PB-6665: metric create endpoint | alert feature #249

t-nidhin · 2024-07-25T19:21:42Z

metric endpoint exposed to relay logs back to px-backup main pod

exposing px-backup rpc to relay logs to main pod.

Refer main pr: px-backup

Doc reference: Exposing Metric endpoint to Relay back logs to px-backup pod

github-actions · 2024-07-25T19:22:26Z

OSS Scan Results:

Title	Severity	Package Name	CVEs	Fix version	Introduced
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]', 'k8s.io/client-go/pkg/apis/clientauthentication/[email protected]', 'k8s.io/client-go/pkg/apis/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]', 'k8s.io/client-go/pkg/apis/clientauthentication/[email protected]', 'k8s.io/client-go/pkg/apis/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]', 'k8s.io/client-go/pkg/apis/clientauthentication/[email protected]', 'k8s.io/client-go/pkg/apis/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	google.golang.org/grpc	['CVE-2023-44487']	['1.56.3', '1.57.1', '1.58.3']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/[email protected]', 'google.golang.org/protobuf/types/known/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/[email protected]', 'google.golang.org/protobuf/types/known/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/internal/encoding/json	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]', 'google.golang.org/protobuf/internal/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/internal/encoding/json	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/[email protected]', 'google.golang.org/protobuf/types/known/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]', 'google.golang.org/protobuf/internal/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/internal/encoding/json	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]', 'google.golang.org/protobuf/internal/encoding/[email protected]']
Credential Exposure	medium	k8s.io/client-go/transport	['CVE-2019-11250']	['1.17.0-alpha.1']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]']
Credential Exposure	medium	k8s.io/client-go/transport	['CVE-2019-11250']	['1.17.0-alpha.1']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/plugin/pkg/client/auth/[email protected]', 'k8s.io/client-go/[email protected]']
Credential Exposure	medium	k8s.io/client-go/transport	['CVE-2019-11250']	['1.17.0-alpha.1']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]']
Credential Exposure	medium	k8s.io/client-go/transport	['CVE-2019-11250']	['1.17.0-alpha.1']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/plugin/pkg/client/auth/[email protected]', 'k8s.io/client-go/[email protected]']
Credential Exposure	medium	k8s.io/client-go/transport	['CVE-2019-11250']	['1.17.0-alpha.1']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]']
Credential Exposure	medium	k8s.io/client-go/transport	['CVE-2019-11250']	['1.17.0-alpha.1']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/plugin/pkg/client/auth/[email protected]', 'k8s.io/client-go/[email protected]']
Denial of Service (DoS)	low	k8s.io/client-go/util/jsonpath	[]	['1.20.0-alpha.1']	['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/client-go/util/[email protected]']
Improper Input Validation	high	sigs.k8s.io/aws-iam-authenticator/pkg/token	['CVE-2022-2385']	['0.5.9']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]']

Total issues: 50

github-actions · 2024-07-25T19:22:27Z

License Evaluation Results:

Title	Package Name	Package Version	Severity	License Info	Introduced	Dependency Type

Total License Issues: 0

Signed-off-by: vsundarraj-px <[email protected]>

…re (#252) Signed-off-by: vsundarraj-px <[email protected]>

github-actions · 2024-08-19T04:34:09Z

OSS Scan Results:

Title	Severity	Package Name	CVEs	Fix version	Introduced
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]', 'k8s.io/client-go/pkg/apis/clientauthentication/[email protected]', 'k8s.io/client-go/pkg/apis/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]', 'k8s.io/client-go/pkg/apis/clientauthentication/[email protected]', 'k8s.io/client-go/pkg/apis/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]', 'k8s.io/client-go/pkg/apis/clientauthentication/[email protected]', 'k8s.io/client-go/pkg/apis/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	google.golang.org/grpc	['CVE-2023-44487']	['1.56.3', '1.57.1', '1.58.3']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/[email protected]', 'google.golang.org/protobuf/types/known/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/[email protected]', 'google.golang.org/protobuf/types/known/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/internal/encoding/json	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]', 'google.golang.org/protobuf/internal/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/internal/encoding/json	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/[email protected]', 'google.golang.org/protobuf/types/known/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]', 'google.golang.org/protobuf/internal/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/internal/encoding/json	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]', 'google.golang.org/protobuf/internal/encoding/[email protected]']
Improper Input Validation	high	sigs.k8s.io/aws-iam-authenticator/pkg/token	['CVE-2022-2385']	['0.5.9']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]']

Total issues: 43

github-actions · 2024-08-19T04:34:10Z

License Evaluation Results:

Title	Package Name	Package Version	Severity	License Info	Introduced	Dependency Type

Total License Issues: 0

github-actions · 2024-08-19T04:36:55Z

OSS Scan Results:

