Giter Club home page Giter Club logo

myenergy's Introduction

Alt text

๐Ÿ”— Connect with me

linkedin x x pluralsight

๐Ÿ“ƒ Bio (Full Version)

Azure Cloud Solutions & Cybersecurity Architect

Azure (Identity and Access) Administrator

Azure DevOps, AI, Security & Network Engineer

Azure (Cosmos DB) Developer

GitHub Certified

  • GitHub Foundations
  • GitHub Actions
  • GitHub Advanced Security
  • GitHub Admin

GitHub Accredited Trainer For Delivering

  • GitHub Actions
  • GitHub for Developers
  • GitHub Administration
  • GitHub Advanced Security Gettings Started training
  • GitHub Migrations
  • GitHub Enterprise Importer
  • Github Copilot for Business Fundamentals

Terraform Associate

Trainer

  • Azure
  • GitHub

Skills!

github contribution grid snake animation

Streak Stats!

Github Stats!

Top Languages!

Activity Graph!

Microsoft Certifications
Microsoft Applied Skills







GitHub Certifications
GitHub Accreditations GitHub Actions
GitHub for Developers
GitHub Advanced Security Getting Started
GitHub Administration
GitHub Migrations
GitHub Enterprise Importer
GitHub Copilot for Business Fundamentals
Terraform
Microsoft Learn

Security Journey
Cloud Champion
Azure Data Explorer
Must Learn KQL
AWS

myenergy's People

Contributors

dependabot[bot] avatar renovate[bot] avatar sujithq avatar

Stargazers

avatar

Watchers

avatar

myenergy's Issues

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

github-actions
.github/actions/after-run-actions/action.yml
  • actions/create-github-app-token v1
.github/actions/before-run-actions/action.yml
  • actions/checkout v4
  • actions/setup-dotnet v4
.github/workflows/Charge.yml
  • actions/checkout v4
  • gitleaks/gitleaks-action v2
.github/workflows/JuneData.yml
  • actions/checkout v4
  • gitleaks/gitleaks-action v2
.github/workflows/MeteoStatData.yml
  • actions/checkout v4
  • gitleaks/gitleaks-action v2
.github/workflows/SunRiseSet.yml
  • actions/checkout v4
  • gitleaks/gitleaks-action v2
.github/workflows/SungrowData.yml
  • actions/checkout v4
  • gitleaks/gitleaks-action v2
.github/workflows/main.yml
  • actions/checkout v4
  • gitleaks/gitleaks-action v2
  • actions/dependency-review-action v4
  • actions/checkout v4
  • actions/setup-dotnet v4
  • JamesIves/github-pages-deploy-action v4
html
src/myenergy/wwwroot/index.html
  • Chart.js 4.4.1@sha512-ZwR1/gSZM3ai6vCdI+LVF1zSq/5HznD3ZSTk7kajkaj4D292NLuduDCO1c/NT8Id+jE58KYLKT7hXnbtryGmMg==
  • chartjs-plugin-datalabels 2.2.0@sha512-JPcRR8yFa8mmCsfrw4TNte1ZvF1e3+1SdGMslZvmrzDYxS69J7J49vkFL8u6u8PlPJK+H3voElBtUCzaXj+6ig==
nuget
src/Common/Common.csproj
  • NodaTime 3.1.11
  • Microsoft.ML 3.0.1
src/June.Data/June.Data.csproj
  • Microsoft.Extensions.Options.ConfigurationExtensions 8.0.0
  • Microsoft.Extensions.Options 8.0.2
  • Microsoft.Extensions.DependencyInjection 8.0.0
  • Microsoft.Extensions.Configuration 8.0.0
  • System.Configuration.ConfigurationManager 8.0.0
  • Spectre.Console.Cli 0.48.0
  • Microsoft.ML.TimeSeries 3.0.1
  • Microsoft.ML 3.0.1
  • Microsoft.Extensions.DependencyInjection.Abstractions 8.0.1
  • Microsoft.Extensions.Configuration.UserSecrets 8.0.0
  • Microsoft.Extensions.Configuration.EnvironmentVariables 8.0.0
  • CsvHelper 31.0.4
src/myenergy.Test/myenergy.Test.csproj
  • xunit.runner.visualstudio 2.5.8
  • xunit 2.7.1
  • RichardSzalay.MockHttp 7.0.0
  • NodaTime 3.1.11
  • Moq 4.20.70
  • coverlet.collector 6.0.2
  • Microsoft.NET.Test.Sdk 17.9.0
  • bunit 1.28.9
  • Blazor.Bootstrap 2.2.0
src/myenergy/myenergy.csproj
  • NodaTime 3.1.11
  • Microsoft.AspNetCore.Components.WebAssembly.DevServer 8.0.4
  • Microsoft.AspNetCore.Components.WebAssembly 8.0.4
  • Blazor.Bootstrap 2.2.0
  • Check this box to trigger a request for Renovate to run again on this repository

coverlet.collector.6.0.0.nupkg: 1 vulnerabilities (highest severity is: 7.5) - autoclosed

