wiremock-net / wiremock.net-docker Goto Github PK
View Code? Open in Web Editor NEWWireMock.Net-docker is a Docker image which runs WireMock.Net (a flexible library for stubbing and mocking web services)
License: MIT License
WireMock.Net-docker is a Docker image which runs WireMock.Net (a flexible library for stubbing and mocking web services)
License: MIT License
I ran into an issue where I was not able to mock responses when a client make an HTTPS request rather than an HTTP request. Is there a way to configure the standalone Wiremock docker container to support for both HTTP and HTTPS mocking?
This is currently what my docker-compose entry looks like for my Wiremock container.
users-service-mock:
container_name: users-service-mock
image: "sheyenrath/wiremock.net:1.3.3"
networks:
- users-https-test
ports:
- "80"
command:
- "--ReadStaticMappings"
- "true"
- "--WireMockLogger"
- WireMockConsoleLogger
volumes:
- type: bind
source: ./services/http-mocks/users-service-mock
target: /app/__admin/mappings
Hello,
I was trying to figure out how to persist the recorded stub mappings to my local file system made in the docker container running the WireMock.Net server instance, in order to use them as static mappings for my unit tests. I tried by creating a volume for the docker instance, however, I wasn't able to successfully access them. Thanks in advance!
You should use e.g.
mcr.microsoft.com/dotnet/core/sdk:3.1-nanoserver-1809
instead of
mcr.microsoft.com/windows/nanoserver:1809
Otherwise you won't be able to execute the dotnet command. Nanoserver doesn't include dotnet per default anymore.
I am trying to run wiremock .net in docker but it is not reading static files. How to send ReadStaticMappings flag in docker compose?
wiremock:
image: sheyenrath/wiremock.net
ports:
- "9091:80"
volumes:
- ./wiremock:/home/wiremock
Dockerfile is setting all the command line arguments to wiremock-net as ENTRYPOINT parameters. This makes it difficult to override the arguments specified.
We can move ReadStaticMappings
and WireMockLogger
as CMD arguments, that would make it easy to override with docker run
and also would make it easier to create custom images based on this by copying over the static mappings.
This will become
ENTRYPOINT ["./wiremock-net", "--Urls", "http://*:80", "--ReadStaticMappings", "false", "--WireMockLogger", "WireMockConsoleLogger"]
following
ENTRYPOINT ["./wiremock-net", "--Urls", "http://*:80"]
CMD ["--ReadStaticMappings", "false", "--WireMockLogger", "WireMockConsoleLogger"]
If happy with the suggestion, I can do a PR with changes.
Thanks
After 1.5.15 all new images are smaller, and seems to lack some essential files.
Any build after 1.5.16 will show error: exec ./wiremock-net: no such file or directory
.
Seems like something changed from 1.5.15 to 1.5.16. version which made docker images broken.
Server should start instead of showing error exec ./wiremock-net: no such file or directory
.
docker run --rm -p 9091:80 sheyenrath/wiremock.net-arm64:latest
➜ ~ docker run --rm -p 9091:80 sheyenrath/wiremock.net-arm64:latest
exec ./wiremock-net: no such file or directory
➜ ~ docker run --rm -p 9091:80 sheyenrath/wiremock.net-arm64:1.5.16
exec ./wiremock-net: no such file or directory
➜ ~ docker run --rm -p 9091:80 sheyenrath/wiremock.net-arm64:1.5.15
09/17/2023 22:22:58 [Info] : By Stef Heyenrath (https://github.com/WireMock-Net/WireMock.Net)
09/17/2023 22:22:58 [Debug] : Server settings {
"Port": null,
"UseSSL": null,
"HostingScheme": null,
"StartAdminInterface": true,
"ReadStaticMappings": false,
"WatchStaticMappings": false,
"WatchStaticMappingsInSubdirectories": false,
"ProxyAndRecordSettings": null,
"Urls": [
"http://*:80"
],
"StartTimeout": 10000,
"AllowPartialMapping": false,
"AdminUsername": null,
"AdminPassword": null,
"AdminAzureADTenant": null,
"AdminAzureADAudience": null,
"RequestLogExpirationDuration": null,
"MaxRequestLogCount": null,
"CorsPolicyOptions": 0,
"AllowCSharpCodeMatcher": false,
"AllowBodyForAllHttpMethods": false,
"AllowOnlyDefinedHttpStatusCodeInResponse": false,
"DisableJsonBodyParsing": false,
"DisableRequestBodyDecompressing": null,
