Problem: missing validation on nft-transfer message fields #2616
Annotations
10 errors
|
govuln sec scan:
app/app.go#L884
github.com/crypto-org-chain/chain-main/v4/app.RegisterSwaggerAPI calls github.com/rakyll/statik/fs.NewWithNamespace, which eventually calls path/filepath.IsLocal
|
|
govuln sec scan:
app/app.go#L750
github.com/crypto-org-chain/chain-main/v4/app.ChainApp.BeginBlocker calls github.com/cosmos/cosmos-sdk/server.ZeroLogWrapper.Info, which eventually calls path/filepath.Rel
|
|
govuln sec scan:
app/app.go#L777
github.com/crypto-org-chain/chain-main/v4/app.ChainApp.LoadHeight calls github.com/cosmos/cosmos-sdk/baseapp.BaseApp.LoadVersion, which eventually calls path/filepath.Abs
|
|
govuln sec scan:
app/app.go#L884
github.com/crypto-org-chain/chain-main/v4/app.RegisterSwaggerAPI calls github.com/rakyll/statik/fs.NewWithNamespace, which eventually calls path/filepath.IsLocal
|
|
govuln sec scan:
cmd/chain-maind/app/appunix.go#L13
github.com/crypto-org-chain/chain-main/v4/cmd/chain-maind/app.WriteFile calls github.com/google/renameio.WriteFile, which eventually calls path/filepath.Base
|
|
govuln sec scan:
cmd/chain-maind/main.go#L14
github.com/crypto-org-chain/chain-main/v4/cmd/chain-maind.main calls github.com/cosmos/cosmos-sdk/server/cmd.Execute, which eventually calls path/filepath.EvalSymlinks
|
|
govuln sec scan:
cmd/chain-maind/main.go#L14
github.com/crypto-org-chain/chain-main/v4/cmd/chain-maind.main calls github.com/cosmos/cosmos-sdk/server/cmd.Execute, which eventually calls path/filepath.Glob
|
|
govuln sec scan:
cmd/chain-maind/main.go#L14
github.com/crypto-org-chain/chain-main/v4/cmd/chain-maind.main calls github.com/cosmos/cosmos-sdk/server/cmd.Execute, which eventually calls path/filepath.Walk
|
|
govuln sec scan:
x/chainmain/client/cli/testnet.go#L226
github.com/crypto-org-chain/chain-main/v4/x/chainmain/client/cli.InitTestnet calls path/filepath.Join
|
|
govuln sec scan:
x/chainmain/client/cli/testnet.go#L245
github.com/crypto-org-chain/chain-main/v4/x/chainmain/client/cli.InitTestnet calls github.com/cosmos/cosmos-sdk/x/genutil.InitializeNodeValidatorFiles, which eventually calls path/filepath.Dir
|
The logs for this run have expired and are no longer available.
Loading