#17: lib/model/model.go:1935:22: model.model.Closed calls http2.headerFieldNameError.Error
#18: lib/model/model.go:1935:22: model.model.Closed calls http2.headerFieldValueError.Error
#19: lib/discover/global.go:458:20: discover.contextClient.Post calls http.Client.Do, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#20: lib/model/model.go:1935:22: model.model.Closed calls http2.pseudoHeaderError.Error
#21: lib/config/versioningconfiguration.go:63:24: config.VersioningConfiguration.MarshalXML calls xml.Encoder.EncodeElement, which eventually calls http2.stickyErrWriter.Write
#22: lib/discover/global.go:185:18: discover.globalClient.Lookup calls http2.transportResponseBody.Close
#23: lib/config/config.go:165:23: config.ReadJSON calls io.ReadAll, which calls http2.transportResponseBody.Read
#24: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls http2.writeData.String
Vulnerability #3: GO-2024-2682
Denial of service via connection starvation in github.com/quic-go/quic-go
More info: https://pkg.go.dev/vuln/GO-2024-2682
Module: github.com/quic-go/quic-go
Found in: github.com/quic-go/quic-go@v0.39.1
Fixed in: github.com/quic-go/quic-go@v0.42.0
Example traces found:
#1: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial
#2: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen
#3: lib/connections/quic_listen.go:171:38: connections.quicListener.serve calls quic.connection.AcceptStream
#4: lib/connections/quic_dial.go:79:39: connections.quicDialer.Dial calls quic.connection.OpenStreamSync
#5: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls quic.receiveStream.Read
Vulnerability #4: GO-2024-2459
Denial of service via path validation in github.com/quic-go/quic-go
More info: https://pkg.go.dev/vuln/GO-2024-2459
Module: github.com/quic-go/quic-go
Found in: github.com/quic-go/quic-go@v0.39.1
Fixed in: github.com/quic-go/quic-go@v0.39.4
Example traces found:
#1: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.HasAckElicitingFrames
#2: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.IsFrameAckEliciting
#3: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.NewAckHandler
#4: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls ackhandler.SendMode.String
#5: lib/connections/quic_dial.go:20:2: connections.init calls quic.init, which calls ackhandler.init
#6: lib/protocol/bufferpool.go:40:28: protocol.bufferPool.Get calls sync.Pool.Get, which calls ackhandler.init
#7: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.receivedPacketHandler.DropPackets
#8: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.receivedPacketHandler.GetAckFrame
#9: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.receivedPacketHandler.GetAlarmTimeout
#10: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.receivedPacketHandler.IsPotentiallyDuplicate
#11: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.receivedPacketHandler.ReceivedPacket
#12: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.DropPackets
#13: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.ECNMode
#14: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.GetLossDetectionTimeout
#15: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.OnLossDetectionTimeout
#16: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.PeekPacketNumber
#17: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.PopPacketNumber
#18: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.QueueProbePacket
#19: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.ReceivedAck
#20: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.ReceivedBytes
#21: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.ResetForRetry
#22: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.SendMode
#23: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.SentPacket
#24: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.SetHandshakeConfirmed
#25: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ackhandler.sentPacketHandler.TimeUntilSend
#26: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls congestion.NewCubicSender
#27: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls congestion.cubicSender.CanSend
#28: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls congestion.cubicSender.GetCongestionWindow
#29: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls congestion.cubicSender.HasPacingBudget
#30: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls congestion.cubicSender.MaybeExitSlowStart
#31: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls congestion.cubicSender.OnCongestionEvent
#32: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls congestion.cubicSender.OnPacketAcked
#33: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls congestion.cubicSender.OnPacketSent
#34: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls congestion.cubicSender.TimeUntilSend
#35: lib/connections/quic_dial.go:20:2: connections.init calls quic.init, which eventually calls congestion.init
#36: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls flowcontrol.NewConnectionFlowController
#37: lib/connections/quic_dial.go:79:39: connections.quicDialer.Dial calls quic.connection.OpenStreamSync, which eventually calls flowcontrol.NewStreamFlowController
#38: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls flowcontrol.baseFlowController.IsNewlyBlocked
#39: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls flowcontrol.baseFlowController.UpdateSendWindow
#40: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls flowcontrol.connectionFlowController.GetWindowUpdate
#41: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls flowcontrol.connectionFlowController.Reset
#42: lib/connections/quic_dial.go:20:2: connections.init calls quic.init, which calls flowcontrol.init
#43: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls flowcontrol.streamFlowController.Abandon
#44: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls quic.receiveStream.Read, which eventually calls flowcontrol.streamFlowController.AddBytesRead
#45: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls flowcontrol.streamFlowController.AddBytesSent
#46: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls flowcontrol.streamFlowController.GetWindowUpdate
#47: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls flowcontrol.streamFlowController.SendWindowSize
#48: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls flowcontrol.streamFlowController.UpdateHighestReceived
#49: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.GetRetryIntegrityTag
#50: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.NewCryptoSetupClient
#51: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls handshake.NewCryptoSetupServer
#52: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls handshake.NewInitialAEAD
#53: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls handshake.NewTokenGenerator
#54: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls handshake.Token.ValidateRemoteAddr
#55: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls handshake.TokenGenerator.DecodeToken
#56: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls handshake.TokenGenerator.NewRetryToken
#57: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.TokenGenerator.NewToken
#58: cmd/ursrv/serve/serve.go:207:22: serve.CLI.Run calls http.Server.Serve, which eventually calls handshake.addConnToClientHelloInfo
#59: cmd/ursrv/serve/serve.go:207:22: serve.CLI.Run calls http.Server.Serve, which eventually calls handshake.addConnToClientHelloInfo
#60: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.ChangeConnectionID
#61: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.Close
#62: lib/connections/quic_misc.go:66:37: connections.quicTlsConn.ConnectionState calls quic.connection.ConnectionState, which calls handshake.cryptoSetup.ConnectionState
#63: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.DiscardInitialKeys
#64: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.Get0RTTOpener
#65: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.Get0RTTSealer
#66: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.Get1RTTOpener
#67: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.Get1RTTSealer
#68: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.GetHandshakeOpener
#69: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.GetHandshakeSealer
#70: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.GetInitialOpener
#71: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.GetInitialSealer
#72: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.GetSessionTicket
#73: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.HandleMessage
#74: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.NextEvent
#75: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.SetHandshakeConfirmed
#76: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.SetLargest1RTTAcked
#77: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.cryptoSetup.StartHandshake
#78: cmd/ursrv/serve/serve.go:207:22: serve.CLI.Run calls http.Server.Serve, which eventually calls handshake.cryptoSetup.getDataForSessionTicket
#79: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls tls.Conn.Read, which eventually calls handshake.cryptoSetup.handleDataFromSessionState
#80: cmd/ursrv/serve/serve.go:207:22: serve.CLI.Run calls http.Server.Serve, which eventually calls handshake.cryptoSetup.handleSessionTicket
#81: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls tls.Conn.Read, which eventually calls handshake.cryptoSetup.marshalDataForSessionState
#82: lib/connections/quic_dial.go:20:2: connections.init calls quic.init, which calls handshake.init
#83: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.longHeaderOpener.DecodePacketNumber
#84: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls handshake.longHeaderOpener.DecryptHeader
#85: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls handshake.longHeaderOpener.Open
#86: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls handshake.longHeaderSealer.EncryptHeader
#87: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls handshake.longHeaderSealer.Overhead
#88: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls handshake.longHeaderSealer.Seal
#89: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.updatableAEAD.DecodePacketNumber
#90: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.updatableAEAD.DecryptHeader
#91: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.updatableAEAD.EncryptHeader
#92: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.updatableAEAD.KeyPhase
#93: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.updatableAEAD.Open
#94: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.updatableAEAD.Overhead
#95: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls handshake.updatableAEAD.Seal
#96: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.Element[github.com/quic-go/quic-go.byteInterval].Next[github.com/quic-go/quic-go.byteInterval]
#97: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.Element[github.com/quic-go/quic-go.byteInterval].Prev[github.com/quic-go/quic-go.byteInterval]
#98: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.Element[github.com/quic-go/quic-go.newConnID].Next[github.com/quic-go/quic-go.newConnID]
#99: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.Element[github.com/quic-go/quic-go/internal/ackhandler.interval].Next[github.com/quic-go/quic-go/internal/ackhandler.interval]
#100: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.Element[github.com/quic-go/quic-go/internal/ackhandler.interval].Prev[github.com/quic-go/quic-go/internal/ackhandler.interval]
#101: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls quic.receiveStream.Read, which eventually calls linkedlist.List[github.com/quic-go/quic-go.byteInterval].Front[github.com/quic-go/quic-go.byteInterval]
#102: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go.byteInterval].InsertAfter[github.com/quic-go/quic-go.byteInterval]
#103: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go.byteInterval].Len[github.com/quic-go/quic-go.byteInterval]
#104: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go.byteInterval].PushFront[github.com/quic-go/quic-go.byteInterval]
#105: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go.byteInterval].Remove[github.com/quic-go/quic-go.byteInterval]
#106: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go.newConnID].Back[github.com/quic-go/quic-go.newConnID]
#107: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go.newConnID].Front[github.com/quic-go/quic-go.newConnID]
#108: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go.newConnID].InsertBefore[github.com/quic-go/quic-go.newConnID]
#109: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go.newConnID].Len[github.com/quic-go/quic-go.newConnID]
#110: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go.newConnID].PushBack[github.com/quic-go/quic-go.newConnID]
#111: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go.newConnID].Remove[github.com/quic-go/quic-go.newConnID]
#112: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go/internal/ackhandler.interval].Back[github.com/quic-go/quic-go/internal/ackhandler.interval]
#113: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go/internal/ackhandler.interval].Front[github.com/quic-go/quic-go/internal/ackhandler.interval]
#114: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go/internal/ackhandler.interval].InsertAfter[github.com/quic-go/quic-go/internal/ackhandler.interval]
#115: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go/internal/ackhandler.interval].InsertBefore[github.com/quic-go/quic-go/internal/ackhandler.interval]
#116: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go/internal/ackhandler.interval].Len[github.com/quic-go/quic-go/internal/ackhandler.interval]
#117: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go/internal/ackhandler.interval].PushBack[github.com/quic-go/quic-go/internal/ackhandler.interval]
#118: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.List[github.com/quic-go/quic-go/internal/ackhandler.interval].Remove[github.com/quic-go/quic-go/internal/ackhandler.interval]
#119: lib/connections/quic_dial.go:20:2: connections.init calls quic.init, which eventually calls linkedlist.NewPool[github.com/quic-go/quic-go.byteInterval]
#120: lib/protocol/bufferpool.go:40:28: protocol.bufferPool.Get calls sync.Pool.Get, which calls linkedlist.NewPool[github.com/quic-go/quic-go.byteInterval]
#121: lib/protocol/bufferpool.go:40:28: protocol.bufferPool.Get calls sync.Pool.Get, which calls linkedlist.NewPool[github.com/quic-go/quic-go/internal/ackhandler.interval]
#122: lib/connections/quic_dial.go:20:2: connections.init calls quic.init, which eventually calls linkedlist.NewPool[github.com/quic-go/quic-go/internal/ackhandler.interval]
#123: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.NewWithPool[github.com/quic-go/quic-go.byteInterval]
#124: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls linkedlist.NewWithPool[github.com/quic-go/quic-go/internal/ackhandler.interval]
#125: lib/connections/quic_dial.go:20:2: connections.init calls quic.init, which calls linkedlist.init
#126: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls logging.PacketTypeFromHeader
#127: lib/connections/quic_misc.go:21:2: connections.init calls logging.init
#128: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls logutils.ConvertAckFrame
#129: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls logutils.ConvertFrame
#130: lib/connections/quic_dial.go:20:2: connections.init calls quic.init, which calls logutils.init
#131: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls protocol.ArbitraryLenConnectionID.Bytes
#132: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls protocol.ArbitraryLenConnectionID.Len
#133: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls protocol.ChooseSupportedVersion
#134: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls protocol.ConnectionID.Bytes
#135: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls protocol.ConnectionID.Len
#136: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls protocol.ConnectionID.String
#137: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls protocol.DecodePacketNumber
#138: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls protocol.DefaultConnectionIDGenerator.ConnectionIDLen
#139: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls protocol.DefaultConnectionIDGenerator.GenerateConnectionID
#140: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls protocol.ECN.String
#141: lib/connections/quic_misc.go:115:23: connections.transportPacketConn.WriteTo calls quic.Transport.WriteTo, which eventually calls protocol.ECN.ToHeaderBits
#142: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls protocol.EncryptionLevel.String
#143: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls protocol.GenerateConnectionIDForInitial
#144: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls protocol.GetGreasedVersions
#145: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls protocol.GetPacketNumberLengthForHeader
#146: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls protocol.IsSupportedVersion
#147: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls protocol.IsValidVersion
#148: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls protocol.KeyPhase.Bit
#149: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls protocol.KeyPhaseBit.String
#150: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls protocol.PacketType.String
#151: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls protocol.ParseConnectionID
#152: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls protocol.ParseECNHeaderBits
#153: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls quic.receiveStream.Read, which eventually calls protocol.Perspective.Opposite
#154: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls protocol.ReadConnectionID
#155: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls quic.receiveStream.Read, which eventually calls protocol.StreamID.InitiatedBy
#156: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls quic.receiveStream.Read, which eventually calls protocol.StreamID.StreamNum
#157: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls quic.receiveStream.Read, which eventually calls protocol.StreamID.Type
#158: lib/connections/quic_dial.go:79:39: connections.quicDialer.Dial calls quic.connection.OpenStreamSync, which eventually calls protocol.StreamNum.StreamID
#159: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls protocol.VersionNumber.String
#160: lib/connections/quic_misc.go:21:2: connections.init calls logging.init, which calls protocol.init
#161: lib/model/model.go:1935:22: model.model.Closed calls qerr.ApplicationError.Error
#162: lib/model/model.go:934:16: model.model.Completion calls errors.Is, which eventually calls qerr.ApplicationError.Is
#163: lib/model/model.go:1935:22: model.model.Closed calls qerr.HandshakeTimeoutError.Error
#164: lib/model/model.go:934:16: model.model.Completion calls errors.Is, which eventually calls qerr.HandshakeTimeoutError.Is
#165: cmd/ursrv/serve/serve.go:207:22: serve.CLI.Run calls http.Server.Serve, which eventually calls qerr.HandshakeTimeoutError.Temporary
#166: cmd/strelaysrv/testutil/main.go:136:27: testutil.connectToStdio calls qerr.HandshakeTimeoutError.Timeout
#167: lib/model/model.go:1935:22: model.model.Closed calls qerr.IdleTimeoutError.Error
#168: lib/model/model.go:934:16: model.model.Completion calls errors.Is, which eventually calls qerr.IdleTimeoutError.Is
#169: cmd/ursrv/serve/serve.go:207:22: serve.CLI.Run calls http.Server.Serve, which eventually calls qerr.IdleTimeoutError.Temporary
#170: cmd/strelaysrv/testutil/main.go:136:27: testutil.connectToStdio calls qerr.IdleTimeoutError.Timeout
#171: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls qerr.NewLocalCryptoError
#172: lib/model/model.go:1935:22: model.model.Closed calls qerr.StatelessResetError.Error
#173: lib/model/model.go:934:16: model.model.Completion calls errors.Is, which eventually calls qerr.StatelessResetError.Is
#174: cmd/ursrv/serve/serve.go:207:22: serve.CLI.Run calls http.Server.Serve, which eventually calls qerr.StatelessResetError.Temporary
#175: cmd/strelaysrv/testutil/main.go:136:27: testutil.connectToStdio calls qerr.StatelessResetError.Timeout
#176: lib/model/model.go:1935:22: model.model.Closed calls qerr.TransportError.Error
#177: lib/model/model.go:934:16: model.model.Completion calls errors.Is, which eventually calls qerr.TransportError.Is
#178: lib/fs/casefs.go:236:16: fs.caseFilesystem.Rename calls errors.As, which eventually calls qerr.TransportError.Unwrap
#179: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls qerr.TransportErrorCode.IsCryptoError
#180: lib/model/model.go:1935:22: model.model.Closed calls qerr.VersionNegotiationError.Error
#181: lib/model/model.go:934:16: model.model.Completion calls errors.Is, which eventually calls qerr.VersionNegotiationError.Is
#182: lib/connections/quic_misc.go:21:2: connections.init calls logging.init, which calls qerr.init
#183: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls qtls.FromTLSEncryptionLevel
#184: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls qtls.QUICClient
#185: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls qtls.QUICServer
#186: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls qtls.SendSessionTicket
#187: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls qtls.SetupConfigForClient
#188: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls qtls.SetupConfigForServer
#189: cmd/ursrv/serve/serve.go:207:22: serve.CLI.Run calls http.Server.Serve, which eventually calls qtls.SetupConfigForServer
#190: cmd/ursrv/serve/serve.go:207:22: serve.CLI.Run calls http.Server.Serve, which eventually calls qtls.SetupConfigForServer
#191: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls qtls.ToTLSEncryptionLevel
#192: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls tls.Conn.Read, which eventually calls qtls.clientSessionCache.Get
#193: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls tls.Conn.Read, which eventually calls qtls.clientSessionCache.Put
#194: lib/connections/quic_misc.go:21:2: connections.init calls logging.init, which eventually calls qtls.init
#195: lib/connections/quic_listen.go:147:34: connections.quicListener.serve calls quic.Listener.Accept
#196: lib/connections/quic_listen.go:120:2: connections.quicListener.serve calls quic.Listener.Close
#197: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.ReadPacket
#198: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.ReadPacket
#199: lib/model/model.go:1935:22: model.model.Closed calls quic.StreamError.Error
#200: lib/model/model.go:934:16: model.model.Completion calls errors.Is, which eventually calls quic.StreamError.Is
#201: lib/connections/quic_listen.go:105:2: connections.quicListener.serve calls quic.Transport.Close
#202: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial
#203: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen
#204: lib/connections/quic_misc.go:111:33: connections.transportPacketConn.ReadFrom calls quic.Transport.ReadNonQUICPacket
#205: lib/connections/quic_misc.go:115:23: connections.transportPacketConn.WriteTo calls quic.Transport.WriteTo
#206: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.closeLocal
#207: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.closeRemote
#208: lib/connections/quic_listen.go:171:38: connections.quicListener.serve calls quic.connection.AcceptStream
#209: lib/connections/quic_misc.go:51:38: connections.quicTlsConn.Close calls quic.connection.CloseWithError
#210: lib/connections/quic_misc.go:66:37: connections.quicTlsConn.ConnectionState calls quic.connection.ConnectionState
#211: lib/connections/structs.go:152:57: connections.internalConn.String calls quic.connection.LocalAddr
#212: lib/connections/quic_dial.go:79:39: connections.quicDialer.Dial calls quic.connection.OpenStreamSync
#213: lib/model/model.go:2363:25: model.model.AddConnection calls quic.connection.RemoteAddr
#214: lib/model/model.go:1935:22: model.model.Closed calls quic.deadlineError.Error
#215: cmd/ursrv/serve/serve.go:207:22: serve.CLI.Run calls http.Server.Serve, which eventually calls quic.deadlineError.Temporary
#216: cmd/strelaysrv/testutil/main.go:136:27: testutil.connectToStdio calls quic.deadlineError.Timeout
#217: lib/fs/casefs.go:236:16: fs.caseFilesystem.Rename calls errors.As, which eventually calls quic.deadlineError.Unwrap
#218: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.destroyImpl
#219: lib/model/model.go:1935:22: model.model.Closed calls quic.errCloseForRecreating.Error
#220: lib/dialer/control_unix.go:45:18: dialer.ReusePortControl calls net.rawConn.Control, which eventually calls quic.forceSetReceiveBuffer
#221: lib/dialer/control_unix.go:45:18: dialer.ReusePortControl calls net.rawConn.Control, which eventually calls quic.forceSetSendBuffer
#222: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.getMultiplexer
#223: lib/model/model.go:1935:22: model.model.Closed calls quic.headerParseError.Error
#224: lib/fs/casefs.go:236:16: fs.caseFilesystem.Rename calls errors.As, which eventually calls quic.headerParseError.Unwrap
#225: lib/connections/quic_dial.go:20:2: connections.init calls quic.init
#226: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.init
#227: lib/protocol/bufferpool.go:40:28: protocol.bufferPool.Get calls sync.Pool.Get, which calls quic.init#1
#228: lib/protocol/bufferpool.go:40:28: protocol.bufferPool.Get calls sync.Pool.Get, which calls quic.init#1
#229: lib/dialer/control_unix.go:45:18: dialer.ReusePortControl calls net.rawConn.Control, which eventually calls quic.inspectReadBuffer
#230: lib/dialer/control_unix.go:45:18: dialer.ReusePortControl calls net.rawConn.Control, which eventually calls quic.inspectWriteBuffer
#231: lib/dialer/control_unix.go:45:18: dialer.ReusePortControl calls net.rawConn.Control, which eventually calls quic.isGSOSupported
#232: lib/dialer/control_unix.go:45:18: dialer.ReusePortControl calls net.rawConn.Control, which eventually calls quic.newConn
#233: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls quic.receiveStream.Read
#234: lib/connections/structs.go:106:24: connections.internalConn.Close calls quic.sendStream.SetWriteDeadline
#235: lib/connections/limiter.go:249:24: connections.limitedWriter.Write calls quic.sendStream.Write
#236: lib/dialer/control_unix.go:45:18: dialer.ReusePortControl calls net.rawConn.Control, which eventually calls quic.setDF
#237: lib/connections/quic_misc.go:50:25: connections.quicTlsConn.Close calls quic.stream.Close
#238: lib/connections/service.go:404:20: connections.service.handleHellos calls quic.stream.SetDeadline
#239: lib/model/model.go:1935:22: model.model.Closed calls quic.streamError.Error
#240: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.wrapConn
#241: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls quic.wrapConn
#242: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls tls.Conn.Read, which eventually calls quicvarint.Append
#243: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls quicvarint.AppendWithLen
#244: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls tls.Conn.Read, which eventually calls quicvarint.Len
#245: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls tls.Conn.Read, which eventually calls quicvarint.Read
#246: lib/connections/quic_dial.go:20:2: connections.init calls quic.init, which calls quicvarint.init
#247: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ringbuffer.RingBuffer[github.com/quic-go/quic-go/internal/protocol.StreamID].Clear[github.com/quic-go/quic-go/internal/protocol.StreamID]
#248: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ringbuffer.RingBuffer[github.com/quic-go/quic-go/internal/protocol.StreamID].Empty[github.com/quic-go/quic-go/internal/protocol.StreamID]
#249: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ringbuffer.RingBuffer[github.com/quic-go/quic-go/internal/protocol.StreamID].Len[github.com/quic-go/quic-go/internal/protocol.StreamID]
#250: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls ringbuffer.RingBuffer[github.com/quic-go/quic-go/internal/protocol.StreamID].PopFront[github.com/quic-go/quic-go/internal/protocol.StreamID]
#251: lib/connections/limiter.go:249:24: connections.limitedWriter.Write calls quic.sendStream.Write, which eventually calls ringbuffer.RingBuffer[github.com/quic-go/quic-go/internal/protocol.StreamID].PushBack[github.com/quic-go/quic-go/internal/protocol.StreamID]
#252: lib/connections/quic_dial.go:20:2: connections.init calls quic.init, which calls ringbuffer.init
#253: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.IsIPv4
#254: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.MaxTime
#255: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.Max[github.com/quic-go/quic-go/internal/protocol.ByteCount]
#256: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls utils.Max[github.com/quic-go/quic-go/internal/protocol.PacketNumber]
#257: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.Max[int64]
#258: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.Max[time.Duration]
#259: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.Max[uint64]
#260: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.MinNonZeroDuration
#261: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.MinNonZeroTime
#262: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.MinTime
#263: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.Min[github.com/quic-go/quic-go/internal/protocol.ByteCount]
#264: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.Min[github.com/quic-go/quic-go/internal/protocol.PacketNumber]
#265: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.Min[int64]
#266: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.Min[time.Duration]
#267: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.Min[uint64]
#268: lib/connections/limiter.go:249:24: connections.limitedWriter.Write calls quic.sendStream.Write, which calls utils.NewTimer
#269: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.RTTStats.LatestRTT
#270: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.RTTStats.MaxAckDelay
#271: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.RTTStats.MeanDeviation
#272: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.RTTStats.MinRTT
#273: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.RTTStats.PTO
#274: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls tls.Conn.Read, which eventually calls utils.RTTStats.SetInitialRTT
#275: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.RTTStats.SetMaxAckDelay
#276: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls tls.Conn.Read, which eventually calls utils.RTTStats.SmoothedRTT
#277: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.RTTStats.UpdateRTT
#278: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.Rand.Int31n
#279: lib/connections/limiter.go:249:24: connections.limitedWriter.Write calls quic.sendStream.Write, which calls utils.Timer.Chan
#280: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.Timer.Deadline
#281: lib/connections/limiter.go:249:24: connections.limitedWriter.Write calls quic.sendStream.Write, which calls utils.Timer.Reset
#282: lib/connections/limiter.go:249:24: connections.limitedWriter.Write calls quic.sendStream.Write, which calls utils.Timer.SetRead
#283: lib/connections/limiter.go:249:24: connections.limitedWriter.Write calls quic.sendStream.Write, which calls utils.Timer.Stop
#284: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls utils.bigEndian.ReadUint16
#285: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls utils.bigEndian.ReadUint24
#286: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls utils.bigEndian.ReadUint32
#287: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.bigEndian.Uint16
#288: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.bigEndian.Uint24
#289: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls utils.bigEndian.Uint32
#290: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls utils.bigEndian.WriteUint32
#291: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls utils.defaultLogger.Debug
#292: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls utils.defaultLogger.Debugf
#293: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls utils.defaultLogger.Errorf
#294: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls utils.defaultLogger.Infof
#295: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls utils.defaultLogger.WithPrefix
#296: lib/connections/quic_misc.go:21:2: connections.init calls logging.init, which calls utils.init
#297: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.AckFrame.AcksPacket
#298: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.AckFrame.Append
#299: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.AckFrame.HasMissingRanges
#300: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.AckFrame.LargestAcked
#301: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.AckFrame.Length
#302: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.AckFrame.LowestAcked
#303: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.AckFrame.Reset
#304: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.AckRange.Len
#305: lib/db/schemaupdater.go:247:20: db.schemaUpdater.updateSchema0to1 calls sort.Search, which calls wire.AcksPacket
#306: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.AppendShortHeader
#307: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.ComposeVersionNegotiation
#308: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.ConnectionCloseFrame.Append
#309: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.ConnectionCloseFrame.Length
#310: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.CryptoFrame.Append
#311: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.CryptoFrame.Length
#312: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.CryptoFrame.MaxDataLen
#313: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.CryptoFrame.MaybeSplitOffFrame
#314: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.DataBlockedFrame.Append
#315: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.DataBlockedFrame.Length
#316: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.DatagramFrame.Append
#317: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.DatagramFrame.Length
#318: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.ExtendedHeader.Append
#319: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.ExtendedHeader.GetLength
#320: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.ExtendedHeader.Log
#321: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.ExtendedHeader.ParsedLen
#322: lib/connections/limiter.go:249:24: connections.limitedWriter.Write calls quic.sendStream.Write, which calls wire.GetStreamFrame
#323: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.HandshakeDoneFrame.Append
#324: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.HandshakeDoneFrame.Length
#325: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.Header.ParseExtended
#326: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.Header.ParsedLen
#327: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.Is0RTTPacket
#328: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls wire.IsLongHeaderPacket
#329: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls wire.IsPotentialQUICPacket
#330: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.IsVersionNegotiationPacket
#331: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.LogFrame
#332: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.LogShortHeader
#333: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.MaxDataFrame.Append
#334: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.MaxDataFrame.Length
#335: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.MaxStreamDataFrame.Append
#336: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.MaxStreamDataFrame.Length
#337: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.MaxStreamsFrame.Append
#338: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.MaxStreamsFrame.Length
#339: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.NewConnectionIDFrame.Append
#340: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.NewConnectionIDFrame.Length
#341: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.NewFrameParser
#342: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.NewTokenFrame.Append
#343: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.NewTokenFrame.Length
#344: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.ParseArbitraryLenConnectionIDs
#345: lib/model/model.go:1960:11: model.requestResponse.Close calls sync.Once.Do, which eventually calls wire.ParseConnectionID
#346: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.ParsePacket
#347: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.ParseShortHeader
#348: lib/connections/quic_listen.go:115:39: connections.quicListener.serve calls quic.Transport.Listen, which eventually calls wire.ParseVersion
#349: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.ParseVersionNegotiationPacket
#350: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.PathResponseFrame.Append
#351: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.PathResponseFrame.Length
#352: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.PingFrame.Append
#353: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.PingFrame.Length
#354: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.ResetStreamFrame.Append
#355: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.ResetStreamFrame.Length
#356: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.RetireConnectionIDFrame.Append
#357: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.RetireConnectionIDFrame.Length
#358: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.ShortHeaderLen
#359: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.StreamDataBlockedFrame.Append
#360: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.StreamDataBlockedFrame.Length
#361: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.StreamFrame.Append
#362: lib/connections/limiter.go:249:24: connections.limitedWriter.Write calls quic.sendStream.Write, which eventually calls wire.StreamFrame.DataLen
#363: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.StreamFrame.Length
#364: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.StreamFrame.MaxDataLen
#365: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.StreamFrame.MaybeSplitOffFrame
#366: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls quic.receiveStream.Read, which eventually calls wire.StreamFrame.PutBack
#367: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.StreamsBlockedFrame.Append
#368: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.StreamsBlockedFrame.Length
#369: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.TransportParameters.Marshal
#370: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls tls.Conn.Read, which eventually calls wire.TransportParameters.MarshalForSessionTicket
#371: lib/logger/logger.go:179:19: logger.logger.Warnln calls fmt.Sprintln, which eventually calls wire.TransportParameters.String
#372: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.TransportParameters.Unmarshal
#373: lib/connections/limiter.go:234:25: connections.limitedReader.Read calls tls.Conn.Read, which eventually calls wire.TransportParameters.UnmarshalFromSessionTicket
#374: cmd/ursrv/serve/serve.go:207:22: serve.CLI.Run calls http.Server.Serve, which eventually calls wire.TransportParameters.ValidFor0RTT
#375: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.TransportParameters.ValidForUpdate
#376: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.frameParser.ParseNext
#377: lib/connections/quic_dial.go:71:32: connections.quicDialer.Dial calls quic.Transport.Dial, which eventually calls wire.frameParser.SetAckDelayExponent
#378: lib/connections/quic_misc.go:21:2: connections.init calls logging.init, which calls wire.init
#379: lib/protocol/bufferpool.go:40:28: protocol.bufferPool.Get calls sync.Pool.Get, which calls wire.init#1
#380: cmd/ursrv/serve/serve.go:933:12: serve.summary.MarshalJSON calls sort.Slice, which eventually calls wire.unmarshal
Your code is affected by 4 vulnerabilities from 2 modules.
