DBLab enables ๐ database branching and โก๏ธ thin cloning for any Postgres database and empowers DB testing in CI/CD. This optimizes database-related costs while improving time-to-market and software quality. Follow to stay updated.
Home Page: https://postgres.ai/products/how-it-works
License: Apache License 2.0
![mend-bolt-for-github[bot] avatar](https://avatars.githubusercontent.com/in/16809?v=4 "mend-bolt-for-github[bot]")
Vulnerable Library - github.com/docker/cli-v19.03.13-beta2The Docker CLI
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file (typically ~/.docker/config.json) listing a credsStore or credHelpers that could not be executed would result in any provided credentials being sent to registry-1.docker.io rather than the intended private registry. This bug has been fixed in Docker CLI 20.10.9. Users should update to this version as soon as possible. For users unable to update ensure that any configured credsStore or credHelpers entries in the configuration file reference an installed credential helper that is executable and on the PATH.
Publish Date: 2021-10-04
URL: CVE-2021-41092
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-99pg-grm5-qq3v
Release Date: 2021-10-04
Fix Resolution: v20.10.9
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - browserslist-4.14.2.tgzShare target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset
Library home page: https://registry.npmjs.org/browserslist/-/browserslist-4.14.2.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/react-dev-utils/node_modules/browserslist/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
Publish Date: 2021-04-28
URL: CVE-2021-23364
CVSS 3 Score Details (5.3)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23364
Release Date: 2021-04-28
Fix Resolution: browserslist - 4.16.5
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - node-forge-0.10.0.tgzJavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.
Library home page: https://registry.npmjs.org/node-forge/-/node-forge-0.10.0.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/node-forge/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
forge is vulnerable to URL Redirection to Untrusted Site
Publish Date: 2022-01-06
URL: CVE-2022-0122
CVSS 3 Score Details (6.1)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-gf8q-jrpm-jvxq
Release Date: 2022-01-06
Fix Resolution: node-forge - 1.0.0
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - css-what-3.4.2.tgza CSS selector parser
Library home page: https://registry.npmjs.org/css-what/-/css-what-3.4.2.tgz
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.
Publish Date: 2021-05-28
URL: CVE-2021-33587
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33587
Release Date: 2021-05-28
Fix Resolution: css-what - 5.0.1
Step up your Open Source Security Game with Mend here
Vulnerable Libraries - github.com/docker/docker-v20.10.12, github.com/docker/cli-v20.10.12
Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Dependency Hierarchy:
The Docker CLI
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.
Publish Date: 2020-12-17
URL: CVE-2020-29652
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
Release Date: 2020-12-17
Fix Resolution: v0.0.0-20201216223049-8b5274cf687f
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/containerd/containerd-v1.5.0-beta.4An open and reliable container runtime
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
In the OCI Distribution Specification version 1.0.0 and prior and in the OCI Image Specification version 1.0.1 and prior, manifest and index documents are ambiguous without an accompanying Content-Type HTTP header. Versions of containerd prior to 1.4.12 and 1.5.8 treat the Content-Type header as trusted and deserialize the document according to that header. If the Content-Type header changed between pulls of the same ambiguous document (with the same digest), the document may be interpreted differently, meaning that the digest alone is insufficient to unambiguously identify the content of the image.
Publish Date: 2021-11-18
URL: WS-2021-0427
CVSS 3 Score Details (3.0)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-5j5w-g665-5m35
Release Date: 2021-11-18
Fix Resolution: solidus_core - 2.11.12, 3.0.3, 3.1.3
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/distribution-v2.7.1The toolkit to pack, ship, store, and deliver container content
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making it vulnerable to an invalid curve attack.
Publish Date: 2017-03-28
URL: CVE-2016-9121
CVSS 3 Score Details (9.1)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-9121
Release Date: 2017-03-28
Fix Resolution: 1.0.4
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - follow-redirects-1.14.4.tgzHTTP and HTTPS modules that follow redirects.
Library home page: https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.4.tgz
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
Publish Date: 2022-01-10
URL: CVE-2022-0155
CVSS 3 Score Details (6.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406/
Release Date: 2022-01-10
Fix Resolution: follow-redirects - v1.14.7
Step up your Open Source Security Game with Mend here
Vulnerable Libraries - normalize-url-3.3.0.tgz, normalize-url-1.9.1.tgz
Normalize a URL
Library home page: https://registry.npmjs.org/normalize-url/-/normalize-url-3.3.0.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/postcss-normalize-url/node_modules/normalize-url/package.json
Dependency Hierarchy:
Normalize a URL
Library home page: https://registry.npmjs.org/normalize-url/-/normalize-url-1.9.1.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/normalize-url/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.