"HandleRequestsSynchronously": false,
"ThrowExceptionWhenMatcherFails": false,
"CertificateSettings": null,
"CustomCertificateDefined": false,
"ClientCertificateMode": 0,
"AcceptAnyClientCertificate": false,
"WebhookSettings": null,
"UseRegexExtended": true,
"SaveUnmatchedRequests": false,
"DoNotSaveDynamicResponseInLogEntry": false,
"QueryParameterMultipleValueSupport": null
}
09/17/2023 22:22:58 [Info] : Server using .NET 6.0
09/17/2023 22:22:58 Press Ctrl+C to shut down
09/17/2023 22:22:58 WireMock.Net server running
^C09/17/2023 22:22:59 WireMock.Net server stopping because 'CancelKeyPress'
09/17/2023 22:22:59 WireMock.Net server stopped
Docker file inspection:
➜ ~ docker run -it --rm -p 9091:80 --entrypoint="sh" sheyenrath/wiremock.net-arm64:1.5.34
/app # ls -la | grep wiremock-net
-rwxr-xr-x 1 root root 200424 Aug 4 09:58 wiremock-net
-rw-r--r-- 1 root root 219979 Aug 4 09:58 wiremock-net.deps.json
-rw-r--r-- 1 root root 6656 Aug 4 09:58 wiremock-net.dll
-rw-r--r-- 1 root root 22000 Aug 4 09:58 wiremock-net.pdb
-rw-r--r-- 1 root root 479 Aug 4 09:58 wiremock-net.runtimeconfig.json
/app # ./wiremock-net
sh: ./wiremock-net: not found
/app # dotnet ./wiremock-net.dll
Failed to load /app/libhostpolicy.so, error: Error loading shared library ld-linux-aarch64.so.1: No such file or directory (needed by /app/libhostpolicy.so)
An error occurred while loading required library libhostpolicy.so from [/app/]
/app # uname -a
Linux 3e00009423c6 5.15.49-linuxkit-pr #1 SMP PREEMPT Thu May 25 07:27:39 UTC 2023 aarch64 Linux
/app # uname -r
5.15.49-linuxkit-pr
Size change from 1.5.15 to 1.5.16:
Docker info:
➜ ~ docker info
Client:
Version: 24.0.5
Context: desktop-linux
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.11.2-desktop.1
Path: /Users/alexander.fedora/.docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.20.2-desktop.1
Path: /Users/alexander.fedora/.docker/cli-plugins/docker-compose
dev: Docker Dev Environments (Docker Inc.)
Version: v0.1.0
Path: /Users/alexander.fedora/.docker/cli-plugins/docker-dev
extension: Manages Docker extensions (Docker Inc.)
Version: v0.2.20
Path: /Users/alexander.fedora/.docker/cli-plugins/docker-extension
init: Creates Docker-related starter files for your project (Docker Inc.)
Version: v0.1.0-beta.6
Path: /Users/alexander.fedora/.docker/cli-plugins/docker-init
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
Version: 0.6.0
Path: /Users/alexander.fedora/.docker/cli-plugins/docker-sbom
scan: Docker Scan (Docker Inc.)
Version: v0.26.0
Path: /Users/alexander.fedora/.docker/cli-plugins/docker-scan
scout: Command line tool for Docker Scout (Docker Inc.)
Version: 0.20.0
Path: /Users/alexander.fedora/.docker/cli-plugins/docker-scout
Server:
Containers: 15
Running: 0
Paused: 0
Stopped: 15
Images: 304
Server Version: 24.0.5
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 3dce8eb055cbb6872793272b4f20ed16117344f8
runc version: v1.1.7-0-g860f061
init version: de40ad0
Security Options:
seccomp
Profile: unconfined
cgroupns
Kernel Version: 5.15.49-linuxkit-pr
Operating System: Docker Desktop
OSType: linux
Architecture: aarch64
CPUs: 8
Total Memory: 19.52GiB
Name: docker-desktop
ID: 359ce805-fac8-4053-a8ae-820129f67050
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5555
127.0.0.0/8
Live Restore Enabled: false
WARNING: daemon is not using the default seccomp profile
docker-compose.yml:
services:
wiremock:
image: sheyenrath/wiremock.net:1.5.21
ports:
- "8080:8080"
volumes:
- ./wiremock/mappings:/app/__admin/mappings
command: ["dotnet", "wiremock-net.dll", "--Urls", "http://*:8080", "--ReadStaticMappings", "true", "--WireMockLogger", "WireMockConsoleLogger", "--WatchStaticMappings", "true", "--WatchStaticMappingsInSubdirectories", "true", "--AllowPartialMapping", "true"]
This will pick up the static mappings just fine, but when I modify the file the changes are not updated in /mappings. I can look at /files/filename.json and it shows the changes just fine. Running standalone console or the windows docker the WatchStaticMappings looks to work, just not working in the linux image. My host is Windows 10.
