Last active
June 26, 2024 14:10
-
-
Save Pururun/89199a37e9794bac5969193f2a5ed685 to your computer and use it in GitHub Desktop.
CVE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| > Task :dependencyCheckAnalyze | |
| Verifying dependencies for project android | |
| Checking for updates and analyzing dependencies for vulnerabilities | |
| An NVD API Key was not provided - it is highly recommended to use an NVD API key as the update can take a VERY long time without an API Key | |
| ---------------------------------------------------- | |
| .NET Assembly Analyzer could not be initialized and at least one 'exe' or 'dll' was scanned. The 'dotnet' executable could not be found on the path; either disable the Assembly Analyzer or add the path to dotnet core in the configuration. | |
| The dotnet 6.0 core runtime or SDK is required to analyze assemblies | |
| ---------------------------------------------------- | |
| Generating report for project android | |
| Found 0 vulnerabilities in project android | |
| Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT | |
| Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL | |
| Region [POM] : Not alive and dispose was called, filename: POM | |
| > Task :app:dependencyCheckAnalyze | |
| Verifying dependencies for project app | |
| Failed to fetch URL https://dl.google.com/android/repository/sys-img/android-automotive-distantdisplay/sys-img2-4.xml/sys-img.xml, reason: File not found | |
| Failed to fetch URL: File not found | |
| Errors during XML parse: | |
| https://dl.google.com/android/repository/sys-img/android-automotive-distantdisplay/sys-img2-4.xml parsing problem. unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| javax.xml.bind.UnmarshalException: unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| Additionally, the fallback loader failed to parse the XML. | |
| Failed to fetch URL https://dl.google.com/android/repository/sys-img/google-tv/sys-img2-4.xml/sys-img.xml, reason: File not found | |
| Failed to fetch URL: File not found | |
| Errors during XML parse: | |
| https://dl.google.com/android/repository/sys-img/google-tv/sys-img2-4.xml parsing problem. unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| javax.xml.bind.UnmarshalException: unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| Additionally, the fallback loader failed to parse the XML. | |
| Errors during XML parse: | |
| https://dl.google.com/android/repository/sys-img/android-automotive/sys-img2-4.xml parsing problem. unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| javax.xml.bind.UnmarshalException: unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| Additionally, the fallback loader failed to parse the XML. | |
| Found Android TV Intel x86 Atom System Image, Android API 21, revision 3 | |
| Found Android TV ARM EABI v7a System Image, Android API 21, revision 3 | |
| Found Android TV Intel x86 Atom System Image, Android API 22, revision 3 | |
| Found Android TV Intel x86 Atom System Image, Android API 23, revision 19 | |
| Found Android TV ARM EABI v7a System Image, Android API 23, revision 12 | |
| Found Android TV Intel x86 Atom System Image, Android API 24, revision 20 | |
| Found Android TV Intel x86 Atom System Image, Android API 25, revision 14 | |
| Found Android TV Intel x86 Atom System Image, Android API 26, revision 12 | |
| Found Android TV Intel x86 Atom System Image, Android API 27, revision 7 | |
| Found Android TV Intel x86 Atom System Image, Android API 28, revision 8 | |
| Found Android TV Intel x86 Atom System Image, Android API Q, revision 1 | |
| Failed to fetch URL https://dl.google.com/android/repository/sys-img/google_atd/sys-img2-4.xml/sys-img.xml, reason: File not found | |
| Failed to fetch URL: File not found | |
| Errors during XML parse: | |
| https://dl.google.com/android/repository/sys-img/google_atd/sys-img2-4.xml parsing problem. unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| javax.xml.bind.UnmarshalException: unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| Additionally, the fallback loader failed to parse the XML. | |