Publish Date: 2021-05-24
URL: CVE-2021-33502
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33502
Release Date: 2021-05-24
Fix Resolution: normalize-url - 4.5.1, 5.3.1, 6.0.1
Step up your Open Source Security Game with WhiteSource here
Please do not use GitHub.com for bugs and suggestions โ the development is happening on GitLab.com:
Vulnerable Library - github.com/docker/cli-v20.10.12The Docker CLI
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents that contain both โmanifestsโ and โlayersโ fields could be interpreted as either a manifest or an index in the absence of an accompanying Content-Type header. If a Content-Type header changed between two pulls of the same digest, a client may interpret the resulting content differently. The OCI Distribution Specification has been updated to require that a mediaType value present in a manifest or index match the Content-Type header used during the push and pull operations. Clients pulling from a registry may distrust the Content-Type header and reject an ambiguous document that contains both โmanifestsโ and โlayersโ fields or โmanifestsโ and โconfigโ fields if they are unable to update to version 1.0.1 of the spec.
Publish Date: 2021-11-17
URL: CVE-2021-41190
CVSS 3 Score Details (5.0)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-qq97-vm5h-rrhg
Release Date: 2021-11-17
Fix Resolution: v2.8.0
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/golang/text-v0.3.6[mirror] Go text processing support
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
Due to improper index calculation, an incorrectly formatted language tag can cause Parse
to panic, due to an out of bounds read. If Parse is used to process untrusted user inputs,
this may be used as a vector for a denial of service attack.
Publish Date: 2021-08-12
URL: CVE-2021-38561
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://osv.dev/vulnerability/GO-2021-0113
Release Date: 2021-08-12
Fix Resolution: v0.3.7
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/cli-v20.10.12The Docker CLI
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
Publish Date: 2020-07-22
URL: CVE-2020-8559
CVSS 3 Score Details (6.8)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: kubernetes/kubernetes#92914
Release Date: 2020-07-21
Fix Resolution: v1.18.6,v1.17.9,v1.16.13
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/docker-v20.10.12Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as setuid), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This vulnerability has been fixed in containerd 1.4.11 and containerd 1.5.7. Users should update to these version when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users. Update directory permission on container bundles directories.
Publish Date: 2021-10-04
URL: CVE-2021-41103
CVSS 3 Score Details (7.8)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-c2h3-6mxw-7mvq
Release Date: 2021-10-04
Fix Resolution: v1.4.11,v1.5.7
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/docker-v20.10.12Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the hostโs filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files.
Publish Date: 2021-07-19
URL: CVE-2021-32760
CVSS 3 Score Details (6.3)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-c72p-9xmj-rx3w
Release Date: 2021-07-19
Fix Resolution: v1.4.8 ,v1.5.4
Step up your Open Source Security Game with WhiteSource here
After some time of running up, Hyper-V VM starts up consuming CPU ("sy" around 90-100%), then it takes up to a few minutes to (re)start sync-instance container. Finally, VM hangs on completely; it may be impossible to restart/stop VM via Hyper-V commands.
VM specs:
Host specs:
As it was last time:
Vulnerable Library - ansi-regex-4.1.0.tgzRegular expression for matching ANSI escape codes
Library home page: https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/webpack-dev-server/node_modules/string-width/node_modules/ansi-regex/package.json,/ui/node_modules/webpack-dev-server/node_modules/wrap-ansi/node_modules/ansi-regex/package.json,/ui/node_modules/webpack-dev-server/node_modules/cliui/node_modules/ansi-regex/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
Publish Date: 2021-09-17
URL: CVE-2021-3807
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994/
Release Date: 2021-09-17
Fix Resolution: ansi-regex - 5.0.1,6.0.1
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - ansi-html-0.0.7.tgzAn elegant lib that converts the chalked (ANSI) text to HTML.
Library home page: https://registry.npmjs.org/ansi-html/-/ansi-html-0.0.7.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/ansi-html/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
This affects all versions of package ansi-html. If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time.