Current image published only supports amd64, which crashes when used on new M1 Macbooks.
I was able to get this to work with the existing docker file locally using docker's buildx
command and targeting multiple platforms:
https://docs.docker.com/buildx/working-with-buildx/#build-multi-platform-images
It appears that since you are using Azure DevOps for CI, it can be achieved similar to this: https://www.frakkingsweet.com/build-multi-architecture-images-in-azure-devops/
It looks like your existing containers for the build and runtime images already support arm64 architecture.
It would be nice to document the way how to enable request and response logs. I guess there is a way, but I don't find it.
How do I consume it on an Integration test? on Every option there is generally a Start() for the server, but since is already app, how do you configure mappings?
How might I run the docker command(s) in such a way as to persist the mappings when I restart the container?
The image on Docker Hub is still tagged preview, are you considering update to the latest version?
Describe the bug
I am using wiremock docker compose example with ProxyAndRecordSettings (command "--ProxyURL" ) and setting "--SaveMappingToFile", "true". It raises the following error when browsing to http://localhost:9091/__admin/mappings
{"Status":"Unable to cast object of type 'WireMock.ResponseProviders.DynamicResponseProvider' to type 'WireMock.ResponseBuilders.Response'."}
Expected behavior:
Load mapping files
Test to reproduce
Docker Compose file:
version: "3.8"
services:
wiremock:
image: sheyenrath/wiremock.net
ports:
Other related info
I have raised the same issue to WireMock.Net for reference.
After starting up the container, I can hit http://localhost:9091/__admin/mappings
and get [ ]
as expected. I call POST http://localhost:9091/__admin/mappings
with a body of
{
"request": {
"method": "GET",
"url": "/hello"
},
"response": {
"status": 200,
"body": "Hello world!",
"headers": {
"Content-Type": "text/plain"
}
}
}
and get a response:
{
"Guid": "9bb9e059-10f4-4381-9b20-2a8a6b07da4f",
"Status": "Mapping added"
}
I can verify that the server has the mapping by calling GET http://localhost:9091/__admin/mappings
and I get
[
{
"Guid": "9bb9e059-10f4-4381-9b20-2a8a6b07da4f",
"Priority": 0,
"Request": {
"Url": {
"Matchers": [
{
"Name": "WildcardMatcher",
"Pattern": "/hello",
"IgnoreCase": false
}
]
},
"Body": {}
},
"Response": {
"StatusCode": 200,
"Body": "Hello world!",
"UseTransformer": false,
"Headers": {
"Content-Type": "text/plain"
}
}
}
]
But then if I call GET http://localhost:9091/hello
I get
{
"Status": "No matching mapping found"
}
Is there an extra step I'm missing?
After running latest version of docker container with wiremock and calling "/__admin/settings" (actually any endpoint) I'm getting the following errors
HttpStatusCode set to 500 Could not load file or assembly 'MimeKitLite, Version=4.1.0.0, Culture=neutral, PublicKeyToken=bede1c8a46c66814'. The system cannot find the file specified.
v1.5.32 is working fine,. v1.5.33 is broken
Trivy scan reports about vulnerabilities in the Docker image
Steps to reproduce:
docker run aquasec/trivy image sheyenrath/wiremock.net > report.txt
The generated report.txt file is attached below.