This scan also found 0 vulnerabilities in packages you import and 4
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/terraform
=== Symbol Results ===
Vulnerability #1: GO-2024-3191
Vault Community Edition privilege escalation vulnerability in
github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2024-3191
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.18.0
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #2: GO-2024-2948
Code Execution on Git update in github.com/hashicorp/go-getter
More info: https://pkg.go.dev/vuln/GO-2024-2948
Module: github.com/hashicorp/go-getter
Found in: github.com/hashicorp/go-getter@v1.4.2-0.20200106182914-9813cbd4eb02
Fixed in: github.com/hashicorp/go-getter@v1.7.5
Example traces found:
#1: internal/initwd/getter.go:132:19: initwd.reusingGetter.getWithGoGetter calls getter.Client.Get
#2: plugin/discovery/get.go:285:21: discovery.ProviderInstaller.install calls getter.Get
Vulnerability #3: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.5.2
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: registry/client.go:365:26: registry.Client.TerraformProviderLocation calls retryablehttp.Client.Do
Vulnerability #4: GO-2024-2690
HashiCorpVault does not correctly validate OCSP responses in
github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2024-2690
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.16.0
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #5: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200202094626-16171245cfb2
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.ConnectionError.Error
#2: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.ErrCode.String
#3: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.FrameHeader.String
#4: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.FrameType.String
#5: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.ReadFrame
#6: command/hook_ui.go:316:11: command.UiHook.PostImportState calls sync.Once.Do, which eventually calls http2.Framer.WriteContinuation
#7: command/hook_ui.go:316:11: command.UiHook.PostImportState calls sync.Once.Do, which eventually calls http2.Framer.WriteData
#8: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.WriteGoAway
#9: command/hook_ui.go:316:11: command.UiHook.PostImportState calls sync.Once.Do, which eventually calls http2.Framer.WriteHeaders
#10: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.WritePing
#11: command/hook_ui.go:316:11: command.UiHook.PostImportState calls sync.Once.Do, which eventually calls http2.Framer.WriteRSTStream
#12: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.WriteSettings
#13: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.WriteSettingsAck
#14: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#15: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.GoAwayError.Error
#16: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.Setting.String
#17: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.SettingID.String
#18: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#19: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.StreamError.Error
#20: plans/planfile/writer.go:29:2: planfile.Create calls zip.Writer.Close, which eventually calls http2.chunkWriter.Write
#21: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.connError.Error
#22: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.duplicatePseudoHeaderError.Error
#23: registry/client.go:369:2: registry.Client.TerraformProviderLocation calls http2.gzipReader.Close
#24: communicator/ssh/communicator.go:434:17: ssh.Communicator.UploadScript calls bytes.Buffer.ReadFrom, which calls http2.gzipReader.Read
#25: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.headerFieldNameError.Error
#26: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.headerFieldValueError.Error
#27: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.pseudoHeaderError.Error
#28: plans/planfile/writer.go:29:2: planfile.Create calls zip.Writer.Close, which eventually calls http2.stickyErrWriter.Write
#29: registry/client.go:369:2: registry.Client.TerraformProviderLocation calls http2.transportResponseBody.Close
#30: communicator/ssh/communicator.go:434:17: ssh.Communicator.UploadScript calls bytes.Buffer.ReadFrom, which calls http2.transportResponseBody.Read
#31: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.writeData.String
Vulnerability #6: GO-2024-2617
Authentication bypass in github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2024-2617
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.14.10
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #7: GO-2024-2488
HashiCorp Vault Authentication bypass in github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2024-2488
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.2.5
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #8: GO-2024-2486
HashiCorp Vault Improper Privilege Management in github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2024-2486
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.3.4
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #9: GO-2023-2402
Man-in-the-middle attacker can compromise integrity of secure channel in
golang.org/x/crypto
More info: https://pkg.go.dev/vuln/GO-2023-2402
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@v0.0.0-20200510223506-06a226fb4e37
Fixed in: golang.org/x/crypto@v0.17.0
Example traces found:
#1: communicator/ssh/communicator.go:792:28: ssh.BastionConnectFunc calls ssh.Client.Dial
#2: communicator/ssh/communicator.go:209:38: ssh.Communicator.Connect calls ssh.Client.NewSession
#3: communicator/ssh/communicator.go:786:27: ssh.BastionConnectFunc calls ssh.Dial
#4: communicator/ssh/provisioner.go:484:29: ssh.sshAgent.ForwardToAgent calls agent.ForwardToAgent, which eventually calls ssh.DiscardRequests
#5: communicator/ssh/communicator.go:200:26: ssh.Communicator.Connect calls ssh.NewClient
#6: communicator/ssh/communicator.go:188:49: ssh.Communicator.Connect calls ssh.NewClientConn
#7: communicator/ssh/communicator.go:213:3: ssh.Communicator.Connect calls ssh.Session.Close
#8: communicator/ssh/communicator.go:354:31: ssh.Communicator.Start calls ssh.Session.RequestPty
#9: communicator/ssh/communicator.go:215:37: ssh.Communicator.Connect calls agent.RequestAgentForwarding, which calls ssh.Session.SendRequest
#10: communicator/ssh/communicator.go:360:21: ssh.Communicator.Start calls ssh.Session.Start
#11: communicator/ssh/communicator.go:812:14: ssh.bastionConn.Close calls ssh.channel.Close
#12: e2e/e2e.go:264:15: e2e.GoBuild calls exec.Cmd.Run, which eventually calls ssh.channel.CloseWrite
#13: communicator/ssh/communicator.go:434:17: ssh.Communicator.UploadScript calls bytes.Buffer.ReadFrom, which calls ssh.channel.Read
#14: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which calls ssh.channel.Write
#15: communicator/ssh/communicator.go:434:17: ssh.Communicator.UploadScript calls bytes.Buffer.ReadFrom, which calls ssh.extChannel.Read
#16: communicator/ssh/communicator.go:256:40: ssh.Connect calls ssh.mux.SendRequest
#17: communicator/ssh/communicator.go:561:14: ssh.Communicator.scpSession calls ssh.sessionStdin.Close
Vulnerability #10: GO-2023-2329
HashiCorp Vault Missing Release of Memory after Effective Lifetime
vulnerability in github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2023-2329
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.13.10
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #11: GO-2023-2153
Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc
More info: https://pkg.go.dev/vuln/GO-2023-2153
Module: google.golang.org/grpc
Found in: google.golang.org/grpc@v1.27.1
Fixed in: google.golang.org/grpc@v1.56.3
Example traces found:
#1: helper/resource/grpc_test_provider.go:22:30: resource.GRPCTestProvider calls grpc.NewServer
#2: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve
#3: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls transport.NewServerTransport
Vulnerability #12: GO-2023-2088
Hashicorp Vault Incorrect Permission Assignment for Critical Resource
vulnerability in github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2023-2088
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.13.0
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #13: GO-2023-1986
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in
github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2023-1986
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.13.5
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #14: GO-2023-1900
Hashicorp Vault Fails to Verify if Approle SecretID Belongs to Role During a
Destroy Operation in github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2023-1900
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.10.11
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #15: GO-2023-1897
HashiCorp Vault's revocation list not respected in
github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2023-1897
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.9.10
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #16: GO-2023-1853
HashiCorp Consul vulnerable to Origin Validation Error in
github.com/hashicorp/consul
More info: https://pkg.go.dev/vuln/GO-2023-1853
Module: github.com/hashicorp/consul
Found in: github.com/hashicorp/consul@v0.0.0-20171026175957-610f3c86a089
Fixed in: github.com/hashicorp/consul@v1.4.4
Example traces found:
#1: backend/remote-state/consul/client.go:159:19: consul.RemoteClient.Delete calls api.Client.KV
#2: backend/remote-state/consul/client.go:258:39: consul.RemoteClient.lock calls api.Client.LockOpts
#3: backend/remote-state/consul/client.go:360:29: consul.RemoteClient.createSession calls api.Client.Session
#4: backend/remote-state/consul/backend.go:120:35: consul.Backend.configure calls api.DefaultConfig
#5: backend/remote-state/consul/client.go:160:21: consul.RemoteClient.Delete calls api.KV.Delete
#6: backend/remote-state/consul/client.go:74:35: consul.RemoteClient.Get calls api.KV.Get
#7: backend/remote-state/consul/backend_state.go:21:36: consul.Backend.Workspaces calls api.KV.Keys
#8: backend/remote-state/consul/client.go:169:18: consul.RemoteClient.putLockInfo calls api.KV.Put
#9: backend/remote-state/consul/client.go:136:28: consul.RemoteClient.Put calls api.KV.Txn
#10: backend/remote-state/consul/client.go:437:22: consul.RemoteClient.unlock calls api.Lock.Destroy
#11: backend/remote-state/consul/client.go:265:34: consul.RemoteClient.lock calls api.Lock.Lock
#12: backend/remote-state/consul/client.go:426:31: consul.RemoteClient.unlock calls api.Lock.Unlock
#13: httpclient/useragent.go:41:27: httpclient.userAgentRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls api.NewClient
#14: backend/remote-state/consul/backend.go:166:36: consul.Backend.configure calls api.NewClient
#15: backend/remote-state/consul/client.go:367:30: consul.RemoteClient.createSession calls api.Session.Create
#16: backend/remote-state/consul/client.go:375:2: consul.RemoteClient.createSession calls api.Session.RenewPeriodic
#17: backend/remote-state/consul/backend.go:9:2: consul.init calls api.init
Vulnerability #17: GO-2023-1851
HashiCorp Consul Cross-site Scripting vulnerability in
github.com/hashicorp/consul
More info: https://pkg.go.dev/vuln/GO-2023-1851
Module: github.com/hashicorp/consul
Found in: github.com/hashicorp/consul@v0.0.0-20171026175957-610f3c86a089
Fixed in: github.com/hashicorp/consul@v1.7.14
Example traces found:
#1: backend/remote-state/consul/client.go:159:19: consul.RemoteClient.Delete calls api.Client.KV
#2: backend/remote-state/consul/client.go:258:39: consul.RemoteClient.lock calls api.Client.LockOpts
#3: backend/remote-state/consul/client.go:360:29: consul.RemoteClient.createSession calls api.Client.Session
#4: backend/remote-state/consul/backend.go:120:35: consul.Backend.configure calls api.DefaultConfig
#5: backend/remote-state/consul/client.go:160:21: consul.RemoteClient.Delete calls api.KV.Delete
#6: backend/remote-state/consul/client.go:74:35: consul.RemoteClient.Get calls api.KV.Get
#7: backend/remote-state/consul/backend_state.go:21:36: consul.Backend.Workspaces calls api.KV.Keys
#8: backend/remote-state/consul/client.go:169:18: consul.RemoteClient.putLockInfo calls api.KV.Put
#9: backend/remote-state/consul/client.go:136:28: consul.RemoteClient.Put calls api.KV.Txn
#10: backend/remote-state/consul/client.go:437:22: consul.RemoteClient.unlock calls api.Lock.Destroy
#11: backend/remote-state/consul/client.go:265:34: consul.RemoteClient.lock calls api.Lock.Lock
#12: backend/remote-state/consul/client.go:426:31: consul.RemoteClient.unlock calls api.Lock.Unlock
#13: backend/remote-state/consul/backend.go:166:36: consul.Backend.configure calls api.NewClient
#14: httpclient/useragent.go:41:27: httpclient.userAgentRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls api.NewClient
#15: backend/remote-state/consul/client.go:367:30: consul.RemoteClient.createSession calls api.Session.Create
#16: backend/remote-state/consul/client.go:375:2: consul.RemoteClient.createSession calls api.Session.RenewPeriodic
#17: backend/remote-state/consul/backend.go:9:2: consul.init calls api.init
Vulnerability #18: GO-2023-1849
Hashicorp Vault vulnerable to Cross-site Scripting in
github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2023-1849
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.11.11
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #19: GO-2023-1827
Hashicorp Consul vulnerable to denial of service in
github.com/hashicorp/consul
More info: https://pkg.go.dev/vuln/GO-2023-1827
Module: github.com/hashicorp/consul
Found in: github.com/hashicorp/consul@v0.0.0-20171026175957-610f3c86a089
Fixed in: github.com/hashicorp/consul@v1.14.5
Example traces found:
#1: backend/remote-state/consul/client.go:159:19: consul.RemoteClient.Delete calls api.Client.KV
#2: backend/remote-state/consul/client.go:258:39: consul.RemoteClient.lock calls api.Client.LockOpts
#3: backend/remote-state/consul/client.go:360:29: consul.RemoteClient.createSession calls api.Client.Session
#4: backend/remote-state/consul/backend.go:120:35: consul.Backend.configure calls api.DefaultConfig
#5: backend/remote-state/consul/client.go:160:21: consul.RemoteClient.Delete calls api.KV.Delete
#6: backend/remote-state/consul/client.go:74:35: consul.RemoteClient.Get calls api.KV.Get
#7: backend/remote-state/consul/backend_state.go:21:36: consul.Backend.Workspaces calls api.KV.Keys
#8: backend/remote-state/consul/client.go:169:18: consul.RemoteClient.putLockInfo calls api.KV.Put
#9: backend/remote-state/consul/client.go:136:28: consul.RemoteClient.Put calls api.KV.Txn
#10: backend/remote-state/consul/client.go:437:22: consul.RemoteClient.unlock calls api.Lock.Destroy
#11: backend/remote-state/consul/client.go:265:34: consul.RemoteClient.lock calls api.Lock.Lock
#12: backend/remote-state/consul/client.go:426:31: consul.RemoteClient.unlock calls api.Lock.Unlock
#13: httpclient/useragent.go:41:27: httpclient.userAgentRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls api.NewClient
#14: backend/remote-state/consul/backend.go:166:36: consul.Backend.configure calls api.NewClient
#15: backend/remote-state/consul/client.go:367:30: consul.RemoteClient.createSession calls api.Session.Create
#16: backend/remote-state/consul/client.go:375:2: consul.RemoteClient.createSession calls api.Session.RenewPeriodic
#17: backend/remote-state/consul/backend.go:9:2: consul.init calls api.init
Vulnerability #20: GO-2023-1708
HashiCorp Vault's PKI mount vulnerable to denial of service in
github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2023-1708
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.11.9
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #21: GO-2023-1685
HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL
Injection Via Configuration File in github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2023-1685
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.11.9
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #22: GO-2023-1578
Denial of service in github.com/hashicorp/go-getter/v2
More info: https://pkg.go.dev/vuln/GO-2023-1578
Module: github.com/hashicorp/go-getter
Found in: github.com/hashicorp/go-getter@v1.4.2-0.20200106182914-9813cbd4eb02
Fixed in: github.com/hashicorp/go-getter@v1.7.0
Example traces found:
#1: internal/initwd/getter.go:132:19: initwd.reusingGetter.getWithGoGetter calls getter.Client.Get
#2: plugin/discovery/get.go:285:21: discovery.ProviderInstaller.install calls getter.Get
Vulnerability #23: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200202094626-16171245cfb2
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: registry/client.go:369:2: registry.Client.TerraformProviderLocation calls http2.transportResponseBody.Close, which eventually calls hpack.Decoder.Write
#2: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.ConnectionError.Error
#3: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.ErrCode.String
#4: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.FrameHeader.String
#5: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.FrameType.String
#6: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.ReadFrame
#7: command/hook_ui.go:316:11: command.UiHook.PostImportState calls sync.Once.Do, which eventually calls http2.Framer.WriteContinuation
#8: command/hook_ui.go:316:11: command.UiHook.PostImportState calls sync.Once.Do, which eventually calls http2.Framer.WriteData
#9: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.WriteGoAway
#10: command/hook_ui.go:316:11: command.UiHook.PostImportState calls sync.Once.Do, which eventually calls http2.Framer.WriteHeaders
#11: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.WritePing
#12: command/hook_ui.go:316:11: command.UiHook.PostImportState calls sync.Once.Do, which eventually calls http2.Framer.WriteRSTStream
#13: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.WriteSettings
#14: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.WriteSettingsAck
#15: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#16: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.GoAwayError.Error
#17: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.Setting.String
#18: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.SettingID.String
#19: helper/resource/grpc_test_provider.go:27:2: resource.GRPCTestProvider calls grpc.Server.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#20: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.StreamError.Error
#21: plans/planfile/writer.go:29:2: planfile.Create calls zip.Writer.Close, which eventually calls http2.chunkWriter.Write
#22: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.connError.Error
#23: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.duplicatePseudoHeaderError.Error
#24: registry/client.go:369:2: registry.Client.TerraformProviderLocation calls http2.gzipReader.Close
#25: communicator/ssh/communicator.go:434:17: ssh.Communicator.UploadScript calls bytes.Buffer.ReadFrom, which calls http2.gzipReader.Read
#26: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.headerFieldNameError.Error
#27: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.headerFieldValueError.Error
#28: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls http2.pseudoHeaderError.Error
#29: plans/planfile/writer.go:29:2: planfile.Create calls zip.Writer.Close, which eventually calls http2.stickyErrWriter.Write
#30: registry/client.go:369:2: registry.Client.TerraformProviderLocation calls http2.transportResponseBody.Close
#31: communicator/ssh/communicator.go:434:17: ssh.Communicator.UploadScript calls bytes.Buffer.ReadFrom, which calls http2.transportResponseBody.Read
#32: command/ui_input.go:152:15: command.UIInput.Input calls fmt.Fprintln, which eventually calls http2.writeData.String
Vulnerability #24: GO-2022-1029
HashiCorp Consul vulnerable to authorization bypass in
github.com/hashicorp/consul
More info: https://pkg.go.dev/vuln/GO-2022-1029
Module: github.com/hashicorp/consul
Found in: github.com/hashicorp/consul@v0.0.0-20171026175957-610f3c86a089
Fixed in: github.com/hashicorp/consul@v1.11.9
Example traces found:
#1: backend/remote-state/consul/client.go:159:19: consul.RemoteClient.Delete calls api.Client.KV
#2: backend/remote-state/consul/client.go:258:39: consul.RemoteClient.lock calls api.Client.LockOpts
#3: backend/remote-state/consul/client.go:360:29: consul.RemoteClient.createSession calls api.Client.Session
#4: backend/remote-state/consul/backend.go:120:35: consul.Backend.configure calls api.DefaultConfig
#5: backend/remote-state/consul/client.go:160:21: consul.RemoteClient.Delete calls api.KV.Delete
#6: backend/remote-state/consul/client.go:74:35: consul.RemoteClient.Get calls api.KV.Get
#7: backend/remote-state/consul/backend_state.go:21:36: consul.Backend.Workspaces calls api.KV.Keys
#8: backend/remote-state/consul/client.go:169:18: consul.RemoteClient.putLockInfo calls api.KV.Put
#9: backend/remote-state/consul/client.go:136:28: consul.RemoteClient.Put calls api.KV.Txn
#10: backend/remote-state/consul/client.go:437:22: consul.RemoteClient.unlock calls api.Lock.Destroy
#11: backend/remote-state/consul/client.go:265:34: consul.RemoteClient.lock calls api.Lock.Lock
#12: backend/remote-state/consul/client.go:426:31: consul.RemoteClient.unlock calls api.Lock.Unlock
#13: httpclient/useragent.go:41:27: httpclient.userAgentRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls api.NewClient
#14: backend/remote-state/consul/backend.go:166:36: consul.Backend.configure calls api.NewClient
#15: backend/remote-state/consul/client.go:367:30: consul.RemoteClient.createSession calls api.Session.Create
#16: backend/remote-state/consul/client.go:375:2: consul.RemoteClient.createSession calls api.Session.RenewPeriodic
#17: backend/remote-state/consul/backend.go:9:2: consul.init calls api.init
Vulnerability #25: GO-2022-0968
Panic on malformed packets in golang.org/x/crypto/ssh
More info: https://pkg.go.dev/vuln/GO-2022-0968
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@v0.0.0-20200510223506-06a226fb4e37
Fixed in: golang.org/x/crypto@v0.0.0-20211202192323-5770296d904e
Example traces found:
#1: communicator/ssh/communicator.go:786:27: ssh.BastionConnectFunc calls ssh.Dial
#2: communicator/ssh/communicator.go:188:49: ssh.Communicator.Connect calls ssh.NewClientConn
Vulnerability #26: GO-2022-0956
Excessive resource consumption in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2022-0956
Module: gopkg.in/yaml.v2
Found in: gopkg.in/yaml.v2@v2.2.2
Fixed in: gopkg.in/yaml.v2@v2.2.4
Example traces found:
#1: backend/remote-state/swift/backend.go:373:34: swift.Backend.configure calls openstack.Config.LoadAndValidate, which eventually calls yaml.Unmarshal
Vulnerability #27: GO-2022-0895
HashiCorp Consul L7 deny intention results in an allow action in
github.com/hashicorp/consul
More info: https://pkg.go.dev/vuln/GO-2022-0895
Module: github.com/hashicorp/consul
Found in: github.com/hashicorp/consul@v0.0.0-20171026175957-610f3c86a089
Fixed in: github.com/hashicorp/consul@v1.10.1
Example traces found:
#1: backend/remote-state/consul/client.go:159:19: consul.RemoteClient.Delete calls api.Client.KV
#2: backend/remote-state/consul/client.go:258:39: consul.RemoteClient.lock calls api.Client.LockOpts
#3: backend/remote-state/consul/client.go:360:29: consul.RemoteClient.createSession calls api.Client.Session
#4: backend/remote-state/consul/backend.go:120:35: consul.Backend.configure calls api.DefaultConfig
#5: backend/remote-state/consul/client.go:160:21: consul.RemoteClient.Delete calls api.KV.Delete
#6: backend/remote-state/consul/client.go:74:35: consul.RemoteClient.Get calls api.KV.Get
#7: backend/remote-state/consul/backend_state.go:21:36: consul.Backend.Workspaces calls api.KV.Keys
#8: backend/remote-state/consul/client.go:169:18: consul.RemoteClient.putLockInfo calls api.KV.Put
#9: backend/remote-state/consul/client.go:136:28: consul.RemoteClient.Put calls api.KV.Txn
#10: backend/remote-state/consul/client.go:437:22: consul.RemoteClient.unlock calls api.Lock.Destroy
#11: backend/remote-state/consul/client.go:265:34: consul.RemoteClient.lock calls api.Lock.Lock
#12: backend/remote-state/consul/client.go:426:31: consul.RemoteClient.unlock calls api.Lock.Unlock
#13: backend/remote-state/consul/backend.go:166:36: consul.Backend.configure calls api.NewClient
#14: httpclient/useragent.go:41:27: httpclient.userAgentRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls api.NewClient
#15: backend/remote-state/consul/client.go:367:30: consul.RemoteClient.createSession calls api.Session.Create
#16: backend/remote-state/consul/client.go:375:2: consul.RemoteClient.createSession calls api.Session.RenewPeriodic
#17: backend/remote-state/consul/backend.go:9:2: consul.init calls api.init
Vulnerability #28: GO-2022-0894
Hashicorp Consul Missing SSL Certificate Validation in
github.com/hashicorp/consul
More info: https://pkg.go.dev/vuln/GO-2022-0894
Module: github.com/hashicorp/consul
Found in: github.com/hashicorp/consul@v0.0.0-20171026175957-610f3c86a089
Fixed in: github.com/hashicorp/consul@v1.10.1
Example traces found:
#1: backend/remote-state/consul/client.go:159:19: consul.RemoteClient.Delete calls api.Client.KV
#2: backend/remote-state/consul/client.go:258:39: consul.RemoteClient.lock calls api.Client.LockOpts
#3: backend/remote-state/consul/client.go:360:29: consul.RemoteClient.createSession calls api.Client.Session
#4: backend/remote-state/consul/backend.go:120:35: consul.Backend.configure calls api.DefaultConfig
#5: backend/remote-state/consul/client.go:160:21: consul.RemoteClient.Delete calls api.KV.Delete
#6: backend/remote-state/consul/client.go:74:35: consul.RemoteClient.Get calls api.KV.Get
#7: backend/remote-state/consul/backend_state.go:21:36: consul.Backend.Workspaces calls api.KV.Keys
#8: backend/remote-state/consul/client.go:169:18: consul.RemoteClient.putLockInfo calls api.KV.Put
#9: backend/remote-state/consul/client.go:136:28: consul.RemoteClient.Put calls api.KV.Txn
#10: backend/remote-state/consul/client.go:437:22: consul.RemoteClient.unlock calls api.Lock.Destroy
#11: backend/remote-state/consul/client.go:265:34: consul.RemoteClient.lock calls api.Lock.Lock
#12: backend/remote-state/consul/client.go:426:31: consul.RemoteClient.unlock calls api.Lock.Unlock
#13: httpclient/useragent.go:41:27: httpclient.userAgentRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls api.NewClient
#14: backend/remote-state/consul/backend.go:166:36: consul.Backend.configure calls api.NewClient
#15: backend/remote-state/consul/client.go:367:30: consul.RemoteClient.createSession calls api.Session.Create
#16: backend/remote-state/consul/client.go:375:2: consul.RemoteClient.createSession calls api.Session.RenewPeriodic
#17: backend/remote-state/consul/backend.go:9:2: consul.init calls api.init
Vulnerability #29: GO-2022-0825
Authentication Bypass by Spoofing and Insufficient Verification of Data
Authenticity in Hashicorp Vault in github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2022-0825
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.2.5
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #30: GO-2022-0776
Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
More info: https://pkg.go.dev/vuln/GO-2022-0776
Module: github.com/hashicorp/consul
Found in: github.com/hashicorp/consul@v0.0.0-20171026175957-610f3c86a089
Fixed in: github.com/hashicorp/consul@v1.6.3
Example traces found:
#1: backend/remote-state/consul/client.go:159:19: consul.RemoteClient.Delete calls api.Client.KV
#2: backend/remote-state/consul/client.go:258:39: consul.RemoteClient.lock calls api.Client.LockOpts
#3: backend/remote-state/consul/client.go:360:29: consul.RemoteClient.createSession calls api.Client.Session
#4: backend/remote-state/consul/backend.go:120:35: consul.Backend.configure calls api.DefaultConfig
#5: backend/remote-state/consul/client.go:160:21: consul.RemoteClient.Delete calls api.KV.Delete
#6: backend/remote-state/consul/client.go:74:35: consul.RemoteClient.Get calls api.KV.Get
#7: backend/remote-state/consul/backend_state.go:21:36: consul.Backend.Workspaces calls api.KV.Keys
#8: backend/remote-state/consul/client.go:169:18: consul.RemoteClient.putLockInfo calls api.KV.Put
#9: backend/remote-state/consul/client.go:136:28: consul.RemoteClient.Put calls api.KV.Txn
#10: backend/remote-state/consul/client.go:437:22: consul.RemoteClient.unlock calls api.Lock.Destroy
#11: backend/remote-state/consul/client.go:265:34: consul.RemoteClient.lock calls api.Lock.Lock
#12: backend/remote-state/consul/client.go:426:31: consul.RemoteClient.unlock calls api.Lock.Unlock
#13: backend/remote-state/consul/backend.go:166:36: consul.Backend.configure calls api.NewClient
#14: httpclient/useragent.go:41:27: httpclient.userAgentRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls api.NewClient
#15: backend/remote-state/consul/client.go:367:30: consul.RemoteClient.createSession calls api.Session.Create
#16: backend/remote-state/consul/client.go:375:2: consul.RemoteClient.createSession calls api.Session.RenewPeriodic
#17: backend/remote-state/consul/backend.go:9:2: consul.init calls api.init
Vulnerability #31: GO-2022-0632
Improper Removal of Sensitive Information Before Storage or Transfer in
HashiCorp Vault in github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2022-0632
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.6.6
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #32: GO-2022-0623
Invalid session token expiration in github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2022-0623
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.5.9
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #33: GO-2022-0618
Hashicorp Vault Privilege Escalation Vulnerability in
github.com/hashicorp/vault
More info: https://pkg.go.dev/vuln/GO-2022-0618
Module: github.com/hashicorp/vault
Found in: github.com/hashicorp/vault@v0.10.4
Fixed in: github.com/hashicorp/vault@v1.7.5
Example traces found:
#1: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which eventually calls compressutil.init
#2: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys, which calls jsonutil.DecodeJSONFromReader
#3: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init, which calls jsonutil.init
#4: helper/encryption/encryption.go:34:24: encryption.EncryptValue calls pgpkeys.EncryptShares
#5: helper/encryption/encryption.go:20:49: encryption.RetrieveGPGKey calls pgpkeys.FetchKeybasePubkeys
#6: helper/encryption/encryption.go:9:2: encryption.init calls pgpkeys.init
Vulnerability #34: GO-2022-0615
Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may
be abused as SSRF vector in github.com/hashicorp/consul
More info: https://pkg.go.dev/vuln/GO-2022-0615
Module: github.com/hashicorp/consul
Found in: github.com/hashicorp/consul@v0.0.0-20171026175957-610f3c86a089
Fixed in: github.com/hashicorp/consul@v1.9.17
Example traces found:
#1: backend/remote-state/consul/client.go:159:19: consul.RemoteClient.Delete calls api.Client.KV
#2: backend/remote-state/consul/client.go:258:39: consul.RemoteClient.lock calls api.Client.LockOpts
#3: backend/remote-state/consul/client.go:360:29: consul.RemoteClient.createSession calls api.Client.Session
#4: backend/remote-state/consul/backend.go:120:35: consul.Backend.configure calls api.DefaultConfig
#5: backend/remote-state/consul/client.go:160:21: consul.RemoteClient.Delete calls api.KV.Delete
#6: backend/remote-state/consul/client.go:74:35: consul.RemoteClient.Get calls api.KV.Get
#7: backend/remote-state/consul/backend_state.go:21:36: consul.Backend.Workspaces calls api.KV.Keys
#8: backend/remote-state/consul/client.go:169:18: consul.RemoteClient.putLockInfo calls api.KV.Put
#9: backend/remote-state/consul/client.go:136:28: consul.RemoteClient.Put calls api.KV.Txn
#10: backend/remote-state/consul/client.go:437:22: consul.RemoteClient.unlock calls api.Lock.Destroy
#11: backend/remote-state/consul/client.go:265:34: consul.RemoteClient.lock calls api.Lock.Lock
#12: backend/remote-state/consul/client.go:426:31: consul.RemoteClient.unlock calls api.Lock.Unlock
#13: backend/remote-state/consul/backend.go:166:36: consul.Backend.configure calls api.NewClient
#14: httpclient/useragent.go:41:27: httpclient.userAgentRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls api.NewClient
#15: backend/remote-state/consul/client.go:367:30: consul.RemoteClient.createSession calls api.Session.Create
#16: backend/remote-state/consul/client.go:375:2: consul.RemoteClient.createSession calls api.Session.RenewPeriodic
#17: backend/remote-state/consul/backend.go:9:2: consul.init calls api.init
Vulnerability #35: GO-2022-0593
HashiCorp Consul Privilege Escalation Vulnerability in
github.com/hashicorp/consul
More info: https://pkg.go.dev/vuln/GO-2022-0593
Module: github.com/hashicorp/consul
Found in: github.com/hashicorp/consul@v0.0.0-20171026175957-610f3c86a089
Fixed in: github.com/hashicorp/consul@v1.8.15
Example traces found:
#1: backend/remote-state/consul/client.go:159:19: consul.RemoteClient.Delete calls api.Client.KV
#2: backend/remote-state/consul/client.go:258:39: consul.RemoteClient.lock calls api.Client.LockOpts
#3: backend/remote-state/consul/client.go:360:29: consul.RemoteClient.createSession calls api.Client.Session
#4: backend/remote-state/consul/backend.go:120:35: consul.Backend.configure calls api.DefaultConfig
#5: backend/remote-state/consul/client.go:160:21: consul.RemoteClient.Delete calls api.KV.Delete
#6: backend/remote-state/consul/client.go:74:35: consul.RemoteClient.Get calls api.KV.Get
#7: backend/remote-state/consul/backend_state.go:21:36: consul.Backend.Workspaces calls api.KV.Keys
#8: backend/remote-state/consul/client.go:169:18: consul.RemoteClient.putLockInfo calls api.KV.Put
#9: backend/remote-state/consul/client.go:136:28: consul.RemoteClient.Put calls api.KV.Txn
#10: backend/remote-state/consul/client.go:437:22: consul.RemoteClient.unlock calls api.Lock.Destroy
#11: backend/remote-state/consul/client.go:265:34: consul.RemoteClient.lock calls api.Lock.Lock
#12: backend/remote-state/consul/client.go:426:31: consul.RemoteClient.unlock calls api.Lock.Unlock
#13: httpclient/useragent.go:41:27: httpclient.userAgentRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls api.NewClient
#14: backend/remote-state/consul/backend.go:166:36: consul.Backend.configure calls api.NewClient
#15: backend/remote-state/consul/client.go:367:30: consul.RemoteClient.createSession calls api.Session.Create
#16: backend/remote-state/consul/client.go:375:2: consul.RemoteClient.createSession calls api.Session.RenewPeriodic
#17: backend/remote-state/consul/backend.go:9:2: consul.init calls api.init
Vulnerability #36: GO-2022-0586
Resource exhaustion in github.com/hashicorp/go-getter and related modules
More info: https://pkg.go.dev/vuln/GO-2022-0586
Module: github.com/hashicorp/go-getter
Found in: github.com/hashicorp/go-getter@v1.4.2-0.20200106182914-9813cbd4eb02
Fixed in: github.com/hashicorp/go-getter@v1.6.1
Example traces found:
#1: states/statemgr/locker.go:217:32: statemgr.LockError.Error calls getter.ChecksumError.Error
#2: internal/initwd/getter.go:132:19: initwd.reusingGetter.getWithGoGetter calls getter.Client.Get
#3: command/apply.go:86:36: command.ApplyCommand.Run calls getter.Detect
#4: plugin/discovery/get.go:285:21: discovery.ProviderInstaller.install calls getter.Get
#5: internal/initwd/getter.go:173:31: initwd.splitAddrSubdir calls getter.SourceDirSubdir
#6: internal/initwd/getter.go:147:36: initwd.reusingGetter.getWithGoGetter calls getter.SubdirGlob
#7: communicator/winrm/communicator.go:94:34: winrm.Communicator.Connect calls winrm.Client.CreateShell, which eventually calls getter.charsetReader
#8: e2e/e2e.go:45:21: e2e.NewBinary calls filepath.Walk, which calls getter.copyDir
#9: tools/terraform-bundle/package.go:16:2: terraform.init calls getter.init
#10: plugin/discovery/get.go:630:26: discovery.checksumForFile calls strings.Fields, which eventually calls getter.isSlashRune
#11: communicator/ssh/communicator.go:434:17: ssh.Communicator.UploadScript calls bytes.Buffer.ReadFrom, which calls getter.readerFunc.Read
Vulnerability #37: GO-2022-0559
HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed
services to register proxies for other services, enabling access to service
traffic. in github.com/hashicorp/consul
More info: https://pkg.go.dev/vuln/GO-2022-0559
Module: github.com/hashicorp/consul
Found in: github.com/hashicorp/consul@v0.0.0-20171026175957-610f3c86a089
Fixed in: github.com/hashicorp/consul@v1.8.15
Example traces found:
#1: backend/remote-state/consul/client.go:159:19: consul.RemoteClient.Delete calls api.Client.KV
#2: backend/remote-state/consul/client.go:258:39: consul.RemoteClient.lock calls api.Client.LockOpts
#3: backend/remote-state/consul/client.go:360:29: consul.RemoteClient.createSession calls api.Client.Session
#4: backend/remote-state/consul/backend.go:120:35: consul.Backend.configure calls api.DefaultConfig
#5: backend/remote-state/consul/client.go:160:21: consul.RemoteClient.Delete calls api.KV.Delete
#6: backend/remote-state/consul/client.go:74:35: consul.RemoteClient.Get calls api.KV.Get
#7: backend/remote-state/consul/backend_state.go:21:36: consul.Backend.Workspaces calls api.KV.Keys
#8: backend/remote-state/consul/client.go:169:18: consul.RemoteClient.putLockInfo calls api.KV.Put
#9: backend/remote-state/consul/client.go:136:28: consul.RemoteClient.Put calls api.KV.Txn
#10: backend/remote-state/consul/client.go:437:22: consul.RemoteClient.unlock calls api.Lock.Destroy
#11: backend/remote-state/consul/client.go:265:34: consul.RemoteClient.lock calls api.Lock.Lock
#12: backend/remote-state/consul/client.go:426:31: consul.RemoteClient.unlock calls api.Lock.Unlock
#13: httpclient/useragent.go:41:27: httpclient.userAgentRoundTripper.RoundTrip calls http.Transport.RoundTrip, which eventually calls api.NewClient
#14: backend/remote-state/consul/backend.go:166:36: consul.Backend.configure calls api.NewClient
#15: backend/remote-state/consul/client.go:367:30: consul.RemoteClient.createSession calls api.Session.Create
#16: backend/remote-state/consul/client.go:375:2: consul.RemoteClient.createSession calls api.Session.RenewPeriodic
#17: backend/remote-state/consul/backend.go:9:2: consul.init calls api.init
Vulnerability #38: GO-2022-0438
Exposure of sensitive information via log file in
github.com/hashicorp/go-getter
More info: https://pkg.go.dev/vuln/GO-2022-0438
Module: github.com/hashicorp/go-getter
Found in: github.com/hashicorp/go-getter@v1.4.2-0.20200106182914-9813cbd4eb02
Fixed in: github.com/hashicorp/go-getter@v1.5.11
Example traces found:
#1: internal/initwd/getter.go:132:19: initwd.reusingGetter.getWithGoGetter calls getter.Client.Get
#2: plugin/discovery/get.go:285:21: discovery.ProviderInstaller.install calls getter.Get
Vulnerability #39: GO-2021-0061
Denial of service in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2021-0061
Module: gopkg.in/yaml.v2
Found in: gopkg.in/yaml.v2@v2.2.2
Fixed in: gopkg.in/yaml.v2@v2.2.3
Example traces found:
#1: backend/remote-state/swift/backend.go:373:34: swift.Backend.configure calls openstack.Config.LoadAndValidate, which eventually calls yaml.Unmarshal
Vulnerability #40: GO-2020-0036
Excessive resource consumption in YAML parsing in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2020-0036
Module: gopkg.in/yaml.v2
Found in: gopkg.in/yaml.v2@v2.2.2
Fixed in: gopkg.in/yaml.v2@v2.2.8
Example traces found:
#1: backend/remote-state/swift/backend.go:373:34: swift.Backend.configure calls openstack.Config.LoadAndValidate, which eventually calls yaml.Unmarshal
Vulnerability #41: GO-2020-0016
Infinite loop in github.com/ulikunitz/xz
More info: https://pkg.go.dev/vuln/GO-2020-0016
Module: github.com/ulikunitz/xz
Found in: github.com/ulikunitz/xz@v0.5.5
Fixed in: github.com/ulikunitz/xz@v0.5.8
Example traces found:
#1: communicator/ssh/communicator.go:434:17: ssh.Communicator.UploadScript calls bytes.Buffer.ReadFrom, which calls xz.Reader.Read
Vulnerability #42: GO-2020-0015
Infinite loop when decoding some inputs in golang.org/x/text
More info: https://pkg.go.dev/vuln/GO-2020-0015
Module: golang.org/x/text
Found in: golang.org/x/text@v0.3.2
Fixed in: golang.org/x/text@v0.3.3
Example traces found:
#1: communicator/ssh/communicator.go:434:17: ssh.Communicator.UploadScript calls bytes.Buffer.ReadFrom, which eventually calls unicode.utf16Decoder.Transform
Your code is affected by 42 vulnerabilities from 10 modules.
This scan also found 16 vulnerabilities in packages you import and 6
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/terraform-provider-archive
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200707034311-ab3426394381
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.ConnectionError.Error
#2: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#3: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#4: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.FrameType.String
#5: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#6: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteContinuation
#7: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteData
#8: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#9: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteHeaders
#10: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#11: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteRSTStream
#12: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#13: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#15: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.Setting.String
#16: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.SettingID.String
#17: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#18: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.StreamError.Error
#19: internal/provider/zip_archiver.go:193:17: provider.ZipArchiver.close calls zip.Writer.Close, which eventually calls http2.chunkWriter.Write
#20: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.connError.Error
#21: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.duplicatePseudoHeaderError.Error
#22: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.headerFieldNameError.Error
#23: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.headerFieldValueError.Error
#24: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.pseudoHeaderError.Error
#25: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #2: GO-2023-2153
Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc
More info: https://pkg.go.dev/vuln/GO-2023-2153
Module: google.golang.org/grpc
Found in: google.golang.org/grpc@v1.32.0
Fixed in: google.golang.org/grpc@v1.56.3
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.NewServer
#2: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.Server.Serve
#3: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls transport.NewServerTransport
Vulnerability #3: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200707034311-ab3426394381
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hpack.Decoder.Write
#2: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.ConnectionError.Error
#3: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#4: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#5: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.FrameType.String
#6: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#7: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteContinuation
#8: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteData
#9: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#10: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteHeaders
#11: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#12: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteRSTStream
#13: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#15: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#16: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.Setting.String
#17: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.SettingID.String
#18: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#19: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.StreamError.Error
#20: internal/provider/zip_archiver.go:193:17: provider.ZipArchiver.close calls zip.Writer.Close, which eventually calls http2.chunkWriter.Write
#21: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.connError.Error
#22: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.duplicatePseudoHeaderError.Error
#23: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.headerFieldNameError.Error
#24: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.headerFieldValueError.Error
#25: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.pseudoHeaderError.Error
#26: internal/hashcode/hashcode.go:31:30: hashcode.Strings calls fmt.Sprintf, which eventually calls http2.writeData.String
Your code is affected by 3 vulnerabilities from 2 modules.