Publish Date: 2021-08-18
URL: CVE-2021-23424
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-23424
Release Date: 2021-08-18
Fix Resolution: VueJS.NetCore - 1.1.1;Indianadavy.VueJsWebAPITemplate.CSharp - 1.0.1;NorDroN.AngularTemplate - 0.1.6;CoreVueWebTest - 3.0.101;dotnetng.template - 1.0.0.4;Fable.Template.Elmish.React - 0.1.6;SAFE.Template - 3.0.1;GR.PageRender.Razor - 1.8.0;Envisia.DotNet.Templates - 3.0.1
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/containerd/containerd-v1.5.0-beta.4An open and reliable container runtime
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Publish Date: 2021-03-26
URL: CVE-2021-20206
CVSS 3 Score Details (7.2)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1919391
Release Date: 2020-12-18
Fix Resolution: v0.8.1
Step up your Open Source Security Game with WhiteSource here
I deployed Database Lab 2.0. physicalRestore and Promote stages went fine, dblab init and dblab instance status completed without errors, but then dblab clone create failed with error failed to watch the clone status: context deadline exceeded.
Note: I have PostgresPRO 10 source so use dcrg.account.spb.ru/sync-instance-pgpro:10 image instead of postgresai/sync-instance:10 for promotion step.
shell log below:
vialorn@databaselab:~/.dblab$ dblab init \
> --environment-id=tutorial \
> --url=http://localhost:2345 \
> --token=SwrcMn+jA1iNzHMUnLdSJvPp/tO5LUYbvgZbWSQ2GJE= \
> --insecure
Database Lab CLI is successfully initialized. Environment "tutorial" is created.
vialorn@databaselab:~/.dblab$ dblab instance status{
"status": {
"code": "OK",
"message": "Instance is ready"
},
"fileSystem": {
"size": 99337650176,
"free": 87561658368,
"used": 11775991808
},
"dataSize": 11743664640,
"expectedCloningTime": 0,
"numClones": 0,
"clones": []
}vialorn@databaselab:~/.dblab$ dblab clone create \
> --username asu \
> --password usa \
> --id asu_1
2020/12/09 21:33:06 failed to watch the clone status: context deadline exceeded
vialorn@databaselab:~/.dblab$ dblab instance status{
"status": {
"code": "OK",
"message": "Instance is ready"
},
"fileSystem": {
"size": 99337637888,
"free": 87561613312,
"used": 11776024576
},
"dataSize": 11743664640,
"expectedCloningTime": 0,
"numClones": 1,
"clones": [
{
"id": "asu_1",
"snapshot": {
"id": "dblab_pool/clone_pre_20201209212145@snapshot_20201209212128",
"createdAt": "2020-12-09 21:21:58 UTC",
"dataStateAt": "2020-12-09 21:21:28 UTC"
},
"protected": false,
"deleteAt": "",
"createdAt": "2020-12-09 21:32:06 UTC",
"status": {
"code": "FATAL",
"message": "dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory"
},
"db": {
"connStr": "",
"host": "",
"port": "",
"username": "asu",
"password": ""
},
"metadata": {
"cloneDiffSize": 0,
"cloningTime": 0,
"maxIdleMinutes": 0
},
"project": ""
}
]
}docker logs below
vialorn@databaselab:~/.dblab$ sudo docker logs dblab_server -f
2020/12/09 21:17:50 [INFO] Database Lab version: -20201119-0423
2020/12/09 21:17:50 [INFO] Database Lab Instance ID bv8jtvhs9t8a03c3mrng
2020/12/09 21:17:50 [INFO] Run job: physicalRestore. Options: {customTool postgresai/sync-instance:10 map[PGHOST:192.168.20.4 PGPASSWORD:sql#1893 PGPORT:5432 PGUSER:postgres] {} {pg_basebackup -X stream -D /var/lib/dblab/data } false}
10: Pulling from postgresai/sync-instance
Digest: sha256:bb680f53321bc54c9c711fb1d1ef574dbb0f108be7fa0b1a61f4b3f39ba1e402
Status: Image is up to date for postgresai/sync-instance:10
2020/12/09 21:17:52 [INFO] Running container: dblab_phr_bv8jtvhs9t8a03c3mrng. ID: fc73fe4ecc206976e8e2468916cdb37174be2b409a037784ce95d4ccd53d9210
2020/12/09 21:17:52 [INFO] Running restore command: pg_basebackup -X stream -D /var/lib/dblab/data
2020/12/09 21:21:39 [INFO] Restoring job has been finished
2020/12/09 21:21:39 [INFO] Check initial configs
2020/12/09 21:21:40 [INFO] Configuration has been finished
2020/12/09 21:21:40 [INFO] Removing container ID: fc73fe4ecc206976e8e2468916cdb37174be2b409a037784ce95d4ccd53d9210
2020/12/09 21:21:45 [INFO] Container "fc73fe4ecc206976e8e2468916cdb37174be2b409a037784ce95d4ccd53d9210" has been removed
2020/12/09 21:21:45 [INFO] Promote the Postgres instance.