| Found Android Wear ARM EABI v7a System Image, Android API 23, revision 6 | |
| Found Android Wear Intel x86 Atom System Image, Android API 23, revision 6 | |
| Found Android Wear ARM EABI v7a System Image, Android API 25, revision 3 | |
| Found Android Wear Intel x86 Atom System Image, Android API 25, revision 3 | |
| Found Android Wear Intel x86 Atom System Image, Android API 26, revision 4 | |
| Found Wear OS Intel x86 Atom System Image, Android API 28, revision 3 | |
| Found ARM EABI v7a System Image, Android API 10, revision 5 | |
| Found ARM EABI v7a System Image, Android API 14, revision 2 | |
| Found ARM EABI v7a System Image, Android API 15, revision 5 | |
| Found ARM EABI v7a System Image, Android API 16, revision 6 | |
| Found ARM EABI v7a System Image, Android API 17, revision 6 | |
| Found ARM EABI v7a System Image, Android API 18, revision 5 | |
| Found ARM EABI v7a System Image, Android API 19, revision 5 | |
| Found ARM EABI v7a System Image, Android API 21, revision 4 | |
| Found ARM EABI v7a System Image, Android API 22, revision 2 | |
| Found ARM EABI v7a System Image, Android API 23, revision 6 | |
| Found ARM EABI v7a System Image, Android API 24, revision 7 | |
| Found ARM 64 v8a System Image, Android API 24, revision 7 | |
| Found MIPS System Image, Android API 16, revision 1 | |
| Found MIPS System Image, Android API 17, revision 1 | |
| Found Intel x86 Atom System Image, Android API 10, revision 5 | |
| Found Intel x86 Atom System Image, Android API 15, revision 5 | |
| Found Intel x86 Atom System Image, Android API 16, revision 6 | |
| Found Intel x86 Atom System Image, Android API 17, revision 4 | |
| Found Intel x86 Atom System Image, Android API 18, revision 4 | |
| Found Intel x86 Atom System Image, Android API 19, revision 6 | |
| Found Intel x86 Atom System Image, Android API 21, revision 5 | |
| Found Intel x86 Atom System Image, Android API 22, revision 6 | |
| Found Intel x86 Atom System Image, Android API 23, revision 10 | |
| Found Intel x86 Atom System Image, Android API 24, revision 8 | |
| Found Intel x86 Atom System Image, Android API 25, revision 1 | |
| Found Intel x86 Atom System Image, Android API 26, revision 1 | |
| Found Intel x86 Atom System Image, Android API 27, revision 1 | |
| Found Intel x86 Atom System Image, Android API 28, revision 4 | |
| Found Intel x86 Atom System Image, Android API 29, revision 7 | |
| Found Intel x86 Atom System Image, Android API 29, revision 7 | |
| Found Intel x86 Atom_64 System Image, Android API 21, revision 5 | |
| Found Intel x86 Atom_64 System Image, Android API 22, revision 6 | |
| Found Intel x86 Atom_64 System Image, Android API 23, revision 10 | |
| Found Intel x86 Atom_64 System Image, Android API 24, revision 8 | |
| Found Intel x86 Atom_64 System Image, Android API 25, revision 1 | |
| Found Intel x86 Atom_64 System Image, Android API 26, revision 1 | |
| Found Intel x86 Atom_64 System Image, Android API 27, revision 1 | |
| Found Intel x86 Atom_64 System Image, Android API 28, revision 4 | |
| Found Intel x86 Atom_64 System Image, Android API 29, revision 7 | |
| Found Intel x86 Atom_64 System Image, Android API 29, revision 7 | |
| Failed to fetch URL https://dl.google.com/android/repository/sys-img/android-wear-cn/sys-img2-4.xml/sys-img.xml, reason: File not found | |
| Failed to fetch URL: File not found | |
| Errors during XML parse: | |
| https://dl.google.com/android/repository/sys-img/android-wear-cn/sys-img2-4.xml parsing problem. unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| javax.xml.bind.UnmarshalException: unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| Additionally, the fallback loader failed to parse the XML. | |
| Failed to fetch URL https://dl.google.com/android/repository/sys-img/aosp_atd/sys-img2-4.xml/sys-img.xml, reason: File not found | |
| Failed to fetch URL: File not found | |
| Errors during XML parse: | |