This scan also found 6 vulnerabilities in packages you import and 6
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/terraform-provider-aws
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20201110031124-69a78807bb2b
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: aws/internal/service/eks/token/token.go:308:30: token.tokenVerifier.Verify calls http.Client.Do, which eventually calls http2.ConnectionError.Error
#2: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#3: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#4: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.FrameType.String
#5: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#6: aws/opsworks_layers.go:407:9: aws.opsworksLayerType.Create calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteContinuation
#7: aws/opsworks_layers.go:407:9: aws.opsworksLayerType.Create calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteData
#8: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#9: aws/opsworks_layers.go:407:9: aws.opsworksLayerType.Create calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteHeaders
#10: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#11: aws/opsworks_layers.go:407:9: aws.opsworksLayerType.Create calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteRSTStream
#12: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#13: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#14: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#15: aws/internal/service/eks/token/token.go:308:30: token.tokenVerifier.Verify calls http.Client.Do, which eventually calls http2.GoAwayError.Error
#16: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.Setting.String
#17: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.SettingID.String
#18: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#19: aws/internal/service/eks/token/token.go:308:30: token.tokenVerifier.Verify calls http.Client.Do, which eventually calls http2.StreamError.Error
#20: aws/internal/keyvaluetags/key_value_tags.go:416:14: keyvaluetags.KeyValueTags.String calls fmt.Fprintf, which eventually calls http2.chunkWriter.Write
#21: aws/internal/service/eks/token/token.go:308:30: token.tokenVerifier.Verify calls http.Client.Do, which eventually calls http2.connError.Error
#22: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.duplicatePseudoHeaderError.Error
#23: aws/internal/service/eks/token/token.go:316:2: token.tokenVerifier.Verify calls http2.gzipReader.Close
#24: aws/internal/vault/helper/pgpkeys/encrypt_decrypt.go:114:25: pgpkeys.DecryptBytes calls bytes.Buffer.ReadFrom, which calls http2.gzipReader.Read
#25: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.headerFieldNameError.Error
#26: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.headerFieldValueError.Error
#27: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.pseudoHeaderError.Error
#28: aws/internal/keyvaluetags/key_value_tags.go:416:14: keyvaluetags.KeyValueTags.String calls fmt.Fprintf, which eventually calls http2.stickyErrWriter.Write
#29: aws/internal/service/eks/token/token.go:316:2: token.tokenVerifier.Verify calls http2.transportResponseBody.Close
#30: aws/internal/vault/helper/pgpkeys/encrypt_decrypt.go:114:25: pgpkeys.DecryptBytes calls bytes.Buffer.ReadFrom, which calls http2.transportResponseBody.Read
#31: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #2: GO-2023-2153
Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc
More info: https://pkg.go.dev/vuln/GO-2023-2153
Module: google.golang.org/grpc
Found in: google.golang.org/grpc@v1.32.0
Fixed in: google.golang.org/grpc@v1.56.3
Example traces found:
#1: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls grpc.NewServer
#2: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls grpc.Server.Serve
#3: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls transport.NewServerTransport
Vulnerability #3: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20201110031124-69a78807bb2b
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: aws/internal/service/eks/token/token.go:316:2: token.tokenVerifier.Verify calls http2.transportResponseBody.Close, which eventually calls hpack.Decoder.Write
#2: aws/internal/service/eks/token/token.go:308:30: token.tokenVerifier.Verify calls http.Client.Do, which eventually calls http2.ConnectionError.Error
#3: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#4: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#5: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.FrameType.String
#6: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#7: aws/opsworks_layers.go:407:9: aws.opsworksLayerType.Create calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteContinuation
#8: aws/opsworks_layers.go:407:9: aws.opsworksLayerType.Create calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteData
#9: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#10: aws/opsworks_layers.go:407:9: aws.opsworksLayerType.Create calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteHeaders
#11: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#12: aws/opsworks_layers.go:407:9: aws.opsworksLayerType.Create calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteRSTStream
#13: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#14: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#15: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#16: aws/internal/service/eks/token/token.go:308:30: token.tokenVerifier.Verify calls http.Client.Do, which eventually calls http2.GoAwayError.Error
#17: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.Setting.String
#18: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.SettingID.String
#19: main.go:30:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#20: aws/internal/service/eks/token/token.go:308:30: token.tokenVerifier.Verify calls http.Client.Do, which eventually calls http2.StreamError.Error
#21: aws/internal/keyvaluetags/key_value_tags.go:416:14: keyvaluetags.KeyValueTags.String calls fmt.Fprintf, which eventually calls http2.chunkWriter.Write
#22: aws/internal/service/eks/token/token.go:308:30: token.tokenVerifier.Verify calls http.Client.Do, which eventually calls http2.connError.Error
#23: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.duplicatePseudoHeaderError.Error
#24: aws/internal/service/eks/token/token.go:316:2: token.tokenVerifier.Verify calls http2.gzipReader.Close
#25: aws/internal/vault/helper/pgpkeys/encrypt_decrypt.go:114:25: pgpkeys.DecryptBytes calls bytes.Buffer.ReadFrom, which calls http2.gzipReader.Read
#26: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.headerFieldNameError.Error
#27: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.headerFieldValueError.Error
#28: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.pseudoHeaderError.Error
#29: aws/internal/keyvaluetags/key_value_tags.go:416:14: keyvaluetags.KeyValueTags.String calls fmt.Fprintf, which eventually calls http2.stickyErrWriter.Write
#30: aws/internal/service/eks/token/token.go:316:2: token.tokenVerifier.Verify calls http2.transportResponseBody.Close
#31: aws/internal/vault/helper/pgpkeys/encrypt_decrypt.go:114:25: pgpkeys.DecryptBytes calls bytes.Buffer.ReadFrom, which calls http2.transportResponseBody.Read
#32: aws/resource_aws_s3_bucket.go:1725:21: aws.WebsiteDomainUrl calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #4: GO-2022-0586
Resource exhaustion in github.com/hashicorp/go-getter and related modules
More info: https://pkg.go.dev/vuln/GO-2022-0586
Module: github.com/hashicorp/go-getter
Found in: github.com/hashicorp/go-getter@v1.5.0
Fixed in: github.com/hashicorp/go-getter@v1.6.1
Example traces found:
#1: aws/internal/tfresource/errors.go:6:2: tfresource.init calls resource.init, which eventually calls getter.init
Your code is affected by 4 vulnerabilities from 3 modules.
This scan also found 9 vulnerabilities in packages you import and 14
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/terraform-provider-kubernetes
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20191009170851-d66e71096ffb
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: kubernetes/provider.go:231:37: kubernetes.kubeClientsets.AggregatorClientset calls clientset.NewForConfig, which eventually calls http2.ConfigureTransport
#2: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.ConnectionError.Error
#3: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.ErrCode.String
#4: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.FrameHeader.String
#5: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.FrameType.String
#6: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#7: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Framer.WriteContinuation
#8: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Framer.WriteData
#9: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#10: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Framer.WriteHeaders
#11: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#12: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Framer.WriteRSTStream
#13: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#15: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#16: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.GoAwayError.Error
#17: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.Setting.String
#18: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.SettingID.String
#19: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#20: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.StreamError.Error
#21: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Transport.NewClientConn
#22: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Transport.RoundTrip
#23: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.chunkWriter.Write
#24: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.connError.Error
#25: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.duplicatePseudoHeaderError.Error
#26: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.gzipReader.Close
#27: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.gzipReader.Read
#28: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.headerFieldNameError.Error
#29: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.headerFieldValueError.Error
#30: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#31: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.pseudoHeaderError.Error
#32: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.stickyErrWriter.Write
#33: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.transportResponseBody.Close
#34: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.transportResponseBody.Read
#35: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.writeData.String
Vulnerability #2: GO-2023-2153
Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc
More info: https://pkg.go.dev/vuln/GO-2023-2153
Module: google.golang.org/grpc
Found in: google.golang.org/grpc@v1.23.1
Fixed in: google.golang.org/grpc@v1.56.3
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.NewServer
#2: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.Server.Serve
#3: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls transport.NewServerTransport
Vulnerability #3: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20191009170851-d66e71096ffb
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hpack.Decoder.Write
#2: kubernetes/provider.go:231:37: kubernetes.kubeClientsets.AggregatorClientset calls clientset.NewForConfig, which eventually calls http2.ConfigureTransport
#3: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.ConnectionError.Error
#4: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.ErrCode.String
#5: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.FrameHeader.String
#6: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.FrameType.String
#7: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#8: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Framer.WriteContinuation
#9: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Framer.WriteData
#10: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#11: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Framer.WriteHeaders
#12: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#13: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Framer.WriteRSTStream
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#15: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#16: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#17: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.GoAwayError.Error
#18: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.Setting.String
#19: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.SettingID.String
#20: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#21: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.StreamError.Error
#22: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Transport.NewClientConn
#23: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.Transport.RoundTrip
#24: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.chunkWriter.Write
#25: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.connError.Error
#26: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.duplicatePseudoHeaderError.Error
#27: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.gzipReader.Close
#28: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.gzipReader.Read
#29: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.headerFieldNameError.Error
#30: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.headerFieldValueError.Error
#31: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#32: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.pseudoHeaderError.Error
#33: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.stickyErrWriter.Write
#34: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls http2.transportResponseBody.Close
#35: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.transportResponseBody.Read
#36: kubernetes/provider.go:233:26: kubernetes.kubeClientsets.AggregatorClientset calls fmt.Errorf, which eventually calls http2.writeData.String
Vulnerability #4: GO-2022-0586
Resource exhaustion in github.com/hashicorp/go-getter and related modules
More info: https://pkg.go.dev/vuln/GO-2022-0586
Module: github.com/hashicorp/go-getter
Found in: github.com/hashicorp/go-getter@v1.4.2-0.20200106182914-9813cbd4eb02
Fixed in: github.com/hashicorp/go-getter@v1.6.1
Example traces found:
#1: kubernetes/provider.go:11:2: kubernetes.init calls terraform.init, which eventually calls getter.init
Vulnerability #5: GO-2022-0236
Panic due to large headers in net/http and golang.org/x/net/http/httpguts
More info: https://pkg.go.dev/vuln/GO-2022-0236
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20191009170851-d66e71096ffb
Fixed in: golang.org/x/net@v0.0.0-20210428140749-89ef3d95e781
Example traces found:
#1: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls httpguts.HeaderValuesContainsToken
Vulnerability #6: GO-2021-0065
Unauthorized credential disclosure in k8s.io/kubernetes and k8s.io/client-go
More info: https://pkg.go.dev/vuln/GO-2021-0065
Module: k8s.io/client-go
Found in: k8s.io/client-go@v0.0.0-20190918160344-1fbdaa4c8d90
Fixed in: k8s.io/client-go@v0.17.0
Example traces found:
#1: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls transport.basicAuthRoundTripper.RoundTrip
#2: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls transport.bearerAuthRoundTripper.RoundTrip
#3: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls transport.debuggingRoundTripper.RoundTrip
#4: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls transport.impersonatingRoundTripper.RoundTrip
#5: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls transport.userAgentRoundTripper.RoundTrip
Vulnerability #7: GO-2021-0064
Unauthorized credential disclosure via debug logs in k8s.io/kubernetes and
k8s.io/client-go
More info: https://pkg.go.dev/vuln/GO-2021-0064
Module: k8s.io/client-go
Found in: k8s.io/client-go@v0.0.0-20190918160344-1fbdaa4c8d90
Fixed in: k8s.io/client-go@v0.20.0-alpha.2
Example traces found:
#1: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls transport.basicAuthRoundTripper.RoundTrip
#2: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls transport.bearerAuthRoundTripper.RoundTrip
#3: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls transport.debuggingRoundTripper.RoundTrip
#4: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls transport.impersonatingRoundTripper.RoundTrip
#5: kubernetes/provider.go:7:2: kubernetes.init calls http.init, which eventually calls transport.userAgentRoundTripper.RoundTrip
Vulnerability #8: GO-2020-0036
Excessive resource consumption in YAML parsing in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2020-0036
Module: gopkg.in/yaml.v2
Found in: gopkg.in/yaml.v2@v2.2.4
Fixed in: gopkg.in/yaml.v2@v2.2.8
Example traces found:
#1: kubernetes/provider.go:231:37: kubernetes.kubeClientsets.AggregatorClientset calls clientset.NewForConfig, which eventually calls yaml.Unmarshal
#2: kubernetes/provider.go:231:37: kubernetes.kubeClientsets.AggregatorClientset calls clientset.NewForConfig, which eventually calls yaml.UnmarshalStrict
Your code is affected by 8 vulnerabilities from 5 modules.
This scan also found 12 vulnerabilities in packages you import and 17
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/terraform-provider-local
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20190813141303-74dc4d7220e7
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.ConnectionError.Error
#2: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.ErrCode.String
#3: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.FrameHeader.String
#4: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.FrameType.String
#5: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#6: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.Framer.WriteContinuation
#7: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.Framer.WriteData
#8: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#9: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.Framer.WriteHeaders
#10: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#11: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.Framer.WriteRSTStream
#12: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#13: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#15: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.GoAwayError.Error
#16: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Setting.String
#17: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingID.String
#18: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#19: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.StreamError.Error
#20: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.chunkWriter.Write
#21: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.connError.Error
#22: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.duplicatePseudoHeaderError.Error
#23: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.gzipReader.Close
#24: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.gzipReader.Read
#25: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.headerFieldNameError.Error
#26: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.headerFieldValueError.Error
#27: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.pseudoHeaderError.Error
#28: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.stickyErrWriter.Write
#29: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.transportResponseBody.Close
#30: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.transportResponseBody.Read
#31: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.writeData.String
Vulnerability #2: GO-2023-2153
Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc
More info: https://pkg.go.dev/vuln/GO-2023-2153
Module: google.golang.org/grpc
Found in: google.golang.org/grpc@v1.23.0
Fixed in: google.golang.org/grpc@v1.56.3
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.NewServer
#2: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.Server.Serve
#3: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls transport.NewServerTransport
Vulnerability #3: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20190813141303-74dc4d7220e7
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hpack.Decoder.Write
#2: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.ConnectionError.Error
#3: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.ErrCode.String
#4: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.FrameHeader.String
#5: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.FrameType.String
#6: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#7: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.Framer.WriteContinuation
#8: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.Framer.WriteData
#9: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#10: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.Framer.WriteHeaders
#11: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#12: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.Framer.WriteRSTStream
#13: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#15: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#16: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.GoAwayError.Error
#17: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Setting.String
#18: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingID.String
#19: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#20: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.StreamError.Error
#21: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.chunkWriter.Write
#22: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.connError.Error
#23: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.duplicatePseudoHeaderError.Error
#24: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.gzipReader.Close
#25: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.gzipReader.Read
#26: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.headerFieldNameError.Error
#27: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.headerFieldValueError.Error
#28: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.pseudoHeaderError.Error
#29: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.stickyErrWriter.Write
#30: local/provider.go:5:2: local.init calls terraform.init, which eventually calls http2.transportResponseBody.Close
#31: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.transportResponseBody.Read
#32: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.writeData.String
Vulnerability #4: GO-2022-0586
Resource exhaustion in github.com/hashicorp/go-getter and related modules
More info: https://pkg.go.dev/vuln/GO-2022-0586
Module: github.com/hashicorp/go-getter
Found in: github.com/hashicorp/go-getter@v1.4.0
Fixed in: github.com/hashicorp/go-getter@v1.6.1
Example traces found:
#1: local/provider.go:5:2: local.init calls terraform.init, which eventually calls getter.init
Your code is affected by 4 vulnerabilities from 3 modules.
This scan also found 11 vulnerabilities in packages you import and 16
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/terraform-provider-null
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20190311183353-d8887717615a
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.ConnectionError.Error
#2: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.ErrCode.String
#3: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.FrameHeader.String
#4: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.FrameType.String
#5: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#6: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.Framer.WriteContinuation
#7: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.Framer.WriteData
#8: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#9: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.Framer.WriteHeaders
#10: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#11: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.Framer.WriteRSTStream
#12: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#13: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#15: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.GoAwayError.Error
#16: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Setting.String
#17: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingID.String
#18: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#19: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.StreamError.Error
#20: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.chunkWriter.Write
#21: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.connError.Error
#22: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.duplicatePseudoHeaderError.Error
#23: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.gzipReader.Close
#24: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.gzipReader.Read
#25: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.headerFieldNameError.Error
#26: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.headerFieldValueError.Error
#27: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.pseudoHeaderError.Error
#28: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.stickyErrWriter.Write
#29: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.transportResponseBody.Close
#30: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.transportResponseBody.Read
#31: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.writeData.String
Vulnerability #2: GO-2023-2153
Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc
More info: https://pkg.go.dev/vuln/GO-2023-2153
Module: google.golang.org/grpc
Found in: google.golang.org/grpc@v1.18.0
Fixed in: google.golang.org/grpc@v1.56.3
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.NewServer
#2: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.Server.Serve
#3: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls transport.NewServerTransport
Vulnerability #3: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20190311183353-d8887717615a
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hpack.Decoder.Write
#2: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.ConnectionError.Error
#3: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.ErrCode.String
#4: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.FrameHeader.String
#5: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.FrameType.String
#6: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#7: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.Framer.WriteContinuation
#8: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.Framer.WriteData
#9: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#10: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.Framer.WriteHeaders
#11: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#12: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.Framer.WriteRSTStream
#13: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#15: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#16: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.GoAwayError.Error
#17: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Setting.String
#18: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingID.String
#19: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#20: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.StreamError.Error
#21: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.chunkWriter.Write
#22: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.connError.Error
#23: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.duplicatePseudoHeaderError.Error
#24: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.gzipReader.Close
#25: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.gzipReader.Read
#26: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.headerFieldNameError.Error
#27: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.headerFieldValueError.Error
#28: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.pseudoHeaderError.Error
#29: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.stickyErrWriter.Write
#30: null/provider.go:5:2: null.init calls terraform.init, which eventually calls http2.transportResponseBody.Close
#31: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.transportResponseBody.Read
#32: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.writeData.String
Vulnerability #4: GO-2022-0839
Use of a Broken or Risky Cryptographic Algorithm in Terraform in
github.com/hashicorp/terraform
More info: https://pkg.go.dev/vuln/GO-2022-0839
Module: github.com/hashicorp/terraform
Found in: github.com/hashicorp/terraform@v0.12.0-alpha4.0.20190424121927-9327eedb0417
Fixed in: github.com/hashicorp/terraform@v0.12.17
Example traces found:
#1: null/provider.go:5:2: null.init calls terraform.init, which calls addrs.init
#2: main.go:4:2: terraform.init calls plugin.init, which eventually calls auth.init
#3: null/provider.go:5:2: null.init calls terraform.init, which eventually calls blocktoattr.init
#4: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls config.NewRawConfig
#5: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls config.RawConfig.Config
#6: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls config.RawConfig.RawMap
#7: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls config.RawConfig.UnknownKeys
#8: null/provider.go:5:2: null.init calls terraform.init, which calls config.init
#9: null/provider.go:5:2: null.init calls terraform.init, which eventually calls config.interpolationWalker.Enter
#10: null/provider.go:5:2: null.init calls terraform.init, which eventually calls config.interpolationWalker.Exit
#11: null/provider.go:5:2: null.init calls terraform.init, which eventually calls config.interpolationWalker.Map
#12: null/provider.go:5:2: null.init calls terraform.init, which eventually calls config.interpolationWalker.MapElem
#13: null/provider.go:5:2: null.init calls terraform.init, which eventually calls config.interpolationWalker.Primitive
#14: null/provider.go:5:2: null.init calls terraform.init, which eventually calls config.interpolationWalker.Slice
#15: null/provider.go:5:2: null.init calls terraform.init, which eventually calls config.interpolationWalker.SliceElem
#16: null/provider.go:5:2: null.init calls terraform.init, which calls configs.init
#17: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls configschema.Block.CoerceValue
#18: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls configschema.Block.ImpliedType
#19: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls configschema.NestingMode.String
#20: null/provider.go:5:2: null.init calls terraform.init, which calls configschema.init
#21: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls convert.AppendProtoDiag
#22: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls convert.ConfigSchemaToProto
#23: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls convert.PathToAttributePath
#24: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls convert.WarnsAndErrsToProto
#25: main.go:4:2: terraform.init calls plugin.init, which calls convert.init
#26: null/provider.go:5:2: null.init calls terraform.init, which calls dag.init
#27: null/provider.go:5:2: null.init calls terraform.init, which calls didyoumean.init
#28: main.go:4:2: terraform.init calls plugin.init, which eventually calls disco.init
#29: null/provider.go:5:2: null.init calls terraform.init, which calls discovery.init
#30: null/provider.go:5:2: null.init calls terraform.init, which calls flatmap.init
#31: null/provider.go:5:2: null.init calls terraform.init, which eventually calls funcs.init
#32: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hashcode.String
#33: null/data_source.go:8:2: null.init calls schema.init, which calls hashcode.init
#34: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hcl2shim.ConfigValueFromHCL2Block
#35: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hcl2shim.FlatmapValueFromHCL2
#36: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hcl2shim.HCL2ValueFromConfigValue
#37: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hcl2shim.HCL2ValueFromFlatmap
#38: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hcl2shim.RequiresReplace
#39: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hcl2shim.ValuesSDKEquivalent
#40: null/provider.go:5:2: null.init calls terraform.init, which calls hcl2shim.init
#41: null/provider.go:5:2: null.init calls terraform.init, which eventually calls hilmapstructure.init
#42: null/provider.go:5:2: null.init calls terraform.init, which eventually calls httpclient.New
#43: null/provider.go:5:2: null.init calls terraform.init, which calls httpclient.init
#44: null/provider.go:5:2: null.init calls terraform.init, which calls lang.init
#45: null/provider.go:5:2: null.init calls terraform.init, which calls module.init
#46: null/provider.go:5:2: null.init calls terraform.init, which calls moduledeps.init
#47: null/provider.go:5:2: null.init calls terraform.init, which calls objchange.init
#48: null/provider.go:5:2: null.init calls terraform.init, which calls plans.init
#49: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.ApplyResourceChange
#50: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.Configure
#51: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.GetSchema
#52: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.ImportResourceState
#53: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.PlanResourceChange
#54: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.PrepareProviderConfig
#55: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.ReadDataSource
#56: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.ReadResource
#57: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.Stop
#58: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.UpgradeResourceState
#59: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.ValidateDataSourceConfig
#60: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProviderServer.ValidateResourceTypeConfig
#61: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProvisionerServer.GetSchema
#62: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProvisionerServer.ProvisionResource
#63: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProvisionerServer.Stop
#64: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls plugin.GRPCProvisionerServer.ValidateProvisionerConfig
#65: main.go:9:14: terraform.main calls plugin.Serve, which calls plugin.NewGRPCProviderServerShim
#66: main.go:9:14: terraform.main calls plugin.Serve, which calls plugin.NewGRPCProvisionerServerShim
#67: main.go:9:14: terraform.main calls plugin.Serve
#68: main.go:4:2: terraform.init calls plugin.init
#69: main.go:4:2: terraform.init calls plugin.init, which calls plugin.init
#70: null/provider.go:5:2: null.init calls terraform.init, which calls providers.init
#71: null/provider.go:5:2: null.init calls terraform.init, which calls provisioners.init
#72: main.go:4:2: terraform.init calls plugin.init, which eventually calls registry.init
#73: main.go:4:2: terraform.init calls plugin.init, which eventually calls regsrc.init
#74: main.go:4:2: terraform.init calls plugin.init, which eventually calls response.init
#75: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.DiffFromValues
#76: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.JSONMapToStateValue
#77: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.LegacyResourceSchema
#78: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.LegacySchema
#79: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provider.Apply
#80: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provider.Configure
#81: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provider.ImportState
#82: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provider.Meta
#83: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provider.ReadDataApply
#84: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provider.ReadDataDiff
#85: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provider.SimpleDiff
#86: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provider.Stop
#87: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provider.Validate
#88: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provider.ValidateDataSource
#89: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provider.ValidateResource
#90: null/provider.go:5:2: null.init calls terraform.init, which eventually calls schema.Provider.stopInit
#91: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provisioner.Apply
#92: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provisioner.Stop
#93: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Provisioner.Validate
#94: null/provider.go:5:2: null.init calls terraform.init, which eventually calls schema.Provisioner.stopInit
#95: null/provider.go:5:2: null.init calls terraform.init, which eventually calls schema.ReadField
#96: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Resource.CoreConfigSchema
#97: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Resource.RefreshWithoutUpgrade
#98: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Resource.ShimInstanceStateFromValue
#99: null/provider.go:5:2: null.init calls terraform.init, which eventually calls schema.ResourceData.init
#100: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Schema.DefaultValue
#101: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Schema.GoString
#102: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.Set.GoString
#103: null/provider.go:5:2: null.init calls terraform.init, which eventually calls schema.Set.init
#104: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.SetProto5
#105: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.StateValueFromInstanceState
#106: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.StateValueToJSONMap
#107: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.ValueType.String
#108: null/data_source.go:8:2: null.init calls schema.init
#109: null/provider.go:5:2: null.init calls terraform.init, which eventually calls schema.newValueWriter.init
#110: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls schema.schemaMap.CoreConfigSchema
#111: null/provider.go:5:2: null.init calls terraform.init, which calls statefile.init
#112: null/provider.go:5:2: null.init calls terraform.init, which calls states.init
#113: main.go:4:2: terraform.init calls plugin.init, which eventually calls svchost.init
#114: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.InstanceDiff.Apply
#115: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.InstanceDiff.Empty
#116: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.InstanceDiff.GoString
#117: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.InstanceDiff.RequiresNew
#118: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.InstanceState.AttrsAsObjectValue
#119: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.InstanceState.DeepCopy
#120: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.InstanceState.String
#121: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.NewInstanceDiff
#122: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.NewInstanceStateShimmedFromValue
#123: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.NewResourceConfig
#124: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.NewResourceConfigShimmed
#125: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.ResourceConfig.Get
#126: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.ResourceConfig.GetRaw
#127: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.ResourceConfig.IsComputed
#128: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.ValueSourceType.GoString
#129: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.ValueSourceType.String
#130: null/provider.go:5:2: null.init calls terraform.init
#131: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls terraform.unknownCheckWalker.Primitive
#132: null/provider.go:5:2: null.init calls terraform.init, which calls tfdiags.init
#133: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ApplyResourceChange_Request.Reset
#134: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ApplyResourceChange_Request.String
#135: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ApplyResourceChange_Request.XXX_Unmarshal
#136: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ApplyResourceChange_Response.String
#137: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ApplyResourceChange_Response.XXX_Marshal
#138: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ApplyResourceChange_Response.XXX_Size
#139: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Configure_Request.Reset
#140: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Configure_Request.String
#141: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Configure_Request.XXX_Unmarshal
#142: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Configure_Response.String
#143: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Configure_Response.XXX_Marshal
#144: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Configure_Response.XXX_Size
#145: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProviderSchema_Request.Reset
#146: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProviderSchema_Request.String
#147: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProviderSchema_Request.XXX_Unmarshal
#148: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProviderSchema_Response.String
#149: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProviderSchema_Response.XXX_Marshal
#150: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProviderSchema_Response.XXX_Size
#151: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProvisionerSchema_Request.Reset
#152: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProvisionerSchema_Request.String
#153: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProvisionerSchema_Request.XXX_Unmarshal
#154: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProvisionerSchema_Response.String
#155: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProvisionerSchema_Response.XXX_Marshal
#156: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.GetProvisionerSchema_Response.XXX_Size
#157: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ImportResourceState_Request.Reset
#158: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ImportResourceState_Request.String
#159: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ImportResourceState_Request.XXX_Unmarshal
#160: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ImportResourceState_Response.String
#161: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ImportResourceState_Response.XXX_Marshal
#162: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ImportResourceState_Response.XXX_Size
#163: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PlanResourceChange_Request.Reset
#164: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PlanResourceChange_Request.String
#165: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PlanResourceChange_Request.XXX_Unmarshal
#166: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PlanResourceChange_Response.String
#167: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PlanResourceChange_Response.XXX_Marshal
#168: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PlanResourceChange_Response.XXX_Size
#169: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PrepareProviderConfig_Request.Reset
#170: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PrepareProviderConfig_Request.String
#171: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PrepareProviderConfig_Request.XXX_Unmarshal
#172: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PrepareProviderConfig_Response.String
#173: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PrepareProviderConfig_Response.XXX_Marshal
#174: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.PrepareProviderConfig_Response.XXX_Size
#175: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ProvisionResource_Request.Reset
#176: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ProvisionResource_Request.String
#177: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ProvisionResource_Request.XXX_Unmarshal
#178: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ProvisionResource_Response.String
#179: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ProvisionResource_Response.XXX_Marshal
#180: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ProvisionResource_Response.XXX_Size
#181: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadDataSource_Request.Reset
#182: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadDataSource_Request.String
#183: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadDataSource_Request.XXX_Unmarshal
#184: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadDataSource_Response.String
#185: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadDataSource_Response.XXX_Marshal
#186: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadDataSource_Response.XXX_Size
#187: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadResource_Request.Reset
#188: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadResource_Request.String
#189: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadResource_Request.XXX_Unmarshal
#190: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadResource_Response.String
#191: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadResource_Response.XXX_Marshal
#192: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ReadResource_Response.XXX_Size
#193: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.RegisterProviderServer
#194: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.RegisterProvisionerServer
#195: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Stop_Request.Reset
#196: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Stop_Request.String
#197: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Stop_Request.XXX_Unmarshal
#198: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Stop_Response.String
#199: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Stop_Response.XXX_Marshal
#200: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.Stop_Response.XXX_Size
#201: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.UpgradeResourceState_Request.Reset
#202: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.UpgradeResourceState_Request.String
#203: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.UpgradeResourceState_Request.XXX_Unmarshal
#204: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.UpgradeResourceState_Response.String
#205: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.UpgradeResourceState_Response.XXX_Marshal
#206: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.UpgradeResourceState_Response.XXX_Size
#207: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateDataSourceConfig_Request.Reset
#208: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateDataSourceConfig_Request.String
#209: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateDataSourceConfig_Request.XXX_Unmarshal
#210: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateDataSourceConfig_Response.String
#211: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateDataSourceConfig_Response.XXX_Marshal
#212: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateDataSourceConfig_Response.XXX_Size
#213: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateProvisionerConfig_Request.Reset
#214: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateProvisionerConfig_Request.String
#215: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateProvisionerConfig_Request.XXX_Unmarshal
#216: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateProvisionerConfig_Response.String
#217: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateProvisionerConfig_Response.XXX_Marshal
#218: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateProvisionerConfig_Response.XXX_Size
#219: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateResourceTypeConfig_Request.Reset
#220: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateResourceTypeConfig_Request.String
#221: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateResourceTypeConfig_Request.XXX_Unmarshal
#222: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateResourceTypeConfig_Response.String
#223: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateResourceTypeConfig_Response.XXX_Marshal
#224: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5.ValidateResourceTypeConfig_Response.XXX_Size
#225: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_ApplyResourceChange_Handler
#226: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_Configure_Handler
#227: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_GetSchema_Handler
#228: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_ImportResourceState_Handler
#229: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_PlanResourceChange_Handler
#230: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_PrepareProviderConfig_Handler
#231: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_ReadDataSource_Handler
#232: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_ReadResource_Handler
#233: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_Stop_Handler
#234: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_UpgradeResourceState_Handler
#235: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_ValidateDataSourceConfig_Handler
#236: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provider_ValidateResourceTypeConfig_Handler
#237: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provisioner_GetSchema_Handler
#238: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provisioner_ProvisionResource_Handler
#239: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provisioner_Stop_Handler
#240: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls tfplugin5._Provisioner_ValidateProvisionerConfig_Handler
#241: main.go:4:2: terraform.init calls plugin.init, which calls tfplugin5.init
#242: main.go:4:2: terraform.init calls plugin.init, which eventually calls version.String
#243: null/provider.go:5:2: null.init calls terraform.init, which calls version.init
Vulnerability #5: GO-2022-0586
Resource exhaustion in github.com/hashicorp/go-getter and related modules
More info: https://pkg.go.dev/vuln/GO-2022-0586
Module: github.com/hashicorp/go-getter
Found in: github.com/hashicorp/go-getter@v1.1.0
Fixed in: github.com/hashicorp/go-getter@v1.6.1
Example traces found:
#1: main.go:4:2: terraform.init calls plugin.init, which eventually calls getter.init
Your code is affected by 5 vulnerabilities from 4 modules.
This scan also found 12 vulnerabilities in packages you import and 18
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/terraform-provider-random
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200301022130-244492dfa37a
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which calls http2.ConnectionError.Error
#2: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#3: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#4: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.FrameType.String
#5: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#6: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteContinuation
#7: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteData
#8: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#9: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteHeaders
#10: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#11: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteRSTStream
#12: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#13: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#15: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which calls http2.GoAwayError.Error
#16: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.Setting.String
#17: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.SettingID.String
#18: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#19: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which calls http2.StreamError.Error
#20: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.chunkWriter.Write
#21: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which calls http2.connError.Error
#22: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which eventually calls http2.duplicatePseudoHeaderError.Error
#23: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.gzipReader.Close
#24: random/resource_id.go:76:28: random.CreateID calls rand.reader.Read, which eventually calls http2.gzipReader.Read
#25: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which eventually calls http2.headerFieldNameError.Error
#26: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which eventually calls http2.headerFieldValueError.Error
#27: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which eventually calls http2.pseudoHeaderError.Error
#28: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.stickyErrWriter.Write
#29: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.transportResponseBody.Close
#30: random/resource_id.go:76:28: random.CreateID calls rand.reader.Read, which eventually calls http2.transportResponseBody.Read
#31: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #2: GO-2023-2153
Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc
More info: https://pkg.go.dev/vuln/GO-2023-2153
Module: google.golang.org/grpc
Found in: google.golang.org/grpc@v1.27.1
Fixed in: google.golang.org/grpc@v1.56.3
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.NewServer
#2: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.Server.Serve
#3: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls transport.NewServerTransport
Vulnerability #3: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200301022130-244492dfa37a
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: random/resource_id.go:76:28: random.CreateID calls rand.reader.Read, which eventually calls hpack.Decoder.Write
#2: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which calls http2.ConnectionError.Error
#3: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#4: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#5: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.FrameType.String
#6: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#7: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteContinuation
#8: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteData
#9: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#10: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteHeaders
#11: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#12: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.Framer.WriteRSTStream
#13: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#15: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#16: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which calls http2.GoAwayError.Error
#17: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.Setting.String
#18: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.SettingID.String
#19: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#20: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which calls http2.StreamError.Error
#21: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.chunkWriter.Write
#22: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which calls http2.connError.Error
#23: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which eventually calls http2.duplicatePseudoHeaderError.Error
#24: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.gzipReader.Close
#25: random/resource_id.go:76:28: random.CreateID calls rand.reader.Read, which eventually calls http2.gzipReader.Read
#26: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which eventually calls http2.headerFieldNameError.Error
#27: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which eventually calls http2.headerFieldValueError.Error
#28: random/resource_id.go:127:28: random.ImportID calls errwrap.Wrapf, which eventually calls http2.pseudoHeaderError.Error
#29: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.stickyErrWriter.Write
#30: random/resource_id.go:131:9: random.ImportID calls schema.ResourceData.SetId, which eventually calls http2.transportResponseBody.Close
#31: random/resource_id.go:76:28: random.CreateID calls rand.reader.Read, which eventually calls http2.transportResponseBody.Read
#32: random/resource_pet.go:56:20: random.CreatePet calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #4: GO-2022-0586
Resource exhaustion in github.com/hashicorp/go-getter and related modules
More info: https://pkg.go.dev/vuln/GO-2022-0586
Module: github.com/hashicorp/go-getter
Found in: github.com/hashicorp/go-getter@v1.4.0
Fixed in: github.com/hashicorp/go-getter@v1.6.1
Example traces found:
#1: random/provider.go:5:2: random.init calls terraform.init, which eventually calls getter.init
Your code is affected by 4 vulnerabilities from 3 modules.