10: Pulling from sync-instance-pgpro
Digest: sha256:03a5f933a4267c526d2f8c13319482c306e6791611360d184125e49a44d453d2
Status: Image is up to date for dcrg.account.spb.ru/sync-instance-pgpro:10
2020/12/09 21:21:46 [INFO] Running container: dblab_promote_bv8jtvhs9t8a03c3mrng. ID: 80bf3b87c3511f1991ea4d6500f9b1f52397f056b6e2887be08d2ae88886cf24
2020/12/09 21:21:46 [INFO] View logs using the command: docker logs --since 1m -f dblab_promote_bv8jtvhs9t8a03c3mrng
2020/12/09 21:21:46 [INFO] Container is not ready yet. The current state is starting.
2020/12/09 21:21:47 [INFO] Container is not ready yet. The current state is starting.
2020/12/09 21:21:48 [INFO] Container is not ready yet. The current state is starting.
2020/12/09 21:21:49 [INFO] Container is not ready yet. The current state is starting.
2020/12/09 21:21:50 [INFO] Container is not ready yet. The current state is starting.
2020/12/09 21:21:51 [INFO] Check recovery command [psql -U postgres -XAtc select pg_is_in_recovery()]
t
2020/12/09 21:21:51 [INFO] Should be promoted: t
2020/12/09 21:21:51 [INFO] Running dataStateAt command [psql -U postgres -d postgres -XAtc select to_char(coalesce(pg_last_xact_replay_timestamp(), NOW()) at time zone 'UTC', 'YYYYMMDDHH24MISS')]
20201209212128
2020/12/09 21:21:51 [INFO] Extracted Data state at: 20201209212128
2020/12/09 21:21:51 [INFO] Data state at: 20201209212128
2020/12/09 21:21:51 [INFO] Running promote command [pg_ctl -D /var/lib/dblab/clones/clone_pre_20201209212145/data -W promote]
2020/12/09 21:21:52 [INFO] Run checkpoint command [psql -U postgres -d postgres -XAtc checkpoint]
CHECKPOINT
2020/12/09 21:21:53 [INFO] Removing container ID: 80bf3b87c3511f1991ea4d6500f9b1f52397f056b6e2887be08d2ae88886cf24
2020/12/09 21:21:58 [INFO] Container "80bf3b87c3511f1991ea4d6500f9b1f52397f056b6e2887be08d2ae88886cf24" has been removed
2020/12/09 21:21:58 [INFO] Server started listening on :2345.
2020/12/09 21:25:19 [INFO] -> GET /status
2020/12/09 21:25:19 [ERROR] [ERROR] - GET /status - Check your verification token.