sheyenrath/wiremock.net (debian 11.7)
=====================================
Total: 81 (UNKNOWN: 0, LOW: 67, MEDIUM: 0, HIGH: 13, CRITICAL: 1)
┌──────────────────┬──────────────────┬──────────┬────────────────────────┬───────────────┬──────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ apt │ CVE-2011-3374 │ LOW │ 2.2.4 │ │ It was found that apt-key in apt, all versions, do not │
│ │ │ │ │ │ correctly... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2011-3374 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ bash │ CVE-2022-3715 │ HIGH │ 5.1-2+deb11u1 │ │ a heap-buffer-overflow in valid_parameter_transform │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-3715 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ bsdutils │ CVE-2022-0563 │ LOW │ 1:2.36.1-8+deb11u1 │ │ partial disclosure of arbitrary files in chfn and chsh when │
│ │ │ │ │ │ compiled with... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-0563 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ coreutils │ CVE-2016-2781 │ │ 8.32-4+b1 │ │ coreutils: Non-privileged session can escape to the parent │
│ │ │ │ │ │ session in chroot │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2016-2781 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2017-18018 │ │ │ │ coreutils: race condition vulnerability in chown and chgrp │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2017-18018 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ e2fsprogs │ CVE-2022-1304 │ HIGH │ 1.46.2-2 │ │ e2fsprogs: out-of-bounds read/write via crafted filesystem │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-1304 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ gpgv │ CVE-2022-3219 │ LOW │ 2.2.27-2+deb11u2 │ │ denial of service issue (resource consumption) using │
│ │ │ │ │ │ compressed packets │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-3219 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libapt-pkg6.0 │ CVE-2011-3374 │ │ 2.2.4 │ │ It was found that apt-key in apt, all versions, do not │
│ │ │ │ │ │ correctly... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2011-3374 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libblkid1 │ CVE-2022-0563 │ │ 2.36.1-8+deb11u1 │ │ partial disclosure of arbitrary files in chfn and chsh when │
│ │ │ │ │ │ compiled with... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-0563 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libc-bin │ CVE-2010-4756 │ │ 2.31-13+deb11u6 │ │ glibc: glob implementation can cause excessive CPU and │
│ │ │ │ │ │ memory consumption due to... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2010-4756 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2018-20796 │ │ │ │ glibc: uncontrolled recursion in function │
│ │ │ │ │ │ check_dst_limits_calc_pos_1 in posix/regexec.c │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-20796 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-1010022 │ │ │ │ glibc: stack guard protection bypass │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-1010022 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-1010023 │ │ │ │ glibc: running ldd on malicious ELF leads to code execution │
│ │ │ │ │ │ because of... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-1010023 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-1010024 │ │ │ │ glibc: ASLR bypass using cache of thread stack and heap │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-1010024 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-1010025 │ │ │ │ glibc: information disclosure of heap addresses of │
│ │ │ │ │ │ pthread_created thread │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-1010025 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-9192 │ │ │ │ glibc: uncontrolled recursion in function │
│ │ │ │ │ │ check_dst_limits_calc_pos_1 in posix/regexec.c │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-9192 │
├──────────────────┼──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ libc6 │ CVE-2010-4756 │ │ │ │ glibc: glob implementation can cause excessive CPU and │
│ │ │ │ │ │ memory consumption due to... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2010-4756 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2018-20796 │ │ │ │ glibc: uncontrolled recursion in function │
│ │ │ │ │ │ check_dst_limits_calc_pos_1 in posix/regexec.c │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-20796 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-1010022 │ │ │ │ glibc: stack guard protection bypass │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-1010022 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-1010023 │ │ │ │ glibc: running ldd on malicious ELF leads to code execution │
│ │ │ │ │ │ because of... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-1010023 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-1010024 │ │ │ │ glibc: ASLR bypass using cache of thread stack and heap │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-1010024 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-1010025 │ │ │ │ glibc: information disclosure of heap addresses of │
│ │ │ │ │ │ pthread_created thread │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-1010025 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-9192 │ │ │ │ glibc: uncontrolled recursion in function │
