Jay Gowdy
Jay Gowdy
I have eliminated TransientSecretFactory in https://github.com/godaddy/asherah/pull/300 Not sure if there are any other ctors we want to inject
 **Checkmarx AST – Scan Summary & Details** – [85e61efb\-1f1c\-4069\-9a7a\-ebc3fd123fe5](https://ast.checkmarx.net/projects/df34b7f2-6257-4bd2-a1e0-ecf40b2777d3/scans?id=85e61efb-1f1c-4069-9a7a-ebc3fd123fe5&branch=snyk-upgrade-1dd68cf65e4217a7dbd4697f42929b1c) ### New Issues Severity|Issue|File / Package|Scan Engine ---|---|---|--- MEDIUM|CVE\-2022\-24823|Maven\-io\.netty:netty\-codec\-http\-4\.1\.72\.Final|[CxSCA](https://ast.checkmarx.net/sca/#/projects/df34b7f2-6257-4bd2-a1e0-ecf40b2777d3/reports/85e61efb-1f1c-4069-9a7a-ebc3fd123fe5/vulnerabilities/all) MEDIUM|CVE\-2022\-24823|Maven\-io\.netty:netty\-common\-4\.1\.72\.Final|[CxSCA](https://ast.checkmarx.net/sca/#/projects/df34b7f2-6257-4bd2-a1e0-ecf40b2777d3/reports/85e61efb-1f1c-4069-9a7a-ebc3fd123fe5/vulnerabilities/all) ### Fixed Issues Severity|Issue|File / Package|Scan Engine ---|---|---|--- HIGH|CVE\-2020\-11612|Maven\-io\.netty:netty\-codec\-4\.1\.45\.Final|[CxSCA](https://ast.checkmarx.net/sca/#/projects/df34b7f2-6257-4bd2-a1e0-ecf40b2777d3/reports/85e61efb-1f1c-4069-9a7a-ebc3fd123fe5/vulnerabilities/all)
This is fixed in my pull request https://github.com/godaddy/asherah/pull/300
 **Checkmarx AST – Scan Summary & Details** – [0531dd30\-5f7d\-40dc\-b450\-1a0d5ba83193](https://ast.checkmarx.net/projects/df34b7f2-6257-4bd2-a1e0-ecf40b2777d3/scans?id=0531dd30-5f7d-40dc-b450-1a0d5ba83193&branch=snyk-upgrade-0e66e4c790502f4081d2b022c2ffd509) ### No New Or Fixed Issues Found
This is resolved in https://github.com/godaddy/asherah/pull/300
As we discussed, I suggest splitting this PR between adding a Stream interface and adding ChaCha20 support.
This is a non-issue. The purpose of explicit_bzero is to avoid *C* compilers from determining the call to bzero is useless and optimizing it away. We are accessing glibc at...
 **Checkmarx AST – Scan Summary & Details** – [388645b4\-4d47\-4eb4\-ac00\-0429c4dc47f7](https://ast.checkmarx.net/projects/df34b7f2-6257-4bd2-a1e0-ecf40b2777d3/scans?id=388645b4-4d47-4eb4-ac00-0429c4dc47f7&branch=snyk-fix-52db6fc9f13e0638997c29fec8cc892b) ### Fixed Issues Severity|Issue|File / Package|Scan Engine ---|---|---|--- HIGH|CVE\-2020\-11612|Maven\-io\.netty:netty\-codec\-4\.1\.45\.Final|[CxSCA](https://ast.checkmarx.net/sca/#/projects/df34b7f2-6257-4bd2-a1e0-ecf40b2777d3/reports/388645b4-4d47-4eb4-ac00-0429c4dc47f7/vulnerabilities/all)
> Are there potential performance issues or backwards compatibility issues with `-mbranch-protection`? I should have also stated, there isn't a backwards compatibility issue here since the instructions are implemented in...
 **Checkmarx AST – Scan Summary & Details** – [1879db01\-7964\-4515\-a53a\-c94e42e13b0f](https://ast.checkmarx.net/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/scans?id=1879db01-7964-4515-a53a-c94e42e13b0f&branch=snyk-upgrade-5c77ebb8624d9c49806871a5b9b09bb5) ### New Issues Severity|Issue|File / Package|Scan Engine ---|---|---|--- HIGH|CVE\-2021\-23343|Npm\-path\-parse\-1\.0\.6|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all) HIGH|CVE\-2021\-35065|Npm\-glob\-parent\-5\.1\.2|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all) HIGH|CVE\-2021\-3807|Npm\-ansi\-regex\-3\.0\.0|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all) HIGH|CVE\-2021\-3807|Npm\-ansi\-regex\-5\.0\.0|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all) HIGH|CVE\-2021\-3807|Npm\-ansi\-regex\-4\.1\.0|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all) HIGH|CVE\-2021\-43138|Npm\-async\-1\.5\.2|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all) HIGH|CVE\-2021\-44906|Npm\-minimist\-1\.2\.5|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all) HIGH|CVE\-2022\-24785|Npm\-moment\-2\.24\.0|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all) HIGH|CVE\-2022\-31129|Npm\-moment\-2\.24\.0|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all) HIGH|Cx62f5bb1b\-fa5e|Npm\-moment\-2\.24\.0|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all) HIGH|Cx89601373\-08db|Npm\-debug\-3\.2\.6|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all) HIGH|Cx89601373\-08db|Npm\-debug\-4\.1\.1|[CxSCA](https://ast.checkmarx.net/sca/#/projects/13b370b9-c0b3-411e-8399-76e9aa90db86/reports/1879db01-7964-4515-a53a-c94e42e13b0f/vulnerabilities/all)...