2020/12/09 21:30:49 [INFO] -> GET /status
2020/12/09 21:32:05 [INFO] -> POST /clone
2020/12/09 21:32:06 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:07 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:07 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:08 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:08 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:08 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:09 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:09 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:09 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:10 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:10 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:10 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:11 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:11 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:11 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:12 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:12 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:13 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:13 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:13 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:14 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:14 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:14 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:15 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:15 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:15 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:16 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:16 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:16 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:17 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:17 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:17 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:18 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:18 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:19 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:19 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:19 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:20 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:20 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:20 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:21 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:21 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:21 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:22 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:22 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:22 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:23 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:23 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:24 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:24 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:24 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:25 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:25 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:25 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:26 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:26 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:26 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:27 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:27 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:27 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:28 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:28 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:29 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:29 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:29 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:30 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:30 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:30 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:31 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:31 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:31 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:32 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:32 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:32 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:33 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:33 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:33 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:34 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:34 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:35 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:35 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:35 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:36 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:36 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:36 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:37 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:37 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:37 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:38 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:38 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:38 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:39 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:39 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:40 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:40 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:40 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:41 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:41 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:41 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:42 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:42 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:42 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:43 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:43 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:43 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:44 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:44 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:45 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:45 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:45 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:46 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:46 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:46 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:47 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:47 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:47 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:48 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:48 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:48 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:49 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:49 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:50 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:50 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:50 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:51 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:51 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:51 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:52 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:52 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:52 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:53 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:53 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:53 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:54 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:54 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:55 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:55 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:55 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:56 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:56 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:56 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:57 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:57 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:57 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:58 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:58 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:58 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:32:59 [INFO] -> GET /clone/asu_1
2020/12/09 21:32:59 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:00 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:00 [INFO] -> GET /clone/asu_1
2020/12/09 21:33:00 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:01 [INFO] -> GET /clone/asu_1
2020/12/09 21:33:01 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:01 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:02 [INFO] -> GET /clone/asu_1
2020/12/09 21:33:02 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:02 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:03 [INFO] -> GET /clone/asu_1
2020/12/09 21:33:03 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:03 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:04 [INFO] -> GET /clone/asu_1
2020/12/09 21:33:04 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:05 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:05 [INFO] -> GET /clone/asu_1
2020/12/09 21:33:05 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:06 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:06 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:07 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:07 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:08 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:08 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:09 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:10 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:10 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:11 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:11 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:12 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:12 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:13 [ERROR] Currently cannot connect to Postgres: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory
2020/12/09 21:33:13 [ERROR] Revert: failed to remove container: RunnerError(cmd="docker container rm --force dblab_clone_6000", inerr="exit status 1", stderr="Error: No such container: dblab_clone_6000
" exit="1")
2020/12/09 21:33:13 [ERROR] Failed to start session: failed to start a container: postgres start timeout: dial unix /var/lib/dblab/sockets/dblab_clone_6000/.s.PGSQL.6000: connect: no such file or directory.
2020/12/09 21:36:58 [ERROR] Failed to check the idleness of clone asu_1: failed to get clone session.
2020/12/09 21:38:58 [INFO] -> GET /status
2020/12/09 21:41:58 [ERROR] Failed to check the idleness of clone asu_1: failed to get clone session.
2020/12/09 21:46:58 [ERROR] Failed to check the idleness of clone asu_1: failed to get clone session.
2020/12/09 21:51:58 [ERROR] Failed to check the idleness of clone asu_1: failed to get clone session.
Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.
Publish Date: 2018-12-14
URL: CVE-2018-16875
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-16875
Release Date: 2018-12-14
Fix Resolution: 1.10.6,1.11.3
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/distribution-v2.7.1The toolkit to pack, ship, store, and deliver container content
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
go-jose before 1.0.4 suffers from multiple signatures exploitation. The go-jose library supports messages with multiple signatures. However, when validating a signed message the API did not indicate which signature was valid, which could potentially lead to confusion. For example, users of the library might mistakenly read protected header values from an attached signature that was different from the one originally validated.
Publish Date: 2017-03-28
URL: CVE-2016-9122
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://osv.dev/vulnerability/GO-2020-0011
Release Date: 2017-03-28
Fix Resolution: v1.1.0
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/docker-v20.10.12Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shimโs API socket verified that the connecting process had an effective UID of 0, but did not otherwise restrict access to the abstract Unix domain socket. This would allow malicious containers running in the same network namespace as the shim, with an effective UID of 0 but otherwise reduced privileges, to cause new processes to be run with elevated privileges. This vulnerability has been fixed in containerd 1.3.9 and 1.4.3. Users should update to these versions as soon as they are released. It should be noted that containers started with an old version of containerd-shim should be stopped and restarted, as running containers will continue to be vulnerable even after an upgrade. If you are not providing the ability for untrusted users to start containers in the same network namespace as the shim (typically the "host" network namespace, for example with docker run --net=host or hostNetwork: true in a Kubernetes pod) and run with an effective UID of 0, you are not vulnerable to this issue. If you are running containers with a vulnerable configuration, you can deny access to all abstract sockets with AppArmor by adding a line similar to deny unix addr=@**, to your policy. It is best practice to run containers with a reduced set of privileges, with a non-zero UID, and with isolated namespaces. The containerd maintainers strongly advise against sharing namespaces with the host. Reducing the set of isolation mechanisms used for a container necessarily increases that container's privilege, regardless of what container runtime is used for running that container.
Publish Date: 2020-12-01
URL: CVE-2020-15257
CVSS 3 Score Details (5.2)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-36xw-fx78-c5r4
Release Date: 2020-12-01
Fix Resolution: v1.3.9,v1.4.3
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/docker-v20.10.12Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go.
Publish Date: 2019-01-12
URL: CVE-2018-20699
CVSS 3 Score Details (4.9)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: docker/engine#70
Release Date: 2019-01-12
Fix Resolution: v18.09.0
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/cli-v19.03.13-beta2The Docker CLI
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming unavailable. Prior to v1.14.0, default RBAC policy authorized anonymous users to submit requests that could trigger this vulnerability. Clusters upgraded from a version prior to v1.14.0 keep the more permissive policy by default for backwards compatibility.
Publish Date: 2019-10-17
URL: CVE-2019-11253
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: kubernetes/kubernetes#83253
Release Date: 2019-10-17
Fix Resolution: v1.13.12;v1.14.8;v1.15.5;v1.16.2
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/docker-v20.10.12Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.
Publish Date: 2020-08-05
URL: CVE-2020-15106
CVSS 3 Score Details (6.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2020-15106
Release Date: 2020-08-05
Fix Resolution: v3.3.23;v3.4.10
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - node-forge-0.10.0.tgzJavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.
Library home page: https://registry.npmjs.org/node-forge/-/node-forge-0.10.0.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/node-forge/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
The forge.debug API had a potential prototype pollution issue if called with untrusted input. The API was only used for internal debug purposes in a safe way and never documented or advertised. It is suspected that uses of this API, if any exist, would likely not have used untrusted inputs in a vulnerable way.
Publish Date: 2022-01-08
URL: WS-2022-0008
CVSS 3 Score Details (6.6)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-5rrq-pxf6-6jx5
Release Date: 2022-01-08
Fix Resolution: node-forge - 1.0.0
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/distribution-v2.7.1The toolkit to pack, ship, store, and deliver container content
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
Yaml in versions v2.2.0 to v2.2.2 is vulnerable to denial of service vector.
Related to decode.go
Publish Date: 2021-04-14
URL: WS-2021-0200
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://osv.dev/vulnerability/GO-2021-0061
Release Date: 2021-04-14
Fix Resolution: v2.2.3
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - immer-8.0.1.tgzCreate your next immutable state by mutating the current one
Library home page: https://registry.npmjs.org/immer/-/immer-8.0.1.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/immer/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Publish Date: 2021-09-02
URL: CVE-2021-3757
CVSS 3 Score Details (9.8)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa/
Release Date: 2021-09-02
Fix Resolution: immer - 9.0.6
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/distribution-v2.7.1The toolkit to pack, ship, store, and deliver container content
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. An integer overflow could lead to authentication bypass for CBC-HMAC encrypted ciphertexts on 32-bit architectures.
Publish Date: 2017-03-28
URL: CVE-2016-9123
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://osv.dev/vulnerability/GO-2020-0009
Release Date: 2017-03-28
Fix Resolution: v1.0.5
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - trim-0.0.1.tgzTrim string whitespace
Library home page: https://registry.npmjs.org/trim/-/trim-0.0.1.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/trim/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().
Publish Date: 2020-10-27
URL: CVE-2020-7753
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: component/trim#8
Release Date: 2020-10-27
Fix Resolution: trim - 0.0.3
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - nanoid-3.1.30.tgzA tiny (130 bytes), secure URL-friendly unique string ID generator
Library home page: https://registry.npmjs.org/nanoid/-/nanoid-3.1.30.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/nanoid/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.
Publish Date: 2022-01-14
URL: CVE-2021-23566
CVSS 3 Score Details (5.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: ai/nanoid#328
Release Date: 2022-01-14
Fix Resolution: nanoid - 3.1.31
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - glob-parent-3.1.0.tgzStrips glob magic from a string to provide the parent directory path
Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/watchpack-chokidar2/node_modules/glob-parent/package.json,/ui/node_modules/webpack-dev-server/node_modules/glob-parent/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
Publish Date: 2021-06-03
URL: CVE-2020-28469
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28469
Release Date: 2021-06-03
Fix Resolution: glob-parent - 5.1.2
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/cli-v19.03.13-beta2The Docker CLI
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components (such as kube-apiserver) prior to v1.16.0, which make use of basic or bearer token authentication, and run at high verbosity levels, are affected.