│ │ │ │ │ │ check_dst_limits_calc_pos_1 in posix/regexec.c │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-9192 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libcom-err2 │ CVE-2022-1304 │ HIGH │ 1.46.2-2 │ │ e2fsprogs: out-of-bounds read/write via crafted filesystem │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-1304 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libdb5.3 │ CVE-2019-8457 │ CRITICAL │ 5.3.28+dfsg1-0.8 │ │ sqlite: heap out-of-bound read in function rtreenode() │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-8457 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libext2fs2 │ CVE-2022-1304 │ HIGH │ 1.46.2-2 │ │ e2fsprogs: out-of-bounds read/write via crafted filesystem │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-1304 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libgcrypt20 │ CVE-2021-33560 │ │ 1.8.7-6 │ │ libgcrypt: mishandles ElGamal encryption because it lacks │
│ │ │ │ │ │ exponent blinding to address a... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-33560 │
│ ├──────────────────┼──────────┤ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2018-6829 │ LOW │ │ │ libgcrypt: ElGamal implementation doesn't have semantic │
│ │ │ │ │ │ security due to incorrectly encoded plaintexts... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-6829 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libgnutls30 │ CVE-2011-3389 │ │ 3.7.1-5+deb11u3 │ │ HTTPS: block-wise chosen-plaintext attack against SSL/TLS │
│ │ │ │ │ │ (BEAST) │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2011-3389 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libgssapi-krb5-2 │ CVE-2018-5709 │ │ 1.18.3-6+deb11u3 │ │ krb5: integer overflow in dbentry->n_key_data in │
│ │ │ │ │ │ kadmin/dbutil/dump.c │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-5709 │
├──────────────────┤ │ │ ├───────────────┤ │
│ libk5crypto3 │ │ │ │ │ │
│ │ │ │ │ │ │
│ │ │ │ │ │ │
├──────────────────┤ │ │ ├───────────────┤ │
│ libkrb5-3 │ │ │ │ │ │
│ │ │ │ │ │ │
│ │ │ │ │ │ │
├──────────────────┤ │ │ ├───────────────┤ │
│ libkrb5support0 │ │ │ │ │ │
│ │ │ │ │ │ │
│ │ │ │ │ │ │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libmount1 │ CVE-2022-0563 │ │ 2.36.1-8+deb11u1 │ │ partial disclosure of arbitrary files in chfn and chsh when │
│ │ │ │ │ │ compiled with... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-0563 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libpcre3 │ CVE-2017-11164 │ │ 2:8.39-13 │ │ pcre: OP_KETRMAX feature in the match function in │
│ │ │ │ │ │ pcre_exec.c │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2017-11164 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2017-16231 │ │ │ │ pcre: self-recursive call in match() in pcre_exec.c leads to │
│ │ │ │ │ │ denial of service... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2017-16231 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2017-7245 │ │ │ │ pcre: stack-based buffer overflow write in │
│ │ │ │ │ │ pcre32_copy_substring │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2017-7245 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2017-7246 │ │ │ │ pcre: stack-based buffer overflow write in │
│ │ │ │ │ │ pcre32_copy_substring │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2017-7246 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-20838 │ │ │ │ pcre: Buffer over-read in JIT when UTF is disabled and \X │
│ │ │ │ │ │ or... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-20838 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libsepol1 │ CVE-2021-36084 │ │ 3.1-1 │ │ libsepol: use-after-free in __cil_verify_classperms() │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-36084 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2021-36085 │ │ │ │ libsepol: use-after-free in __cil_verify_classperms() │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-36085 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2021-36086 │ │ │ │ use-after-free in cil_reset_classpermission() │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-36086 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2021-36087 │ │ │ │ libsepol: heap-based buffer overflow in ebitmap_match_any() │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-36087 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libsmartcols1 │ CVE-2022-0563 │ │ 2.36.1-8+deb11u1 │ │ partial disclosure of arbitrary files in chfn and chsh when │
│ │ │ │ │ │ compiled with... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-0563 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libss2 │ CVE-2022-1304 │ HIGH │ 1.46.2-2 │ │ e2fsprogs: out-of-bounds read/write via crafted filesystem │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-1304 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libssl1.1 │ CVE-2007-6755 │ LOW │ 1.1.1n-0+deb11u5 │ │ Dual_EC_DRBG: weak pseudo random number generator │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2007-6755 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2010-0928 │ │ │ │ openssl: RSA authentication weakness │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2010-0928 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libsystemd0 │ CVE-2013-4392 │ │ 247.3-7+deb11u2 │ │ TOCTOU race condition when updating file permissions and │
│ │ │ │ │ │ SELinux security contexts │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2013-4392 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2020-13529 │ │ │ │ systemd: DHCP FORCERENEW authentication not implemented can │
│ │ │ │ │ │ cause a system running the... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-13529 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2023-31437 │ │ │ │ An issue was discovered in systemd 253. An attacker can │