This scan also found 11 vulnerabilities in packages you import and 16
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/terraform-provider-vultr
=== Symbol Results ===
Vulnerability #1: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.7.1
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: vultr/resource_vultr_dns_records.go:137:40: vultr.resourceVultrDNSRecordImport calls govultr.DomainRecordsServiceHandler.Get, which eventually calls retryablehttp.Client.Do
Vulnerability #2: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20210326060303-6b1517762897
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.ConnectionError.Error
#2: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#3: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#4: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.FrameType.String
#5: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#6: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.Framer.WriteContinuation
#7: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.Framer.WriteData
#8: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#9: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.Framer.WriteHeaders
#10: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#11: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.Framer.WriteRSTStream
#12: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#13: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#15: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.GoAwayError.Error
#16: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.Setting.String
#17: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.SettingID.String
#18: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#19: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.StreamError.Error
#20: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.chunkWriter.Write
#21: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.connError.Error
#22: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.duplicatePseudoHeaderError.Error
#23: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.gzipReader.Close
#24: main.go:4:2: terraform.init calls plugin.init, which eventually calls http2.gzipReader.Read
#25: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.headerFieldNameError.Error
#26: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.headerFieldValueError.Error
#27: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.pseudoHeaderError.Error
#28: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.stickyErrWriter.Write
#29: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.transportResponseBody.Close
#30: main.go:4:2: terraform.init calls plugin.init, which eventually calls http2.transportResponseBody.Read
#31: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.writeData.String
Vulnerability #3: GO-2023-2153
Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc
More info: https://pkg.go.dev/vuln/GO-2023-2153
Module: google.golang.org/grpc
Found in: google.golang.org/grpc@v1.46.0
Fixed in: google.golang.org/grpc@v1.56.3
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.NewServer
#2: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls grpc.Server.Serve
#3: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls transport.NewServerTransport
Vulnerability #4: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20210326060303-6b1517762897
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls hpack.Decoder.Write
#2: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.ConnectionError.Error
#3: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#4: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#5: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.FrameType.String
#6: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.ReadFrame
#7: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.Framer.WriteContinuation
#8: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.Framer.WriteData
#9: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteGoAway
#10: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.Framer.WriteHeaders
#11: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WritePing
#12: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.Framer.WriteRSTStream
#13: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettings
#14: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteSettingsAck
#15: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#16: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.GoAwayError.Error
#17: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.Setting.String
#18: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.SettingID.String
#19: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#20: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.StreamError.Error
#21: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.chunkWriter.Write
#22: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.connError.Error
#23: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.duplicatePseudoHeaderError.Error
#24: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.gzipReader.Close
#25: main.go:4:2: terraform.init calls plugin.init, which eventually calls http2.gzipReader.Read
#26: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.headerFieldNameError.Error
#27: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.headerFieldValueError.Error
#28: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.pseudoHeaderError.Error
#29: main.go:9:14: terraform.main calls plugin.Serve, which eventually calls http2.stickyErrWriter.Write
#30: vultr/resource_vultr_iso_private.go:8:2: vultr.init calls net.init, which eventually calls http2.transportResponseBody.Close
#31: main.go:4:2: terraform.init calls plugin.init, which eventually calls http2.transportResponseBody.Read
#32: vultr/config.go:32:26: vultr.Config.Client calls fmt.Sprintf, which eventually calls http2.writeData.String
Your code is affected by 4 vulnerabilities from 3 modules.
This scan also found 7 vulnerabilities in packages you import and 10
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
net/vultr-cli
=== Symbol Results ===
Vulnerability #1: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.7.4
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: cmd/account.go:33:40: cmd.init calls govultr.AccountServiceHandler.Get, which eventually calls retryablehttp.Client.Do
Your code is affected by 1 vulnerability from 1 module.
This scan found no other vulnerabilities in packages you import or modules you
require.
Use '-show verbose' for more details.
security/amass
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.8.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: net/http/http.go:317:9: http.Crawl calls geziyor.Geziyor.Start, which eventually calls html.Parse
Your code is affected by 1 vulnerability from 1 module.
This scan also found 1 vulnerability in packages you import and 3
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
security/dnsx
=== Symbol Results ===
Vulnerability #1: GO-2024-2698
Archiver Path Traversal vulnerability in github.com/mholt/archiver
More info: https://pkg.go.dev/vuln/GO-2024-2698
Module: github.com/mholt/archiver/v3
Found in: github.com/mholt/archiver/v3@v3.5.1
Fixed in: N/A
Example traces found:
#1: internal/runner/banner.go:4:2: runner.init calls gologger.init, which eventually calls archiver.init
Vulnerability #2: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.17.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: internal/runner/banner.go:5:2: runner.init calls pdcp.init, which eventually calls http2.ConfigureTransport
#2: internal/runner/options.go:230:76: runner.ParseOptions calls update.GetToolVersionCallback, which eventually calls http2.ConnectionError.Error
#3: libs/dnsx/dnsx.go:50:20: dnsx.AsnResponse.String calls fmt.Sprintf, which eventually calls http2.ErrCode.String
#4: libs/dnsx/dnsx.go:50:20: dnsx.AsnResponse.String calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
#5: libs/dnsx/dnsx.go:50:20: dnsx.AsnResponse.String calls fmt.Sprintf, which eventually calls http2.FrameType.String
#6: internal/runner/options.go:230:76: runner.ParseOptions calls update.GetToolVersionCallback, which eventually calls http2.GoAwayError.Error
#7: libs/dnsx/dnsx.go:50:20: dnsx.AsnResponse.String calls fmt.Sprintf, which eventually calls http2.Setting.String
#8: libs/dnsx/dnsx.go:50:20: dnsx.AsnResponse.String calls fmt.Sprintf, which eventually calls http2.SettingID.String
#9: internal/runner/options.go:230:76: runner.ParseOptions calls update.GetToolVersionCallback, which eventually calls http2.StreamError.Error
#10: internal/runner/options.go:216:47: runner.ParseOptions calls pdcp.PDCPCredHandler.ValidateAPIKey, which eventually calls http2.Transport.NewClientConn
#11: internal/runner/options.go:216:47: runner.ParseOptions calls pdcp.PDCPCredHandler.ValidateAPIKey, which eventually calls http2.Transport.RoundTrip
#12: internal/runner/runner.go:592:3: runner.Runner.HandleOutput calls bufio.Writer.Flush, which calls http2.chunkWriter.Write
#13: internal/runner/options.go:230:76: runner.ParseOptions calls update.GetToolVersionCallback, which eventually calls http2.connError.Error
#14: internal/runner/options.go:230:76: runner.ParseOptions calls update.GetToolVersionCallback, which eventually calls http2.duplicatePseudoHeaderError.Error
#15: internal/runner/options.go:216:47: runner.ParseOptions calls pdcp.PDCPCredHandler.ValidateAPIKey, which calls http2.gzipReader.Close
#16: internal/runner/options.go:216:47: runner.ParseOptions calls pdcp.PDCPCredHandler.ValidateAPIKey, which eventually calls http2.gzipReader.Read
#17: internal/runner/options.go:230:76: runner.ParseOptions calls update.GetToolVersionCallback, which eventually calls http2.headerFieldNameError.Error
#18: internal/runner/options.go:230:76: runner.ParseOptions calls update.GetToolVersionCallback, which eventually calls http2.headerFieldValueError.Error
#19: internal/runner/options.go:216:47: runner.ParseOptions calls pdcp.PDCPCredHandler.ValidateAPIKey, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#20: internal/runner/options.go:230:76: runner.ParseOptions calls update.GetToolVersionCallback, which eventually calls http2.pseudoHeaderError.Error
#21: internal/runner/runner.go:592:3: runner.Runner.HandleOutput calls bufio.Writer.Flush, which calls http2.stickyErrWriter.Write
#22: internal/runner/options.go:216:47: runner.ParseOptions calls pdcp.PDCPCredHandler.ValidateAPIKey, which calls http2.transportResponseBody.Close
#23: internal/runner/options.go:216:47: runner.ParseOptions calls pdcp.PDCPCredHandler.ValidateAPIKey, which eventually calls http2.transportResponseBody.Read
#24: libs/dnsx/dnsx.go:50:20: dnsx.AsnResponse.String calls fmt.Sprintf, which eventually calls http2.writeData.String
Your code is affected by 2 vulnerabilities from 2 modules.
This scan also found 1 vulnerability in packages you import and 3
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
security/httpx
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.29.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: common/httpx/title.go:69:28: httpx.getTitleWithDom calls html.Parse
Vulnerability #2: GO-2024-2698
Archiver Path Traversal vulnerability in github.com/mholt/archiver
More info: https://pkg.go.dev/vuln/GO-2024-2698
Module: github.com/mholt/archiver/v3
Found in: github.com/mholt/archiver/v3@v3.5.1
Fixed in: N/A
Example traces found:
#1: runner/banner.go:4:2: runner.init calls gologger.init, which eventually calls archiver.init
Your code is affected by 2 vulnerabilities from 2 modules.
This scan also found 0 vulnerabilities in packages you import and 1
vulnerability in modules you require, but your code doesn't appear to call these
vulnerabilities.
Use '-show verbose' for more details.
security/nuclei
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.25.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: pkg/operators/matchers/match.go:241:29: matchers.Matcher.MatchHTML calls htmlquery.Parse, which calls html.Parse
Vulnerability #2: GO-2024-3110
runc can be confused to create empty files/directories on the host in
github.com/opencontainers/runc
More info: https://pkg.go.dev/vuln/GO-2024-3110
Module: github.com/opencontainers/runc
Found in: github.com/opencontainers/runc@v1.1.12
Fixed in: github.com/opencontainers/runc@v1.1.14
Example traces found:
#1: cmd/integration-test/javascript.go:116:33: integration.init#2 calls dockertest.NewPool, which eventually calls user.CurrentUser
#2: cmd/integration-test/javascript.go:7:2: integration.init calls dockertest.init, which eventually calls user.init
Vulnerability #3: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.7.2
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: pkg/external/customtemplates/gitlab.go:68:57: customtemplates.customTemplateGitLabRepo.Download calls gitlab.ProjectsService.GetProject, which eventually calls retryablehttp.Client.Do
Vulnerability #4: GO-2024-2918
Azure Identity Libraries Elevation of Privilege Vulnerability in
github.com/Azure/azure-sdk-for-go/sdk/azidentity
More info: https://pkg.go.dev/vuln/GO-2024-2918
Module: github.com/Azure/azure-sdk-for-go/sdk/azidentity
Found in: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.3.0
Fixed in: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0
Example traces found:
#1: pkg/external/customtemplates/azure_blob.go:81:30: customtemplates.customTemplateAzureBlob.Download calls runtime.Pager[github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/generated.ContainerClientListBlobFlatSegmentResponse].NextPage[github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/generated.ContainerClientListBlobFlatSegmentResponse], which eventually calls azidentity.ClientSecretCredential.GetToken
Vulnerability #5: GO-2024-2907
Files or Directories Accessible to External Parties in ProjectDiscovery in
github.com/projectdiscovery/interactsh
More info: https://pkg.go.dev/vuln/GO-2024-2907
Module: github.com/projectdiscovery/interactsh
Found in: github.com/projectdiscovery/interactsh@v1.1.9
Fixed in: github.com/projectdiscovery/interactsh@v1.2.0
Example traces found:
#1: pkg/protocols/common/interactsh/interactsh.go:19:2: interactsh.init calls server.init, which calls acme.init
#2: pkg/protocols/common/interactsh/interactsh.go:251:21: interactsh.Client.Close calls client.Client.Close
#3: pkg/protocols/common/interactsh/interactsh.go:101:31: interactsh.Client.poll calls client.Client.StartPolling
#4: pkg/protocols/common/interactsh/interactsh.go:250:31: interactsh.Client.Close calls client.Client.StopPolling
#5: pkg/protocols/common/interactsh/interactsh.go:241:25: interactsh.Client.URL calls client.Client.URL
#6: pkg/protocols/common/interactsh/interactsh.go:82:31: interactsh.Client.poll calls client.New
#7: pkg/protocols/common/interactsh/interactsh.go:18:2: interactsh.init calls client.init
#8: pkg/protocols/common/interactsh/interactsh.go:19:2: interactsh.init calls server.init, which calls filewatcher.init
#9: pkg/protocols/common/interactsh/interactsh.go:18:2: interactsh.init calls client.init, which calls options.init
#10: pkg/protocols/common/interactsh/interactsh.go:19:2: interactsh.init calls server.init
#11: pkg/protocols/common/interactsh/interactsh.go:18:2: interactsh.init calls client.init, which calls settings.init
#12: pkg/protocols/common/interactsh/interactsh.go:19:2: interactsh.init calls server.init, which calls storage.init
Vulnerability #6: GO-2024-2698
Archiver Path Traversal vulnerability in github.com/mholt/archiver
More info: https://pkg.go.dev/vuln/GO-2024-2698
Module: github.com/mholt/archiver
Found in: github.com/mholt/archiver@v3.1.1+incompatible
Fixed in: N/A
Example traces found:
#1: pkg/protocols/file/request.go:58:44: file.ExecuteWithResults calls archiver.ByExtension
#2: pkg/protocols/file/request.go:114:42: file.ExecuteWithResults calls archiver.Bz2.Decompress
#3: pkg/protocols/file/request.go:114:42: file.ExecuteWithResults calls archiver.Gz.Decompress
#4: pkg/protocols/file/request.go:63:33: file.ExecuteWithResults calls archiver.Rar.Walk
#5: pkg/protocols/file/request.go:114:42: file.ExecuteWithResults calls archiver.Snappy.Decompress
#6: pkg/protocols/file/request.go:63:33: file.ExecuteWithResults calls archiver.Tar.Walk
#7: pkg/protocols/file/request.go:63:33: file.ExecuteWithResults calls archiver.TarBz2.Walk
#8: pkg/protocols/file/request.go:63:33: file.ExecuteWithResults calls archiver.TarGz.Walk
#9: pkg/protocols/file/request.go:63:33: file.ExecuteWithResults calls archiver.TarLz4.Walk
#10: pkg/protocols/file/request.go:63:33: file.ExecuteWithResults calls archiver.TarSz.Walk
#11: pkg/protocols/file/request.go:63:33: file.ExecuteWithResults calls archiver.TarXz.Walk
#12: pkg/protocols/file/request.go:114:42: file.ExecuteWithResults calls archiver.Xz.Decompress
#13: pkg/protocols/file/request.go:63:33: file.ExecuteWithResults calls archiver.Zip.Walk
#14: pkg/protocols/file/request.go:12:2: file.init calls archiver.init
Module: github.com/mholt/archiver/v3
Found in: github.com/mholt/archiver/v3@v3.5.1
Fixed in: N/A
Example traces found:
#1: pkg/utils/stats/stats.go:9:2: stats.init calls gologger.init, which eventually calls archiver.init
Your code is affected by 6 vulnerabilities from 6 modules.
This scan also found 2 vulnerabilities in packages you import and 1
vulnerability in modules you require, but your code doesn't appear to call these
vulnerabilities.
Use '-show verbose' for more details.
security/sops
=== Symbol Results ===
Vulnerability #1: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.7.1
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: hcvault/keysource.go:182:39: hcvault.MasterKey.Decrypt calls api.Logical.Write, which eventually calls retryablehttp.Client.Do
Vulnerability #2: GO-2024-2918
Azure Identity Libraries Elevation of Privilege Vulnerability in
github.com/Azure/azure-sdk-for-go/sdk/azidentity
More info: https://pkg.go.dev/vuln/GO-2024-2918
Module: github.com/Azure/azure-sdk-for-go/sdk/azidentity
Found in: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.4.0
Fixed in: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0
Example traces found:
#1: azkv/keysource.go:130:24: azkv.MasterKey.Encrypt calls azkeys.Client.Encrypt, which eventually calls azidentity.DefaultAzureCredential.GetToken
#2: azkv/keysource.go:222:46: azkv.MasterKey.getTokenCredential calls azidentity.NewDefaultAzureCredential
Vulnerability #3: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.17.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: publish/vault.go:67:32: publish.VaultDestination.UploadUnencrypted calls api.NewClient, which eventually calls http2.ConfigureTransport
#2: publish/gcs.go:29:34: publish.GCSDestination.Upload calls storage.NewClient, which eventually calls http2.ConfigureTransports
#3: pgp/keysource.go:247:21: pgp.errSet.Error calls http2.ConnectionError.Error
#4: stores/ini/store.go:77:18: ini.Store.valToString calls http2.ErrCode.String
#5: stores/ini/store.go:77:18: ini.Store.valToString calls http2.FrameHeader.String
#6: stores/ini/store.go:77:18: ini.Store.valToString calls http2.FrameType.String
#7: cmd/sops/subcommand/keyservice/keyservice.go:51:25: keyservice.Run calls grpc.Server.Serve, which eventually calls http2.Framer.ReadFrame
#8: cmd/sops/subcommand/keyservice/keyservice.go:51:25: keyservice.Run calls grpc.Server.Serve, which eventually calls http2.Framer.WriteContinuation
#9: cmd/sops/subcommand/keyservice/keyservice.go:51:25: keyservice.Run calls grpc.Server.Serve, which eventually calls http2.Framer.WriteData
#10: cmd/sops/subcommand/keyservice/keyservice.go:51:25: keyservice.Run calls grpc.Server.Serve, which eventually calls http2.Framer.WriteGoAway
#11: cmd/sops/subcommand/keyservice/keyservice.go:51:25: keyservice.Run calls grpc.Server.Serve, which eventually calls http2.Framer.WriteHeaders
#12: cmd/sops/subcommand/keyservice/keyservice.go:51:25: keyservice.Run calls grpc.Server.Serve, which eventually calls http2.Framer.WritePing
#13: cmd/sops/subcommand/keyservice/keyservice.go:51:25: keyservice.Run calls grpc.Server.Serve, which eventually calls http2.Framer.WriteRSTStream
#14: cmd/sops/subcommand/keyservice/keyservice.go:51:25: keyservice.Run calls grpc.Server.Serve, which eventually calls http2.Framer.WriteSettings
#15: cmd/sops/subcommand/keyservice/keyservice.go:51:25: keyservice.Run calls grpc.Server.Serve, which eventually calls http2.Framer.WriteSettingsAck
#16: cmd/sops/subcommand/keyservice/keyservice.go:51:25: keyservice.Run calls grpc.Server.Serve, which eventually calls http2.Framer.WriteWindowUpdate
#17: pgp/keysource.go:247:21: pgp.errSet.Error calls http2.GoAwayError.Error
#18: stores/ini/store.go:77:18: ini.Store.valToString calls http2.Setting.String
#19: stores/ini/store.go:77:18: ini.Store.valToString calls http2.SettingID.String
#20: cmd/sops/subcommand/keyservice/keyservice.go:51:25: keyservice.Run calls grpc.Server.Serve, which eventually calls http2.SettingsFrame.ForeachSetting
#21: pgp/keysource.go:247:21: pgp.errSet.Error calls http2.StreamError.Error
#22: version/version.go:208:42: version.releaseFetcher.LatestReleaseUsingAPI calls http.Client.Do, which eventually calls http2.Transport.NewClientConn
#23: version/version.go:208:42: version.releaseFetcher.LatestReleaseUsingAPI calls http.Client.Do, which eventually calls http2.Transport.RoundTrip
#24: pgp/keysource.go:143:16: pgp.GnuPGHome.Import calls fmt.Fprintf, which eventually calls http2.chunkWriter.Write
#25: pgp/keysource.go:247:21: pgp.errSet.Error calls http2.connError.Error
#26: pgp/keysource.go:247:21: pgp.errSet.Error calls http2.duplicatePseudoHeaderError.Error
#27: version/version.go:213:3: version.releaseFetcher.LatestReleaseUsingAPI calls http2.gzipReader.Close
#28: usererrors.go:156:26: sops.decryptKeyError.UserError calls io.ReadAll, which calls http2.gzipReader.Read
#29: pgp/keysource.go:247:21: pgp.errSet.Error calls http2.headerFieldNameError.Error
#30: pgp/keysource.go:247:21: pgp.errSet.Error calls http2.headerFieldValueError.Error
#31: version/version.go:208:42: version.releaseFetcher.LatestReleaseUsingAPI calls http.Client.Do, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#32: pgp/keysource.go:247:21: pgp.errSet.Error calls http2.pseudoHeaderError.Error
#33: pgp/keysource.go:143:16: pgp.GnuPGHome.Import calls fmt.Fprintf, which eventually calls http2.stickyErrWriter.Write
#34: version/version.go:213:3: version.releaseFetcher.LatestReleaseUsingAPI calls http2.transportResponseBody.Close
#35: usererrors.go:156:26: sops.decryptKeyError.UserError calls io.ReadAll, which calls http2.transportResponseBody.Read
#36: stores/ini/store.go:77:18: ini.Store.valToString calls http2.writeData.String
Vulnerability #4: GO-2024-2611
Infinite loop in JSON unmarshaling in google.golang.org/protobuf
More info: https://pkg.go.dev/vuln/GO-2024-2611
Module: google.golang.org/protobuf
Found in: google.golang.org/protobuf@v1.31.0
Fixed in: google.golang.org/protobuf@v1.33.0
Example traces found:
#1: gcpkms/keysource.go:170:30: gcpkms.MasterKey.Decrypt calls apiv1.KeyManagementClient.Decrypt, which eventually calls json.Decoder.Peek
#2: gcpkms/keysource.go:170:30: gcpkms.MasterKey.Decrypt calls apiv1.KeyManagementClient.Decrypt, which eventually calls json.Decoder.Read
#3: gcpkms/keysource.go:170:30: gcpkms.MasterKey.Decrypt calls apiv1.KeyManagementClient.Decrypt, which eventually calls protojson.Unmarshal
Your code is affected by 4 vulnerabilities from 4 modules.
This scan also found 2 vulnerabilities in packages you import and 5
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
security/subfinder
=== Symbol Results ===
Vulnerability #1: GO-2024-2698
Archiver Path Traversal vulnerability in github.com/mholt/archiver
More info: https://pkg.go.dev/vuln/GO-2024-2698
Module: github.com/mholt/archiver/v3
Found in: github.com/mholt/archiver/v3@v3.5.1
Fixed in: N/A
Example traces found:
#1: pkg/subscraping/sources/github/github.go:20:2: github.init calls gologger.init, which eventually calls archiver.init
Your code is affected by 1 vulnerability from 1 module.
This scan also found 1 vulnerability in packages you import and 1 vulnerability
in modules you require, but your code doesn't appear to call these
vulnerabilities.
Use '-show verbose' for more details.
security/tlsx
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.29.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: cmd/update-cipherstatus/main.go:49:43: update.FetchAndLoadCiphers calls goquery.NewDocumentFromReader, which calls html.Parse
Vulnerability #2: GO-2024-2698
Archiver Path Traversal vulnerability in github.com/mholt/archiver
More info: https://pkg.go.dev/vuln/GO-2024-2698
Module: github.com/mholt/archiver/v3
Found in: github.com/mholt/archiver/v3@v3.5.1
Fixed in: N/A
Example traces found:
#1: pkg/tlsx/ztls/ztls.go:14:2: ztls.init calls gologger.init, which eventually calls archiver.init
Your code is affected by 2 vulnerabilities from 2 modules.
This scan also found 0 vulnerabilities in packages you import and 1
vulnerability in modules you require, but your code doesn't appear to call these
vulnerabilities.
Use '-show verbose' for more details.
security/vault
=== Symbol Results ===
Vulnerability #1: GO-2024-3110
runc can be confused to create empty files/directories on the host in
github.com/opencontainers/runc
More info: https://pkg.go.dev/vuln/GO-2024-3110
Module: github.com/opencontainers/runc
Found in: github.com/opencontainers/runc@v1.0.0-rc9
Fixed in: github.com/opencontainers/runc@v1.1.14
Example traces found:
#1: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls system.State.String
#2: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#3: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls user.init
Vulnerability #2: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.6.7
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: command/agent/cache/api_proxy.go:57:43: cache.APIProxy.Send calls api.Client.RawRequestWithContext, which calls retryablehttp.Client.Do
Vulnerability #3: GO-2024-2914
Moby (Docker Engine) is vulnerable to Ambiguous OCI manifest parsing in
github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2024-2914
Module: github.com/docker/docker
Found in: github.com/docker/docker@v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible
Fixed in: github.com/docker/docker@v20.10.11+incompatible
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls api.init
#2: helper/testhelpers/docker/testhelpers.go:284:44: docker.copyToContainer calls archive.CopyInfoSourcePath
#3: helper/testhelpers/docker/testhelpers.go:297:52: docker.copyToContainer calls archive.PrepareArchiveCopy
#4: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource
#5: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which calls archive.TarWithOptions
#6: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init
#7: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls blkiodev.init
#8: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls client.CheckRedirect
#9: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate
#10: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect
#11: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove
#12: helper/testhelpers/docker/testhelpers.go:250:34: docker.Runner.Start calls client.Client.ContainerStart
#13: helper/testhelpers/docker/testhelpers.go:302:28: docker.copyToContainer calls client.Client.CopyToContainer
#14: helper/testhelpers/docker/testhelpers.go:233:36: docker.Runner.Start calls client.Client.ImageCreate
#15: helper/testhelpers/docker/testhelpers.go:46:39: docker.NewServiceRunner calls client.NewClientWithOpts
#16: helper/testhelpers/docker/testhelpers.go:46:74: docker.NewServiceRunner calls client.WithVersion
#17: command/server.go:866:24: command.ServerCommand.Run calls client.errConnectionFailed.Error
#18: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init
#19: command/server.go:866:24: command.ServerCommand.Run calls client.objectNotFoundError.Error
#20: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init
#21: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls errdefs.FromStatusCode
#22: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect, which eventually calls errdefs.NotImplemented
#23: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errConflict.Cause
#24: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errForbidden.Cause
#25: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errInvalidParameter.Cause
#26: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotFound.Cause
#27: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotImplemented.Cause
#28: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotModified.Cause
#29: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errSystem.Cause
#30: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnauthorized.Cause
#31: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnavailable.Cause
#32: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnknown.Cause
#33: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls errdefs.init
#34: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls events.init
#35: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls fileutils.NewPatternMatcher
#36: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.Exclusion
#37: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.String
#38: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Exclusions
#39: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Matches
#40: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Patterns
#41: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls fileutils.init
#42: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls filters.init
#43: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.Empty
#44: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.ToContainer
#45: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls idtools.NewIDMappingsFromMaps
#46: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls idtools.init
#47: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls image.init
#48: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.NewWriteCloserWrapper
#49: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls ioutils.init
#50: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.writeCloserWrapper.Close
#51: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls mount.init
#52: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls mount.init
#53: helper/testhelpers/docker/testhelpers.go:19:2: docker.init calls network.init
#54: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Get
#55: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.NewWriteCloserWrapper
#56: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Put
#57: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.NewWriteCloserWrapper
#58: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls pools.init
#59: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufferPoolWithSize
#60: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioReaderPoolWithSize
#61: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioWriterPoolWithSize
#62: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls registry.init
#63: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls runtime.init
#64: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls strslice.init
#65: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls swarm.init
#66: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.Lgetxattr
#67: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.OpenSequential
#68: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#69: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls time.init
#70: helper/testhelpers/docker/testhelpers.go:17:2: docker.init calls types.init
#71: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls versions.GreaterThan
#72: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate, which calls versions.LessThan
#73: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls versions.init
#74: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls volume.init
Vulnerability #4: GO-2024-2698
Archiver Path Traversal vulnerability in github.com/mholt/archiver
More info: https://pkg.go.dev/vuln/GO-2024-2698
Module: github.com/mholt/archiver
Found in: github.com/mholt/archiver@v3.1.1+incompatible
Fixed in: N/A
Example traces found:
#1: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls archiver.FileInfo.Name
#2: command/debug.go:903:26: command.DebugCommand.compress calls archiver.NewTarGz
#3: command/debug.go:904:23: command.DebugCommand.compress calls archiver.TarGz.Archive
#4: command/debug.go:22:2: command.init calls archiver.init
#5: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which calls archiver.writeWalk
Vulnerability #5: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200625001655-4c5254603344
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: serviceregistration/consul/consul_service_registration.go:191:37: consul.NewServiceRegistration calls http2.ConfigureTransport
#2: command/server.go:866:24: command.ServerCommand.Run calls http2.ConnectionError.Error
#3: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.ErrCode.String
#4: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.FrameHeader.String
#5: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.FrameType.String
#6: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.FrameWriteRequest.String
#7: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.ReadFrame
#8: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls http2.Framer.WriteContinuation
#9: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls http2.Framer.WriteData
#10: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.WriteGoAway
#11: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls http2.Framer.WriteHeaders
#12: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.WritePing
#13: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls http2.Framer.WriteRSTStream
#14: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.WriteSettings
#15: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.WriteSettingsAck
#16: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.WriteWindowUpdate
#17: command/server.go:866:24: command.ServerCommand.Run calls http2.GoAwayError.Error
#18: vault/request_forwarding.go:168:19: vault.Handoff calls http2.Server.ServeConn
#19: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.Setting.String
#20: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.SettingID.String
#21: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.SettingsFrame.ForeachSetting
#22: command/server.go:866:24: command.ServerCommand.Run calls http2.StreamError.Error
#23: plugins/database/influxdb/connection_producer.go:153:17: influxdb.influxdbConnectionProducer.Close calls client.client.Close, which eventually calls http2.Transport.NewClientConn
#24: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls http2.Transport.RoundTrip
#25: command/token/helper_internal.go:75:25: token.InternalTokenHelper.Store calls io.WriteString, which eventually calls http2.chunkWriter.Write
#26: command/server.go:866:24: command.ServerCommand.Run calls http2.connError.Error
#27: command/server.go:866:24: command.ServerCommand.Run calls http2.duplicatePseudoHeaderError.Error
#28: physical/oci/oci.go:342:31: oci.Backend.List calls http2.gzipReader.Close
#29: command/agent/cache/lease_cache.go:330:27: cache.LeaseCache.Send calls http.Response.Write, which calls http2.gzipReader.Read
#30: command/server.go:866:24: command.ServerCommand.Run calls http2.headerFieldNameError.Error
#31: command/server.go:866:24: command.ServerCommand.Run calls http2.headerFieldValueError.Error
#32: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#33: command/server.go:866:24: command.ServerCommand.Run calls http2.pseudoHeaderError.Error
#34: physical/oci/oci.go:342:31: oci.Backend.List calls http2.requestBody.Close
#35: command/agent/cache/lease_cache.go:330:27: cache.LeaseCache.Send calls http.Response.Write, which calls http2.requestBody.Read
#36: vault/logical_system.go:2811:15: vault.SystemBackend.handleMonitor calls http2.responseWriter.Flush
#37: http/handler.go:228:24: http.copyResponseWriter.Write calls http2.responseWriter.Write
#38: http/handler.go:233:23: http.copyResponseWriter.WriteHeader calls http2.responseWriter.WriteHeader
#39: command/token/helper_internal.go:75:25: token.InternalTokenHelper.Store calls io.WriteString, which calls http2.responseWriter.WriteString
#40: command/token/helper_internal.go:75:25: token.InternalTokenHelper.Store calls io.WriteString, which eventually calls http2.stickyErrWriter.Write
#41: physical/oci/oci.go:342:31: oci.Backend.List calls http2.transportResponseBody.Close
#42: command/agent/cache/lease_cache.go:330:27: cache.LeaseCache.Send calls http.Response.Write, which calls http2.transportResponseBody.Read
#43: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.writeData.String
Vulnerability #6: GO-2024-2530
Etcd auth Inaccurate logging of authentication attempts for users with
CN-based auth only in go.etcd.io/etcd
More info: https://pkg.go.dev/vuln/GO-2024-2530
Module: go.etcd.io/etcd
Found in: go.etcd.io/etcd@v0.5.0-alpha.5.0.20200425165423-262c93980547
Fixed in: N/A
Example traces found:
#1: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Permission.Marshal
#2: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Permission.MarshalTo
#3: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Permission.Size
#4: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.Permission.String
#5: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls authpb.Permission.Unmarshal
#6: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Role.Marshal
#7: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.Role.String
#8: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.User.Marshal
#9: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.User.String
#10: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.UserAddOptions.Marshal
#11: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.UserAddOptions.MarshalTo
#12: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.UserAddOptions.Size
#13: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.UserAddOptions.String
#14: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls authpb.UserAddOptions.Unmarshal
#15: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls authpb.init
#16: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls balancer.RegisterBuilder
#17: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.baseBalancer.Close
#18: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.baseBalancer.HandleResolvedAddrs
#19: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.baseBalancer.HandleSubConnStateChange
#20: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.builder.Build
#21: vault/core.go:50:2: vault.init calls grpc.init, which eventually calls balancer.builder.Name
#22: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls balancer.init
#23: command/server.go:866:24: command.ServerCommand.Run calls client.ClusterError.Error
#24: command/server.go:866:24: command.ServerCommand.Run calls client.Error.Error
#25: physical/etcd/etcd2.go:175:19: etcd.newEtcdV2Client calls client.New
#26: physical/etcd/etcd.go:56:28: etcd.NewEtcdBackend calls client.NewKeysAPI
#27: physical/etcd/etcd.go:137:38: etcd.getEtcdEndpoints calls client.NewSRVDiscover
#28: physical/etcd/etcd2.go:364:28: etcd.Etcd2Lock.getSemaphoreKey calls client.Nodes.Len
#29: command/agent/auth/alicloud/alicloud.go:183:38: alicloud.alicloudMethod.Authenticate calls tools.GenerateLoginData, which eventually calls client.customNumberDecoder.Decode
#30: command/agent/auth/alicloud/alicloud.go:183:38: alicloud.alicloudMethod.Authenticate calls tools.GenerateLoginData, which eventually calls client.customNumberExtension.CreateDecoder
#31: physical/etcd/etcd.go:87:24: etcd.getEtcdAPIVersion calls client.httpClusterClient.GetVersion
#32: physical/etcd/etcd2.go:104:20: etcd.newEtcd2Backend calls client.httpClusterClient.Sync
#33: physical/etcd/etcd2.go:330:39: etcd.Etcd2Lock.addSemaphoreKey calls client.httpKeysAPI.CreateInOrder
#34: physical/etcd/etcd2.go:578:28: etcd.Etcd2Lock.Unlock calls client.httpKeysAPI.Delete
#35: physical/etcd/etcd2.go:257:29: etcd.Etcd2Backend.List calls client.httpKeysAPI.Get
#36: physical/etcd/etcd2.go:186:22: etcd.Etcd2Backend.Put calls client.httpKeysAPI.Set
#37: physical/etcd/etcd2.go:525:22: etcd.Etcd2Lock.Lock calls client.httpKeysAPI.Watcher
#38: physical/etcd/etcd2.go:526:26: etcd.Etcd2Lock.Lock calls client.httpWatcher.Next
#39: physical/etcd/etcd.go:14:2: etcd.init calls client.init
#40: physical/etcd/etcd.go:138:40: etcd.getEtcdEndpoints calls client.srvDiscover.Discover
#41: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which calls clientv3.Client.Ctx
#42: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync
#43: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls clientv3.Close
#44: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.Compare
#45: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.CreateRevision
#46: command/server.go:866:24: command.ServerCommand.Run calls clientv3.ErrKeepAliveHalted.Error
#47: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls clientv3.KeepAlive
#48: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New
#49: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.OpGet
#50: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.OpPut
#51: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WatchResponse.Err
#52: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithFirstCreate
#53: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithLastCreate
#54: physical/etcd/etcd3.go:332:75: etcd.EtcdLock.Lock calls clientv3.WithLease
#55: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithMaxCreateRev
#56: physical/etcd/etcd3.go:359:32: etcd.EtcdLock.Value calls clientv3.WithPrefix
#57: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithRev
#58: physical/etcd/etcd3.go:360:20: etcd.EtcdLock.Value calls clientv3.WithSort
#59: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init
#60: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete
#61: physical/etcd/etcd3.go:358:25: etcd.EtcdLock.Value calls clientv3.kv.Get
#62: physical/etcd/etcd3.go:332:25: etcd.EtcdLock.Lock calls clientv3.kv.Put
#63: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.kv.Txn
#64: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which calls clientv3.lessor.Grant
#65: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which calls clientv3.lessor.KeepAlive
#66: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls clientv3.serverStreamingRetryingStream.CloseSend
#67: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg
#68: vault/request_forwarding_service.pb.go:766:34: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls clientv3.serverStreamingRetryingStream.SendMsg
#69: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls clientv3.settableLogger.Error
#70: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls clientv3.settableLogger.Errorf
#71: vault/request_forwarding_service.pb.go:814:19: vault.RegisterRequestForwardingServer calls grpc.Server.RegisterService, which eventually calls clientv3.settableLogger.Fatalf
#72: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls clientv3.settableLogger.Info
#73: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls clientv3.settableLogger.Infof
#74: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls clientv3.settableLogger.Infoln
#75: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls clientv3.settableLogger.V
#76: vault/request_forwarding.go:48:23: vault.NewRequestForwardingHandler calls grpc.KeepaliveParams, which eventually calls clientv3.settableLogger.Warning
#77: vault/request_forwarding.go:281:27: vault.Core.refreshRequestForwardingConnection calls grpc.WithKeepaliveParams, which eventually calls clientv3.settableLogger.Warningf
#78: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which calls clientv3.streamClientInterceptor
#79: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.Commit
#80: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.Else
#81: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.If
#82: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.Then
#83: vault/request_forwarding_service.pb.go:753:20: vault.requestForwardingClient.Echo calls grpc.ClientConn.Invoke, which calls clientv3.unaryClientInterceptor
#84: vault/dynamic_system_view.go:337:34: vault.dynamicSystemView.GeneratePasswordFromPolicy calls clientv3.valCtx.Deadline
#85: vault/core.go:1539:35: vault.Core.SealWithRequest calls context.WithCancel, which eventually calls clientv3.valCtx.Done
#86: vault/core.go:1539:35: vault.Core.SealWithRequest calls context.WithCancel, which eventually calls clientv3.valCtx.Err
#87: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.watcher.Watch
#88: physical/etcd/etcd3.go:332:44: etcd.EtcdLock.Lock calls concurrency.Mutex.Key
#89: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock
#90: physical/etcd/etcd3.go:351:24: etcd.EtcdLock.Unlock calls concurrency.Mutex.Unlock
#91: physical/etcd/etcd3.go:378:33: etcd.EtcdLock.initMu calls concurrency.NewMutex
#92: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession
#93: physical/etcd/etcd3.go:307:36: etcd.EtcdLock.Lock calls concurrency.Session.Done
#94: physical/etcd/etcd3.go:332:95: etcd.EtcdLock.Lock calls concurrency.Session.Lease
#95: physical/etcd/etcd3.go:373:68: etcd.EtcdLock.initMu calls concurrency.WithTTL
#96: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init
#97: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls confchange.init
#98: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls connectivity.New
#99: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls connectivity.init
#100: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls connectivity.recorder.GetCurrentState
#101: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls connectivity.recorder.RecordTransition
#102: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.NewBundle
#103: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.bundle.PerRPCCredentials
#104: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.bundle.TransportCredentials
#105: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls credentials.bundle.UpdateAuthToken
#106: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls credentials.init
#107: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls credentials.perRPCCredential.GetRequestMetadata
#108: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which calls credentials.perRPCCredential.RequireTransportSecurity
#109: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls credentials.transportCredential.ClientHandshake
#110: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which calls credentials.transportCredential.Clone
#111: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which calls credentials.transportCredential.Info
#112: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.transportCredential.OverrideServerName
#113: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls endpoint.Dialer
#114: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls endpoint.NewResolverGroup
#115: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls endpoint.ParseEndpoint
#116: vault/request_forwarding.go:315:24: vault.Core.clearForwardingClients calls grpc.ClientConn.Close, which eventually calls endpoint.Resolver.Close
#117: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls endpoint.Resolver.ResolveNow
#118: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls endpoint.ResolverGroup.Close
#119: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls endpoint.ResolverGroup.SetEndpoints
#120: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls endpoint.ResolverGroup.Target
#121: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls endpoint.builder.Build
#122: vault/core.go:50:2: vault.init calls grpc.init, which eventually calls endpoint.builder.Scheme
#123: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls endpoint.init
#124: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AlarmMember.Marshal
#125: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AlarmMember.String
#126: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AlarmRequest.Marshal
#127: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AlarmRequest.Reset
#128: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AlarmRequest.String
#129: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AlarmRequest.Unmarshal
#130: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AlarmResponse.Marshal
#131: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AlarmResponse.String
#132: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthDisableRequest.Marshal
#133: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthDisableRequest.Reset
#134: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthDisableRequest.String
#135: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthDisableRequest.Unmarshal
#136: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthDisableResponse.Marshal
#137: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthDisableResponse.String
#138: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthEnableRequest.Marshal
#139: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthEnableRequest.Reset
#140: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthEnableRequest.String
#141: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthEnableRequest.Unmarshal
#142: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthEnableResponse.Marshal
#143: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthEnableResponse.String
#144: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleAddRequest.Marshal
#145: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleAddRequest.Reset
#146: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleAddRequest.String
#147: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleAddRequest.Unmarshal
#148: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleAddResponse.Marshal
#149: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleAddResponse.String
#150: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleDeleteRequest.Marshal
#151: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleDeleteRequest.Reset
#152: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleDeleteRequest.String
#153: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleDeleteRequest.Unmarshal
#154: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleDeleteResponse.Marshal
#155: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleDeleteResponse.String
#156: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGetRequest.Marshal
#157: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGetRequest.Reset
#158: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGetRequest.String
#159: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGetRequest.Unmarshal
#160: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGetResponse.Marshal
#161: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGetResponse.String
#162: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.Marshal
#163: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.Reset
#164: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.String
#165: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.Unmarshal
#166: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGrantPermissionResponse.Marshal
#167: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGrantPermissionResponse.String
#168: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleListRequest.Marshal
#169: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleListRequest.Reset
#170: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleListRequest.String
#171: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleListRequest.Unmarshal
#172: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleListResponse.Marshal
#173: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleListResponse.String
#174: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.Marshal
#175: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.Reset
#176: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.String
#177: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.Unmarshal
#178: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleRevokePermissionResponse.Marshal
#179: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleRevokePermissionResponse.String
#180: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthStatusRequest.Marshal
#181: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthStatusRequest.Reset
#182: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthStatusRequest.String
#183: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthStatusRequest.Unmarshal
#184: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthStatusResponse.Marshal
#185: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthStatusResponse.String
#186: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserAddRequest.Marshal
#187: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserAddRequest.Reset
#188: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserAddRequest.String
