osgirl / uw-lib-callcontrol Goto Github PK
View Code? Open in Web Editor NEWThis project forked from utilitywarehouse/uw-lib-callcontrol
Library for simplifying voice calls usage in projects
License: MIT License
This project forked from utilitywarehouse/uw-lib-callcontrol
Library for simplifying voice calls usage in projects
License: MIT License
Real-time performance monitoring, done right! https://my-netdata.io/
Library home page: https://github.com/netdata/netdata.git
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. In other words, yaml.safe_load is not used.
Publish Date: 2018-06-27
URL: CVE-2017-18342
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-18342
Release Date: 2018-06-27
Fix Resolution: 4.1
Step up your Open Source Security Game with WhiteSource here
JavaScript parser and compressor/beautifier toolkit
path: /tmp/git/uw-lib-callcontrol/node_modules/build/node_modules/uglify-js/package.json
Library home page: http://registry.npmjs.org/uglify-js/-/uglify-js-1.3.5.tgz
Dependency Hierarchy:
UglifyJS versions 2.4.23 and earlier are affected by a vulnerability which allows a specially crafted Javascript file to have altered functionality after minification.
Publish Date: 2015-08-24
URL: WS-2015-0024
Type: Upgrade version
Origin: mishoo/UglifyJS@905b601
Release Date: 2017-01-31
Fix Resolution: v2.4.24
Step up your Open Source Security Game with WhiteSource here
A JavaScript TimeSpan library for node.js (and soon the browser)
path: /tmp/git/uw-lib-callcontrol/node_modules/timespan/package.json
Library home page: http://registry.npmjs.org/timespan/-/timespan-2.3.0.tgz
Dependency Hierarchy:
The timespan module is vulnerable to regular expression denial of service. Given 50k characters of untrusted user input it will block the event loop for around 10 seconds.
Publish Date: 2018-06-07
URL: CVE-2017-16115
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
JavaScript parser and compressor/beautifier toolkit
path: /tmp/git/uw-lib-callcontrol/node_modules/build/node_modules/uglify-js/package.json
Library home page: http://registry.npmjs.org/uglify-js/-/uglify-js-1.3.5.tgz
Dependency Hierarchy:
Uglify-js is vulnerable to regular expression denial of service (ReDoS) when certain types of input is passed into .parse().
Publish Date: 2015-10-24
URL: WS-2015-0017
Type: Upgrade version
Origin: https://nodesecurity.io/advisories/48
Release Date: 2015-10-24
Fix Resolution: Update to version 2.6.0 or later
Step up your Open Source Security Game with WhiteSource here
YAML 1.1 Parser
path: /tmp/git/uw-lib-callcontrol/node_modules/jxLoader/node_modules/js-yaml/package.json
Library home page: http://registry.npmjs.org/js-yaml/-/js-yaml-0.3.7.tgz
Dependency Hierarchy:
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute arbitrary code via a crafted string that triggers an eval operation.
Publish Date: 2013-06-28
URL: CVE-2013-4660
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2013-4660
Release Date: 2013-06-28
Fix Resolution: 2.0.5
Step up your Open Source Security Game with WhiteSource here
JavaScript parser and compressor/beautifier toolkit
path: /tmp/git/uw-lib-callcontrol/node_modules/build/node_modules/uglify-js/package.json
Library home page: http://registry.npmjs.org/uglify-js/-/uglify-js-1.3.5.tgz
Dependency Hierarchy:
The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service (CPU consumption) via crafted input in a parse call, aka a "regular expression denial of service (ReDoS)."
Publish Date: 2017-01-23
URL: CVE-2015-8858
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8858
Release Date: 2018-12-15
Fix Resolution: v2.6.0
Step up your Open Source Security Game with WhiteSource here
JavaScript parser and compressor/beautifier toolkit
path: /tmp/git/uw-lib-callcontrol/node_modules/build/node_modules/uglify-js/package.json
Library home page: http://registry.npmjs.org/uglify-js/-/uglify-js-1.3.5.tgz
Dependency Hierarchy:
The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript.
Publish Date: 2017-01-23
URL: CVE-2015-8857
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8858
Release Date: 2018-12-15
Fix Resolution: v2.4.24
Step up your Open Source Security Game with WhiteSource here
Fastest brace expansion for node.js, with the most complete support for the Bash 4.3 braces specification.
path: /tmp/git/uw-lib-callcontrol/node_modules/braces/package.json
Library home page: https://registry.npmjs.org/braces/-/braces-1.8.5.tgz
Dependency Hierarchy:
Version of braces prior to 2.3.1 are vulnerable to Regular Expression Denial of Service (ReDoS). Untrusted input may cause catastrophic backtracking while matching regular expressions. This can cause the application to be unresponsive leading to Denial of Service.
Publish Date: 2019-02-21
URL: WS-2019-0019
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/786
Release Date: 2019-02-21
Fix Resolution: 2.3.1
Step up your Open Source Security Game with WhiteSource here
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.