Publish Date: 2019-08-29
URL: CVE-2019-11250
CVSS 3 Score Details (6.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://osv.dev/vulnerability/GO-2020-0065
Release Date: 2020-10-16
Fix Resolution: v1.16.0-beta.1
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/distribution-v2.7.1The toolkit to pack, ship, store, and deliver container content
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker.
Publish Date: 2021-06-02
URL: CVE-2021-3538
CVSS 3 Score Details (9.8)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: satori/go.uuid#75
Release Date: 2021-06-02
Fix Resolution: github.com/satori/go.uuid - 75cca531ea763666bc46e531da3b4c3b95f64557
Step up your Open Source Security Game with WhiteSource here
Vulnerable Libraries - swagger-ui-4.1.0.js, swagger-ui-bundle-4.1.0.js
Swagger UI is a dependency-free collection of HTML, JavaScript, and CSS assets that dynamically generate beautiful documentation from a Swagger-compliant API
Library home page: https://cdnjs.cloudflare.com/ajax/libs/swagger-ui/4.1.0/swagger-ui.js
Path to vulnerable library: /engine/api/swagger-ui/swagger-ui.js
Dependency Hierarchy:
Swagger UI is a dependency-free collection of HTML, JavaScript, and CSS assets that dynamically generate beautiful documentation from a Swagger-compliant API
Library home page: https://cdnjs.cloudflare.com/ajax/libs/swagger-ui/4.1.0/swagger-ui-bundle.js
Path to dependency file: /engine/api/swagger-ui/index.html
Path to vulnerable library: /engine/api/swagger-ui/./swagger-ui-bundle.js,/engine/api/swagger-ui/swagger-ui-bundle.js
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
SwaggerUI supports displaying remote OpenAPI definitions through the ?url parameter. This enables robust demonstration capabilities on sites like petstore.swagger.io, editor.swagger.io, and similar sites, where users often want to see what their OpenAPI definitions would look like rendered.
However, this functionality may pose a risk for users who host their own SwaggerUI instances. In particular, including remote OpenAPI definitions opens a vector for phishing attacks by abusing the trusted names/domains of self-hosted instances.
Resolution:
We've made the decision to disable query parameters (#4872) by default starting with SwaggerUI version 4.1.3. Please update to this version when it becomes available (ETA: 2021 December). Users will still be able to be re-enable the options at their discretion. We'll continue to enable query parameters on the Swagger demo sites.
Publish Date: 2021-12-09
URL: WS-2021-0461
CVSS 3 Score Details (6.1)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-qrmm-w75w-3wpx
Release Date: 2021-12-09
Fix Resolution: swagger-ui - 4.1.3;swagger-ui-dist - 4.1.3
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/cli-v20.10.12The Docker CLI
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.
Publish Date: 2020-12-07
URL: CVE-2020-8565
CVSS 3 Score Details (5.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://osv.dev/vulnerability/GO-2020-0064
Release Date: 2020-12-07
Fix Resolution: v1.20.0-alpha.2
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/golang/crypto-0c34fe9e7dc2486962ef9867e3edb3503537209f[mirror] Go supplementary cryptography libraries
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
There's an input validation flaw in golang.org/x/crypto's readCipherPacket() function. An unauthenticated attacker who sends an empty plaintext packet to a program linked with golang.org/x/crypto/ssh could cause a panic, potentially leading to denial of service.
Publish Date: 2021-11-10
URL: CVE-2021-43565
CVSS 3 Score Details (7.5)
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
Tested AWS with logical cloning of PR 188 and saving dblab state to file if container is restarted. It works, but for some reason logicalDump/Restore jobs are started too.
As a result, every time after dle restart, a new snapshot is created, which is unacceptable. Possible fix should add a setting to skip these jobs start, if clones for this snapshot already exist.
Vulnerable Library - immer-8.0.1.tgzCreate your next immutable state by mutating the current one
Library home page: https://registry.npmjs.org/immer/-/immer-8.0.1.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/immer/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
This affects the package immer before 9.0.6. A type confusion vulnerability can lead to a bypass of CVE-2020-28477 when the user-provided keys used in the path parameter are arrays. In particular, this bypass is possible because the condition (p === "proto" || p === "constructor") in applyPatches_ returns false if p is ['proto'] (or ['constructor']). The === operator (strict equality operator) returns false if the operands have different type.