#189: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserAddRequest.Unmarshal
#190: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserAddResponse.Marshal
#191: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserAddResponse.String
#192: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.Marshal
#193: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.Reset
#194: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.String
#195: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.Unmarshal
#196: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserChangePasswordResponse.Marshal
#197: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserChangePasswordResponse.String
#198: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserDeleteRequest.Marshal
#199: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserDeleteRequest.Reset
#200: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserDeleteRequest.String
#201: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserDeleteRequest.Unmarshal
#202: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserDeleteResponse.Marshal
#203: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserDeleteResponse.String
#204: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGetRequest.Marshal
#205: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGetRequest.Reset
#206: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGetRequest.String
#207: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGetRequest.Unmarshal
#208: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGetResponse.Marshal
#209: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGetResponse.String
#210: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.Marshal
#211: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.Reset
#212: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.String
#213: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.Unmarshal
#214: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGrantRoleResponse.Marshal
#215: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGrantRoleResponse.String
#216: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserListRequest.Marshal
#217: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserListRequest.Reset
#218: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserListRequest.String
#219: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserListRequest.Unmarshal
#220: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserListResponse.Marshal
#221: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserListResponse.String
#222: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.Marshal
#223: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.Reset
#224: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.String
#225: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.Unmarshal
#226: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserRevokeRoleResponse.Marshal
#227: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserRevokeRoleResponse.String
#228: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthenticateRequest.Marshal
#229: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateRequest.Reset
#230: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthenticateRequest.String
#231: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateRequest.Unmarshal
#232: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthenticateResponse.Marshal
#233: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateResponse.Reset
#234: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthenticateResponse.String
#235: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateResponse.Unmarshal
#236: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.CompactionRequest.Marshal
#237: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.CompactionRequest.Reset
#238: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.CompactionRequest.String
#239: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.CompactionRequest.Unmarshal
#240: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.CompactionResponse.Marshal
#241: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.CompactionResponse.String
#242: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Compare.Marshal
#243: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Compare.String
#244: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DefragmentRequest.Marshal
#245: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DefragmentRequest.Reset
#246: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DefragmentRequest.String
#247: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DefragmentRequest.Unmarshal
#248: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DefragmentResponse.Marshal
#249: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DefragmentResponse.String
#250: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DeleteRangeRequest.Marshal
#251: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeRequest.Reset
#252: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DeleteRangeRequest.String
#253: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeRequest.Unmarshal
#254: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DeleteRangeResponse.Marshal
#255: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeResponse.Reset
#256: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DeleteRangeResponse.String
#257: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeResponse.Unmarshal
#258: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DowngradeRequest.Marshal
#259: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DowngradeRequest.Reset
#260: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DowngradeRequest.String
#261: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DowngradeRequest.Unmarshal
#262: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DowngradeResponse.Marshal
#263: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DowngradeResponse.String
#264: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.EmptyResponse.Marshal
#265: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.EmptyResponse.String
#266: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashKVRequest.Marshal
#267: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashKVRequest.Reset
#268: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashKVRequest.String
#269: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashKVRequest.Unmarshal
#270: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashKVResponse.Marshal
#271: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashKVResponse.String
#272: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashRequest.Marshal
#273: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashRequest.Reset
#274: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashRequest.String
#275: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashRequest.Unmarshal
#276: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashResponse.Marshal
#277: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashResponse.String
#278: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.InternalAuthenticateRequest.Marshal
#279: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.InternalAuthenticateRequest.String
#280: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.InternalRaftRequest.Marshal
#281: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.InternalRaftRequest.String
#282: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseCheckpoint.Marshal
#283: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseCheckpoint.String
#284: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseCheckpointRequest.Marshal
#285: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseCheckpointRequest.String
#286: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseCheckpointResponse.Marshal
#287: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseCheckpointResponse.String
#288: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseGrantRequest.Marshal
#289: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantRequest.Reset
#290: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseGrantRequest.String
#291: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantRequest.Unmarshal
#292: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which eventually calls etcdserverpb.LeaseGrantResponse.GetHeader
#293: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseGrantResponse.Marshal
#294: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantResponse.Reset
#295: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseGrantResponse.String
#296: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantResponse.Unmarshal
#297: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseKeepAliveRequest.Marshal
#298: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseKeepAliveRequest.String
#299: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.LeaseKeepAliveResponse.GetHeader
#300: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseKeepAliveResponse.Marshal
#301: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseKeepAliveResponse.Reset
#302: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseKeepAliveResponse.String
#303: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseKeepAliveResponse.Unmarshal
#304: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseLeasesRequest.Marshal
#305: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseLeasesRequest.Reset
#306: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseLeasesRequest.String
#307: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseLeasesRequest.Unmarshal
#308: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseLeasesResponse.Marshal
#309: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseLeasesResponse.String
#310: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseRevokeRequest.Marshal
#311: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseRevokeRequest.Reset
#312: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseRevokeRequest.String
#313: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseRevokeRequest.Unmarshal
#314: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseRevokeResponse.Marshal
#315: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseRevokeResponse.String
#316: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseStatus.Marshal
#317: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseStatus.String
#318: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.Marshal
#319: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.Reset
#320: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.String
#321: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.Unmarshal
#322: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseTimeToLiveResponse.Marshal
#323: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseTimeToLiveResponse.String
#324: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Member.Marshal
#325: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Member.String
#326: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberAddRequest.Marshal
#327: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberAddRequest.Reset
#328: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberAddRequest.String
#329: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberAddRequest.Unmarshal
#330: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberAddResponse.Marshal
#331: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberAddResponse.String
#332: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberListRequest.Marshal
#333: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListRequest.Reset
#334: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberListRequest.String
#335: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListRequest.Unmarshal
#336: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberListResponse.Marshal
#337: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListResponse.Reset
#338: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberListResponse.String
#339: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListResponse.Unmarshal
#340: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberPromoteRequest.Marshal
#341: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberPromoteRequest.Reset
#342: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberPromoteRequest.String
#343: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberPromoteRequest.Unmarshal
#344: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberPromoteResponse.Marshal
#345: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberPromoteResponse.String
#346: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberRemoveRequest.Marshal
#347: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberRemoveRequest.Reset
#348: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberRemoveRequest.String
#349: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberRemoveRequest.Unmarshal
#350: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberRemoveResponse.Marshal
#351: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberRemoveResponse.String
#352: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberUpdateRequest.Marshal
#353: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberUpdateRequest.Reset
#354: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberUpdateRequest.String
#355: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberUpdateRequest.Unmarshal
#356: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberUpdateResponse.Marshal
#357: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberUpdateResponse.String
#358: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Metadata.Marshal
#359: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Metadata.String
#360: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MoveLeaderRequest.Marshal
#361: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MoveLeaderRequest.Reset
#362: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MoveLeaderRequest.String
#363: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MoveLeaderRequest.Unmarshal
#364: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MoveLeaderResponse.Marshal
#365: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MoveLeaderResponse.String
#366: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls etcdserverpb.NewAuthClient
#367: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewClusterClient
#368: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewKVClient
#369: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewLeaseClient
#370: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewMaintenanceClient
#371: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewWatchClient
#372: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.PutRequest.Marshal
#373: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutRequest.Reset
#374: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.PutRequest.String
#375: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutRequest.Unmarshal
#376: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.PutResponse.Marshal
#377: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutResponse.Reset
#378: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.PutResponse.String
#379: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutResponse.Unmarshal
#380: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RangeRequest.Marshal
#381: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeRequest.Reset
#382: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RangeRequest.String
#383: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeRequest.Unmarshal
#384: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RangeResponse.Marshal
#385: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeResponse.Reset
#386: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RangeResponse.String
#387: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeResponse.Unmarshal
#388: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Request.Marshal
#389: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Request.String
#390: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RequestHeader.Marshal
#391: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RequestHeader.String
#392: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RequestOp.Marshal
#393: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RequestOp.String
#394: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.ResponseHeader.Marshal
#395: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.ResponseHeader.String
#396: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which calls etcdserverpb.ResponseOp.GetResponseRange
#397: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.ResponseOp.Marshal
#398: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.ResponseOp.String
#399: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.SnapshotRequest.Marshal
#400: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.SnapshotRequest.Reset
#401: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.SnapshotRequest.String
#402: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.SnapshotRequest.Unmarshal
#403: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.SnapshotResponse.Marshal
#404: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.SnapshotResponse.String
#405: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.StatusRequest.Marshal
#406: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusRequest.Reset
#407: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.StatusRequest.String
#408: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusRequest.Unmarshal
#409: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.StatusResponse.Marshal
#410: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusResponse.Reset
#411: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.StatusResponse.String
#412: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusResponse.Unmarshal
#413: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.TxnRequest.Marshal
#414: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnRequest.Reset
#415: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.TxnRequest.String
#416: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnRequest.Unmarshal
#417: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.TxnResponse.Marshal
#418: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnResponse.Reset
#419: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.TxnResponse.String
#420: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnResponse.Unmarshal
#421: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchCancelRequest.Marshal
#422: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchCancelRequest.String
#423: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchCreateRequest.Marshal
#424: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchCreateRequest.String
#425: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchProgressRequest.Marshal
#426: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchProgressRequest.String
#427: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchRequest.Marshal
#428: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchRequest.String
#429: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchResponse.Marshal
#430: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.WatchResponse.Reset
#431: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchResponse.String
#432: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.WatchResponse.Unmarshal
#433: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_AuthDisable_Handler
#434: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_AuthEnable_Handler
#435: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_AuthStatus_Handler
#436: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_Authenticate_Handler
#437: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleAdd_Handler
#438: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleDelete_Handler
#439: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleGet_Handler
#440: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleGrantPermission_Handler
#441: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleList_Handler
#442: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleRevokePermission_Handler
#443: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserAdd_Handler
#444: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserChangePassword_Handler
#445: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserDelete_Handler
#446: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserGet_Handler
#447: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserGrantRole_Handler
#448: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserList_Handler
#449: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserRevokeRole_Handler
#450: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberAdd_Handler
#451: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberList_Handler
#452: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberPromote_Handler
#453: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberRemove_Handler
#454: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberUpdate_Handler
#455: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Compact_Handler
#456: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_DeleteRange_Handler
#457: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Put_Handler
#458: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Range_Handler
#459: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Txn_Handler
#460: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseGrant_Handler
#461: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseKeepAlive_Handler
#462: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseLeases_Handler
#463: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseRevoke_Handler
#464: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseTimeToLive_Handler
#465: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Alarm_Handler
#466: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Defragment_Handler
#467: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Downgrade_Handler
#468: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_HashKV_Handler
#469: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Hash_Handler
#470: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_MoveLeader_Handler
#471: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Snapshot_Handler
#472: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Status_Handler
#473: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Watch_Watch_Handler
#474: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls etcdserverpb.authClient.Authenticate
#475: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls etcdserverpb.clusterClient.MemberList
#476: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init, which calls etcdserverpb.init
#477: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.DeleteRange
#478: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.Put
#479: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.Range
#480: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.Txn
#481: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which eventually calls etcdserverpb.leaseClient.LeaseGrant
#482: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.leaseClient.LeaseKeepAlive
#483: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.leaseLeaseKeepAliveClient.Recv
#484: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.leaseLeaseKeepAliveClient.Send
#485: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.loggablePutRequest.String
#486: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.loggableValueCompare.String
#487: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.maintenanceClient.Status
#488: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls etcdserverpb.watchClient.Watch
#489: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls etcdserverpb.watchWatchClient.Recv
#490: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls etcdserverpb.watchWatchClient.Send
#491: physical/etcd/etcd2.go:19:2: etcd.init calls transport.init, which calls fileutil.init
#492: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.NewDiscardLogger
#493: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls logutil.NewLogger
#494: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls logutil.defaultLogger.Error
#495: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls logutil.defaultLogger.Errorf
#496: vault/request_forwarding_service.pb.go:814:19: vault.RegisterRequestForwardingServer calls grpc.Server.RegisterService, which eventually calls logutil.defaultLogger.Fatalf
#497: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls logutil.defaultLogger.Info
#498: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.defaultLogger.Infof
#499: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls logutil.defaultLogger.Infoln
#500: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.defaultLogger.Lvl
#501: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls logutil.defaultLogger.V
#502: vault/request_forwarding.go:48:23: vault.NewRequestForwardingHandler calls grpc.KeepaliveParams, which eventually calls logutil.defaultLogger.Warning
#503: vault/request_forwarding.go:281:27: vault.Core.refreshRequestForwardingConnection calls grpc.WithKeepaliveParams, which eventually calls logutil.defaultLogger.Warningf
#504: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.discardLogger.Infof
#505: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls logutil.init
#506: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.Attributes.Marshal
#507: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.Attributes.String
#508: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterMemberAttrSetRequest.Marshal
#509: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterMemberAttrSetRequest.MarshalTo
#510: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterMemberAttrSetRequest.Size
#511: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.ClusterMemberAttrSetRequest.String
#512: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterVersionSetRequest.Marshal
#513: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterVersionSetRequest.MarshalTo
#514: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterVersionSetRequest.Size
#515: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.ClusterVersionSetRequest.String
#516: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.DowngradeInfoSetRequest.Marshal
#517: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.DowngradeInfoSetRequest.MarshalTo
#518: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.DowngradeInfoSetRequest.Size
#519: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.DowngradeInfoSetRequest.String
#520: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.Member.Marshal
#521: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.Member.String
#522: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.RaftAttributes.Marshal
#523: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.RaftAttributes.String
#524: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init, which eventually calls membershippb.init
#525: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.Event.Marshal
#526: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.Event.MarshalTo
#527: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.Event.Size
#528: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls mvccpb.Event.String
#529: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls mvccpb.Event.Unmarshal
#530: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.KeyValue.Marshal
#531: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.KeyValue.MarshalTo
#532: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.KeyValue.Size
#533: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls mvccpb.KeyValue.String
#534: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls mvccpb.KeyValue.Unmarshal
#535: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init, which calls mvccpb.init
#536: physical/etcd/etcd2.go:526:26: etcd.Etcd2Lock.Lock calls client.httpWatcher.Next, which eventually calls pathutil.CanonicalURLPath
#537: physical/etcd/etcd.go:14:2: etcd.init calls client.init, which calls pathutil.init
#538: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.New
#539: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.NewErr
#540: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls grpc.clientStream.RecvMsg, which eventually calls picker.Pick
#541: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls picker.Policy.String
#542: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls picker.errPicker.Pick
#543: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.errPicker.String
#544: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls picker.init
#545: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls picker.rrBalanced.Pick
#546: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.rrBalanced.String
#547: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls quorum.JointConfig.String
#548: vault/acl.go:668:12: vault.ACL.CheckAllowedFromNonExactPaths calls sort.Slice, which eventually calls quorum.String
#549: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls quorum.init
#550: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls raft.init
#551: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfChange.Marshal
#552: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfChange.String
#553: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfChangeSingle.Marshal
#554: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfChangeSingle.String
#555: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfChangeV2.Marshal
#556: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfChangeV2.String
#557: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfState.Marshal
#558: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfState.String
#559: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.Entry.Marshal
#560: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.Entry.String
#561: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.HardState.Marshal
#562: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.HardState.String
#563: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.Message.Marshal
#564: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.Message.String
#565: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.Snapshot.Marshal
#566: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.Snapshot.String
#567: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.SnapshotMetadata.Marshal
#568: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.SnapshotMetadata.String
#569: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls raftpb.init
#570: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls rpctypes.Error
#571: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls rpctypes.ErrorDesc
#572: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls rpctypes.EtcdError.Code
#573: command/server.go:866:24: command.ServerCommand.Run calls rpctypes.EtcdError.Error
#574: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls rpctypes.init
#575: physical/etcd/etcd.go:138:40: etcd.getEtcdEndpoints calls client.srvDiscover.Discover, which calls srv.GetClient
#576: physical/etcd/etcd.go:14:2: etcd.init calls client.init, which calls srv.init
#577: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls systemd.init
#578: physical/etcd/etcd3.go:89:34: etcd.newEtcd3Backend calls transport.TLSInfo.ClientConfig, which calls tlsutil.NewCert
#579: physical/etcd/etcd3.go:89:34: etcd.newEtcd3Backend calls transport.TLSInfo.ClientConfig, which calls tlsutil.NewCertPool
#580: physical/etcd/etcd2.go:19:2: etcd.init calls transport.init, which calls tlsutil.init
#581: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls tracker.StateType.String
#582: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls tracker.init
#583: plugins/database/influxdb/connection_producer.go:153:17: influxdb.influxdbConnectionProducer.Close calls client.client.Close, which eventually calls transport.NewTransport
#584: physical/etcd/etcd2.go:145:52: etcd.newEtcdV2Client calls transport.NewTransport
#585: physical/etcd/etcd3.go:89:34: etcd.newEtcd3Backend calls transport.TLSInfo.ClientConfig
#586: vault/testing.go:1690:3: vault.TestCluster.StartCore calls http.Server.Serve, which eventually calls transport.baseConfig
#587: vault/testing.go:1690:3: vault.TestCluster.StartCore calls http.Server.Serve, which eventually calls transport.baseConfig
#588: helper/forwarding/util.go:120:24: forwarding.ParseForwardedHTTPRequest calls bytes.Buffer.ReadFrom, which eventually calls transport.baseConfig
#589: physical/etcd/etcd2.go:19:2: etcd.init calls transport.init
#590: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls transport.unixTransport.RoundTrip
#591: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls types.init
#592: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls version.init
Vulnerability #7: GO-2024-2529
Etcd embed auto compaction retention negative value causing a compaction
loop or a crash in go.etcd.io/etcd
More info: https://pkg.go.dev/vuln/GO-2024-2529
Module: go.etcd.io/etcd
Found in: go.etcd.io/etcd@v0.5.0-alpha.5.0.20200425165423-262c93980547
Fixed in: N/A
Example traces found:
#1: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Permission.Marshal
#2: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Permission.MarshalTo
#3: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Permission.Size
#4: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.Permission.String
#5: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls authpb.Permission.Unmarshal
#6: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Role.Marshal
#7: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.Role.String
#8: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.User.Marshal
#9: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.User.String
#10: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.UserAddOptions.Marshal
#11: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.UserAddOptions.MarshalTo
#12: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.UserAddOptions.Size
#13: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.UserAddOptions.String
#14: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls authpb.UserAddOptions.Unmarshal
#15: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls authpb.init
#16: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls balancer.RegisterBuilder
#17: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.baseBalancer.Close
#18: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.baseBalancer.HandleResolvedAddrs
#19: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.baseBalancer.HandleSubConnStateChange
#20: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.builder.Build
#21: vault/core.go:50:2: vault.init calls grpc.init, which eventually calls balancer.builder.Name
#22: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls balancer.init
#23: command/server.go:866:24: command.ServerCommand.Run calls client.ClusterError.Error
#24: command/server.go:866:24: command.ServerCommand.Run calls client.Error.Error
#25: physical/etcd/etcd2.go:175:19: etcd.newEtcdV2Client calls client.New
#26: physical/etcd/etcd.go:56:28: etcd.NewEtcdBackend calls client.NewKeysAPI
#27: physical/etcd/etcd.go:137:38: etcd.getEtcdEndpoints calls client.NewSRVDiscover
#28: physical/etcd/etcd2.go:364:28: etcd.Etcd2Lock.getSemaphoreKey calls client.Nodes.Len
#29: command/agent/auth/alicloud/alicloud.go:183:38: alicloud.alicloudMethod.Authenticate calls tools.GenerateLoginData, which eventually calls client.customNumberDecoder.Decode
#30: command/agent/auth/alicloud/alicloud.go:183:38: alicloud.alicloudMethod.Authenticate calls tools.GenerateLoginData, which eventually calls client.customNumberExtension.CreateDecoder
#31: physical/etcd/etcd.go:87:24: etcd.getEtcdAPIVersion calls client.httpClusterClient.GetVersion
#32: physical/etcd/etcd2.go:104:20: etcd.newEtcd2Backend calls client.httpClusterClient.Sync
#33: physical/etcd/etcd2.go:330:39: etcd.Etcd2Lock.addSemaphoreKey calls client.httpKeysAPI.CreateInOrder
#34: physical/etcd/etcd2.go:578:28: etcd.Etcd2Lock.Unlock calls client.httpKeysAPI.Delete
#35: physical/etcd/etcd2.go:257:29: etcd.Etcd2Backend.List calls client.httpKeysAPI.Get
#36: physical/etcd/etcd2.go:186:22: etcd.Etcd2Backend.Put calls client.httpKeysAPI.Set
#37: physical/etcd/etcd2.go:525:22: etcd.Etcd2Lock.Lock calls client.httpKeysAPI.Watcher
#38: physical/etcd/etcd2.go:526:26: etcd.Etcd2Lock.Lock calls client.httpWatcher.Next
#39: physical/etcd/etcd.go:14:2: etcd.init calls client.init
#40: physical/etcd/etcd.go:138:40: etcd.getEtcdEndpoints calls client.srvDiscover.Discover
#41: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which calls clientv3.Client.Ctx
#42: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync
#43: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls clientv3.Close
#44: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.Compare
#45: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.CreateRevision
#46: command/server.go:866:24: command.ServerCommand.Run calls clientv3.ErrKeepAliveHalted.Error
#47: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls clientv3.KeepAlive
#48: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New
#49: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.OpGet
#50: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.OpPut
#51: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WatchResponse.Err
#52: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithFirstCreate
#53: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithLastCreate
#54: physical/etcd/etcd3.go:332:75: etcd.EtcdLock.Lock calls clientv3.WithLease
#55: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithMaxCreateRev
#56: physical/etcd/etcd3.go:359:32: etcd.EtcdLock.Value calls clientv3.WithPrefix
#57: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithRev
#58: physical/etcd/etcd3.go:360:20: etcd.EtcdLock.Value calls clientv3.WithSort
#59: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init
#60: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete
#61: physical/etcd/etcd3.go:358:25: etcd.EtcdLock.Value calls clientv3.kv.Get
#62: physical/etcd/etcd3.go:332:25: etcd.EtcdLock.Lock calls clientv3.kv.Put
#63: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.kv.Txn
#64: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which calls clientv3.lessor.Grant
#65: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which calls clientv3.lessor.KeepAlive
#66: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls clientv3.serverStreamingRetryingStream.CloseSend
#67: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg
#68: vault/request_forwarding_service.pb.go:766:34: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls clientv3.serverStreamingRetryingStream.SendMsg
#69: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls clientv3.settableLogger.Error
#70: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls clientv3.settableLogger.Errorf
#71: vault/request_forwarding_service.pb.go:814:19: vault.RegisterRequestForwardingServer calls grpc.Server.RegisterService, which eventually calls clientv3.settableLogger.Fatalf
#72: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls clientv3.settableLogger.Info
#73: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls clientv3.settableLogger.Infof
#74: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls clientv3.settableLogger.Infoln
#75: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls clientv3.settableLogger.V
#76: vault/request_forwarding.go:48:23: vault.NewRequestForwardingHandler calls grpc.KeepaliveParams, which eventually calls clientv3.settableLogger.Warning
#77: vault/request_forwarding.go:281:27: vault.Core.refreshRequestForwardingConnection calls grpc.WithKeepaliveParams, which eventually calls clientv3.settableLogger.Warningf
#78: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which calls clientv3.streamClientInterceptor
#79: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.Commit
#80: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.Else
#81: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.If
#82: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.Then
#83: vault/request_forwarding_service.pb.go:753:20: vault.requestForwardingClient.Echo calls grpc.ClientConn.Invoke, which calls clientv3.unaryClientInterceptor
#84: vault/dynamic_system_view.go:337:34: vault.dynamicSystemView.GeneratePasswordFromPolicy calls clientv3.valCtx.Deadline
#85: vault/core.go:1539:35: vault.Core.SealWithRequest calls context.WithCancel, which eventually calls clientv3.valCtx.Done
#86: vault/core.go:1539:35: vault.Core.SealWithRequest calls context.WithCancel, which eventually calls clientv3.valCtx.Err
#87: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.watcher.Watch
#88: physical/etcd/etcd3.go:332:44: etcd.EtcdLock.Lock calls concurrency.Mutex.Key
#89: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock
#90: physical/etcd/etcd3.go:351:24: etcd.EtcdLock.Unlock calls concurrency.Mutex.Unlock
#91: physical/etcd/etcd3.go:378:33: etcd.EtcdLock.initMu calls concurrency.NewMutex
#92: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession
#93: physical/etcd/etcd3.go:307:36: etcd.EtcdLock.Lock calls concurrency.Session.Done
#94: physical/etcd/etcd3.go:332:95: etcd.EtcdLock.Lock calls concurrency.Session.Lease
#95: physical/etcd/etcd3.go:373:68: etcd.EtcdLock.initMu calls concurrency.WithTTL
#96: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init
#97: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls confchange.init
#98: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls connectivity.New
#99: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls connectivity.init
#100: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls connectivity.recorder.GetCurrentState
#101: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls connectivity.recorder.RecordTransition
#102: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.NewBundle
#103: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.bundle.PerRPCCredentials
#104: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.bundle.TransportCredentials
#105: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls credentials.bundle.UpdateAuthToken
#106: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls credentials.init
#107: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls credentials.perRPCCredential.GetRequestMetadata
#108: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which calls credentials.perRPCCredential.RequireTransportSecurity
#109: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls credentials.transportCredential.ClientHandshake
#110: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which calls credentials.transportCredential.Clone
#111: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which calls credentials.transportCredential.Info
#112: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.transportCredential.OverrideServerName
#113: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls endpoint.Dialer
#114: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls endpoint.NewResolverGroup
#115: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls endpoint.ParseEndpoint
#116: vault/request_forwarding.go:315:24: vault.Core.clearForwardingClients calls grpc.ClientConn.Close, which eventually calls endpoint.Resolver.Close
#117: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls endpoint.Resolver.ResolveNow
#118: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls endpoint.ResolverGroup.Close
#119: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls endpoint.ResolverGroup.SetEndpoints
#120: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls endpoint.ResolverGroup.Target
#121: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls endpoint.builder.Build
#122: vault/core.go:50:2: vault.init calls grpc.init, which eventually calls endpoint.builder.Scheme
#123: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls endpoint.init
#124: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AlarmMember.Marshal
#125: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AlarmMember.String
#126: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AlarmRequest.Marshal
#127: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AlarmRequest.Reset
#128: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AlarmRequest.String
#129: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AlarmRequest.Unmarshal
#130: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AlarmResponse.Marshal
#131: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AlarmResponse.String
#132: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthDisableRequest.Marshal
#133: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthDisableRequest.Reset
#134: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthDisableRequest.String
#135: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthDisableRequest.Unmarshal
#136: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthDisableResponse.Marshal
#137: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthDisableResponse.String
#138: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthEnableRequest.Marshal
#139: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthEnableRequest.Reset
#140: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthEnableRequest.String
#141: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthEnableRequest.Unmarshal
#142: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthEnableResponse.Marshal
#143: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthEnableResponse.String
#144: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleAddRequest.Marshal
#145: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleAddRequest.Reset
#146: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleAddRequest.String
#147: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleAddRequest.Unmarshal
#148: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleAddResponse.Marshal
#149: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleAddResponse.String
#150: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleDeleteRequest.Marshal
#151: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleDeleteRequest.Reset
#152: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleDeleteRequest.String
#153: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleDeleteRequest.Unmarshal
#154: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleDeleteResponse.Marshal
#155: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleDeleteResponse.String
#156: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGetRequest.Marshal
#157: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGetRequest.Reset
#158: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGetRequest.String
#159: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGetRequest.Unmarshal
#160: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGetResponse.Marshal
#161: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGetResponse.String
#162: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.Marshal
#163: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.Reset
#164: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.String
#165: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.Unmarshal
#166: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGrantPermissionResponse.Marshal
#167: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGrantPermissionResponse.String
#168: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleListRequest.Marshal
#169: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleListRequest.Reset
#170: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleListRequest.String
#171: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleListRequest.Unmarshal
#172: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleListResponse.Marshal
#173: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleListResponse.String
#174: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.Marshal
#175: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.Reset
#176: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.String
#177: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.Unmarshal
#178: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleRevokePermissionResponse.Marshal
#179: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleRevokePermissionResponse.String
#180: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthStatusRequest.Marshal
#181: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthStatusRequest.Reset
#182: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthStatusRequest.String
#183: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthStatusRequest.Unmarshal
#184: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthStatusResponse.Marshal
#185: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthStatusResponse.String
#186: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserAddRequest.Marshal
#187: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserAddRequest.Reset
#188: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserAddRequest.String
#189: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserAddRequest.Unmarshal
#190: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserAddResponse.Marshal
#191: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserAddResponse.String
#192: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.Marshal
#193: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.Reset
#194: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.String
#195: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.Unmarshal
#196: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserChangePasswordResponse.Marshal
#197: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserChangePasswordResponse.String
#198: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserDeleteRequest.Marshal
#199: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserDeleteRequest.Reset
#200: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserDeleteRequest.String
#201: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserDeleteRequest.Unmarshal
#202: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserDeleteResponse.Marshal
#203: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserDeleteResponse.String
#204: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGetRequest.Marshal
#205: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGetRequest.Reset
#206: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGetRequest.String
#207: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGetRequest.Unmarshal
#208: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGetResponse.Marshal
#209: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGetResponse.String
#210: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.Marshal
#211: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.Reset
#212: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.String
#213: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.Unmarshal
#214: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGrantRoleResponse.Marshal
#215: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGrantRoleResponse.String
#216: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserListRequest.Marshal
#217: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserListRequest.Reset
#218: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserListRequest.String
#219: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserListRequest.Unmarshal
#220: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserListResponse.Marshal
#221: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserListResponse.String
#222: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.Marshal
#223: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.Reset
#224: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.String
#225: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.Unmarshal
#226: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserRevokeRoleResponse.Marshal
#227: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserRevokeRoleResponse.String
#228: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthenticateRequest.Marshal
#229: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateRequest.Reset
#230: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthenticateRequest.String
#231: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateRequest.Unmarshal
#232: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthenticateResponse.Marshal
#233: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateResponse.Reset
#234: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthenticateResponse.String
#235: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateResponse.Unmarshal
#236: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.CompactionRequest.Marshal
#237: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.CompactionRequest.Reset
