Closed luhring closed 1 year ago
Before:
$ make clean build >/dev/null && grype -q ./dist/dive_linux_amd64/dive NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY github.com/docker/distribution v2.7.0-rc.0.0.20181024170156-93e082742a00+incompatible 2.8.0 go-module GHSA-qq97-vm5h-rrhg Low github.com/docker/distribution v2.7.0-rc.0.0.20181024170156-93e082742a00+incompatible 2.8.2-beta.1 go-module GHSA-hqxw-f8mx-cpmw High github.com/docker/engine v0.0.0-20190822205725-ed20165a37b4 go-module CVE-2018-20699 Medium github.com/docker/engine v0.0.0-20190822205725-ed20165a37b4 go-module CVE-2020-13401 Medium github.com/gogo/protobuf v1.3.0 1.3.2 go-module GHSA-c3h9-896r-86jm High github.com/golang/protobuf v1.3.1 go-module CVE-2021-3121 High github.com/opencontainers/image-spec v1.0.1 1.0.2 go-module GHSA-77vh-xpmg-72qh Low golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297 0.0.0-20210428140749-89ef3d95e781 go-module GHSA-h86h-8ppg-mxmh Medium golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297 0.0.0-20210520170846-37e1c6afe023 go-module GHSA-83g2-8m93-v3w7 High golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297 0.0.0-20220906165146-f3363e06e74c go-module GHSA-69cg-p879-7622 High golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297 0.7.0 go-module GHSA-vvpx-j8f3-3w6h High golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4 0.0.0-20220412211240-33da011f77ad go-module GHSA-p782-xgp4-8hr8 Medium golang.org/x/text v0.3.2 0.3.7 go-module GHSA-ppp9-7jff-5vj2 High golang.org/x/text v0.3.2 0.3.8 go-module GHSA-69ch-w2m2-3vjp High gopkg.in/yaml.v2 v2.2.2 2.2.3 go-module GHSA-r88r-gmrh-7j83 Medium gopkg.in/yaml.v2 v2.2.2 2.2.4 go-module GHSA-6q6q-88xp-6f2r High gopkg.in/yaml.v2 v2.2.2 2.2.8 go-module GHSA-wxc4-f4m6-wwqv Medium
After:
$ make clean build >/dev/null && grype -q ./dist/dive_linux_amd64/dive No vulnerabilities found
Before:
After: