filler's People
Contributors
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "dependabot-preview[bot]")
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Watchers
Forkers
krzwiatrzyk-lgdfiller's Issues
[DepShield] (CVSS 7.5) Vulnerability due to usage of golang.org/x:net:0.0.0-20190522155817-f3200d17e092
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:net:0.0.0-20190522155817-f3200d17e092 results in the following vulnerability(s):
- (CVSS 7.5) [CVE-2018-17847] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17142] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17846] Resource Management Errors
- (CVSS 7.5) [CVE-2018-17075] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17848] Data Handling
- (CVSS 7.5) [CVE-2018-17143] Improper Input Validation
Occurrences
golang.org/x:net:0.0.0-20190522155817-f3200d17e092 is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:cobra:0.0.7
└─ github.com/spf13:viper:1.4.0
└─ golang.org/x:net:0.0.0-20190522155817-f3200d17e092
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 7.5) Vulnerability due to usage of github.com/hashicorp/consul:api:1.1.0
Vulnerabilities
DepShield reports that this application's usage of github.com/hashicorp/consul:api:1.1.0 results in the following vulnerability(s):
- (CVSS 7.5) [CVE-2020-7219] HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unb...
- (CVSS 5.9) [CVE-2018-19653] Cryptographic Issues
Occurrences
github.com/hashicorp/consul:api:1.1.0 is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:viper:1.7.0
└─ github.com/bketelsen:crypt:0.0.3-0.20200106085610-5cbc8cc4026c
└─ github.com/hashicorp/consul:api:1.1.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 7.5) Vulnerability due to usage of golang.org/x:net:0.0.0-20190311183353-d8887717615a
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:net:0.0.0-20190311183353-d8887717615a results in the following vulnerability(s):
- (CVSS 7.5) [CVE-2018-17847] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17142] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17846] Resource Management Errors
- (CVSS 7.5) [CVE-2018-17075] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17848] Data Handling
- (CVSS 7.5) [CVE-2018-17143] Improper Input Validation
Occurrences
golang.org/x:net:0.0.0-20190311183353-d8887717615a is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:cobra:0.0.7
└─ github.com/spf13:viper:1.4.0
└─ google.golang.org:grpc:1.21.0
└─ golang.org/x:lint:0.0.0-20190313153728-d0100b6bd8b3
└─ golang.org/x:tools:0.0.0-20190311212946-11955173bddd
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:tools:0.0.0-20190311212946-11955173bddd
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 7.7) Vulnerability due to usage of github.com/coreos:etcd:3.3.13
Vulnerabilities
DepShield reports that this application's usage of github.com/coreos:etcd:3.3.13 results in the following vulnerability(s):
- (CVSS 7.7) [CVE-2020-15114] In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP prox...
- (CVSS 6.5) [CVE-2020-15136] In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only ap...
- (CVSS 5.8) [CVE-2020-15115] etcd before versions 3.3.23 and 3.4.10 does not perform any password length vali...
Occurrences
github.com/coreos:etcd:3.3.13 is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:viper:1.7.1
└─ github.com/bketelsen:crypt:0.0.3-0.20200106085610-5cbc8cc4026c
└─ github.com/coreos:etcd:3.3.13
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 5.9) Vulnerability due to usage of golang.org/x:crypto:0.0.0-20181203042331-505ab145d0a9
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:crypto:0.0.0-20181203042331-505ab145d0a9 results in the following vulnerability(s):
Occurrences
golang.org/x:crypto:0.0.0-20181203042331-505ab145d0a9 is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:cobra:0.0.5
└─ github.com/spf13:viper:1.3.2
└─ golang.org/x:crypto:0.0.0-20181203042331-505ab145d0a9
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 7.5) Vulnerability due to usage of golang.org/x:net:0.0.0-20180826012351-8a410e7b638d
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:net:0.0.0-20180826012351-8a410e7b638d results in the following vulnerability(s):
- (CVSS 7.5) [CVE-2018-17847] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17142] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17846] Resource Management Errors
- (CVSS 7.5) [CVE-2018-17075] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17848] Data Handling
- (CVSS 7.5) [CVE-2018-17143] Improper Input Validation
Occurrences
golang.org/x:net:0.0.0-20180826012351-8a410e7b638d is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:cobra:0.0.7
└─ github.com/spf13:viper:1.4.0
└─ github.com/grpc-ecosystem:grpc-gateway:1.9.0
└─ google.golang.org:grpc:1.19.0
└─ golang.org/x:net:0.0.0-20180826012351-8a410e7b638d
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Dependabot can't parse your go.mod
Dependabot couldn't parse the go.mod found at /go.mod.
