ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-10-31 15:53:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Skip acceptable vuln

Browse Source
This commit is contained in:
Jamie Curnow
2022-11-08 10:40:15 +10:00
parent c00b690ed3
commit 726b6e69f7
2 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Jenkinsfile vendored
View File

@@ -207,7 +207,7 @@ pipeline {
} }
post { post {
always { always {
sh 'docker-compose down --rmi all --remove-orphans --volumes -t 30' sh 'docker-compose down --rmi all --remove-orphans --volumes -t 30 || true'
sh './scripts/ci/build-cleanup' sh './scripts/ci/build-cleanup'
echo 'Reverting ownership' echo 'Reverting ownership'
sh 'docker run --rm -v $(pwd):/data jc21/gotools:latest chown -R "$(id -u):$(id -g)" /data' sh 'docker run --rm -v $(pwd):/data jc21/gotools:latest chown -R "$(id -u):$(id -g)" /data'

15
backend/.nancy-ignore
View File

@@ -1,22 +1,37 @@
# If you need to ignore any of nancy's warnings add them # If you need to ignore any of nancy's warnings add them
# here with a reference to the package/version that # here with a reference to the package/version that
# triggers them and rational for ignoring it. # triggers them and rational for ignoring it.
# pkg:golang/github.com/coreos/etcd@3.3.10 # pkg:golang/github.com/coreos/etcd@3.3.10
# etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation # etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation
CVE-2020-15115 CVE-2020-15115
# pkg:golang/github.com/coreos/etcd@3.3.10 # pkg:golang/github.com/coreos/etcd@3.3.10
# In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records # In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records
CVE-2020-15136 CVE-2020-15136
# pkg:golang/github.com/coreos/etcd@3.3.10 # pkg:golang/github.com/coreos/etcd@3.3.10
# In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access # In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access
CVE-2020-15114 CVE-2020-15114
# pkg:golang/github.com/gorilla/websocket@1.4.0 # pkg:golang/github.com/gorilla/websocket@1.4.0
# Integer Overflow or Wraparound # Integer Overflow or Wraparound
CWE-190 CWE-190
# jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrict... # jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrict...
CVE-2020-26160 CVE-2020-26160
# https://ossindex.sonatype.org/vulnerability/sonatype-2021-1485
sonatype-2021-1485