| https://dl.google.com/android/repository/sys-img/aosp_atd/sys-img2-4.xml parsing problem. unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| javax.xml.bind.UnmarshalException: unexpected element (uri:"", local:"abi"). Expected elements are <{}vendor>,<{}translatedAbis>,<{}abis>,<{}codename>,<{}base-extension>,<{}api-level>,<{}extension-level>,<{}tag> | |
| Additionally, the fallback loader failed to parse the XML. | |
| Failed to fetch URL https://dl.google.com/android/repository/sys-img/android-desktop/sys-img2-4.xml/sys-img.xml, reason: File not found | |
| Failed to fetch URL: File not found | |
| Errors during XML parse: | |
| https://dl.google.com/android/repository/sys-img/android-desktop/sys-img2-4.xml parsing problem. Errors limit exceeded. To receive all errors set com.sun.xml.bind logger to FINEST level. | |
| javax.xml.bind.UnmarshalException: Errors limit exceeded. To receive all errors set com.sun.xml.bind logger to FINEST level. | |
| Additionally, the fallback loader failed to parse the XML. | |
| Checking the license for package Android SDK Build-Tools 34 in /opt/android/licenses | |
| License for package Android SDK Build-Tools 34 accepted. | |
| Preparing "Install Android SDK Build-Tools 34 v.34.0.0". | |
| "Install Android SDK Build-Tools 34 v.34.0.0" ready. | |
| Installing Android SDK Build-Tools 34 in /opt/android/build-tools/34.0.0 | |
| "Install Android SDK Build-Tools 34 v.34.0.0" complete. | |
| "Install Android SDK Build-Tools 34 v.34.0.0" finished. | |
| Checking the license for package Android SDK Platform 34 in /opt/android/licenses | |
| License for package Android SDK Platform 34 accepted. | |
| Preparing "Install Android SDK Platform 34 (revision 3)". | |
| "Install Android SDK Platform 34 (revision 3)" ready. | |
| Installing Android SDK Platform 34 in /opt/android/platforms/android-34 | |
| "Install Android SDK Platform 34 (revision 3)" complete. | |
| "Install Android SDK Platform 34 (revision 3)" finished. | |
| Checking for updates and analyzing dependencies for vulnerabilities | |
| ---------------------------------------------------- | |
| .NET Assembly Analyzer could not be initialized and at least one 'exe' or 'dll' was scanned. The 'dotnet' executable could not be found on the path; either disable the Assembly Analyzer or add the path to dotnet core in the configuration. | |
| The dotnet 6.0 core runtime or SDK is required to analyze assemblies | |
| ---------------------------------------------------- | |
| Generating report for project app | |
| Found 70 vulnerabilities in project app | |
| Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT | |
| Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL | |
| Region [POM] : Not alive and dispose was called, filename: POM | |
| One or more dependencies were identified with known vulnerabilities in app: | |
| android-device-provider-local-0.0.9-alpha02.jar/META-INF/maven/com.google.guava/guava/pom.xml (pkg:maven/com.google.guava/guava@28.1-jre, cpe:2.3:a:google:guava:28.1:*:*:*:*:*:*:*) : CVE-2023-2976, CVE-2020-8908 | |
| core-0.0.9-alpha02.jar/META-INF/maven/io.netty/netty-buffer/pom.xml (pkg:maven/io.netty/netty-buffer@4.1.72.Final, cpe:2.3:a:netty:netty:4.1.72:*:*:*:*:*:*:*) : CVE-2022-41881, CVE-2023-44487, CVE-2023-34462, CVE-2022-24823 | |
| core-0.0.9-alpha02.jar/META-INF/maven/io.netty/netty-codec-http2/pom.xml (pkg:maven/io.netty/netty-codec-http2@4.1.72.Final, cpe:2.3:a:netty:netty:4.1.72:*:*:*:*:*:*:*) : CVE-2022-41881, CVE-2023-44487, CVE-2023-34462, CVE-2022-24823 | |
| core-0.0.9-alpha02.jar/META-INF/maven/io.netty/netty-codec-http/pom.xml (pkg:maven/io.netty/netty-codec-http@4.1.72.Final, cpe:2.3:a:netty:netty:4.1.72:*:*:*:*:*:*:*) : CVE-2022-41881, CVE-2023-44487, CVE-2023-34462, CVE-2022-24823, CVE-2024-29025 | |
| core-0.0.9-alpha02.jar/META-INF/maven/io.netty/netty-codec-socks/pom.xml (pkg:maven/io.netty/netty-codec-socks@4.1.72.Final, cpe:2.3:a:netty:netty:4.1.72:*:*:*:*:*:*:*) : CVE-2022-41881, CVE-2023-44487, CVE-2023-34462, CVE-2022-24823 | |
| core-0.0.9-alpha02.jar/META-INF/maven/io.netty/netty-codec/pom.xml (pkg:maven/io.netty/netty-codec@4.1.72.Final, cpe:2.3:a:netty:netty:4.1.72:*:*:*:*:*:*:*) : CVE-2022-41881, CVE-2023-44487, CVE-2022-41915, CVE-2023-34462, CVE-2022-24823 | |