│ │ │ │ │ │ modify a... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-31437 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2023-31438 │ │ │ │ An issue was discovered in systemd 253. An attacker can │
│ │ │ │ │ │ truncate a... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-31438 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2023-31439 │ │ │ │ An issue was discovered in systemd 253. An attacker can │
│ │ │ │ │ │ modify the... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-31439 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libtinfo6 │ CVE-2023-29491 │ HIGH │ 6.2+20201114-2+deb11u1 │ │ Local users can trigger security-relevant memory corruption │
│ │ │ │ │ │ via malformed data │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-29491 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libudev1 │ CVE-2013-4392 │ LOW │ 247.3-7+deb11u2 │ │ TOCTOU race condition when updating file permissions and │
│ │ │ │ │ │ SELinux security contexts │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2013-4392 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2020-13529 │ │ │ │ systemd: DHCP FORCERENEW authentication not implemented can │
│ │ │ │ │ │ cause a system running the... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-13529 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2023-31437 │ │ │ │ An issue was discovered in systemd 253. An attacker can │
│ │ │ │ │ │ modify a... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-31437 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2023-31438 │ │ │ │ An issue was discovered in systemd 253. An attacker can │
│ │ │ │ │ │ truncate a... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-31438 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2023-31439 │ │ │ │ An issue was discovered in systemd 253. An attacker can │
│ │ │ │ │ │ modify the... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-31439 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libuuid1 │ CVE-2022-0563 │ │ 2.36.1-8+deb11u1 │ │ partial disclosure of arbitrary files in chfn and chsh when │
│ │ │ │ │ │ compiled with... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-0563 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libzstd1 │ CVE-2022-4899 │ HIGH │ 1.4.8+dfsg-2.1 │ │ buffer overrun in util.c │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-4899 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ login │ CVE-2007-5686 │ LOW │ 1:4.8.1-1 │ │ initscripts in rPath Linux 1 sets insecure permissions for │
│ │ │ │ │ │ the /var/lo ...... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2007-5686 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2013-4235 │ │ │ │ shadow-utils: TOCTOU race conditions by copying and removing │
│ │ │ │ │ │ directory trees │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2013-4235 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-19882 │ │ │ │ shadow-utils: local users can obtain root access because │
│ │ │ │ │ │ setuid programs are misconfigured... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-19882 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2023-29383 │ │ │ │ Improper input validation in shadow-utils package utility │
│ │ │ │ │ │ chfn │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-29383 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ logsave │ CVE-2022-1304 │ HIGH │ 1.46.2-2 │ │ e2fsprogs: out-of-bounds read/write via crafted filesystem │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-1304 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ mount │ CVE-2022-0563 │ LOW │ 2.36.1-8+deb11u1 │ │ partial disclosure of arbitrary files in chfn and chsh when │
│ │ │ │ │ │ compiled with... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-0563 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ ncurses-base │ CVE-2023-29491 │ HIGH │ 6.2+20201114-2+deb11u1 │ │ Local users can trigger security-relevant memory corruption │
│ │ │ │ │ │ via malformed data │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-29491 │
├──────────────────┤ │ │ ├───────────────┤ │
│ ncurses-bin │ │ │ │ │ │
│ │ │ │ │ │ │
│ │ │ │ │ │ │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ openssl │ CVE-2007-6755 │ LOW │ 1.1.1n-0+deb11u5 │ │ Dual_EC_DRBG: weak pseudo random number generator │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2007-6755 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2010-0928 │ │ │ │ openssl: RSA authentication weakness │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2010-0928 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ passwd │ CVE-2007-5686 │ │ 1:4.8.1-1 │ │ initscripts in rPath Linux 1 sets insecure permissions for │
│ │ │ │ │ │ the /var/lo ...... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2007-5686 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2013-4235 │ │ │ │ shadow-utils: TOCTOU race conditions by copying and removing │
│ │ │ │ │ │ directory trees │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2013-4235 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-19882 │ │ │ │ shadow-utils: local users can obtain root access because │
│ │ │ │ │ │ setuid programs are misconfigured... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-19882 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2023-29383 │ │ │ │ Improper input validation in shadow-utils package utility │