The error Dependabot encountered was:
go: github.com/spf13/[email protected] requires
github.com/grpc-ecosystem/[email protected] requires
gopkg.in/[email protected]: invalid version: git fetch --unshallow -f origin in /opt/go/gopath/pkg/mod/cache/vcs/748bced43cf7672b862fbc52430e98581510f4f2c34fb30c0064b7102a68ae2c: exit status 128:
fatal: The remote end hung up unexpectedly
[DepShield] (CVSS 7.5) Vulnerability due to usage of golang.org/x:net:0.0.0-20181201002055-351d144fa1fc
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:net:0.0.0-20181201002055-351d144fa1fc results in the following vulnerability(s):
- (CVSS 7.5) [CVE-2018-17847] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17142] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17846] Resource Management Errors
- (CVSS 7.5) [CVE-2018-17075] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17848] Data Handling
- (CVSS 7.5) [CVE-2018-17143] Improper Input Validation
Occurrences
golang.org/x:net:0.0.0-20181201002055-351d144fa1fc is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:viper:1.7.1
└─ github.com/bketelsen:crypt:0.0.3-0.20200106085610-5cbc8cc4026c
└─ github.com/hashicorp/consul:api:1.1.0
└─ github.com/hashicorp:serf:0.8.2
└─ golang.org/x:net:0.0.0-20181201002055-351d144fa1fc
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 7.5) Vulnerability due to usage of golang.org/x:net:0.0.0-20181114220301-adae6a3d119a
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:net:0.0.0-20181114220301-adae6a3d119a results in the following vulnerability(s):
- (CVSS 7.5) [CVE-2018-17847] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17142] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17846] Resource Management Errors
- (CVSS 7.5) [CVE-2018-17075] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17848] Data Handling
- (CVSS 7.5) [CVE-2018-17143] Improper Input Validation
Occurrences
golang.org/x:net:0.0.0-20181114220301-adae6a3d119a is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:cobra:0.0.7
└─ github.com/spf13:viper:1.4.0
└─ github.com/prometheus:client_golang:0.9.3
└─ github.com/prometheus:common:0.4.0
└─ golang.org/x:net:0.0.0-20181114220301-adae6a3d119a
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 5.9) Vulnerability due to usage of golang.org/x:crypto:0.0.0-20180904163835-0709b304e793
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:crypto:0.0.0-20180904163835-0709b304e793 results in the following vulnerability(s):
Occurrences
golang.org/x:crypto:0.0.0-20180904163835-0709b304e793 is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:viper:1.6.2
└─ github.com/prometheus:client_golang:0.9.3
└─ github.com/prometheus:common:0.4.0
└─ github.com/sirupsen:logrus:1.2.0
└─ golang.org/x:crypto:0.0.0-20180904163835-0709b304e793
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 5.9) Vulnerability due to usage of golang.org/x:crypto:0.0.0-20181029021203-45a5f77698d3
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:crypto:0.0.0-20181029021203-45a5f77698d3 results in the following vulnerability(s):
Occurrences
golang.org/x:crypto:0.0.0-20181029021203-45a5f77698d3 is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:viper:1.7.0
└─ github.com/bketelsen:crypt:0.0.3-0.20200106085610-5cbc8cc4026c
└─ github.com/hashicorp/consul:api:1.1.0
└─ github.com/hashicorp:serf:0.8.2
└─ github.com/hashicorp:mdns:1.0.0
└─ golang.org/x:crypto:0.0.0-20181029021203-45a5f77698d3
└─ github.com/hashicorp:memberlist:0.1.3
└─ golang.org/x:crypto:0.0.0-20181029021203-45a5f77698d3
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 7.5) Vulnerability due to usage of golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3 results in the following vulnerability(s):
- (CVSS 7.5) [CVE-2018-17847] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17142] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17846] Resource Management Errors
- (CVSS 7.5) [CVE-2018-17075] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17848] Data Handling
- (CVSS 7.5) [CVE-2018-17143] Improper Input Validation
Occurrences
golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3 is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:afero:1.4.0
└─ golang.org/x:crypto:0.0.0-20190820162420-60c769a6c586
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ github.com/pkg:sftp:1.10.1
└─ golang.org/x:crypto:0.0.0-20190820162420-60c769a6c586
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
• github.com/spf13:viper:1.7.1
└─ github.com/bketelsen:crypt:0.0.3-0.20200106085610-5cbc8cc4026c
└─ cloud.google.com/go:firestore:1.1.0
└─ cloud.google.com:go:0.46.3
└─ honnef.co/go:tools:0.0.1-2019.2.3
└─ golang.org/x:mod:0.0.0-20190513183733-4bf6d317e70e
└─ golang.org/x:crypto:0.0.0-20190510104115-cbcb75029529
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:exp:0.0.0-20190829153037-c13cbed26979
└─ golang.org/x:mod:0.1.0
└─ golang.org/x:crypto:0.0.0-20190510104115-cbcb75029529
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com/go:pubsub:1.0.1
└─ cloud.google.com:go:0.45.1
└─ cloud.google.com/go:datastore:1.0.0
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com:go:0.44.1
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com/go:bigquery:1.0.1
└─ cloud.google.com:go:0.44.2
└─ cloud.google.com/go:datastore:1.0.0