#238: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.CompactionRequest.String
#239: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.CompactionRequest.Unmarshal
#240: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.CompactionResponse.Marshal
#241: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.CompactionResponse.String
#242: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Compare.Marshal
#243: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Compare.String
#244: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DefragmentRequest.Marshal
#245: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DefragmentRequest.Reset
#246: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DefragmentRequest.String
#247: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DefragmentRequest.Unmarshal
#248: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DefragmentResponse.Marshal
#249: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DefragmentResponse.String
#250: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DeleteRangeRequest.Marshal
#251: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeRequest.Reset
#252: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DeleteRangeRequest.String
#253: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeRequest.Unmarshal
#254: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DeleteRangeResponse.Marshal
#255: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeResponse.Reset
#256: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DeleteRangeResponse.String
#257: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeResponse.Unmarshal
#258: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DowngradeRequest.Marshal
#259: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DowngradeRequest.Reset
#260: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DowngradeRequest.String
#261: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DowngradeRequest.Unmarshal
#262: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DowngradeResponse.Marshal
#263: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DowngradeResponse.String
#264: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.EmptyResponse.Marshal
#265: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.EmptyResponse.String
#266: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashKVRequest.Marshal
#267: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashKVRequest.Reset
#268: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashKVRequest.String
#269: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashKVRequest.Unmarshal
#270: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashKVResponse.Marshal
#271: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashKVResponse.String
#272: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashRequest.Marshal
#273: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashRequest.Reset
#274: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashRequest.String
#275: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashRequest.Unmarshal
#276: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashResponse.Marshal
#277: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashResponse.String
#278: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.InternalAuthenticateRequest.Marshal
#279: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.InternalAuthenticateRequest.String
#280: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.InternalRaftRequest.Marshal
#281: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.InternalRaftRequest.String
#282: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseCheckpoint.Marshal
#283: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseCheckpoint.String
#284: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseCheckpointRequest.Marshal
#285: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseCheckpointRequest.String
#286: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseCheckpointResponse.Marshal
#287: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseCheckpointResponse.String
#288: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseGrantRequest.Marshal
#289: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantRequest.Reset
#290: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseGrantRequest.String
#291: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantRequest.Unmarshal
#292: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which eventually calls etcdserverpb.LeaseGrantResponse.GetHeader
#293: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseGrantResponse.Marshal
#294: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantResponse.Reset
#295: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseGrantResponse.String
#296: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantResponse.Unmarshal
#297: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseKeepAliveRequest.Marshal
#298: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseKeepAliveRequest.String
#299: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.LeaseKeepAliveResponse.GetHeader
#300: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseKeepAliveResponse.Marshal
#301: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseKeepAliveResponse.Reset
#302: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseKeepAliveResponse.String
#303: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseKeepAliveResponse.Unmarshal
#304: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseLeasesRequest.Marshal
#305: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseLeasesRequest.Reset
#306: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseLeasesRequest.String
#307: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseLeasesRequest.Unmarshal
#308: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseLeasesResponse.Marshal
#309: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseLeasesResponse.String
#310: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseRevokeRequest.Marshal
#311: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseRevokeRequest.Reset
#312: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseRevokeRequest.String
#313: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseRevokeRequest.Unmarshal
#314: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseRevokeResponse.Marshal
#315: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseRevokeResponse.String
#316: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseStatus.Marshal
#317: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseStatus.String
#318: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.Marshal
#319: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.Reset
#320: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.String
#321: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.Unmarshal
#322: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseTimeToLiveResponse.Marshal
#323: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseTimeToLiveResponse.String
#324: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Member.Marshal
#325: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Member.String
#326: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberAddRequest.Marshal
#327: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberAddRequest.Reset
#328: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberAddRequest.String
#329: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberAddRequest.Unmarshal
#330: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberAddResponse.Marshal
#331: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberAddResponse.String
#332: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberListRequest.Marshal
#333: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListRequest.Reset
#334: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberListRequest.String
#335: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListRequest.Unmarshal
#336: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberListResponse.Marshal
#337: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListResponse.Reset
#338: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberListResponse.String
#339: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListResponse.Unmarshal
#340: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberPromoteRequest.Marshal
#341: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberPromoteRequest.Reset
#342: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberPromoteRequest.String
#343: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberPromoteRequest.Unmarshal
#344: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberPromoteResponse.Marshal
#345: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberPromoteResponse.String
#346: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberRemoveRequest.Marshal
#347: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberRemoveRequest.Reset
#348: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberRemoveRequest.String
#349: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberRemoveRequest.Unmarshal
#350: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberRemoveResponse.Marshal
#351: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberRemoveResponse.String
#352: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberUpdateRequest.Marshal
#353: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberUpdateRequest.Reset
#354: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberUpdateRequest.String
#355: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberUpdateRequest.Unmarshal
#356: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberUpdateResponse.Marshal
#357: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberUpdateResponse.String
#358: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Metadata.Marshal
#359: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Metadata.String
#360: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MoveLeaderRequest.Marshal
#361: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MoveLeaderRequest.Reset
#362: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MoveLeaderRequest.String
#363: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MoveLeaderRequest.Unmarshal
#364: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MoveLeaderResponse.Marshal
#365: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MoveLeaderResponse.String
#366: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls etcdserverpb.NewAuthClient
#367: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewClusterClient
#368: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewKVClient
#369: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewLeaseClient
#370: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewMaintenanceClient
#371: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewWatchClient
#372: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.PutRequest.Marshal
#373: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutRequest.Reset
#374: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.PutRequest.String
#375: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutRequest.Unmarshal
#376: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.PutResponse.Marshal
#377: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutResponse.Reset
#378: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.PutResponse.String
#379: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutResponse.Unmarshal
#380: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RangeRequest.Marshal
#381: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeRequest.Reset
#382: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RangeRequest.String
#383: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeRequest.Unmarshal
#384: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RangeResponse.Marshal
#385: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeResponse.Reset
#386: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RangeResponse.String
#387: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeResponse.Unmarshal
#388: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Request.Marshal
#389: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Request.String
#390: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RequestHeader.Marshal
#391: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RequestHeader.String
#392: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RequestOp.Marshal
#393: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RequestOp.String
#394: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.ResponseHeader.Marshal
#395: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.ResponseHeader.String
#396: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which calls etcdserverpb.ResponseOp.GetResponseRange
#397: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.ResponseOp.Marshal
#398: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.ResponseOp.String
#399: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.SnapshotRequest.Marshal
#400: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.SnapshotRequest.Reset
#401: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.SnapshotRequest.String
#402: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.SnapshotRequest.Unmarshal
#403: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.SnapshotResponse.Marshal
#404: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.SnapshotResponse.String
#405: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.StatusRequest.Marshal
#406: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusRequest.Reset
#407: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.StatusRequest.String
#408: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusRequest.Unmarshal
#409: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.StatusResponse.Marshal
#410: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusResponse.Reset
#411: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.StatusResponse.String
#412: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusResponse.Unmarshal
#413: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.TxnRequest.Marshal
#414: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnRequest.Reset
#415: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.TxnRequest.String
#416: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnRequest.Unmarshal
#417: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.TxnResponse.Marshal
#418: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnResponse.Reset
#419: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.TxnResponse.String
#420: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnResponse.Unmarshal
#421: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchCancelRequest.Marshal
#422: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchCancelRequest.String
#423: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchCreateRequest.Marshal
#424: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchCreateRequest.String
#425: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchProgressRequest.Marshal
#426: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchProgressRequest.String
#427: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchRequest.Marshal
#428: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchRequest.String
#429: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchResponse.Marshal
#430: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.WatchResponse.Reset
#431: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchResponse.String
#432: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.WatchResponse.Unmarshal
#433: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_AuthDisable_Handler
#434: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_AuthEnable_Handler
#435: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_AuthStatus_Handler
#436: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_Authenticate_Handler
#437: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleAdd_Handler
#438: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleDelete_Handler
#439: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleGet_Handler
#440: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleGrantPermission_Handler
#441: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleList_Handler
#442: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleRevokePermission_Handler
#443: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserAdd_Handler
#444: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserChangePassword_Handler
#445: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserDelete_Handler
#446: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserGet_Handler
#447: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserGrantRole_Handler
#448: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserList_Handler
#449: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserRevokeRole_Handler
#450: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberAdd_Handler
#451: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberList_Handler
#452: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberPromote_Handler
#453: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberRemove_Handler
#454: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberUpdate_Handler
#455: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Compact_Handler
#456: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_DeleteRange_Handler
#457: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Put_Handler
#458: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Range_Handler
#459: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Txn_Handler
#460: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseGrant_Handler
#461: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseKeepAlive_Handler
#462: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseLeases_Handler
#463: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseRevoke_Handler
#464: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseTimeToLive_Handler
#465: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Alarm_Handler
#466: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Defragment_Handler
#467: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Downgrade_Handler
#468: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_HashKV_Handler
#469: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Hash_Handler
#470: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_MoveLeader_Handler
#471: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Snapshot_Handler
#472: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Status_Handler
#473: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Watch_Watch_Handler
#474: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls etcdserverpb.authClient.Authenticate
#475: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls etcdserverpb.clusterClient.MemberList
#476: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init, which calls etcdserverpb.init
#477: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.DeleteRange
#478: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.Put
#479: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.Range
#480: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.Txn
#481: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which eventually calls etcdserverpb.leaseClient.LeaseGrant
#482: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.leaseClient.LeaseKeepAlive
#483: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.leaseLeaseKeepAliveClient.Recv
#484: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.leaseLeaseKeepAliveClient.Send
#485: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.loggablePutRequest.String
#486: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.loggableValueCompare.String
#487: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.maintenanceClient.Status
#488: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls etcdserverpb.watchClient.Watch
#489: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls etcdserverpb.watchWatchClient.Recv
#490: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls etcdserverpb.watchWatchClient.Send
#491: physical/etcd/etcd2.go:19:2: etcd.init calls transport.init, which calls fileutil.init
#492: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.NewDiscardLogger
#493: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls logutil.NewLogger
#494: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls logutil.defaultLogger.Error
#495: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls logutil.defaultLogger.Errorf
#496: vault/request_forwarding_service.pb.go:814:19: vault.RegisterRequestForwardingServer calls grpc.Server.RegisterService, which eventually calls logutil.defaultLogger.Fatalf
#497: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls logutil.defaultLogger.Info
#498: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.defaultLogger.Infof
#499: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls logutil.defaultLogger.Infoln
#500: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.defaultLogger.Lvl
#501: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls logutil.defaultLogger.V
#502: vault/request_forwarding.go:48:23: vault.NewRequestForwardingHandler calls grpc.KeepaliveParams, which eventually calls logutil.defaultLogger.Warning
#503: vault/request_forwarding.go:281:27: vault.Core.refreshRequestForwardingConnection calls grpc.WithKeepaliveParams, which eventually calls logutil.defaultLogger.Warningf
#504: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.discardLogger.Infof
#505: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls logutil.init
#506: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.Attributes.Marshal
#507: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.Attributes.String
#508: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterMemberAttrSetRequest.Marshal
#509: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterMemberAttrSetRequest.MarshalTo
#510: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterMemberAttrSetRequest.Size
#511: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.ClusterMemberAttrSetRequest.String
#512: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterVersionSetRequest.Marshal
#513: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterVersionSetRequest.MarshalTo
#514: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterVersionSetRequest.Size
#515: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.ClusterVersionSetRequest.String
#516: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.DowngradeInfoSetRequest.Marshal
#517: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.DowngradeInfoSetRequest.MarshalTo
#518: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.DowngradeInfoSetRequest.Size
#519: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.DowngradeInfoSetRequest.String
#520: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.Member.Marshal
#521: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.Member.String
#522: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.RaftAttributes.Marshal
#523: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.RaftAttributes.String
#524: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init, which eventually calls membershippb.init
#525: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.Event.Marshal
#526: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.Event.MarshalTo
#527: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.Event.Size
#528: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls mvccpb.Event.String
#529: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls mvccpb.Event.Unmarshal
#530: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.KeyValue.Marshal
#531: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.KeyValue.MarshalTo
#532: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.KeyValue.Size
#533: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls mvccpb.KeyValue.String
#534: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls mvccpb.KeyValue.Unmarshal
#535: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init, which calls mvccpb.init
#536: physical/etcd/etcd2.go:526:26: etcd.Etcd2Lock.Lock calls client.httpWatcher.Next, which eventually calls pathutil.CanonicalURLPath
#537: physical/etcd/etcd.go:14:2: etcd.init calls client.init, which calls pathutil.init
#538: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.New
#539: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.NewErr
#540: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls grpc.clientStream.RecvMsg, which eventually calls picker.Pick
#541: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls picker.Policy.String
#542: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls picker.errPicker.Pick
#543: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.errPicker.String
#544: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls picker.init
#545: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls picker.rrBalanced.Pick
#546: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.rrBalanced.String
#547: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls quorum.JointConfig.String
#548: vault/acl.go:668:12: vault.ACL.CheckAllowedFromNonExactPaths calls sort.Slice, which eventually calls quorum.String
#549: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls quorum.init
#550: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls raft.init
#551: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfChange.Marshal
#552: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfChange.String
#553: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfChangeSingle.Marshal
#554: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfChangeSingle.String
#555: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfChangeV2.Marshal
#556: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfChangeV2.String
#557: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfState.Marshal
#558: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfState.String
#559: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.Entry.Marshal
#560: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.Entry.String
#561: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.HardState.Marshal
#562: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.HardState.String
#563: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.Message.Marshal
#564: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.Message.String
#565: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.Snapshot.Marshal
#566: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.Snapshot.String
#567: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.SnapshotMetadata.Marshal
#568: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.SnapshotMetadata.String
#569: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls raftpb.init
#570: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls rpctypes.Error
#571: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls rpctypes.ErrorDesc
#572: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls rpctypes.EtcdError.Code
#573: command/server.go:866:24: command.ServerCommand.Run calls rpctypes.EtcdError.Error
#574: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls rpctypes.init
#575: physical/etcd/etcd.go:138:40: etcd.getEtcdEndpoints calls client.srvDiscover.Discover, which calls srv.GetClient
#576: physical/etcd/etcd.go:14:2: etcd.init calls client.init, which calls srv.init
#577: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls systemd.init
#578: physical/etcd/etcd3.go:89:34: etcd.newEtcd3Backend calls transport.TLSInfo.ClientConfig, which calls tlsutil.NewCert
#579: physical/etcd/etcd3.go:89:34: etcd.newEtcd3Backend calls transport.TLSInfo.ClientConfig, which calls tlsutil.NewCertPool
#580: physical/etcd/etcd2.go:19:2: etcd.init calls transport.init, which calls tlsutil.init
#581: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls tracker.StateType.String
#582: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls tracker.init
#583: physical/etcd/etcd2.go:145:52: etcd.newEtcdV2Client calls transport.NewTransport
#584: plugins/database/influxdb/connection_producer.go:153:17: influxdb.influxdbConnectionProducer.Close calls client.client.Close, which eventually calls transport.NewTransport
#585: physical/etcd/etcd3.go:89:34: etcd.newEtcd3Backend calls transport.TLSInfo.ClientConfig
#586: vault/testing.go:1690:3: vault.TestCluster.StartCore calls http.Server.Serve, which eventually calls transport.baseConfig
#587: vault/testing.go:1690:3: vault.TestCluster.StartCore calls http.Server.Serve, which eventually calls transport.baseConfig
#588: helper/forwarding/util.go:120:24: forwarding.ParseForwardedHTTPRequest calls bytes.Buffer.ReadFrom, which eventually calls transport.baseConfig
#589: physical/etcd/etcd2.go:19:2: etcd.init calls transport.init
#590: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls transport.unixTransport.RoundTrip
#591: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls types.init
#592: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls version.init
Vulnerability #8: GO-2024-2528
Etcd Gateway TLS endpoint validation only confirms TCP reachability in
go.etcd.io/etcd
More info: https://pkg.go.dev/vuln/GO-2024-2528
Module: go.etcd.io/etcd
Found in: go.etcd.io/etcd@v0.5.0-alpha.5.0.20200425165423-262c93980547
Fixed in: N/A
Example traces found:
#1: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Permission.Marshal
#2: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Permission.MarshalTo
#3: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Permission.Size
#4: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.Permission.String
#5: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls authpb.Permission.Unmarshal
#6: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.Role.Marshal
#7: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.Role.String
#8: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.User.Marshal
#9: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.User.String
#10: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.UserAddOptions.Marshal
#11: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.UserAddOptions.MarshalTo
#12: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls authpb.UserAddOptions.Size
#13: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls authpb.UserAddOptions.String
#14: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls authpb.UserAddOptions.Unmarshal
#15: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls authpb.init
#16: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls balancer.RegisterBuilder
#17: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.baseBalancer.Close
#18: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.baseBalancer.HandleResolvedAddrs
#19: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.baseBalancer.HandleSubConnStateChange
#20: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls balancer.builder.Build
#21: vault/core.go:50:2: vault.init calls grpc.init, which eventually calls balancer.builder.Name
#22: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls balancer.init
#23: command/server.go:866:24: command.ServerCommand.Run calls client.ClusterError.Error
#24: command/server.go:866:24: command.ServerCommand.Run calls client.Error.Error
#25: physical/etcd/etcd2.go:175:19: etcd.newEtcdV2Client calls client.New
#26: physical/etcd/etcd.go:56:28: etcd.NewEtcdBackend calls client.NewKeysAPI
#27: physical/etcd/etcd.go:137:38: etcd.getEtcdEndpoints calls client.NewSRVDiscover
#28: physical/etcd/etcd2.go:364:28: etcd.Etcd2Lock.getSemaphoreKey calls client.Nodes.Len
#29: command/agent/auth/alicloud/alicloud.go:183:38: alicloud.alicloudMethod.Authenticate calls tools.GenerateLoginData, which eventually calls client.customNumberDecoder.Decode
#30: command/agent/auth/alicloud/alicloud.go:183:38: alicloud.alicloudMethod.Authenticate calls tools.GenerateLoginData, which eventually calls client.customNumberExtension.CreateDecoder
#31: physical/etcd/etcd.go:87:24: etcd.getEtcdAPIVersion calls client.httpClusterClient.GetVersion
#32: physical/etcd/etcd2.go:104:20: etcd.newEtcd2Backend calls client.httpClusterClient.Sync
#33: physical/etcd/etcd2.go:330:39: etcd.Etcd2Lock.addSemaphoreKey calls client.httpKeysAPI.CreateInOrder
#34: physical/etcd/etcd2.go:578:28: etcd.Etcd2Lock.Unlock calls client.httpKeysAPI.Delete
#35: physical/etcd/etcd2.go:257:29: etcd.Etcd2Backend.List calls client.httpKeysAPI.Get
#36: physical/etcd/etcd2.go:186:22: etcd.Etcd2Backend.Put calls client.httpKeysAPI.Set
#37: physical/etcd/etcd2.go:525:22: etcd.Etcd2Lock.Lock calls client.httpKeysAPI.Watcher
#38: physical/etcd/etcd2.go:526:26: etcd.Etcd2Lock.Lock calls client.httpWatcher.Next
#39: physical/etcd/etcd.go:14:2: etcd.init calls client.init
#40: physical/etcd/etcd.go:138:40: etcd.getEtcdEndpoints calls client.srvDiscover.Discover
#41: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which calls clientv3.Client.Ctx
#42: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync
#43: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls clientv3.Close
#44: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.Compare
#45: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.CreateRevision
#46: command/server.go:866:24: command.ServerCommand.Run calls clientv3.ErrKeepAliveHalted.Error
#47: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls clientv3.KeepAlive
#48: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New
#49: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.OpGet
#50: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.OpPut
#51: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WatchResponse.Err
#52: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithFirstCreate
#53: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithLastCreate
#54: physical/etcd/etcd3.go:332:75: etcd.EtcdLock.Lock calls clientv3.WithLease
#55: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithMaxCreateRev
#56: physical/etcd/etcd3.go:359:32: etcd.EtcdLock.Value calls clientv3.WithPrefix
#57: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.WithRev
#58: physical/etcd/etcd3.go:360:20: etcd.EtcdLock.Value calls clientv3.WithSort
#59: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init
#60: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete
#61: physical/etcd/etcd3.go:358:25: etcd.EtcdLock.Value calls clientv3.kv.Get
#62: physical/etcd/etcd3.go:332:25: etcd.EtcdLock.Lock calls clientv3.kv.Put
#63: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.kv.Txn
#64: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which calls clientv3.lessor.Grant
#65: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which calls clientv3.lessor.KeepAlive
#66: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls clientv3.serverStreamingRetryingStream.CloseSend
#67: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg
#68: vault/request_forwarding_service.pb.go:766:34: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls clientv3.serverStreamingRetryingStream.SendMsg
#69: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls clientv3.settableLogger.Error
#70: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls clientv3.settableLogger.Errorf
#71: vault/request_forwarding_service.pb.go:814:19: vault.RegisterRequestForwardingServer calls grpc.Server.RegisterService, which eventually calls clientv3.settableLogger.Fatalf
#72: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls clientv3.settableLogger.Info
#73: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls clientv3.settableLogger.Infof
#74: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls clientv3.settableLogger.Infoln
#75: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls clientv3.settableLogger.V
#76: vault/request_forwarding.go:48:23: vault.NewRequestForwardingHandler calls grpc.KeepaliveParams, which eventually calls clientv3.settableLogger.Warning
#77: vault/request_forwarding.go:281:27: vault.Core.refreshRequestForwardingConnection calls grpc.WithKeepaliveParams, which eventually calls clientv3.settableLogger.Warningf
#78: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which calls clientv3.streamClientInterceptor
#79: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.Commit
#80: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.Else
#81: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.If
#82: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.txn.Then
#83: vault/request_forwarding_service.pb.go:753:20: vault.requestForwardingClient.Echo calls grpc.ClientConn.Invoke, which calls clientv3.unaryClientInterceptor
#84: vault/dynamic_system_view.go:337:34: vault.dynamicSystemView.GeneratePasswordFromPolicy calls clientv3.valCtx.Deadline
#85: vault/core.go:1539:35: vault.Core.SealWithRequest calls context.WithCancel, which eventually calls clientv3.valCtx.Done
#86: vault/core.go:1539:35: vault.Core.SealWithRequest calls context.WithCancel, which eventually calls clientv3.valCtx.Err
#87: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls clientv3.watcher.Watch
#88: physical/etcd/etcd3.go:332:44: etcd.EtcdLock.Lock calls concurrency.Mutex.Key
#89: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock
#90: physical/etcd/etcd3.go:351:24: etcd.EtcdLock.Unlock calls concurrency.Mutex.Unlock
#91: physical/etcd/etcd3.go:378:33: etcd.EtcdLock.initMu calls concurrency.NewMutex
#92: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession
#93: physical/etcd/etcd3.go:307:36: etcd.EtcdLock.Lock calls concurrency.Session.Done
#94: physical/etcd/etcd3.go:332:95: etcd.EtcdLock.Lock calls concurrency.Session.Lease
#95: physical/etcd/etcd3.go:373:68: etcd.EtcdLock.initMu calls concurrency.WithTTL
#96: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init
#97: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls confchange.init
#98: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls connectivity.New
#99: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls connectivity.init
#100: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls connectivity.recorder.GetCurrentState
#101: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls connectivity.recorder.RecordTransition
#102: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.NewBundle
#103: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.bundle.PerRPCCredentials
#104: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.bundle.TransportCredentials
#105: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls credentials.bundle.UpdateAuthToken
#106: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls credentials.init
#107: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls credentials.perRPCCredential.GetRequestMetadata
#108: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which calls credentials.perRPCCredential.RequireTransportSecurity
#109: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls credentials.transportCredential.ClientHandshake
#110: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which calls credentials.transportCredential.Clone
#111: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which calls credentials.transportCredential.Info
#112: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls credentials.transportCredential.OverrideServerName
#113: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls endpoint.Dialer
#114: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls endpoint.NewResolverGroup
#115: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls endpoint.ParseEndpoint
#116: vault/request_forwarding.go:315:24: vault.Core.clearForwardingClients calls grpc.ClientConn.Close, which eventually calls endpoint.Resolver.Close
#117: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls endpoint.Resolver.ResolveNow
#118: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls endpoint.ResolverGroup.Close
#119: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls endpoint.ResolverGroup.SetEndpoints
#120: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls endpoint.ResolverGroup.Target
#121: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls endpoint.builder.Build
#122: vault/core.go:50:2: vault.init calls grpc.init, which eventually calls endpoint.builder.Scheme
#123: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls endpoint.init
#124: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AlarmMember.Marshal
#125: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AlarmMember.String
#126: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AlarmRequest.Marshal
#127: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AlarmRequest.Reset
#128: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AlarmRequest.String
#129: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AlarmRequest.Unmarshal
#130: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AlarmResponse.Marshal
#131: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AlarmResponse.String
#132: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthDisableRequest.Marshal
#133: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthDisableRequest.Reset
#134: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthDisableRequest.String
#135: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthDisableRequest.Unmarshal
#136: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthDisableResponse.Marshal
#137: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthDisableResponse.String
#138: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthEnableRequest.Marshal
#139: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthEnableRequest.Reset
#140: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthEnableRequest.String
#141: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthEnableRequest.Unmarshal
#142: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthEnableResponse.Marshal
#143: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthEnableResponse.String
#144: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleAddRequest.Marshal
#145: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleAddRequest.Reset
#146: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleAddRequest.String
#147: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleAddRequest.Unmarshal
#148: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleAddResponse.Marshal
#149: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleAddResponse.String
#150: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleDeleteRequest.Marshal
#151: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleDeleteRequest.Reset
#152: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleDeleteRequest.String
#153: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleDeleteRequest.Unmarshal
#154: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleDeleteResponse.Marshal
#155: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleDeleteResponse.String
#156: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGetRequest.Marshal
#157: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGetRequest.Reset
#158: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGetRequest.String
#159: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGetRequest.Unmarshal
#160: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGetResponse.Marshal
#161: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGetResponse.String
#162: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.Marshal
#163: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.Reset
#164: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.String
#165: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleGrantPermissionRequest.Unmarshal
#166: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleGrantPermissionResponse.Marshal
#167: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleGrantPermissionResponse.String
#168: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleListRequest.Marshal
#169: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleListRequest.Reset
#170: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleListRequest.String
#171: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleListRequest.Unmarshal
#172: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleListResponse.Marshal
#173: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleListResponse.String
#174: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.Marshal
#175: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.Reset
#176: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.String
#177: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthRoleRevokePermissionRequest.Unmarshal
#178: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthRoleRevokePermissionResponse.Marshal
#179: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthRoleRevokePermissionResponse.String
#180: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthStatusRequest.Marshal
#181: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthStatusRequest.Reset
#182: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthStatusRequest.String
#183: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthStatusRequest.Unmarshal
#184: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthStatusResponse.Marshal
#185: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthStatusResponse.String
#186: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserAddRequest.Marshal
#187: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserAddRequest.Reset
#188: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserAddRequest.String
#189: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserAddRequest.Unmarshal
#190: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserAddResponse.Marshal
#191: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserAddResponse.String
#192: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.Marshal
#193: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.Reset
#194: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.String
#195: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserChangePasswordRequest.Unmarshal
#196: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserChangePasswordResponse.Marshal
#197: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserChangePasswordResponse.String
#198: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserDeleteRequest.Marshal
#199: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserDeleteRequest.Reset
#200: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserDeleteRequest.String
#201: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserDeleteRequest.Unmarshal
#202: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserDeleteResponse.Marshal
#203: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserDeleteResponse.String
#204: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGetRequest.Marshal
#205: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGetRequest.Reset
#206: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGetRequest.String
#207: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGetRequest.Unmarshal
#208: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGetResponse.Marshal
#209: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGetResponse.String
#210: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.Marshal
#211: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.Reset
#212: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.String
#213: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserGrantRoleRequest.Unmarshal
#214: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserGrantRoleResponse.Marshal
#215: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserGrantRoleResponse.String
#216: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserListRequest.Marshal
#217: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserListRequest.Reset
#218: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserListRequest.String
#219: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserListRequest.Unmarshal
#220: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserListResponse.Marshal
#221: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserListResponse.String
#222: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.Marshal
#223: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.Reset
#224: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.String
#225: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthUserRevokeRoleRequest.Unmarshal
#226: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthUserRevokeRoleResponse.Marshal
#227: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthUserRevokeRoleResponse.String
#228: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthenticateRequest.Marshal
#229: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateRequest.Reset
#230: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthenticateRequest.String
#231: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateRequest.Unmarshal
#232: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.AuthenticateResponse.Marshal
#233: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateResponse.Reset
#234: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.AuthenticateResponse.String
#235: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.AuthenticateResponse.Unmarshal
#236: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.CompactionRequest.Marshal
#237: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.CompactionRequest.Reset
#238: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.CompactionRequest.String
#239: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.CompactionRequest.Unmarshal
#240: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.CompactionResponse.Marshal
#241: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.CompactionResponse.String
#242: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Compare.Marshal
#243: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Compare.String
#244: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DefragmentRequest.Marshal
#245: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DefragmentRequest.Reset
#246: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DefragmentRequest.String
#247: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DefragmentRequest.Unmarshal
#248: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DefragmentResponse.Marshal
#249: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DefragmentResponse.String
#250: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DeleteRangeRequest.Marshal
#251: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeRequest.Reset
#252: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DeleteRangeRequest.String
#253: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeRequest.Unmarshal
#254: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DeleteRangeResponse.Marshal
#255: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeResponse.Reset
#256: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DeleteRangeResponse.String
#257: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DeleteRangeResponse.Unmarshal
#258: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DowngradeRequest.Marshal
#259: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DowngradeRequest.Reset
#260: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DowngradeRequest.String
#261: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.DowngradeRequest.Unmarshal
#262: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.DowngradeResponse.Marshal
#263: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.DowngradeResponse.String
#264: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.EmptyResponse.Marshal
#265: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.EmptyResponse.String
#266: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashKVRequest.Marshal
#267: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashKVRequest.Reset
#268: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashKVRequest.String
#269: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashKVRequest.Unmarshal
#270: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashKVResponse.Marshal
#271: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashKVResponse.String
#272: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashRequest.Marshal
#273: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashRequest.Reset
#274: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashRequest.String
#275: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.HashRequest.Unmarshal
#276: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.HashResponse.Marshal
#277: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.HashResponse.String
#278: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.InternalAuthenticateRequest.Marshal
#279: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.InternalAuthenticateRequest.String
#280: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.InternalRaftRequest.Marshal
#281: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.InternalRaftRequest.String