| core-0.0.9-alpha02.jar/META-INF/maven/io.netty/netty-common/pom.xml (pkg:maven/io.netty/netty-common@4.1.72.Final, cpe:2.3:a:netty:netty:4.1.72:*:*:*:*:*:*:*) : CVE-2022-41881, CVE-2023-44487, CVE-2023-34462, CVE-2022-24823 | |
| core-0.0.9-alpha02.jar/META-INF/maven/io.netty/netty-handler-proxy/pom.xml (pkg:maven/io.netty/netty-handler-proxy@4.1.72.Final, cpe:2.3:a:netty:netty:4.1.72:*:*:*:*:*:*:*) : CVE-2022-41881, CVE-2023-44487, CVE-2023-34462, CVE-2022-24823 | |
| core-0.0.9-alpha02.jar/META-INF/maven/io.netty/netty-handler/pom.xml (pkg:maven/io.netty/netty-handler@4.1.72.Final, cpe:2.3:a:netty:netty:4.1.72:*:*:*:*:*:*:*) : CVE-2022-41881, CVE-2023-44487, CVE-2023-34462, CVE-2022-24823 | |
| core-0.0.9-alpha02.jar/META-INF/maven/io.netty/netty-resolver/pom.xml (pkg:maven/io.netty/netty-resolver@4.1.72.Final, cpe:2.3:a:netty:netty:4.1.72:*:*:*:*:*:*:*) : CVE-2022-41881, CVE-2023-44487, CVE-2023-34462, CVE-2022-24823 | |
| core-0.0.9-alpha02.jar/META-INF/maven/io.netty/netty-transport/pom.xml (pkg:maven/io.netty/netty-transport@4.1.72.Final, cpe:2.3:a:netty:netty:4.1.72:*:*:*:*:*:*:*) : CVE-2022-41881, CVE-2023-44487, CVE-2023-34462, CVE-2022-24823 | |
| launcher-0.0.9-alpha02.jar/META-INF/maven/com.google.protobuf/protobuf-kotlin/pom.xml (pkg:maven/com.google.protobuf/protobuf-kotlin@3.18.0, cpe:2.3:a:google:protobuf-kotlin:3.18.0:*:*:*:*:*:*:*, cpe:2.3:a:protobuf:protobuf:3.18.0:*:*:*:*:*:*:*) : CVE-2022-3171, CVE-2022-3510, CVE-2021-22569 | |
| netty-buffer-4.1.93.Final.jar (pkg:maven/io.netty/netty-buffer@4.1.93.Final, cpe:2.3:a:netty:netty:4.1.93:*:*:*:*:*:*:*) : CVE-2023-44487, CVE-2023-34462 | |
| netty-codec-4.1.93.Final.jar (pkg:maven/io.netty/netty-codec@4.1.93.Final, cpe:2.3:a:netty:netty:4.1.93:*:*:*:*:*:*:*) : CVE-2023-44487, CVE-2023-34462 | |
| netty-codec-http-4.1.93.Final.jar (pkg:maven/io.netty/netty-codec-http@4.1.93.Final, cpe:2.3:a:netty:netty:4.1.93:*:*:*:*:*:*:*) : CVE-2023-44487, CVE-2023-34462, CVE-2024-29025 | |
| netty-codec-http2-4.1.93.Final.jar (pkg:maven/io.netty/netty-codec-http2@4.1.93.Final, cpe:2.3:a:netty:netty:4.1.93:*:*:*:*:*:*:*) : CVE-2023-44487, CVE-2023-34462 | |
| netty-codec-socks-4.1.93.Final.jar (pkg:maven/io.netty/netty-codec-socks@4.1.93.Final, cpe:2.3:a:netty:netty:4.1.93:*:*:*:*:*:*:*) : CVE-2023-44487, CVE-2023-34462 | |
| netty-common-4.1.93.Final.jar (pkg:maven/io.netty/netty-common@4.1.93.Final, cpe:2.3:a:netty:netty:4.1.93:*:*:*:*:*:*:*) : CVE-2023-44487, CVE-2023-34462 | |
| netty-handler-4.1.93.Final.jar (pkg:maven/io.netty/netty-handler@4.1.93.Final, cpe:2.3:a:netty:netty:4.1.93:*:*:*:*:*:*:*) : CVE-2023-44487, CVE-2023-34462 | |
| netty-handler-proxy-4.1.93.Final.jar (pkg:maven/io.netty/netty-handler-proxy@4.1.93.Final, cpe:2.3:a:netty:netty:4.1.93:*:*:*:*:*:*:*) : CVE-2023-44487, CVE-2023-34462 | |
| netty-resolver-4.1.93.Final.jar (pkg:maven/io.netty/netty-resolver@4.1.93.Final, cpe:2.3:a:netty:netty:4.1.93:*:*:*:*:*:*:*) : CVE-2023-44487, CVE-2023-34462 | |
| netty-transport-4.1.93.Final.jar (pkg:maven/io.netty/netty-transport@4.1.93.Final, cpe:2.3:a:netty:netty:4.1.93:*:*:*:*:*:*:*) : CVE-2023-44487, CVE-2023-34462 | |
| netty-transport-native-unix-common-4.1.93.Final.jar (pkg:maven/io.netty/netty-transport-native-unix-common@4.1.93.Final, cpe:2.3:a:netty:netty:4.1.93:*:*:*:*:*:*:*) : CVE-2023-44487, CVE-2023-34462 | |
| See the dependency-check report for more details. | |
| > Task :app:dependencyCheckAnalyze FAILED | |
| FAILURE: Build failed with an exception. | |
| * What went wrong: | |
| Execution failed for task ':app:dependencyCheckAnalyze'. | |
| > | |
| Dependency-Analyze Failure: | |
| One or more dependencies were identified with vulnerabilities that have a CVSS score greater than '0.0': CVE-2023-2976, CVE-2022-41881, CVE-2022-3510, CVE-2021-22569, CVE-2022-24823, CVE-2023-34462, CVE-2023-44487, CVE-2022-3171, CVE-2022-41915, CVE-2020-8908, CVE-2024-29025 | |
| See the dependency-check report for more details. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment