tenortim / isi_sdk_go Goto Github PK
View Code? Open in Web Editor NEWIsilon OneFS API bindings in go via go-swagger
Isilon OneFS API bindings in go via go-swagger
[mirror] Go text processing support
Library home page: https://proxy.golang.org/github.com/golang/text/@v/v0.3.2.zip
Dependency Hierarchy:
[mirror] Go text processing support
Dependency Hierarchy:
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.
Publish Date: 2020-06-17
URL: CVE-2020-14040
Base Score Metrics:
Type: Upgrade version
Origin: https://osv.dev/vulnerability/GO-2020-0015
Release Date: 2020-06-17
Fix Resolution: v0.3.3
Step up your Open Source Security Game with Mend here
YAML support for the Go language.
Library home page: https://proxy.golang.org/gopkg.in/yaml.v2/@v/v2.2.2.zip
Dependency Hierarchy:
Yaml in versions v2.2.0 to v2.2.2 is vulnerable to denial of service vector.
Related to decode.go
Publish Date: 2021-04-14
URL: WS-2021-0200
Base Score Metrics:
Type: Upgrade version
Origin: https://osv.dev/vulnerability/GO-2021-0061
Release Date: 2021-04-14
Fix Resolution: v2.2.3
Step up your Open Source Security Game with Mend here
YAML support for the Go language.
Library home page: https://proxy.golang.org/gopkg.in/yaml.v2/@v/v2.2.2.zip
Dependency Hierarchy:
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.
Publish Date: 2020-04-01
URL: CVE-2019-11254
Base Score Metrics:
Step up your Open Source Security Game with Mend here
YAML support for the Go language.
Library home page: https://proxy.golang.org/gopkg.in/yaml.v2/@v/v2.2.2.zip
Dependency Hierarchy:
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
Publish Date: 2022-12-27
URL: CVE-2021-4235
Base Score Metrics:
Step up your Open Source Security Game with Mend here
YAML support for the Go language.
Library home page: https://proxy.golang.org/gopkg.in/yaml.v2/@v/v2.2.2.zip
Dependency Hierarchy:
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
Publish Date: 2022-12-27
URL: CVE-2022-3064
Base Score Metrics:
Type: Upgrade version
Origin: https://pkg.go.dev/vuln/GO-2022-0956
Release Date: 2022-12-27
Fix Resolution: v2.2.4
Step up your Open Source Security Game with Mend here
[mirror] Go text processing support
Dependency Hierarchy:
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
Publish Date: 2022-10-14
URL: CVE-2022-32149
Base Score Metrics:
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2022-32149
Release Date: 2022-10-14
Fix Resolution: v0.3.8
Step up your Open Source Security Game with Mend here
[mirror] Go text processing support
Dependency Hierarchy:
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.
Publish Date: 2022-12-26
URL: CVE-2021-38561
Base Score Metrics:
Type: Upgrade version
Origin: https://osv.dev/vulnerability/GO-2021-0113
Release Date: 2021-08-12
Fix Resolution: v0.3.7
Step up your Open Source Security Game with Mend here
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.