Title	Severity	Package Name	CVEs	Fix version	Introduced
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]', 'k8s.io/client-go/pkg/apis/clientauthentication/[email protected]', 'k8s.io/client-go/pkg/apis/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]', 'k8s.io/client-go/pkg/apis/clientauthentication/[email protected]', 'k8s.io/client-go/pkg/apis/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]', 'k8s.io/client-go/pkg/apis/clientauthentication/[email protected]', 'k8s.io/client-go/pkg/apis/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	golang.org/x/net/http2	['CVE-2023-44487']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	medium	golang.org/x/net/http2	['CVE-2023-39325']	['0.17.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Allocation of Resources Without Limits or Throttling	high	golang.org/x/net/http2	['CVE-2023-45288']	['0.23.0']	['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS)	high	google.golang.org/grpc	['CVE-2023-44487']	['1.56.3', '1.57.1', '1.58.3']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/[email protected]', 'google.golang.org/protobuf/types/known/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/[email protected]', 'google.golang.org/protobuf/types/known/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Stack-based Buffer Overflow	medium	google.golang.org/protobuf/encoding/protojson	[]	['1.32.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/encoding/protojson	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/internal/encoding/json	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/[email protected]', 'github.com/golang/protobuf/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]', 'google.golang.org/protobuf/internal/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/internal/encoding/json	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/[email protected]', 'google.golang.org/protobuf/types/known/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]', 'google.golang.org/protobuf/internal/encoding/[email protected]']
Infinite loop	medium	google.golang.org/protobuf/internal/encoding/json	['CVE-2024-24786']	['1.33.0']	['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'google.golang.org/protobuf/encoding/[email protected]', 'google.golang.org/protobuf/internal/encoding/[email protected]']
Improper Input Validation	high	sigs.k8s.io/aws-iam-authenticator/pkg/token	['CVE-2022-2385']	['0.5.9']	['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]']

Total issues: 43

github-actions · 2024-08-19T04:36:56Z

License Evaluation Results:

Title	Package Name	Package Version	Severity	License Info	Introduced	Dependency Type

Total License Issues: 0

pkg/apis/v1/api.proto

metric endpoint exposed to relay logs back to px-backup main pod proto changes PB-6665 | review changes added

t-nidhin · 2024-08-22T09:00:13Z

closing this PR, new PR will be raised to 2.8.0 branch

t-nidhin requested review from vsundarraj-px, lalat-das and prashanthpx and removed request for vsundarraj-px and lalat-das July 25, 2024 19:21

t-nidhin requested review from siva-portworx, vikasit12, px-kesavan, ss-px, aks-px and dbinnal-px July 25, 2024 19:22

vsundarraj-px added 2 commits July 29, 2024 11:58

feat:PB-7641 - implement share Cluster backup while cluster share (#250)

401f4e7

Signed-off-by: vsundarraj-px <[email protected]>

feat: PB-7779 implement cluster delete to support cluster share featu…

f6a95bb

…re (#252) Signed-off-by: vsundarraj-px <[email protected]>

t-nidhin force-pushed the PB-6665 branch from fb3eb8c to 3885838 Compare August 19, 2024 04:36

PB-7669: adding retention timestamp (#251)

42a9458

vsundarraj-px reviewed Aug 22, 2024

View reviewed changes

pkg/apis/v1/api.proto Show resolved Hide resolved

PB-6665: metric create endpoint | alert feature

37bc5e3

metric endpoint exposed to relay logs back to px-backup main pod proto changes PB-6665 | review changes added

t-nidhin force-pushed the PB-6665 branch from 3885838 to 37bc5e3 Compare August 22, 2024 06:34

t-nidhin closed this Aug 22, 2024

t-nidhin mentioned this pull request Aug 22, 2024

PB-6665: metric create endpoint | alert feature #255

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

PB-6665: metric create endpoint | alert feature #249

PB-6665: metric create endpoint | alert feature #249

t-nidhin commented Jul 25, 2024

github-actions bot commented Jul 25, 2024

github-actions bot commented Jul 25, 2024

github-actions bot commented Aug 19, 2024

github-actions bot commented Aug 19, 2024

github-actions bot commented Aug 19, 2024

github-actions bot commented Aug 19, 2024

t-nidhin commented Aug 22, 2024

PB-6665: metric create endpoint | alert feature #249

PB-6665: metric create endpoint | alert feature #249

Conversation

t-nidhin commented Jul 25, 2024

github-actions bot commented Jul 25, 2024

github-actions bot commented Jul 25, 2024

github-actions bot commented Aug 19, 2024

github-actions bot commented Aug 19, 2024

github-actions bot commented Aug 19, 2024

github-actions bot commented Aug 19, 2024

t-nidhin commented Aug 22, 2024