[DepShield] (CVSS 5.9) Vulnerability due to usage of golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
sonatype-depshield opened this issue · 1 comments
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2 results in the following vulnerability(s):
Occurrences
golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2 is a transitive dependency introduced by the following direct dependency(s):
• github.com/jackc/pgx:v4:4.10.1
└─ github.com/jackc:pgconn:1.8.0
└─ github.com/jackc:pgmock:0.0.0-20190831213851-13a1b77aafa2
└─ github.com/jackc:pgtype:0.0.0-20190828014616-a8802b16cc59
└─ github.com/jackc/pgx:v4:4.0.0-pre1.0.20190824185557-6972a5742186
└─ github.com/rs:zerolog:1.15.0
└─ golang.org/x:tools:0.0.0-20190425163242-31fd60d6bfdc
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20190820162420-60c769a6c586
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:net:0.0.0-20190813141303-74dc4d7220e7
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:tools:0.0.0-20190823170909-c4a336ef6a2f
└─ golang.org/x:net:0.0.0-20190620200207-3b0461eec859
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20200622213623-75b288015ac9
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ github.com/jackc:pgtype:1.6.2
└─ github.com/jackc:pgconn:1.5.1-0.20200601181101-fa742c524853
└─ github.com/jackc:pgmock:0.0.0-20190831213851-13a1b77aafa2
└─ github.com/jackc:pgtype:0.0.0-20190828014616-a8802b16cc59
└─ github.com/jackc/pgx:v4:4.0.0-pre1.0.20190824185557-6972a5742186
└─ github.com/rs:zerolog:1.15.0
└─ golang.org/x:tools:0.0.0-20190425163242-31fd60d6bfdc
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20190820162420-60c769a6c586
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:net:0.0.0-20190813141303-74dc4d7220e7
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:tools:0.0.0-20190823170909-c4a336ef6a2f
└─ golang.org/x:net:0.0.0-20190620200207-3b0461eec859
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20200323165209-0ec3e9974c59
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ github.com/jackc/pgx:v4:4.6.1-0.20200606145419-4e5062306904
└─ github.com/jackc:pgconn:1.5.1-0.20200601181101-fa742c524853
└─ github.com/jackc:pgmock:0.0.0-20190831213851-13a1b77aafa2
└─ github.com/jackc:pgtype:0.0.0-20190828014616-a8802b16cc59
└─ github.com/jackc/pgx:v4:4.0.0-pre1.0.20190824185557-6972a5742186
└─ github.com/rs:zerolog:1.15.0
└─ golang.org/x:tools:0.0.0-20190425163242-31fd60d6bfdc
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20190820162420-60c769a6c586
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:net:0.0.0-20190813141303-74dc4d7220e7
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:tools:0.0.0-20190823170909-c4a336ef6a2f
└─ golang.org/x:net:0.0.0-20190620200207-3b0461eec859
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20200323165209-0ec3e9974c59
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ github.com/jackc:pgtype:1.3.1-0.20200606141011-f6355165a91c
└─ github.com/jackc:pgconn:1.5.1-0.20200601181101-fa742c524853
└─ github.com/jackc:pgmock:0.0.0-20190831213851-13a1b77aafa2
└─ github.com/jackc:pgtype:0.0.0-20190828014616-a8802b16cc59
└─ github.com/jackc/pgx:v4:4.0.0-pre1.0.20190824185557-6972a5742186
└─ github.com/rs:zerolog:1.15.0
└─ golang.org/x:tools:0.0.0-20190425163242-31fd60d6bfdc
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20190820162420-60c769a6c586
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:net:0.0.0-20190813141303-74dc4d7220e7
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:tools:0.0.0-20190823170909-c4a336ef6a2f
└─ golang.org/x:net:0.0.0-20190620200207-3b0461eec859
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20200323165209-0ec3e9974c59
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ github.com/jackc/pgx:v4:4.6.1-0.20200510190926-94ba730bb1e9
└─ github.com/jackc:pgconn:1.5.0
└─ github.com/jackc:pgmock:0.0.0-20190831213851-13a1b77aafa2
└─ github.com/jackc:pgtype:0.0.0-20190828014616-a8802b16cc59