#282: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseCheckpoint.Marshal
#283: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseCheckpoint.String
#284: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseCheckpointRequest.Marshal
#285: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseCheckpointRequest.String
#286: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseCheckpointResponse.Marshal
#287: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseCheckpointResponse.String
#288: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseGrantRequest.Marshal
#289: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantRequest.Reset
#290: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseGrantRequest.String
#291: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantRequest.Unmarshal
#292: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which eventually calls etcdserverpb.LeaseGrantResponse.GetHeader
#293: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseGrantResponse.Marshal
#294: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantResponse.Reset
#295: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseGrantResponse.String
#296: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseGrantResponse.Unmarshal
#297: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseKeepAliveRequest.Marshal
#298: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseKeepAliveRequest.String
#299: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.LeaseKeepAliveResponse.GetHeader
#300: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseKeepAliveResponse.Marshal
#301: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseKeepAliveResponse.Reset
#302: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseKeepAliveResponse.String
#303: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseKeepAliveResponse.Unmarshal
#304: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseLeasesRequest.Marshal
#305: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseLeasesRequest.Reset
#306: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseLeasesRequest.String
#307: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseLeasesRequest.Unmarshal
#308: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseLeasesResponse.Marshal
#309: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseLeasesResponse.String
#310: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseRevokeRequest.Marshal
#311: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseRevokeRequest.Reset
#312: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseRevokeRequest.String
#313: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseRevokeRequest.Unmarshal
#314: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseRevokeResponse.Marshal
#315: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseRevokeResponse.String
#316: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseStatus.Marshal
#317: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseStatus.String
#318: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.Marshal
#319: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.Reset
#320: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.String
#321: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.LeaseTimeToLiveRequest.Unmarshal
#322: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.LeaseTimeToLiveResponse.Marshal
#323: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.LeaseTimeToLiveResponse.String
#324: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Member.Marshal
#325: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Member.String
#326: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberAddRequest.Marshal
#327: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberAddRequest.Reset
#328: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberAddRequest.String
#329: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberAddRequest.Unmarshal
#330: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberAddResponse.Marshal
#331: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberAddResponse.String
#332: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberListRequest.Marshal
#333: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListRequest.Reset
#334: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberListRequest.String
#335: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListRequest.Unmarshal
#336: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberListResponse.Marshal
#337: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListResponse.Reset
#338: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberListResponse.String
#339: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberListResponse.Unmarshal
#340: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberPromoteRequest.Marshal
#341: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberPromoteRequest.Reset
#342: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberPromoteRequest.String
#343: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberPromoteRequest.Unmarshal
#344: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberPromoteResponse.Marshal
#345: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberPromoteResponse.String
#346: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberRemoveRequest.Marshal
#347: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberRemoveRequest.Reset
#348: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberRemoveRequest.String
#349: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberRemoveRequest.Unmarshal
#350: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberRemoveResponse.Marshal
#351: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberRemoveResponse.String
#352: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberUpdateRequest.Marshal
#353: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberUpdateRequest.Reset
#354: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberUpdateRequest.String
#355: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MemberUpdateRequest.Unmarshal
#356: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MemberUpdateResponse.Marshal
#357: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MemberUpdateResponse.String
#358: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Metadata.Marshal
#359: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Metadata.String
#360: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MoveLeaderRequest.Marshal
#361: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MoveLeaderRequest.Reset
#362: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MoveLeaderRequest.String
#363: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.MoveLeaderRequest.Unmarshal
#364: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.MoveLeaderResponse.Marshal
#365: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.MoveLeaderResponse.String
#366: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls etcdserverpb.NewAuthClient
#367: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewClusterClient
#368: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewKVClient
#369: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewLeaseClient
#370: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewMaintenanceClient
#371: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.NewWatchClient
#372: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.PutRequest.Marshal
#373: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutRequest.Reset
#374: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.PutRequest.String
#375: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutRequest.Unmarshal
#376: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.PutResponse.Marshal
#377: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutResponse.Reset
#378: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.PutResponse.String
#379: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.PutResponse.Unmarshal
#380: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RangeRequest.Marshal
#381: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeRequest.Reset
#382: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RangeRequest.String
#383: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeRequest.Unmarshal
#384: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RangeResponse.Marshal
#385: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeResponse.Reset
#386: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RangeResponse.String
#387: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.RangeResponse.Unmarshal
#388: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.Request.Marshal
#389: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.Request.String
#390: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RequestHeader.Marshal
#391: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RequestHeader.String
#392: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.RequestOp.Marshal
#393: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.RequestOp.String
#394: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.ResponseHeader.Marshal
#395: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.ResponseHeader.String
#396: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which calls etcdserverpb.ResponseOp.GetResponseRange
#397: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.ResponseOp.Marshal
#398: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.ResponseOp.String
#399: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.SnapshotRequest.Marshal
#400: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.SnapshotRequest.Reset
#401: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.SnapshotRequest.String
#402: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.SnapshotRequest.Unmarshal
#403: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.SnapshotResponse.Marshal
#404: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.SnapshotResponse.String
#405: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.StatusRequest.Marshal
#406: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusRequest.Reset
#407: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.StatusRequest.String
#408: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusRequest.Unmarshal
#409: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.StatusResponse.Marshal
#410: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusResponse.Reset
#411: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.StatusResponse.String
#412: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.StatusResponse.Unmarshal
#413: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.TxnRequest.Marshal
#414: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnRequest.Reset
#415: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.TxnRequest.String
#416: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnRequest.Unmarshal
#417: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.TxnResponse.Marshal
#418: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnResponse.Reset
#419: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.TxnResponse.String
#420: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.TxnResponse.Unmarshal
#421: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchCancelRequest.Marshal
#422: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchCancelRequest.String
#423: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchCreateRequest.Marshal
#424: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchCreateRequest.String
#425: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchProgressRequest.Marshal
#426: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchProgressRequest.String
#427: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchRequest.Marshal
#428: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchRequest.String
#429: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls etcdserverpb.WatchResponse.Marshal
#430: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.WatchResponse.Reset
#431: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.WatchResponse.String
#432: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls etcdserverpb.WatchResponse.Unmarshal
#433: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_AuthDisable_Handler
#434: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_AuthEnable_Handler
#435: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_AuthStatus_Handler
#436: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_Authenticate_Handler
#437: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleAdd_Handler
#438: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleDelete_Handler
#439: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleGet_Handler
#440: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleGrantPermission_Handler
#441: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleList_Handler
#442: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_RoleRevokePermission_Handler
#443: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserAdd_Handler
#444: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserChangePassword_Handler
#445: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserDelete_Handler
#446: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserGet_Handler
#447: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserGrantRole_Handler
#448: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserList_Handler
#449: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Auth_UserRevokeRole_Handler
#450: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberAdd_Handler
#451: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberList_Handler
#452: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberPromote_Handler
#453: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberRemove_Handler
#454: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Cluster_MemberUpdate_Handler
#455: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Compact_Handler
#456: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_DeleteRange_Handler
#457: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Put_Handler
#458: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Range_Handler
#459: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._KV_Txn_Handler
#460: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseGrant_Handler
#461: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseKeepAlive_Handler
#462: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseLeases_Handler
#463: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseRevoke_Handler
#464: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Lease_LeaseTimeToLive_Handler
#465: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Alarm_Handler
#466: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Defragment_Handler
#467: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Downgrade_Handler
#468: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_HashKV_Handler
#469: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Hash_Handler
#470: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_MoveLeader_Handler
#471: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Snapshot_Handler
#472: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Maintenance_Status_Handler
#473: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls etcdserverpb._Watch_Watch_Handler
#474: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls etcdserverpb.authClient.Authenticate
#475: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls etcdserverpb.clusterClient.MemberList
#476: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init, which calls etcdserverpb.init
#477: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.DeleteRange
#478: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.Put
#479: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.Range
#480: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls etcdserverpb.kVClient.Txn
#481: physical/etcd/etcd3.go:373:40: etcd.EtcdLock.initMu calls concurrency.NewSession, which eventually calls etcdserverpb.leaseClient.LeaseGrant
#482: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.leaseClient.LeaseKeepAlive
#483: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.leaseLeaseKeepAliveClient.Recv
#484: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls etcdserverpb.leaseLeaseKeepAliveClient.Send
#485: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.loggablePutRequest.String
#486: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls etcdserverpb.loggableValueCompare.String
#487: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls etcdserverpb.maintenanceClient.Status
#488: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls etcdserverpb.watchClient.Watch
#489: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls etcdserverpb.watchWatchClient.Recv
#490: physical/etcd/etcd3.go:323:25: etcd.EtcdLock.Lock calls concurrency.Mutex.Lock, which eventually calls etcdserverpb.watchWatchClient.Send
#491: physical/etcd/etcd2.go:19:2: etcd.init calls transport.init, which calls fileutil.init
#492: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.NewDiscardLogger
#493: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls logutil.NewLogger
#494: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls logutil.defaultLogger.Error
#495: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls logutil.defaultLogger.Errorf
#496: vault/request_forwarding_service.pb.go:814:19: vault.RegisterRequestForwardingServer calls grpc.Server.RegisterService, which eventually calls logutil.defaultLogger.Fatalf
#497: vault/request_forwarding.go:278:41: vault.Core.refreshRequestForwardingConnection calls grpc.DialContext, which eventually calls logutil.defaultLogger.Info
#498: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.defaultLogger.Infof
#499: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls logutil.defaultLogger.Infoln
#500: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.defaultLogger.Lvl
#501: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls logutil.defaultLogger.V
#502: vault/request_forwarding.go:48:23: vault.NewRequestForwardingHandler calls grpc.KeepaliveParams, which eventually calls logutil.defaultLogger.Warning
#503: vault/request_forwarding.go:281:27: vault.Core.refreshRequestForwardingConnection calls grpc.WithKeepaliveParams, which eventually calls logutil.defaultLogger.Warningf
#504: physical/etcd/etcd3.go:121:27: etcd.newEtcd3Backend calls clientv3.New, which eventually calls logutil.discardLogger.Infof
#505: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls logutil.init
#506: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.Attributes.Marshal
#507: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.Attributes.String
#508: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterMemberAttrSetRequest.Marshal
#509: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterMemberAttrSetRequest.MarshalTo
#510: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterMemberAttrSetRequest.Size
#511: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.ClusterMemberAttrSetRequest.String
#512: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterVersionSetRequest.Marshal
#513: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterVersionSetRequest.MarshalTo
#514: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.ClusterVersionSetRequest.Size
#515: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.ClusterVersionSetRequest.String
#516: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.DowngradeInfoSetRequest.Marshal
#517: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.DowngradeInfoSetRequest.MarshalTo
#518: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.DowngradeInfoSetRequest.Size
#519: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.DowngradeInfoSetRequest.String
#520: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.Member.Marshal
#521: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.Member.String
#522: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls membershippb.RaftAttributes.Marshal
#523: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls membershippb.RaftAttributes.String
#524: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init, which eventually calls membershippb.init
#525: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.Event.Marshal
#526: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.Event.MarshalTo
#527: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.Event.Size
#528: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls mvccpb.Event.String
#529: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls mvccpb.Event.Unmarshal
#530: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.KeyValue.Marshal
#531: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.KeyValue.MarshalTo
#532: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls mvccpb.KeyValue.Size
#533: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls mvccpb.KeyValue.String
#534: vault/request_forwarding_service.pb.go:769:36: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.clientStream.CloseSend, which eventually calls mvccpb.KeyValue.Unmarshal
#535: physical/etcd/etcd3.go:21:2: etcd.init calls concurrency.init, which calls mvccpb.init
#536: physical/etcd/etcd2.go:526:26: etcd.Etcd2Lock.Lock calls client.httpWatcher.Next, which eventually calls pathutil.CanonicalURLPath
#537: physical/etcd/etcd.go:14:2: etcd.init calls client.init, which calls pathutil.init
#538: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.New
#539: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.NewErr
#540: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls grpc.clientStream.RecvMsg, which eventually calls picker.Pick
#541: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls picker.Policy.String
#542: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls picker.errPicker.Pick
#543: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.errPicker.String
#544: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls picker.init
#545: vault/request_forwarding_service.pb.go:761:31: vault.requestForwardingClient.PerformanceStandbyElectionRequest calls grpc.ClientConn.NewStream, which eventually calls picker.rrBalanced.Pick
#546: physical/etcd/etcd3.go:148:19: etcd.newEtcd3Backend calls clientv3.Client.Sync, which eventually calls picker.rrBalanced.String
#547: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls quorum.JointConfig.String
#548: vault/acl.go:668:12: vault.ACL.CheckAllowedFromNonExactPaths calls sort.Slice, which eventually calls quorum.String
#549: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls quorum.init
#550: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls raft.init
#551: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfChange.Marshal
#552: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfChange.String
#553: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfChangeSingle.Marshal
#554: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfChangeSingle.String
#555: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfChangeV2.Marshal
#556: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfChangeV2.String
#557: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.ConfState.Marshal
#558: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.ConfState.String
#559: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.Entry.Marshal
#560: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.Entry.String
#561: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.HardState.Marshal
#562: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.HardState.String
#563: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.Message.Marshal
#564: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.Message.String
#565: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.Snapshot.Marshal
#566: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.Snapshot.String
#567: vault/request_forwarding_service.pb.go:871:31: vault.requestForwardingPerformanceStandbyElectionRequestServer.Send calls grpc.serverStream.SendMsg, which eventually calls raftpb.SnapshotMetadata.Marshal
#568: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls raftpb.SnapshotMetadata.String
#569: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls raftpb.init
#570: physical/etcd/etcd3.go:221:25: etcd.EtcdBackend.Delete calls clientv3.kv.Delete, which eventually calls rpctypes.Error
#571: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls rpctypes.ErrorDesc
#572: vault/request_forwarding_service.pb.go:786:34: vault.requestForwardingPerformanceStandbyElectionRequestClient.Recv calls clientv3.serverStreamingRetryingStream.RecvMsg, which eventually calls rpctypes.EtcdError.Code
#573: command/server.go:866:24: command.ServerCommand.Run calls rpctypes.EtcdError.Error
#574: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls rpctypes.init
#575: physical/etcd/etcd.go:138:40: etcd.getEtcdEndpoints calls client.srvDiscover.Discover, which calls srv.GetClient
#576: physical/etcd/etcd.go:14:2: etcd.init calls client.init, which calls srv.init
#577: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls systemd.init
#578: physical/etcd/etcd3.go:89:34: etcd.newEtcd3Backend calls transport.TLSInfo.ClientConfig, which calls tlsutil.NewCert
#579: physical/etcd/etcd3.go:89:34: etcd.newEtcd3Backend calls transport.TLSInfo.ClientConfig, which calls tlsutil.NewCertPool
#580: physical/etcd/etcd2.go:19:2: etcd.init calls transport.init, which calls tlsutil.init
#581: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls tracker.StateType.String
#582: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which eventually calls tracker.init
#583: physical/etcd/etcd2.go:145:52: etcd.newEtcdV2Client calls transport.NewTransport
#584: plugins/database/influxdb/connection_producer.go:153:17: influxdb.influxdbConnectionProducer.Close calls client.client.Close, which eventually calls transport.NewTransport
#585: physical/etcd/etcd3.go:89:34: etcd.newEtcd3Backend calls transport.TLSInfo.ClientConfig
#586: vault/testing.go:1690:3: vault.TestCluster.StartCore calls http.Server.Serve, which eventually calls transport.baseConfig
#587: vault/testing.go:1690:3: vault.TestCluster.StartCore calls http.Server.Serve, which eventually calls transport.baseConfig
#588: helper/forwarding/util.go:120:24: forwarding.ParseForwardedHTTPRequest calls bytes.Buffer.ReadFrom, which eventually calls transport.baseConfig
#589: physical/etcd/etcd2.go:19:2: etcd.init calls transport.init
#590: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls transport.unixTransport.RoundTrip
#591: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls types.init
#592: physical/etcd/etcd3.go:20:2: etcd.init calls clientv3.init, which calls version.init
Vulnerability #9: GO-2024-2527
Insecure ciphers are allowed by default in go.etcd.io/etcd
More info: https://pkg.go.dev/vuln/GO-2024-2527
Module: go.etcd.io/etcd
Found in: go.etcd.io/etcd@v0.5.0-alpha.5.0.20200425165423-262c93980547
Fixed in: go.etcd.io/etcd@v0.5.0-alpha.5.0.20221102000833-1f054980bc27
Example traces found:
#1: physical/etcd/etcd3.go:89:34: etcd.newEtcd3Backend calls transport.TLSInfo.ClientConfig, which calls tlsutil.NewCert
#2: physical/etcd/etcd3.go:89:34: etcd.newEtcd3Backend calls transport.TLSInfo.ClientConfig, which calls tlsutil.NewCertPool
#3: physical/etcd/etcd2.go:19:2: etcd.init calls transport.init, which calls tlsutil.init
Vulnerability #10: GO-2023-2402
Man-in-the-middle attacker can compromise integrity of secure channel in
golang.org/x/crypto
More info: https://pkg.go.dev/vuln/GO-2023-2402
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@v0.0.0-20201002170205-7f63de1d35b0
Fixed in: golang.org/x/crypto@v0.17.0
Example traces found:
#1: builtin/logical/ssh/communicator.go:96:37: ssh.comm.NewSession calls ssh.Client.NewSession
#2: builtin/logical/ssh/communicator.go:178:22: ssh.comm.connectToAgent calls agent.ForwardToAgent, which eventually calls ssh.DiscardRequests
#3: builtin/logical/ssh/communicator.go:139:27: ssh.comm.reconnect calls ssh.NewClient
#4: builtin/logical/ssh/communicator.go:132:49: ssh.comm.reconnect calls ssh.NewClientConn
#5: builtin/logical/ssh/communicator.go:200:2: ssh.comm.scpSession calls ssh.Session.Close
#6: builtin/logical/ssh/util.go:105:20: ssh.backend.installPublicKeyInTarget calls ssh.Session.Run
#7: builtin/logical/ssh/communicator.go:187:36: ssh.comm.connectToAgent calls agent.RequestAgentForwarding, which calls ssh.Session.SendRequest
#8: builtin/logical/ssh/communicator.go:228:25: ssh.comm.scpSession calls ssh.Session.Start
#9: physical/mysql/mysql.go:747:19: mysql.MySQLLock.Unlock calls sql.DB.Close, which eventually calls ssh.channel.CloseWrite
#10: helper/forwarding/util.go:120:24: forwarding.ParseForwardedHTTPRequest calls bytes.Buffer.ReadFrom, which calls ssh.channel.Read
#11: command/token/helper_internal.go:75:25: token.InternalTokenHelper.Store calls io.WriteString, which calls ssh.channel.Write
#12: helper/forwarding/util.go:120:24: forwarding.ParseForwardedHTTPRequest calls bytes.Buffer.ReadFrom, which calls ssh.extChannel.Read
#13: builtin/logical/ssh/communicator.go:242:14: ssh.comm.scpSession calls ssh.sessionStdin.Close
Vulnerability #11: GO-2023-2153
Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc
More info: https://pkg.go.dev/vuln/GO-2023-2153
Module: google.golang.org/grpc
Found in: google.golang.org/grpc@v1.29.1
Fixed in: google.golang.org/grpc@v1.56.3
Example traces found:
#1: vault/request_forwarding.go:47:31: vault.NewRequestForwardingHandler calls grpc.NewServer
#2: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls grpc.Server.Serve
#3: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls transport.NewServerTransport
Vulnerability #12: GO-2023-2102
HTTP/2 rapid reset can cause excessive work in net/http
More info: https://pkg.go.dev/vuln/GO-2023-2102
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200625001655-4c5254603344
Fixed in: golang.org/x/net@v0.17.0
Example traces found:
#1: vault/request_forwarding.go:168:19: vault.Handoff calls http2.Server.ServeConn
Vulnerability #13: GO-2023-1701
Docker Swarm encrypted overlay network with a single endpoint is
unauthenticated in github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2023-1701
Module: github.com/docker/docker
Found in: github.com/docker/docker@v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible
Fixed in: github.com/docker/docker@v20.10.24+incompatible
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls api.init
#2: helper/testhelpers/docker/testhelpers.go:284:44: docker.copyToContainer calls archive.CopyInfoSourcePath
#3: helper/testhelpers/docker/testhelpers.go:297:52: docker.copyToContainer calls archive.PrepareArchiveCopy
#4: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource
#5: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which calls archive.TarWithOptions
#6: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init
#7: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls blkiodev.init
#8: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls client.CheckRedirect
#9: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate
#10: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect
#11: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove
#12: helper/testhelpers/docker/testhelpers.go:250:34: docker.Runner.Start calls client.Client.ContainerStart
#13: helper/testhelpers/docker/testhelpers.go:302:28: docker.copyToContainer calls client.Client.CopyToContainer
#14: helper/testhelpers/docker/testhelpers.go:233:36: docker.Runner.Start calls client.Client.ImageCreate
#15: helper/testhelpers/docker/testhelpers.go:46:39: docker.NewServiceRunner calls client.NewClientWithOpts
#16: helper/testhelpers/docker/testhelpers.go:46:74: docker.NewServiceRunner calls client.WithVersion
#17: command/server.go:866:24: command.ServerCommand.Run calls client.errConnectionFailed.Error
#18: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init
#19: command/server.go:866:24: command.ServerCommand.Run calls client.objectNotFoundError.Error
#20: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init
#21: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls errdefs.FromStatusCode
#22: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect, which eventually calls errdefs.NotImplemented
#23: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errConflict.Cause
#24: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errForbidden.Cause
#25: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errInvalidParameter.Cause
#26: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotFound.Cause
#27: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotImplemented.Cause
#28: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotModified.Cause
#29: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errSystem.Cause
#30: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnauthorized.Cause
#31: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnavailable.Cause
#32: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnknown.Cause
#33: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls errdefs.init
#34: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls events.init
#35: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls fileutils.NewPatternMatcher
#36: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.Exclusion
#37: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.String
#38: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Exclusions
#39: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Matches
#40: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Patterns
#41: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls fileutils.init
#42: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls filters.init
#43: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.Empty
#44: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.ToContainer
#45: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls idtools.NewIDMappingsFromMaps
#46: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls idtools.init
#47: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls image.init
#48: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.NewWriteCloserWrapper
#49: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls ioutils.init
#50: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.writeCloserWrapper.Close
#51: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls mount.init
#52: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls mount.init
#53: helper/testhelpers/docker/testhelpers.go:19:2: docker.init calls network.init
#54: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Get
#55: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.NewWriteCloserWrapper
#56: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Put
#57: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.NewWriteCloserWrapper
#58: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls pools.init
#59: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufferPoolWithSize
#60: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioReaderPoolWithSize
#61: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioWriterPoolWithSize
#62: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls registry.init
#63: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls runtime.init
#64: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls strslice.init
#65: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls swarm.init
#66: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.Lgetxattr
#67: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.OpenSequential
#68: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#69: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls time.init
#70: helper/testhelpers/docker/testhelpers.go:17:2: docker.init calls types.init
#71: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls versions.GreaterThan
#72: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate, which calls versions.LessThan
#73: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls versions.init
#74: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls volume.init
Vulnerability #14: GO-2023-1700
Docker Swarm encrypted overlay network traffic may be unencrypted in
github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2023-1700
Module: github.com/docker/docker
Found in: github.com/docker/docker@v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible
Fixed in: github.com/docker/docker@v20.10.24+incompatible
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls api.init
#2: helper/testhelpers/docker/testhelpers.go:284:44: docker.copyToContainer calls archive.CopyInfoSourcePath
#3: helper/testhelpers/docker/testhelpers.go:297:52: docker.copyToContainer calls archive.PrepareArchiveCopy
#4: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource
#5: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which calls archive.TarWithOptions
#6: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init
#7: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls blkiodev.init
#8: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls client.CheckRedirect
#9: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate
#10: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect
#11: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove
#12: helper/testhelpers/docker/testhelpers.go:250:34: docker.Runner.Start calls client.Client.ContainerStart
#13: helper/testhelpers/docker/testhelpers.go:302:28: docker.copyToContainer calls client.Client.CopyToContainer
#14: helper/testhelpers/docker/testhelpers.go:233:36: docker.Runner.Start calls client.Client.ImageCreate
#15: helper/testhelpers/docker/testhelpers.go:46:39: docker.NewServiceRunner calls client.NewClientWithOpts
#16: helper/testhelpers/docker/testhelpers.go:46:74: docker.NewServiceRunner calls client.WithVersion
#17: command/server.go:866:24: command.ServerCommand.Run calls client.errConnectionFailed.Error
#18: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init
#19: command/server.go:866:24: command.ServerCommand.Run calls client.objectNotFoundError.Error
#20: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init
#21: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls errdefs.FromStatusCode
#22: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect, which eventually calls errdefs.NotImplemented
#23: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errConflict.Cause
#24: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errForbidden.Cause
#25: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errInvalidParameter.Cause
#26: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotFound.Cause
#27: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotImplemented.Cause
#28: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotModified.Cause
#29: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errSystem.Cause
#30: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnauthorized.Cause
#31: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnavailable.Cause
#32: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnknown.Cause
#33: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls errdefs.init
#34: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls events.init
#35: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls fileutils.NewPatternMatcher
#36: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.Exclusion
#37: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.String
#38: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Exclusions
#39: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Matches
#40: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Patterns
#41: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls fileutils.init
#42: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls filters.init
#43: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.Empty
#44: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.ToContainer
#45: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls idtools.NewIDMappingsFromMaps
#46: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls idtools.init
#47: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls image.init
#48: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.NewWriteCloserWrapper
#49: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls ioutils.init
#50: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.writeCloserWrapper.Close
#51: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls mount.init
#52: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls mount.init
#53: helper/testhelpers/docker/testhelpers.go:19:2: docker.init calls network.init
#54: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Get
#55: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.NewWriteCloserWrapper
#56: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Put
#57: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.NewWriteCloserWrapper
#58: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls pools.init
#59: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufferPoolWithSize
#60: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioReaderPoolWithSize
#61: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioWriterPoolWithSize
#62: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls registry.init
#63: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls runtime.init
#64: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls strslice.init
#65: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls swarm.init
#66: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.Lgetxattr
#67: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.OpenSequential
#68: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#69: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls time.init
#70: helper/testhelpers/docker/testhelpers.go:17:2: docker.init calls types.init
#71: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls versions.GreaterThan
#72: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate, which calls versions.LessThan
#73: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls versions.init
#74: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls volume.init
Vulnerability #15: GO-2023-1699
Docker Swarm encrypted overlay network may be unauthenticated in
github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2023-1699
Module: github.com/docker/docker
Found in: github.com/docker/docker@v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible
Fixed in: github.com/docker/docker@v20.10.24+incompatible
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls api.init
#2: helper/testhelpers/docker/testhelpers.go:284:44: docker.copyToContainer calls archive.CopyInfoSourcePath
#3: helper/testhelpers/docker/testhelpers.go:297:52: docker.copyToContainer calls archive.PrepareArchiveCopy
#4: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource
#5: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which calls archive.TarWithOptions
#6: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init
#7: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls blkiodev.init
#8: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls client.CheckRedirect
#9: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate
#10: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect
#11: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove
#12: helper/testhelpers/docker/testhelpers.go:250:34: docker.Runner.Start calls client.Client.ContainerStart
#13: helper/testhelpers/docker/testhelpers.go:302:28: docker.copyToContainer calls client.Client.CopyToContainer
#14: helper/testhelpers/docker/testhelpers.go:233:36: docker.Runner.Start calls client.Client.ImageCreate
#15: helper/testhelpers/docker/testhelpers.go:46:39: docker.NewServiceRunner calls client.NewClientWithOpts
#16: helper/testhelpers/docker/testhelpers.go:46:74: docker.NewServiceRunner calls client.WithVersion
#17: command/server.go:866:24: command.ServerCommand.Run calls client.errConnectionFailed.Error
#18: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init
#19: command/server.go:866:24: command.ServerCommand.Run calls client.objectNotFoundError.Error
#20: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init
#21: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls errdefs.FromStatusCode
#22: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect, which eventually calls errdefs.NotImplemented
#23: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errConflict.Cause
#24: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errForbidden.Cause
#25: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errInvalidParameter.Cause
#26: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotFound.Cause
#27: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotImplemented.Cause
#28: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotModified.Cause
#29: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errSystem.Cause
#30: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnauthorized.Cause
#31: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnavailable.Cause
#32: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnknown.Cause
#33: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls errdefs.init
#34: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls events.init
#35: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls fileutils.NewPatternMatcher
#36: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.Exclusion
#37: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.String
#38: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Exclusions
#39: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Matches
#40: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Patterns
#41: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls fileutils.init
#42: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls filters.init
#43: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.Empty
#44: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.ToContainer
#45: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls idtools.NewIDMappingsFromMaps
#46: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls idtools.init
#47: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls image.init
#48: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.NewWriteCloserWrapper
#49: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls ioutils.init
#50: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.writeCloserWrapper.Close
#51: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls mount.init
#52: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls mount.init
#53: helper/testhelpers/docker/testhelpers.go:19:2: docker.init calls network.init
#54: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Get
#55: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.NewWriteCloserWrapper
#56: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Put
#57: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.NewWriteCloserWrapper
#58: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls pools.init
#59: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufferPoolWithSize
#60: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioReaderPoolWithSize
#61: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioWriterPoolWithSize
#62: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls registry.init
#63: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls runtime.init
#64: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls strslice.init
#65: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls swarm.init
#66: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.Lgetxattr
#67: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.OpenSequential
#68: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#69: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls time.init
#70: helper/testhelpers/docker/testhelpers.go:17:2: docker.init calls types.init
#71: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls versions.GreaterThan
#72: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate, which calls versions.LessThan
#73: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls versions.init
#74: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls volume.init
Vulnerability #16: GO-2023-1683
runc AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
More info: https://pkg.go.dev/vuln/GO-2023-1683
Module: github.com/opencontainers/runc
Found in: github.com/opencontainers/runc@v1.0.0-rc9
Fixed in: github.com/opencontainers/runc@v1.1.5
Example traces found:
#1: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls system.State.String
#2: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#3: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls user.init
Vulnerability #17: GO-2023-1682
rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc
in github.com/opencontainers/runc
More info: https://pkg.go.dev/vuln/GO-2023-1682
Module: github.com/opencontainers/runc
Found in: github.com/opencontainers/runc@v1.0.0-rc9
Fixed in: github.com/opencontainers/runc@v1.1.5
Example traces found:
#1: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls system.State.String
#2: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#3: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls user.init
Vulnerability #18: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200625001655-4c5254603344
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: vault/request_forwarding.go:168:19: vault.Handoff calls http2.Server.ServeConn, which eventually calls hpack.Decoder.Write
#2: serviceregistration/consul/consul_service_registration.go:191:37: consul.NewServiceRegistration calls http2.ConfigureTransport
#3: command/server.go:866:24: command.ServerCommand.Run calls http2.ConnectionError.Error
#4: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.ErrCode.String
#5: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.FrameHeader.String
#6: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.FrameType.String
#7: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.FrameWriteRequest.String
#8: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.ReadFrame
#9: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls http2.Framer.WriteContinuation
#10: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls http2.Framer.WriteData
#11: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.WriteGoAway
#12: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls http2.Framer.WriteHeaders
#13: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.WritePing
#14: command/server.go:1531:2: command.ServerCommand.Run calls sync.Once.Do, which eventually calls http2.Framer.WriteRSTStream
#15: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.WriteSettings
#16: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.WriteSettingsAck
#17: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.Framer.WriteWindowUpdate
#18: command/server.go:866:24: command.ServerCommand.Run calls http2.GoAwayError.Error
#19: vault/request_forwarding.go:168:19: vault.Handoff calls http2.Server.ServeConn
#20: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.Setting.String
#21: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.SettingID.String
#22: command/agent.go:663:17: command.AgentCommand.Run calls run.Group.Run, which eventually calls http2.SettingsFrame.ForeachSetting
#23: command/server.go:866:24: command.ServerCommand.Run calls http2.StreamError.Error
#24: plugins/database/influxdb/connection_producer.go:153:17: influxdb.influxdbConnectionProducer.Close calls client.client.Close, which eventually calls http2.Transport.NewClientConn
#25: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls http2.Transport.RoundTrip
#26: command/token/helper_internal.go:75:25: token.InternalTokenHelper.Store calls io.WriteString, which eventually calls http2.chunkWriter.Write
#27: command/server.go:866:24: command.ServerCommand.Run calls http2.connError.Error
#28: command/server.go:866:24: command.ServerCommand.Run calls http2.duplicatePseudoHeaderError.Error
#29: physical/oci/oci.go:342:31: oci.Backend.List calls http2.gzipReader.Close
#30: command/agent/cache/lease_cache.go:330:27: cache.LeaseCache.Send calls http.Response.Write, which calls http2.gzipReader.Read
#31: command/server.go:866:24: command.ServerCommand.Run calls http2.headerFieldNameError.Error
#32: command/server.go:866:24: command.ServerCommand.Run calls http2.headerFieldValueError.Error
#33: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#34: command/server.go:866:24: command.ServerCommand.Run calls http2.pseudoHeaderError.Error
#35: physical/oci/oci.go:342:31: oci.Backend.List calls http2.requestBody.Close
#36: command/agent/cache/lease_cache.go:330:27: cache.LeaseCache.Send calls http.Response.Write, which calls http2.requestBody.Read
#37: vault/logical_system.go:2811:15: vault.SystemBackend.handleMonitor calls http2.responseWriter.Flush
#38: http/handler.go:228:24: http.copyResponseWriter.Write calls http2.responseWriter.Write
#39: http/handler.go:233:23: http.copyResponseWriter.WriteHeader calls http2.responseWriter.WriteHeader