Publish Date: 2021-09-01
URL: CVE-2021-23436
CVSS 3 Score Details (9.8)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23436
Release Date: 2021-09-01
Fix Resolution: immer - 9.0.6
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/docker-v20.10.12Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
Publish Date: 2020-08-05
URL: CVE-2020-15112
CVSS 3 Score Details (6.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: etcd-io/etcd@v3.4.9...v3.4.10
Release Date: 2020-07-21
Fix Resolution: 3.4.10, 3.3.23
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/docker-v20.10.12Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.
Publish Date: 2021-05-27
URL: CVE-2021-30465
CVSS 3 Score Details (8.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-c3xm-pvg7-gh7r
Release Date: 2021-04-09
Fix Resolution: v1.0.0-rc95
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/containerd/containerd-v1.5.9An open and reliable container runtime
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.
Publish Date: 2021-05-27
URL: CVE-2021-31525
CVSS 3 Score Details (5.9)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1958341
Release Date: 2021-04-22
Fix Resolution: golang - v1.15.12,v1.16.4,v1.17.0
Step up your Open Source Security Game with WhiteSource here
Vulnerable Libraries - github.com/docker/docker-v20.10.12, github.com/docker/cli-v20.10.12
Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Dependency Hierarchy:
The Docker CLI
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.
Publish Date: 2021-01-11
URL: CVE-2021-3121
CVSS 3 Score Details (8.6)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121
Release Date: 2021-01-11
Fix Resolution: v1.3.2
Step up your Open Source Security Game with WhiteSource here
The main development activities occur on GitLab: https://gitlab.com/postgres-ai/database-lab
If you're interested in helping us develop DLE, here are two good starting points:
good first issueYou can use both GitLab and GitHub to create MRs/PRsย โ we have bi-directional replication for the repositories, so we can process both GL MRs and GH PRs, choose what is more convenient in your case.
Vulnerable Library - nth-check-1.0.2.tgzperformant nth-check parser & compiler
Library home page: https://registry.npmjs.org/nth-check/-/nth-check-1.0.2.tgz
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
nth-check is vulnerable to Inefficient Regular Expression Complexity
Publish Date: 2021-09-17
URL: CVE-2021-3803
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Release Date: 2021-09-17
Fix Resolution: nth-check - v2.0.1
Step up your Open Source Security Game with Mend here
Vulnerable Library - github.com/docker/distribution-v2.7.1The toolkit to pack, ship, store, and deliver container content
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check.
Publish Date: 2020-09-30
URL: CVE-2020-26160
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2020-26160
Release Date: 2020-09-30
Fix Resolution: v4.0.0-preview1
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/distribution-v2.7.1The toolkit to pack, ship, store, and deliver container content
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.
Publish Date: 2020-04-01
URL: CVE-2019-11254
CVSS 3 Score Details (6.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://github.com/go-yaml/yaml/tree/v2.2.8
Release Date: 2020-04-01
Fix Resolution: v2.2.8
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - github.com/docker/docker-v20.10.12Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatically generate self-signed certificates for TLS connections with clients) with restricted access permissions (700) by using the os.MkdirAll. This function does not perform any permission checks when a given directory path exists already. A possible workaround is to ensure the directories have the desired permission (700).
Publish Date: 2020-08-05
URL: CVE-2020-15113
CVSS 3 Score Details (7.1)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: etcd-io/etcd@v3.4.9...v3.4.10
Release Date: 2020-07-21
Fix Resolution: 3.4.10, 3.3.23
Step up your Open Source Security Game with WhiteSource here
Vulnerable Library - ejs-2.7.4.tgzEmbedded JavaScript templates
Library home page: https://registry.npmjs.org/ejs/-/ejs-2.7.4.tgz
Path to dependency file: /ui/package.json
Path to vulnerable library: /ui/node_modules/ejs/package.json
Dependency Hierarchy:
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
Arbitrary Code Injection vulnerability was found in ejs before 3.1.6. Caused by filename which isn't sanitized for display.
Publish Date: 2021-01-22
URL: WS-2021-0153
CVSS 3 Score Details (9.8)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: mde/ejs#571
Release Date: 2021-01-22
Fix Resolution: ejs - 3.1.6
Step up your Open Source Security Game with WhiteSource here
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.