Vulnerable Library - coverlet.collector.6.0.0.nupkg

Coverlet is a cross platform code coverage library for .NET, with support for line, branch and method coverage.

Library home page: https://api.nuget.org/packages/coverlet.collector.6.0.0.nupkg

Path to dependency file: /src/myenergy.Test/myenergy.Test.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/coverlet.collector/6.0.0/coverlet.collector.6.0.0.nupkg

Found in HEAD commit: 8529a952ea0d20ca03c9b5912f93aa62d09bf2bd

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (coverlet.collector.6.0.0.nupkg version) Remediation Possible**
CVE-2024-21907 High 7.5 coverlet.collector.6.0.0.nupkg Direct Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0 โŒ

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2024-21907

Vulnerable Library - coverlet.collector.6.0.0.nupkg

Coverlet is a cross platform code coverage library for .NET, with support for line, branch and method coverage.

Library home page: https://api.nuget.org/packages/coverlet.collector.6.0.0.nupkg

Path to dependency file: /src/myenergy.Test/myenergy.Test.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/coverlet.collector/6.0.0/coverlet.collector.6.0.0.nupkg

Dependency Hierarchy:

  • โŒ coverlet.collector.6.0.0.nupkg (Vulnerable Library)

Found in HEAD commit: 8529a952ea0d20ca03c9b5912f93aa62d09bf2bd

Found in base branch: main

Vulnerability Details

Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.

Publish Date: 2024-01-03

URL: CVE-2024-21907

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-5crp-9r3c-p9vr

Release Date: 2024-01-03

Fix Resolution: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0

Step up your Open Source Security Game with Mend here

xunit.2.6.2.nupkg: 2 vulnerabilities (highest severity is: 7.5) - autoclosed

Vulnerable Library - xunit.2.6.2.nupkg

Path to dependency file: /src/myenergy.Test/myenergy.Test.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/system.text.regularexpressions/4.3.0/system.text.regularexpressions.4.3.0.nupkg

Found in HEAD commit: c4d1bf0c277519e41c9c68db2a4500056b06f7e5

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (xunit.2.6.2.nupkg version) Remediation Possible**
CVE-2019-0820 High 7.5 system.text.regularexpressions.4.3.0.nupkg Transitive N/A* โŒ
CVE-2018-8292 Medium 5.5 system.net.http.4.3.0.nupkg Transitive N/A* โŒ

*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2019-0820

Vulnerable Library - system.text.regularexpressions.4.3.0.nupkg

Provides the System.Text.RegularExpressions.Regex class, an implementation of a regular expression e...

Library home page: https://api.nuget.org/packages/system.text.regularexpressions.4.3.0.nupkg

Path to dependency file: /src/myenergy.Test/myenergy.Test.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/system.text.regularexpressions/4.3.0/system.text.regularexpressions.4.3.0.nupkg

Dependency Hierarchy:

  • xunit.2.6.2.nupkg (Root Library)
    • xunit.core.2.6.2.nupkg
      • xunit.extensibility.core.2.6.2.nupkg
        • netstandard.library.1.6.1.nupkg
          • system.xml.xdocument.4.3.0.nupkg
            • system.xml.readerwriter.4.3.0.nupkg
              • โŒ system.text.regularexpressions.4.3.0.nupkg (Vulnerable Library)

Found in HEAD commit: c4d1bf0c277519e41c9c68db2a4500056b06f7e5

Found in base branch: main

Vulnerability Details

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
Mend Note: After conducting further research, Mend has determined that CVE-2019-0820 only affects environments with versions 4.3.0 and 4.3.1 only on netcore50 environment of system.text.regularexpressions.nupkg.

Publish Date: 2019-05-16

URL: CVE-2019-0820

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-cmhx-cq75-c4mj

Release Date: 2019-05-16

Fix Resolution: System.Text.RegularExpressions - 4.3.1

Step up your Open Source Security Game with Mend here

CVE-2018-8292

Vulnerable Library - system.net.http.4.3.0.nupkg

Provides a programming interface for modern HTTP applications, including HTTP client components that allow applications to consume web services over HTTP and HTTP components that can be used by both clients and servers for parsing HTTP headers.