#40: command/token/helper_internal.go:75:25: token.InternalTokenHelper.Store calls io.WriteString, which calls http2.responseWriter.WriteString
#41: command/token/helper_internal.go:75:25: token.InternalTokenHelper.Store calls io.WriteString, which eventually calls http2.stickyErrWriter.Write
#42: physical/oci/oci.go:342:31: oci.Backend.List calls http2.transportResponseBody.Close
#43: command/agent/cache/lease_cache.go:330:27: cache.LeaseCache.Send calls http.Response.Write, which calls http2.transportResponseBody.Read
#44: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls http2.writeData.String
Vulnerability #19: GO-2022-1147
containerd CRI stream server vulnerable to host memory exhaustion via
terminal in github.com/containerd/containerd
More info: https://pkg.go.dev/vuln/GO-2022-1147
Module: github.com/containerd/containerd
Found in: github.com/containerd/containerd@v1.3.4
Fixed in: github.com/containerd/containerd@v1.5.16
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls errdefs.init
Vulnerability #20: GO-2022-1144
Excessive memory growth in net/http and golang.org/x/net/http2
More info: https://pkg.go.dev/vuln/GO-2022-1144
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200625001655-4c5254603344
Fixed in: golang.org/x/net@v0.4.0
Example traces found:
#1: vault/request_forwarding.go:168:19: vault.Handoff calls http2.Server.ServeConn
Vulnerability #21: GO-2022-1107
Container build can leak any path on the host into the container in
github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2022-1107
Module: github.com/docker/docker
Found in: github.com/docker/docker@v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible
Fixed in: github.com/docker/docker@v20.10.20+incompatible
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls api.init
#2: helper/testhelpers/docker/testhelpers.go:284:44: docker.copyToContainer calls archive.CopyInfoSourcePath
#3: helper/testhelpers/docker/testhelpers.go:297:52: docker.copyToContainer calls archive.PrepareArchiveCopy
#4: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource
#5: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which calls archive.TarWithOptions
#6: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init
#7: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls blkiodev.init
#8: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls client.CheckRedirect
#9: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate
#10: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect
#11: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove
#12: helper/testhelpers/docker/testhelpers.go:250:34: docker.Runner.Start calls client.Client.ContainerStart
#13: helper/testhelpers/docker/testhelpers.go:302:28: docker.copyToContainer calls client.Client.CopyToContainer
#14: helper/testhelpers/docker/testhelpers.go:233:36: docker.Runner.Start calls client.Client.ImageCreate
#15: helper/testhelpers/docker/testhelpers.go:46:39: docker.NewServiceRunner calls client.NewClientWithOpts
#16: helper/testhelpers/docker/testhelpers.go:46:74: docker.NewServiceRunner calls client.WithVersion
#17: command/server.go:866:24: command.ServerCommand.Run calls client.errConnectionFailed.Error
#18: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init
#19: command/server.go:866:24: command.ServerCommand.Run calls client.objectNotFoundError.Error
#20: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init
#21: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls errdefs.FromStatusCode
#22: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect, which eventually calls errdefs.NotImplemented
#23: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errConflict.Cause
#24: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errForbidden.Cause
#25: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errInvalidParameter.Cause
#26: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotFound.Cause
#27: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotImplemented.Cause
#28: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotModified.Cause
#29: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errSystem.Cause
#30: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnauthorized.Cause
#31: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnavailable.Cause
#32: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnknown.Cause
#33: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls errdefs.init
#34: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls events.init
#35: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls fileutils.NewPatternMatcher
#36: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.Exclusion
#37: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.String
#38: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Exclusions
#39: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Matches
#40: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Patterns
#41: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls fileutils.init
#42: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls filters.init
#43: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.Empty
#44: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.ToContainer
#45: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls idtools.NewIDMappingsFromMaps
#46: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls idtools.init
#47: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls image.init
#48: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.NewWriteCloserWrapper
#49: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls ioutils.init
#50: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.writeCloserWrapper.Close
#51: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls mount.init
#52: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls mount.init
#53: helper/testhelpers/docker/testhelpers.go:19:2: docker.init calls network.init
#54: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Get
#55: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.NewWriteCloserWrapper
#56: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Put
#57: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.NewWriteCloserWrapper
#58: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls pools.init
#59: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufferPoolWithSize
#60: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioReaderPoolWithSize
#61: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioWriterPoolWithSize
#62: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls registry.init
#63: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls runtime.init
#64: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls strslice.init
#65: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls swarm.init
#66: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.Lgetxattr
#67: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.OpenSequential
#68: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#69: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls time.init
#70: helper/testhelpers/docker/testhelpers.go:17:2: docker.init calls types.init
#71: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls versions.GreaterThan
#72: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate, which calls versions.LessThan
#73: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls versions.init
#74: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls volume.init
Vulnerability #22: GO-2022-0985
Docker supplementary group permissions not set up properly, allowing
attackers to bypass primary group restrictions in github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2022-0985
Module: github.com/docker/docker
Found in: github.com/docker/docker@v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible
Fixed in: github.com/docker/docker@v20.10.18+incompatible
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls api.init
#2: helper/testhelpers/docker/testhelpers.go:284:44: docker.copyToContainer calls archive.CopyInfoSourcePath
#3: helper/testhelpers/docker/testhelpers.go:297:52: docker.copyToContainer calls archive.PrepareArchiveCopy
#4: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource
#5: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which calls archive.TarWithOptions
#6: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init
#7: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls blkiodev.init
#8: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls client.CheckRedirect
#9: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate
#10: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect
#11: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove
#12: helper/testhelpers/docker/testhelpers.go:250:34: docker.Runner.Start calls client.Client.ContainerStart
#13: helper/testhelpers/docker/testhelpers.go:302:28: docker.copyToContainer calls client.Client.CopyToContainer
#14: helper/testhelpers/docker/testhelpers.go:233:36: docker.Runner.Start calls client.Client.ImageCreate
#15: helper/testhelpers/docker/testhelpers.go:46:39: docker.NewServiceRunner calls client.NewClientWithOpts
#16: helper/testhelpers/docker/testhelpers.go:46:74: docker.NewServiceRunner calls client.WithVersion
#17: command/server.go:866:24: command.ServerCommand.Run calls client.errConnectionFailed.Error
#18: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init
#19: command/server.go:866:24: command.ServerCommand.Run calls client.objectNotFoundError.Error
#20: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init
#21: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls errdefs.FromStatusCode
#22: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect, which eventually calls errdefs.NotImplemented
#23: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errConflict.Cause
#24: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errForbidden.Cause
#25: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errInvalidParameter.Cause
#26: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotFound.Cause
#27: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotImplemented.Cause
#28: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotModified.Cause
#29: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errSystem.Cause
#30: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnauthorized.Cause
#31: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnavailable.Cause
#32: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnknown.Cause
#33: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls errdefs.init
#34: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls events.init
#35: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls fileutils.NewPatternMatcher
#36: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.Exclusion
#37: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.String
#38: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Exclusions
#39: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Matches
#40: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Patterns
#41: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls fileutils.init
#42: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls filters.init
#43: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.Empty
#44: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.ToContainer
#45: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls idtools.NewIDMappingsFromMaps
#46: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls idtools.init
#47: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls image.init
#48: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.NewWriteCloserWrapper
#49: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls ioutils.init
#50: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.writeCloserWrapper.Close
#51: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls mount.init
#52: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls mount.init
#53: helper/testhelpers/docker/testhelpers.go:19:2: docker.init calls network.init
#54: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Get
#55: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.NewWriteCloserWrapper
#56: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Put
#57: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.NewWriteCloserWrapper
#58: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls pools.init
#59: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufferPoolWithSize
#60: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioReaderPoolWithSize
#61: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioWriterPoolWithSize
#62: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls registry.init
#63: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls runtime.init
#64: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls strslice.init
#65: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls swarm.init
#66: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.Lgetxattr
#67: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.OpenSequential
#68: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#69: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls time.init
#70: helper/testhelpers/docker/testhelpers.go:17:2: docker.init calls types.init
#71: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls versions.GreaterThan
#72: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate, which calls versions.LessThan
#73: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls versions.init
#74: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls volume.init
Vulnerability #23: GO-2022-0980
Exposure of Vault secrets via error messages in
github.com/hashicorp/consul-template
More info: https://pkg.go.dev/vuln/GO-2022-0980
Module: github.com/hashicorp/consul-template
Found in: github.com/hashicorp/consul-template@v0.25.1
Fixed in: github.com/hashicorp/consul-template@v0.27.3
Example traces found:
#1: command/agent/template/template.go:181:5: template.Server.Run calls manager.Runner.Start, which eventually calls template.Template.Execute
Vulnerability #24: GO-2022-0969
Denial of service in net/http and golang.org/x/net/http2
More info: https://pkg.go.dev/vuln/GO-2022-0969
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200625001655-4c5254603344
Fixed in: golang.org/x/net@v0.0.0-20220906165146-f3363e06e74c
Example traces found:
#1: vault/request_forwarding.go:168:19: vault.Handoff calls http2.Server.ServeConn
Vulnerability #25: GO-2022-0968
Panic on malformed packets in golang.org/x/crypto/ssh
More info: https://pkg.go.dev/vuln/GO-2022-0968
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@v0.0.0-20201002170205-7f63de1d35b0
Fixed in: golang.org/x/crypto@v0.0.0-20211202192323-5770296d904e
Example traces found:
#1: builtin/logical/ssh/communicator.go:132:49: ssh.comm.reconnect calls ssh.NewClientConn
Vulnerability #26: GO-2022-0938
Insufficiently restricted permissions on plugin directories in
github.com/containerd/containerd
More info: https://pkg.go.dev/vuln/GO-2022-0938
Module: github.com/containerd/containerd
Found in: github.com/containerd/containerd@v1.3.4
Fixed in: github.com/containerd/containerd@v1.4.11
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls errdefs.init
Vulnerability #27: GO-2022-0921
Archive package allows chmod of file outside of unpack target directory in
github.com/containerd/containerd
More info: https://pkg.go.dev/vuln/GO-2022-0921
Module: github.com/containerd/containerd
Found in: github.com/containerd/containerd@v1.3.4
Fixed in: github.com/containerd/containerd@v1.4.8
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls errdefs.init
Vulnerability #28: GO-2022-0914
mount destinations can be swapped via symlink-exchange to cause mounts
outside the rootfs in github.com/opencontainers/runc
More info: https://pkg.go.dev/vuln/GO-2022-0914
Module: github.com/opencontainers/runc
Found in: github.com/opencontainers/runc@v1.0.0-rc9
Fixed in: github.com/opencontainers/runc@v1.0.0-rc95
Example traces found:
#1: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls system.State.String
#2: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#3: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls user.init
Vulnerability #29: GO-2022-0784
containerd-shim API Exposed to Host Network Containers in
github.com/containerd/containerd
More info: https://pkg.go.dev/vuln/GO-2022-0784
Module: github.com/containerd/containerd
Found in: github.com/containerd/containerd@v1.3.4
Fixed in: github.com/containerd/containerd@v1.3.9
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls errdefs.init
Vulnerability #30: GO-2022-0780
Improper Authentication in InfluxDB in github.com/influxdata/influxdb
More info: https://pkg.go.dev/vuln/GO-2022-0780
Module: github.com/influxdata/influxdb
Found in: github.com/influxdata/influxdb@v0.0.0-20190411212539-d24b7ba8c4c4
Fixed in: github.com/influxdata/influxdb@v1.7.6
Example traces found:
#1: plugins/database/influxdb/connection_producer.go:215:34: influxdb.influxdbConnectionProducer.createClient calls client.NewHTTPClient
#2: plugins/database/influxdb/influxdb.go:174:24: influxdb.Influxdb.DeleteUser calls client.NewQuery
#3: plugins/database/influxdb/influxdb.go:178:54: influxdb.Influxdb.DeleteUser calls client.Response.Error
#4: plugins/database/influxdb/connection_producer.go:153:17: influxdb.influxdbConnectionProducer.Close calls client.client.Close
#5: plugins/database/influxdb/connection_producer.go:221:22: influxdb.influxdbConnectionProducer.createClient calls client.client.Ping
#6: plugins/database/influxdb/influxdb.go:175:30: influxdb.Influxdb.DeleteUser calls client.client.Query
#7: helper/forwarding/util.go:120:24: forwarding.ParseForwardedHTTPRequest calls bytes.Buffer.ReadFrom, which calls client.duplexReader.Read
#8: plugins/database/influxdb/connection_producer.go:16:2: influxdb.init calls client.init
#9: plugins/database/influxdb/connection_producer.go:16:2: influxdb.init calls client.init, which eventually calls escape.init
#10: plugins/database/influxdb/connection_producer.go:16:2: influxdb.init calls client.init, which calls models.init
Vulnerability #31: GO-2022-0482
containerd CRI plugin: Host memory exhaustion through ExecSync in
github.com/containerd/containerd
More info: https://pkg.go.dev/vuln/GO-2022-0482
Module: github.com/containerd/containerd
Found in: github.com/containerd/containerd@v1.3.4
Fixed in: github.com/containerd/containerd@v1.5.13
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls errdefs.init
Vulnerability #32: GO-2022-0452
Default inheritable capabilities for linux container should be empty in
github.com/opencontainers/runc
More info: https://pkg.go.dev/vuln/GO-2022-0452
Module: github.com/opencontainers/runc
Found in: github.com/opencontainers/runc@v1.0.0-rc9
Fixed in: github.com/opencontainers/runc@v1.1.2
Example traces found:
#1: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls system.State.String
#2: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#3: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls user.init
Vulnerability #33: GO-2022-0396
devices resource list treated as a blacklist by default in
github.com/opencontainers/runc
More info: https://pkg.go.dev/vuln/GO-2022-0396
Module: github.com/opencontainers/runc
Found in: github.com/opencontainers/runc@v1.0.0-rc9
Fixed in: github.com/opencontainers/runc@v1.0.0-rc91
Example traces found:
#1: command/server.go:2559:30: command.grpclogFaker.Println calls fmt.Sprintln, which eventually calls system.State.String
#2: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#3: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls user.init
Vulnerability #34: GO-2022-0390
Moby (Docker Engine) started with non-empty inheritable Linux process
capabilities in github.com/docker/docker
More info: https://pkg.go.dev/vuln/GO-2022-0390
Module: github.com/docker/docker
Found in: github.com/docker/docker@v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible
Fixed in: github.com/docker/docker@v20.10.14+incompatible
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls api.init
#2: helper/testhelpers/docker/testhelpers.go:284:44: docker.copyToContainer calls archive.CopyInfoSourcePath
#3: helper/testhelpers/docker/testhelpers.go:297:52: docker.copyToContainer calls archive.PrepareArchiveCopy
#4: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource
#5: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which calls archive.TarWithOptions
#6: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init
#7: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls blkiodev.init
#8: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls client.CheckRedirect
#9: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate
#10: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect
#11: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove
#12: helper/testhelpers/docker/testhelpers.go:250:34: docker.Runner.Start calls client.Client.ContainerStart
#13: helper/testhelpers/docker/testhelpers.go:302:28: docker.copyToContainer calls client.Client.CopyToContainer
#14: helper/testhelpers/docker/testhelpers.go:233:36: docker.Runner.Start calls client.Client.ImageCreate
#15: helper/testhelpers/docker/testhelpers.go:46:39: docker.NewServiceRunner calls client.NewClientWithOpts
#16: helper/testhelpers/docker/testhelpers.go:46:74: docker.NewServiceRunner calls client.WithVersion
#17: command/server.go:866:24: command.ServerCommand.Run calls client.errConnectionFailed.Error
#18: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init
#19: command/server.go:866:24: command.ServerCommand.Run calls client.objectNotFoundError.Error
#20: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init
#21: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls errdefs.FromStatusCode
#22: helper/testhelpers/docker/testhelpers.go:256:46: docker.Runner.Start calls client.Client.ContainerInspect, which eventually calls errdefs.NotImplemented
#23: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errConflict.Cause
#24: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errForbidden.Cause
#25: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errInvalidParameter.Cause
#26: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotFound.Cause
#27: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotImplemented.Cause
#28: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errNotModified.Cause
#29: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errSystem.Cause
#30: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnauthorized.Cause
#31: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnavailable.Cause
#32: physical/manta/manta.go:218:31: manta.MantaBackend.List calls errors.IsResourceNotFound, which eventually calls errdefs.errUnknown.Cause
#33: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls errdefs.init
#34: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls events.init
#35: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls fileutils.NewPatternMatcher
#36: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.Exclusion
#37: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.Pattern.String
#38: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Exclusions
#39: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Matches
#40: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls fileutils.PatternMatcher.Patterns
#41: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls fileutils.init
#42: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls filters.init
#43: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.Empty
#44: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls idtools.IdentityMapping.ToContainer
#45: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls idtools.NewIDMappingsFromMaps
#46: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls idtools.init
#47: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls image.init
#48: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.NewWriteCloserWrapper
#49: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls ioutils.init
#50: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls ioutils.writeCloserWrapper.Close
#51: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which eventually calls mount.init
#52: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls mount.init
#53: helper/testhelpers/docker/testhelpers.go:19:2: docker.init calls network.init
#54: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Get
#55: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.NewWriteCloserWrapper
#56: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.BufioWriterPool.Put
#57: helper/testhelpers/docker/testhelpers.go:289:40: docker.copyToContainer calls archive.TarResource, which eventually calls pools.NewWriteCloserWrapper
#58: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls pools.init
#59: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufferPoolWithSize
#60: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioReaderPoolWithSize
#61: physical/cassandra/cassandra.go:329:19: cassandra.CassandraBackend.List calls gocql.Session.Query, which eventually calls pools.newBufioWriterPoolWithSize
#62: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls registry.init
#63: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls runtime.init
#64: helper/testhelpers/docker/testhelpers.go:18:2: docker.init calls container.init, which calls strslice.init
#65: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls swarm.init
#66: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.Lgetxattr
#67: command/debug.go:303:22: command.DebugCommand.generateIndex calls filepath.Walk, which eventually calls system.OpenSequential
#68: helper/testhelpers/docker/testhelpers.go:21:2: docker.init calls archive.init, which calls system.init
#69: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls time.init
#70: helper/testhelpers/docker/testhelpers.go:17:2: docker.init calls types.init
#71: helper/testhelpers/docker/testhelpers.go:245:35: docker.Runner.Start calls client.Client.ContainerRemove, which eventually calls versions.GreaterThan
#72: helper/testhelpers/docker/testhelpers.go:238:47: docker.Runner.Start calls client.Client.ContainerCreate, which calls versions.LessThan
#73: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls versions.init
#74: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which calls volume.init
Vulnerability #35: GO-2022-0360
Ambiguous OCI manifest parsing in github.com/containerd/containerd
More info: https://pkg.go.dev/vuln/GO-2022-0360
Module: github.com/containerd/containerd
Found in: github.com/containerd/containerd@v1.3.4
Fixed in: github.com/containerd/containerd@v1.4.12
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls errdefs.init
Vulnerability #36: GO-2022-0344
containerd CRI plugin: Insecure handling of image volumes in
github.com/containerd/containerd
More info: https://pkg.go.dev/vuln/GO-2022-0344
Module: github.com/containerd/containerd
Found in: github.com/containerd/containerd@v1.3.4
Fixed in: github.com/containerd/containerd@v1.4.13
Example traces found:
#1: helper/testhelpers/docker/testhelpers.go:20:2: docker.init calls client.init, which eventually calls errdefs.init
Vulnerability #37: GO-2022-0288
Unbounded memory growth in net/http and golang.org/x/net/http2
More info: https://pkg.go.dev/vuln/GO-2022-0288
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200625001655-4c5254603344
Fixed in: golang.org/x/net@v0.0.0-20211209124913-491a49abca63
Example traces found:
#1: vault/request_forwarding.go:168:19: vault.Handoff calls http2.Server.ServeConn
Vulnerability #38: GO-2022-0236
Panic due to large headers in net/http and golang.org/x/net/http/httpguts
More info: https://pkg.go.dev/vuln/GO-2022-0236
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20200625001655-4c5254603344
Fixed in: golang.org/x/net@v0.0.0-20210428140749-89ef3d95e781
Example traces found:
#1: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls httpguts.HeaderValuesContainsToken
Vulnerability #39: GO-2021-0112
Improper input validation in go.mongodb.org/mongo-driver
More info: https://pkg.go.dev/vuln/GO-2021-0112
Module: go.mongodb.org/mongo-driver
Found in: go.mongodb.org/mongo-driver@v1.4.2
Fixed in: go.mongodb.org/mongo-driver@v1.5.1
Example traces found:
#1: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendArrayElement
#2: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendArrayElementStart
#3: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendBinaryElement
#4: plugins/database/mongodb/connection_producer.go:16:2: mongodb.init calls mongo.init, which eventually calls bsoncore.AppendBooleanElement
#5: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendDocumentElement
#6: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendDocumentElementStart
#7: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendHeader
#8: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendInt32Element
#9: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendInt64Element
#10: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendObjectIDElement
#11: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsoncore.AppendRegex
#12: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendRegexElement
#13: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendStringElement
#14: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendTimestampElement
#15: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.AppendValueElement
#16: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsoncore.BuildArrayElement
#17: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsonrw.Copier.AppendDocumentBytes
#18: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.Copier.CopyBytesToDocumentWriter
#19: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.Copier.CopyDocumentFromBytes
#20: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsonrw.Copier.CopyDocumentToBytes
#21: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.Copier.CopyValueFromBytes
#22: plugins/database/mongodb/mongodb.go:245:42: mongodb.MongoDB.runCommandWithRetry calls mongo.Database.RunCommand, which eventually calls bsonrw.Copier.CopyValueToBytes
#23: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteArray
#24: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteBinary
#25: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteBinaryWithSubtype
#26: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteBoolean
#27: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteCodeWithScope
#28: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteDBPointer
#29: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteDateTime
#30: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteDecimal128
#31: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteDocument
#32: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteDouble
#33: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteInt32
#34: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteInt64
#35: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteJavascript
#36: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteMaxKey
#37: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteMinKey
#38: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteNull
#39: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteObjectID
#40: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteRegex
#41: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteString
#42: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteSymbol
#43: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteTimestamp
#44: plugins/database/mongodb/connection_producer.go:99:32: mongodb.mongoDBConnectionProducer.Close calls mongo.Client.Disconnect, which eventually calls bsonrw.valueWriter.WriteUndefined
Vulnerability #40: GO-2021-0064
Unauthorized credential disclosure via debug logs in k8s.io/kubernetes and
k8s.io/client-go
More info: https://pkg.go.dev/vuln/GO-2021-0064
Module: k8s.io/client-go
Found in: k8s.io/client-go@v0.18.2
Fixed in: k8s.io/client-go@v0.20.0-alpha.2
Example traces found:
#1: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls transport.basicAuthRoundTripper.RoundTrip
#2: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls transport.bearerAuthRoundTripper.RoundTrip
#3: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls transport.debuggingRoundTripper.RoundTrip
#4: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls transport.impersonatingRoundTripper.RoundTrip
#5: command/agent/auth/gcp/gcp.go:142:30: gcp.gcpMethod.Authenticate calls http.Client.Do, which eventually calls transport.userAgentRoundTripper.RoundTrip
Vulnerability #41: GO-2021-0061
Denial of service in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2021-0061
Module: github.com/go-yaml/yaml
Found in: github.com/go-yaml/yaml@v2.1.0+incompatible
Fixed in: N/A
Example traces found:
#1: builtin/credential/okta/path_config.go:326:40: okta.ConfigEntry.OktaClient calls okta.NewClient, which eventually calls yaml.Unmarshal
Vulnerability #42: GO-2020-0036
Excessive resource consumption in YAML parsing in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2020-0036
Module: github.com/go-yaml/yaml
Found in: github.com/go-yaml/yaml@v2.1.0+incompatible
Fixed in: N/A
Example traces found:
#1: builtin/credential/okta/path_config.go:326:40: okta.ConfigEntry.OktaClient calls okta.NewClient, which eventually calls yaml.Unmarshal
Vulnerability #43: GO-2020-0008
Insecure generation of random numbers in github.com/miekg/dns
More info: https://pkg.go.dev/vuln/GO-2020-0008
Module: github.com/miekg/dns
Found in: github.com/miekg/dns@v1.1.15
Fixed in: github.com/miekg/dns@v1.1.25-0.20191211073109-8ebf2e419df7
Example traces found:
#1: vault/raft.go:945:30: vault.JoinRaftCluster calls discover.Discover.Addrs, which eventually calls dns.Msg.SetQuestion
Your code is affected by 43 vulnerabilities from 15 modules.
This scan also found 11 vulnerabilities in packages you import and 20
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
sysutils/goreman
=== Symbol Results ===
Vulnerability #1: GO-2020-0036
Excessive resource consumption in YAML parsing in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2020-0036
Module: gopkg.in/yaml.v2
Found in: gopkg.in/yaml.v2@v2.2.7
Fixed in: gopkg.in/yaml.v2@v2.2.8
Example traces found:
#1: goreman.go:129:17: goreman.readConfig calls yaml.Unmarshal
Your code is affected by 1 vulnerability from 1 module.
This scan also found 1 vulnerability in packages you import and 0
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
sysutils/packer
=== Symbol Results ===
Vulnerability #1: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.7.0
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: hcl2template/function/vault.go:30:30: function.init calls template.Vault, which eventually calls retryablehttp.Client.Do
Vulnerability #2: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.17.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: hcl2template/function/vault.go:30:30: function.init calls template.Vault, which eventually calls http2.ConfigureTransport
#2: hcl2template/types.packer_config.go:670:25: hcl2template.PackerConfig.GetBuilds calls http2.ConnectionError.Error
#3: command/hcl2_upgrade.go:1033:16: command.LocalsParser.Write calls fmt.Fprintln, which eventually calls http2.ErrCode.String
#4: command/hcl2_upgrade.go:1033:16: command.LocalsParser.Write calls fmt.Fprintln, which eventually calls http2.FrameHeader.String
#5: command/hcl2_upgrade.go:1033:16: command.LocalsParser.Write calls fmt.Fprintln, which eventually calls http2.FrameType.String
#6: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which eventually calls http2.Framer.ReadFrame
#7: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which eventually calls http2.Framer.WriteContinuation
#8: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which eventually calls http2.Framer.WriteData
#9: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which eventually calls http2.Framer.WriteHeaders
#10: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which eventually calls http2.Framer.WritePing
#11: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which eventually calls http2.Framer.WriteRSTStream
#12: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which eventually calls http2.Framer.WriteSettings
#13: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which eventually calls http2.Framer.WriteSettingsAck
#14: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which eventually calls http2.Framer.WriteWindowUpdate
#15: hcl2template/types.packer_config.go:670:25: hcl2template.PackerConfig.GetBuilds calls http2.GoAwayError.Error
#16: command/hcl2_upgrade.go:1033:16: command.LocalsParser.Write calls fmt.Fprintln, which eventually calls http2.Setting.String
#17: command/hcl2_upgrade.go:1033:16: command.LocalsParser.Write calls fmt.Fprintln, which eventually calls http2.SettingID.String
#18: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which eventually calls http2.SettingsFrame.ForeachSetting
#19: hcl2template/types.packer_config.go:670:25: hcl2template.PackerConfig.GetBuilds calls http2.StreamError.Error
#20: packer/plugin-getter/github/getter.go:149:27: github.HostSpecificTokenAuthTransport.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.Transport.NewClientConn
#21: packer/plugin-getter/github/getter.go:149:27: github.HostSpecificTokenAuthTransport.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.Transport.RoundTrip
#22: provisioner/shell/provisioner.go:218:25: shell.Provisioner.Provision calls bufio.Writer.Flush, which calls http2.chunkWriter.Write
#23: hcl2template/types.packer_config.go:670:25: hcl2template.PackerConfig.GetBuilds calls http2.connError.Error
#24: hcl2template/types.packer_config.go:670:25: hcl2template.PackerConfig.GetBuilds calls http2.duplicatePseudoHeaderError.Error
#25: packer/plugin-getter/plugins.go:525:27: plugin.Requirement.InstallLatest calls http2.gzipReader.Close
#26: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which calls http2.gzipReader.Read
#27: hcl2template/types.packer_config.go:670:25: hcl2template.PackerConfig.GetBuilds calls http2.headerFieldNameError.Error
#28: hcl2template/types.packer_config.go:670:25: hcl2template.PackerConfig.GetBuilds calls http2.headerFieldValueError.Error
#29: packer/plugin-getter/github/getter.go:149:27: github.HostSpecificTokenAuthTransport.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.noDialH2RoundTripper.RoundTrip
#30: hcl2template/types.packer_config.go:670:25: hcl2template.PackerConfig.GetBuilds calls http2.pseudoHeaderError.Error
#31: provisioner/shell/provisioner.go:218:25: shell.Provisioner.Provision calls bufio.Writer.Flush, which calls http2.stickyErrWriter.Write
#32: packer/plugin-getter/plugins.go:525:27: plugin.Requirement.InstallLatest calls http2.transportResponseBody.Close
#33: datasource/http/data.go:140:26: http.Datasource.Execute calls io.ReadAll, which calls http2.transportResponseBody.Read
#34: command/hcl2_upgrade.go:1033:16: command.LocalsParser.Write calls fmt.Fprintln, which eventually calls http2.writeData.String
Vulnerability #3: GO-2024-2611
Infinite loop in JSON unmarshaling in google.golang.org/protobuf
More info: https://pkg.go.dev/vuln/GO-2024-2611
Module: google.golang.org/protobuf
Found in: google.golang.org/protobuf@v1.31.0
Fixed in: google.golang.org/protobuf@v1.33.0
Example traces found:
#1: provisioner/powershell/provisioner.go:321:67: powershell.Provisioner.Provision calls retry.Config.Run, which eventually calls json.Decoder.Peek
#2: provisioner/powershell/provisioner.go:321:67: powershell.Provisioner.Provision calls retry.Config.Run, which eventually calls json.Decoder.Read
#3: provisioner/powershell/provisioner.go:321:67: powershell.Provisioner.Provision calls retry.Config.Run, which eventually calls protojson.Unmarshal
Vulnerability #4: GO-2024-2466
Denial of service in github.com/go-git/go-git/v5 and
gopkg.in/src-d/go-git.v4
More info: https://pkg.go.dev/vuln/GO-2024-2466
Module: github.com/go-git/go-git/v5
Found in: github.com/go-git/go-git/v5@v5.4.2
Fixed in: github.com/go-git/go-git/v5@v5.11.0
Example traces found:
#1: internal/hcp/registry/hcp.go:126:36: registry.getGitSHA calls git.PlainOpenWithOptions, which calls filesystem.NewStorage
#2: internal/hcp/registry/hcp.go:126:36: registry.getGitSHA calls git.PlainOpenWithOptions
#3: internal/hcp/registry/hcp.go:142:20: registry.getGitSHA calls git.Repository.Head
Vulnerability #5: GO-2024-2456
Path traversal and RCE in github.com/go-git/go-git/v5 and
gopkg.in/src-d/go-git.v4
More info: https://pkg.go.dev/vuln/GO-2024-2456
Module: github.com/go-git/go-git/v5
Found in: github.com/go-git/go-git/v5@v5.4.2
Fixed in: github.com/go-git/go-git/v5@v5.11.0
Example traces found:
#1: internal/hcp/registry/hcp.go:126:36: registry.getGitSHA calls git.PlainOpenWithOptions, which calls filesystem.NewStorage
#2: internal/hcp/registry/hcp.go:126:36: registry.getGitSHA calls git.PlainOpenWithOptions
#3: internal/hcp/registry/hcp.go:142:20: registry.getGitSHA calls git.Repository.Head
Your code is affected by 5 vulnerabilities from 4 modules.
This scan also found 4 vulnerabilities in packages you import and 2
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
textproc/go-mmark
=== Symbol Results ===
Vulnerability #1: GO-2024-3205
Infinite loop in github.com/gomarkdown/markdown
More info: https://pkg.go.dev/vuln/GO-2024-3205
Module: github.com/gomarkdown/markdown
Found in: github.com/gomarkdown/markdown@v0.0.0-20230922112808-5421fefb8386
Fixed in: github.com/gomarkdown/markdown@v0.0.0-20240729212818-a2a9c4f76ef5
Example traces found:
#1: mmark.go:106:24: mmark.main calls markdown.Parse, which calls parser.Parser.Parse
Your code is affected by 1 vulnerability from 1 module.
This scan found no other vulnerabilities in packages you import or modules you
require.
Use '-show verbose' for more details.
www/apisprout
=== Symbol Results ===
Vulnerability #1: GO-2022-0956
Excessive resource consumption in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2022-0956
Module: gopkg.in/yaml.v2
Found in: gopkg.in/yaml.v2@v2.2.2
Fixed in: gopkg.in/yaml.v2@v2.2.4
Example traces found:
#1: apisprout.go:90:20: apisprout.main calls viper.ReadInConfig, which eventually calls yaml.Unmarshal
Vulnerability #2: GO-2021-0061
Denial of service in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2021-0061
Module: gopkg.in/yaml.v2
Found in: gopkg.in/yaml.v2@v2.2.2
Fixed in: gopkg.in/yaml.v2@v2.2.3
Example traces found:
#1: apisprout.go:90:20: apisprout.main calls viper.ReadInConfig, which eventually calls yaml.Unmarshal
Vulnerability #3: GO-2020-0036
Excessive resource consumption in YAML parsing in gopkg.in/yaml.v2
More info: https://pkg.go.dev/vuln/GO-2020-0036
Module: gopkg.in/yaml.v2
Found in: gopkg.in/yaml.v2@v2.2.2
Fixed in: gopkg.in/yaml.v2@v2.2.8
Example traces found:
#1: apisprout.go:90:20: apisprout.main calls viper.ReadInConfig, which eventually calls yaml.Unmarshal
Your code is affected by 3 vulnerabilities from 1 module.
This scan also found 2 vulnerabilities in packages you import and 2
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
www/caddy
=== Symbol Results ===
Vulnerability #1: GO-2024-3302
ICMP Packet Too Large Injection Attack on Linux in
github.com/quic-go/quic-go
More info: https://pkg.go.dev/vuln/GO-2024-3302
Module: github.com/quic-go/quic-go
Found in: github.com/quic-go/quic-go@v0.44.0
Fixed in: github.com/quic-go/quic-go@v0.48.2
Platforms: linux
Example traces found:
#1: admin.go:1314:21: caddy.APIError.Error calls quic.StreamError.Error
#2: modules/caddyhttp/reverseproxy/httptransport.go:436:33: reverseproxy.HTTPTransport.RoundTrip calls http3.RoundTripper.RoundTrip, which eventually calls quic.Transport.DialEarly
#3: listeners.go:446:33: caddy.ListenQUIC calls quic.Transport.ListenEarly
#4: modules/caddyhttp/reverseproxy/httptransport.go:497:34: reverseproxy.HTTPTransport.Cleanup calls http.Transport.CloseIdleConnections, which eventually calls quic.connMultiplexer.RemoveConn
#5: modules/caddyhttp/server.go:612:2: caddyhttp.Server.serveHTTP3 calls http3.Server.ServeListener, which eventually calls quic.connection.AcceptStream
#6: modules/caddyhttp/server.go:612:2: caddyhttp.Server.serveHTTP3 calls http3.Server.ServeListener, which eventually calls quic.connection.AcceptUniStream
#7: modules/caddyhttp/server.go:1022:25: caddyhttp.lengthReader.Read calls http3.body.Read, which eventually calls quic.connection.CloseWithError
#8: modules/caddyhttp/reverseproxy/httptransport.go:436:33: reverseproxy.HTTPTransport.RoundTrip calls http3.RoundTripper.RoundTrip, which eventually calls quic.connection.OpenStreamSync
#9: modules/caddyhttp/server.go:612:2: caddyhttp.Server.serveHTTP3 calls http3.Server.ServeListener, which eventually calls quic.connection.OpenUniStream
#10: modules/caddyhttp/reverseproxy/httptransport.go:497:34: reverseproxy.HTTPTransport.Cleanup calls http.Transport.CloseIdleConnections, which eventually calls quic.oobConn.ReadPacket
#11: modules/caddyhttp/reverseproxy/httptransport.go:497:34: reverseproxy.HTTPTransport.Cleanup calls http.Transport.CloseIdleConnections, which eventually calls quic.packetHandlerMap.Close
#12: modules/caddyhttp/reverseproxy/httptransport.go:497:34: reverseproxy.HTTPTransport.Cleanup calls http.Transport.CloseIdleConnections, which eventually calls quic.packetHandlerMap.GetStatelessResetToken
#13: modules/caddyhttp/reverseproxy/reverseproxy.go:1381:24: reverseproxy.bodyReadCloser.Close calls http3.hijackableBody.Close, which calls quic.receiveStream.CancelRead
#14: modules/caddyhttp/reverseproxy/fastcgi/record.go:53:20: fastcgi.record.Read calls io.LimitedReader.Read, which calls quic.receiveStream.Read
#15: modules/caddyhttp/reverseproxy/fastcgi/record.go:53:20: fastcgi.record.Read calls io.LimitedReader.Read, which eventually calls quic.sendStream.CancelWrite
#16: modules/caddyhttp/reverseproxy/fastcgi/writer.go:135:25: fastcgi.streamWriter.Flush calls bytes.Buffer.WriteTo, which eventually calls quic.sendStream.Write
#17: modules/caddyhttp/reverseproxy/httptransport.go:497:34: reverseproxy.HTTPTransport.Cleanup calls http.Transport.CloseIdleConnections, which eventually calls quic.setDF
#18: modules/caddyhttp/server.go:612:2: caddyhttp.Server.serveHTTP3 calls http3.Server.ServeListener, which eventually calls quic.stream.Close
Your code is affected by 1 vulnerability from 1 module.
This scan also found 2 vulnerabilities in packages you import and 0
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
www/gitea
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.24.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: modules/markup/html.go:328:25: markup.postProcess calls html.Parse
#2: modules/markup/orgmode/orgmode.go:108:55: orgmode.Render calls org.Document.Write, which eventually calls html.ParseFragment
Vulnerability #2: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.7.5
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: services/migrations/gitlab.go:500:74: migrations.GitlabDownloader.GetComments calls gitlab.DiscussionsService.ListMergeRequestDiscussions, which eventually calls retryablehttp.Client.Do
Vulnerability #3: GO-2024-2698
Archiver Path Traversal vulnerability in github.com/mholt/archiver
More info: https://pkg.go.dev/vuln/GO-2024-2698
Module: github.com/mholt/archiver/v3
Found in: github.com/mholt/archiver/v3@v3.5.1
Fixed in: N/A
Example traces found:
#1: cmd/dump.go:152:46: cmd.runDump calls archiver.ByExtension
#2: cmd/dump.go:161:2: cmd.runDump calls archiver.Tar.Close
#3: cmd/dump.go:158:33: cmd.runDump calls archiver.Tar.Create
#4: modules/dump/dumper.go:74:28: dump.Dumper.AddReader calls archiver.Tar.Write
#5: cmd/dump.go:158:33: cmd.runDump calls archiver.TarBrotli.Create
#6: cmd/dump.go:158:33: cmd.runDump calls archiver.TarBz2.Create
#7: cmd/dump.go:158:33: cmd.runDump calls archiver.TarGz.Create
#8: cmd/dump.go:158:33: cmd.runDump calls archiver.TarLz4.Create
#9: cmd/dump.go:158:33: cmd.runDump calls archiver.TarSz.Create
#10: cmd/dump.go:158:33: cmd.runDump calls archiver.TarXz.Create
#11: cmd/dump.go:158:33: cmd.runDump calls archiver.TarZstd.Create
#12: cmd/dump.go:161:2: cmd.runDump calls archiver.Zip.Close
#13: cmd/dump.go:158:33: cmd.runDump calls archiver.Zip.Create
#14: modules/dump/dumper.go:74:28: dump.Dumper.AddReader calls archiver.Zip.Write
#15: modules/dump/dumper.go:19:2: dump.init calls archiver.init
Your code is affected by 3 vulnerabilities from 3 modules.
This scan also found 2 vulnerabilities in packages you import and 2
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
www/hugo
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.30.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: markup/asciidocext/internal/converter.go:175:25: internal.AsciidocConverter.extractTOC calls html.Parse
#2: markup/org/convert.go:64:79: org.orgConverter.Convert calls org.Document.Write, which eventually calls html.ParseFragment
Your code is affected by 1 vulnerability from 1 module.
This scan also found 0 vulnerabilities in packages you import and 3
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
www/pup
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20160720084139-4d38db76854b
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: parse.go:43:19: pup.ParseHTML calls html.Parse
Vulnerability #2: GO-2022-0197
Panic when parsing certain inputs in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2022-0197
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20160720084139-4d38db76854b
Fixed in: golang.org/x/net@v0.0.0-20190125002852-4b62a64f59f7
Example traces found:
#1: parse.go:43:19: pup.ParseHTML calls html.Parse
Vulnerability #3: GO-2022-0193
Panic on unconsidered isindex and template combination in
golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2022-0193
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20160720084139-4d38db76854b
Fixed in: golang.org/x/net@v0.0.0-20180921000356-2f5d2388922f
Example traces found:
#1: parse.go:43:19: pup.ParseHTML calls html.Parse
Vulnerability #4: GO-2022-0192
Incorrect parsing of nested templates in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2022-0192
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20160720084139-4d38db76854b
Fixed in: golang.org/x/net@v0.0.0-20180925071336-cf3bd585ca2a
Example traces found:
#1: parse.go:43:19: pup.ParseHTML calls html.Parse
Vulnerability #5: GO-2021-0238
Infinite loop when parsing inputs in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2021-0238
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20160720084139-4d38db76854b
Fixed in: golang.org/x/net@v0.0.0-20210520170846-37e1c6afe023
Example traces found:
#1: parse.go:43:19: pup.ParseHTML calls html.Parse
Vulnerability #6: GO-2021-0078
Panic when parsing malformed HTML in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2021-0078
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20160720084139-4d38db76854b
Fixed in: golang.org/x/net@v0.0.0-20180816102801-aaf60122140d
Example traces found:
#1: parse.go:43:19: pup.ParseHTML calls html.Parse
Vulnerability #7: GO-2020-0015
Infinite loop when decoding some inputs in golang.org/x/text
More info: https://pkg.go.dev/vuln/GO-2020-0015
Module: golang.org/x/text
Found in: golang.org/x/text@v0.0.0-20160719205907-0a5a09ee4409
Fixed in: golang.org/x/text@v0.3.3
Example traces found:
#1: parse.go:43:19: pup.ParseHTML calls html.Parse, which eventually calls unicode.utf16Decoder.Transform
Vulnerability #8: GO-2020-0014
Infinite loop due to improper handling of "select" tags in
golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2020-0014
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20160720084139-4d38db76854b
Fixed in: golang.org/x/net@v0.0.0-20190125091013-d26f9f9a57f3
Example traces found:
#1: parse.go:43:19: pup.ParseHTML calls html.Parse
Your code is affected by 8 vulnerabilities from 2 modules.
This scan also found 3 vulnerabilities in packages you import and 8
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
www/reader
=== Symbol Results ===
Vulnerability #1: GO-2024-3333
Non-linear parsing of case-insensitive content in golang.org/x/net/html
More info: https://pkg.go.dev/vuln/GO-2024-3333
Module: golang.org/x/net
Found in: golang.org/x/net@v0.27.0
Fixed in: golang.org/x/net@v0.33.0
Example traces found:
#1: cmd/root.go:79:42: cmd.HTMLtoMarkdown calls html.Converter.ConvertString, which eventually calls html.Parse
Your code is affected by 1 vulnerability from 1 module.
This scan also found 0 vulnerabilities in packages you import and 1
vulnerability in modules you require, but your code doesn't appear to call these
vulnerabilities.
Use '-show verbose' for more details.
www/restish
=== Symbol Results ===
Vulnerability #1: GO-2024-2937
Panic when parsing invalid palette-color images in golang.org/x/image
More info: https://pkg.go.dev/vuln/GO-2024-2937
Module: golang.org/x/image
Found in: golang.org/x/image@v0.10.0
Fixed in: golang.org/x/image@v0.18.0
Example traces found:
#1: cli/formatter.go:551:46: cli.DefaultFormatter.formatAuto calls ansimage.NewScaledFromReader, which eventually calls tiff.Decode
Your code is affected by 1 vulnerability from 1 module.
This scan also found 1 vulnerability in packages you import and 1 vulnerability
in modules you require, but your code doesn't appear to call these
vulnerabilities.
Use '-show verbose' for more details.