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com:go:0.44.1
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com/go:datastore:1.0.0
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com:go:0.44.1
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com/go:bigquery:1.0.1
└─ cloud.google.com:go:0.44.2
└─ cloud.google.com/go:datastore:1.0.0
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com:go:0.44.1
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:exp:0.0.0-20191030013958-a1ab85dbe136
└─ golang.org/x:mod:0.1.0
└─ golang.org/x:crypto:0.0.0-20190510104115-cbcb75029529
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com/go:storage:1.0.0
└─ cloud.google.com:go:0.46.3
└─ honnef.co/go:tools:0.0.1-2019.2.3
└─ golang.org/x:mod:0.0.0-20190513183733-4bf6d317e70e
└─ golang.org/x:crypto:0.0.0-20190510104115-cbcb75029529
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:exp:0.0.0-20190829153037-c13cbed26979
└─ golang.org/x:mod:0.1.0
└─ golang.org/x:crypto:0.0.0-20190510104115-cbcb75029529
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com/go:pubsub:1.0.1
└─ cloud.google.com:go:0.45.1
└─ cloud.google.com/go:datastore:1.0.0
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com:go:0.44.1
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com/go:bigquery:1.0.1
└─ cloud.google.com:go:0.44.2
└─ cloud.google.com/go:datastore:1.0.0
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com:go:0.44.1
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com/go:datastore:1.0.0
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com:go:0.44.1
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com/go:bigquery:1.0.1
└─ cloud.google.com:go:0.44.2
└─ cloud.google.com/go:datastore:1.0.0
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ cloud.google.com:go:0.44.1
└─ google.golang.org:appengine:1.6.1
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
└─ golang.org/x:crypto:0.0.0-20190605123033-f99c8df09eb5
└─ golang.org/x:net:0.0.0-20190404232315-eb5bcb51f2a3
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 5.9) Vulnerability due to usage of golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2 results in the following vulnerability(s):
Occurrences
golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2 is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:viper:1.6.2
└─ github.com/smartystreets:goconvey:1.6.4
└─ golang.org/x:tools:0.0.0-20190328211700-ab21143f2384
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:net:0.0.0-20190522155817-f3200d17e092
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ google.golang.org:grpc:1.21.0
└─ golang.org/x:lint:0.0.0-20190313153728-d0100b6bd8b3
└─ golang.org/x:tools:0.0.0-20190311212946-11955173bddd
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
└─ golang.org/x:tools:0.0.0-20190311212946-11955173bddd
└─ golang.org/x:net:0.0.0-20190311183353-d8887717615a
└─ golang.org/x:crypto:0.0.0-20190308221718-c2843e01d9a2
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 7.7) Vulnerability due to usage of github.com/coreos:etcd:3.3.10
Vulnerabilities
DepShield reports that this application's usage of github.com/coreos:etcd:3.3.10 results in the following vulnerability(s):
- (CVSS 7.7) [CVE-2020-15114] In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP prox...
- (CVSS 6.5) [CVE-2020-15136] In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only ap...
- (CVSS 5.8) [CVE-2020-15115] etcd before versions 3.3.23 and 3.4.10 does not perform any password length vali...
Occurrences
github.com/coreos:etcd:3.3.10 is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:cobra:0.0.7
└─ github.com/spf13:viper:1.4.0
└─ github.com/coreos:etcd:3.3.10
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 7.5) Vulnerability due to usage of golang.org/x:net:0.0.0-20181220203305-927f97764cc3
Vulnerabilities
DepShield reports that this application's usage of golang.org/x:net:0.0.0-20181220203305-927f97764cc3 results in the following vulnerability(s):
- (CVSS 7.5) [CVE-2018-17847] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17142] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17846] Resource Management Errors
- (CVSS 7.5) [CVE-2018-17075] Improper Input Validation
- (CVSS 7.5) [CVE-2018-17848] Data Handling
- (CVSS 7.5) [CVE-2018-17143] Improper Input Validation
Occurrences
golang.org/x:net:0.0.0-20181220203305-927f97764cc3 is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:cobra:0.0.7
└─ github.com/spf13:viper:1.4.0
└─ github.com/grpc-ecosystem:grpc-gateway:1.9.0
└─ golang.org/x:net:0.0.0-20181220203305-927f97764cc3
└─ gopkg.in:resty.v1:1.12.0
└─ golang.org/x:net:0.0.0-20181220203305-927f97764cc3
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 7.5) Vulnerability due to usage of github.com/gorilla:websocket:1.4.0
Vulnerabilities
DepShield reports that this application's usage of github.com/gorilla:websocket:1.4.0 results in the following vulnerability(s):
- (CVSS 7.5) CWE-190: Integer Overflow or Wraparound
Occurrences
github.com/gorilla:websocket:1.4.0 is a transitive dependency introduced by the following direct dependency(s):
• github.com/spf13:cobra:0.0.7
└─ github.com/spf13:viper:1.4.0
└─ github.com/gorilla:websocket:1.4.0
• github.com/spf13:viper:1.6.3
└─ github.com/gorilla:websocket:1.4.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.