└─ github.com/jackc/pgx:v4:4.0.0-pre1.0.20190824185557-6972a5742186
└─ github.com/rs:zerolog:1.15.0
└─ golang.org/x:tools:0.0.0-20190425163242-31fd60d6bfdc
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20190820162420-60c769a6c586
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:net:0.0.0-20190813141303-74dc4d7220e7
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:tools:0.0.0-20190823170909-c4a336ef6a2f
└─ golang.org/x:net:0.0.0-20190620200207-3b0461eec859
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20200323165209-0ec3e9974c59
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ github.com/jackc:pgtype:1.3.1-0.20200510190516-8cd94a14c75a
└─ github.com/jackc/pgx:v4:4.5.0
└─ github.com/jackc:pgconn:1.4.0
└─ github.com/jackc:pgmock:0.0.0-20190831213851-13a1b77aafa2
└─ github.com/jackc:pgtype:0.0.0-20190828014616-a8802b16cc59
└─ github.com/jackc/pgx:v4:4.0.0-pre1.0.20190824185557-6972a5742186
└─ github.com/rs:zerolog:1.15.0
└─ golang.org/x:tools:0.0.0-20190425163242-31fd60d6bfdc
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20190820162420-60c769a6c586
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:net:0.0.0-20190813141303-74dc4d7220e7
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:tools:0.0.0-20190823170909-c4a336ef6a2f
└─ golang.org/x:net:0.0.0-20190620200207-3b0461eec859
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20190820162420-60c769a6c586
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ github.com/jackc:pgtype:1.2.0
└─ github.com/jackc/pgx:v4:4.0.0-pre1.0.20190824185557-6972a5742186
└─ github.com/rs:zerolog:1.15.0
└─ golang.org/x:tools:0.0.0-20190425163242-31fd60d6bfdc
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20190820162420-60c769a6c586
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:net:0.0.0-20190813141303-74dc4d7220e7
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:tools:0.0.0-20190823170909-c4a336ef6a2f
└─ golang.org/x:net:0.0.0-20190620200207-3b0461eec859
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ github.com/rs:zerolog:1.15.0
└─ golang.org/x:tools:0.0.0-20190425163242-31fd60d6bfdc
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:crypto:0.0.0-20190911031432-227b76d455e7
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ github.com/rs:zerolog:1.15.0
└─ golang.org/x:tools:0.0.0-20190425163242-31fd60d6bfdc
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ go.uber.org:multierr:1.5.0
└─ go.uber.org:atomic:1.6.0
└─ golang.org/x:lint:0.0.0-20190930215403-16217165b5de
└─ golang.org/x:tools:0.0.0-20190311212946-11955173bddd
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:tools:0.0.0-20191029041327-9cc4af7d6b2c
└─ golang.org/x:net:0.0.0-20190620200207-3b0461eec859
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:lint:0.0.0-20190930215403-16217165b5de
└─ golang.org/x:tools:0.0.0-20190311212946-11955173bddd
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:tools:0.0.0-20191029190741-b9c20aec41a5
└─ golang.org/x:net:0.0.0-20190620200207-3b0461eec859
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ honnef.co/go:tools:0.0.1-2019.2.3
└─ golang.org/x:mod:0.0.0-20190513183733-4bf6d317e70e
└─ golang.org/x:crypto:0.0.0-20190510104115-cbcb75029529
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:tools:0.0.0-20190621195816-6e04913cbbac
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ github.com/rs:zerolog:1.15.0
└─ golang.org/x:tools:0.0.0-20190425163242-31fd60d6bfdc
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ github.com/rs:zerolog:1.15.0
└─ golang.org/x:tools:0.0.0-20190425163242-31fd60d6bfdc
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
• golang.org/x:net:0.0.0-20190813141303-74dc4d7220e7
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
• golang.org/x:tools:0.0.0-20191029190741-b9c20aec41a5
└─ golang.org/x:net:0.0.0-20190620200207-3b0461eec859
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Closed due to dependency upgrade