Library home page: https://api.nuget.org/packages/system.net.http.4.3.0.nupkg

Path to dependency file: /src/myenergy.Test/myenergy.Test.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/system.net.http/4.3.0/system.net.http.4.3.0.nupkg

Dependency Hierarchy:

  • xunit.2.6.2.nupkg (Root Library)
    • xunit.core.2.6.2.nupkg
      • xunit.extensibility.core.2.6.2.nupkg
        • netstandard.library.1.6.1.nupkg
          • โŒ system.net.http.4.3.0.nupkg (Vulnerable Library)

Found in HEAD commit: c4d1bf0c277519e41c9c68db2a4500056b06f7e5

Found in base branch: main

Vulnerability Details

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.

Publish Date: 2018-10-10

URL: CVE-2018-8292

CVSS 3 Score Details (5.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2018-10-10

Fix Resolution: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1

Step up your Open Source Security Game with Mend here

xunit.2.6.5.nupkg: 2 vulnerabilities (highest severity is: 7.5) - autoclosed

Vulnerable Library - xunit.2.6.5.nupkg

Path to dependency file: /src/myenergy.Test/myenergy.Test.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/system.text.regularexpressions/4.3.0/system.text.regularexpressions.4.3.0.nupkg

Found in HEAD commit: b38e9fb06f863f8d63bee4f3fcb504a49f14e480

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (xunit.2.6.5.nupkg version) Remediation Possible**
CVE-2019-0820 High 7.5 system.text.regularexpressions.4.3.0.nupkg Transitive N/A* โŒ
CVE-2018-8292 Medium 5.5 system.net.http.4.3.0.nupkg Transitive N/A* โŒ

*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2019-0820

Vulnerable Library - system.text.regularexpressions.4.3.0.nupkg

Provides the System.Text.RegularExpressions.Regex class, an implementation of a regular expression e...

Library home page: https://api.nuget.org/packages/system.text.regularexpressions.4.3.0.nupkg

Path to dependency file: /src/myenergy.Test/myenergy.Test.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/system.text.regularexpressions/4.3.0/system.text.regularexpressions.4.3.0.nupkg

Dependency Hierarchy:

  • xunit.2.6.5.nupkg (Root Library)
    • xunit.core.2.6.5.nupkg
      • xunit.extensibility.core.2.6.5.nupkg
        • netstandard.library.1.6.1.nupkg
          • system.xml.xdocument.4.3.0.nupkg
            • system.xml.readerwriter.4.3.0.nupkg
              • โŒ system.text.regularexpressions.4.3.0.nupkg (Vulnerable Library)

Found in HEAD commit: b38e9fb06f863f8d63bee4f3fcb504a49f14e480

Found in base branch: main

Vulnerability Details

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
Mend Note: After conducting further research, Mend has determined that CVE-2019-0820 only affects environments with versions 4.3.0 and 4.3.1 only on netcore50 environment of system.text.regularexpressions.nupkg.

Publish Date: 2019-05-16

URL: CVE-2019-0820

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-cmhx-cq75-c4mj

Release Date: 2019-05-16

Fix Resolution: System.Text.RegularExpressions - 4.3.1

Step up your Open Source Security Game with Mend here

CVE-2018-8292

Vulnerable Library - system.net.http.4.3.0.nupkg

Provides a programming interface for modern HTTP applications, including HTTP client components that allow applications to consume web services over HTTP and HTTP components that can be used by both clients and servers for parsing HTTP headers.

Library home page: https://api.nuget.org/packages/system.net.http.4.3.0.nupkg

Path to dependency file: /src/myenergy.Test/myenergy.Test.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/system.net.http/4.3.0/system.net.http.4.3.0.nupkg

Dependency Hierarchy:

  • xunit.2.6.5.nupkg (Root Library)
    • xunit.core.2.6.5.nupkg
      • xunit.extensibility.core.2.6.5.nupkg
        • netstandard.library.1.6.1.nupkg
          • โŒ system.net.http.4.3.0.nupkg (Vulnerable Library)

Found in HEAD commit: b38e9fb06f863f8d63bee4f3fcb504a49f14e480

Found in base branch: main

Vulnerability Details

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.

Publish Date: 2018-10-10

URL: CVE-2018-8292

CVSS 3 Score Details (5.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2018-10-10

Fix Resolution: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1

Step up your Open Source Security Game with Mend here

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.