│ │ │ │ │ │ chfn │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-29383 │
├──────────────────┼──────────────────┼──────────┼────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ perl-base │ CVE-2020-16156 │ HIGH │ 5.32.1-4+deb11u2 │ │ Bypass of verification of signatures in CHECKSUMS files │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-16156 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2023-31484 │ │ │ │ CPAN.pm before 2.35 does not verify TLS certificates when │
│ │ │ │ │ │ downloading distributions over... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-31484 │
│ ├──────────────────┼──────────┤ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2011-4116 │ LOW │ │ │ perl: File::Temp insecure temporary file handling │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2011-4116 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2023-31486 │ │ │ │ HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and │
│ │ │ │ │ │ available ...... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-31486 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ tar │ CVE-2005-2541 │ │ 1.34+dfsg-1 │ │ tar: does not properly warn the user when extracting setuid │
│ │ │ │ │ │ or setgid... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2005-2541 │
│ ├──────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2022-48303 │ │ │ │ heap buffer overflow at from_header() in list.c via │
│ │ │ │ │ │ specially crafted checksum │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-48303 │
├──────────────────┼──────────────────┤ ├────────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ util-linux │ CVE-2022-0563 │ │ 2.36.1-8+deb11u1 │ │ partial disclosure of arbitrary files in chfn and chsh when │
│ │ │ │ │ │ compiled with... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-0563 │
└──────────────────┴──────────────────┴──────────┴────────────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘
app/wiremock-net.deps.json (dotnet-core)
========================================
Total: 5 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 4, CRITICAL: 0)
┌────────────────────────────────┬───────────────┬──────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │
├────────────────────────────────┼───────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ System.Net.Http │ CVE-2018-8292 │ HIGH │ 4.3.0 │ 4.3.4 │ .NET Core: information disclosure due to authentication │
│ │ │ │ │ │ information exposed in a redirect... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-8292 │
├────────────────────────────────┼───────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ System.Private.Uri │ CVE-2019-0980 │ │ │ 4.3.2 │ dotnet: infinite loop in Uri.TryCreate leading to ASP.Net │
│ │ │ │ │ │ Core Denial of Service... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-0980 │
│ ├───────────────┤ │ │ ├──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-0981 │ │ │ │ dotnet: crash in IPAddress.TryCreate leading to ASP.Net Core │
│ │ │ │ │ │ Denial of Service │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-0981 │
│ ├───────────────┼──────────┤ │ ├──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-0657 │ MEDIUM │ │ │ dotnet: Domain-spoofing attack in System.Uri │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-0657 │
├────────────────────────────────┼───────────────┼──────────┤ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ System.Text.RegularExpressions │ CVE-2019-0820 │ HIGH │ │ 4.3.1 │ dotnet: timeouts for regular expressions are not enforced │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-0820 │
└────────────────────────────────┴───────────────┴──────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘
usr/share/dotnet/shared/Microsoft.AspNetCore.App/6.0.19/Microsoft.AspNetCore.App.deps.json (dotnet-core)
========================================================================================================
Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
┌────────────────────────────────────────────┬────────────────┬──────────┬───────────────────┬───────────────┬─────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │
├────────────────────────────────────────────┼────────────────┼──────────┼───────────────────┼───────────────┼─────────────────────────────────────────────┤
│ Microsoft.AspNetCore.App.Runtime.linux-x64 │ CVE-2023-33170 │ HIGH │ 6.0.19 │ 7.0.9, 6.0.20 │ race condition in Core SignInManager<TUser> │
│ │ │ │ │ │ PasswordSignInAsync method │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-33170 │
└────────────────────────────────────────────┴────────────────┴──────────┴───────────────────┴───────────────┴─────────────────────────────────────────────┘
Is it possible to address these issues?
It took me some time to realize that Docker container has partial match enabled by default. Here is related line of code:
It would be good if partial match was disabled by default. If it's enabled it very confusing when you get matches for requests which were not stubbed.
It would be helpful for other if the documentation described where to mount you request stub files. Thanks!
It would be good to add "latest" label to docker image to avoid the following error:
C:\Users\User>docker run -it --rm -p 9091:80 sheyenrath/wiremock.net-nano
Unable to find image 'sheyenrath/wiremock.net-nano:latest' locally
docker: Error response from daemon: manifest for sheyenrath/wiremock.net-nano:latest not found.
See 'docker run --help'.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.