Giter Site home page Giter Site logo

modpack-beyond-celtic's Introduction

Hi there ๐Ÿ‘‹

I am Martial Le TOULLEC, people call me Koromerzhin,

Programming languages

CSS3 HTML5 JavaScript Markdown Nodejs PHP TypeScript

Frameworks

docker Django Jquery Laravel Strapi Symfony Vue.js

CMS / CMF

Drupal Wordpress

CSS

Bootstrap Font Awesome Quasar SASS Vuetify Webpack

Version Control

BitBucket GitHub GitLab Git

Servers

Ansible Apache Docker Jenkins Let's Encrypt Netlify Nextcloud OVH Vagrant

Databases

MariaDB MongoDB MySQL PostgreSQL Redis SQLite

CI

GitLab Github actions

Gaming

EA Epic games Nintendo Switch Nintendo Playstation Steam

Computers

Arch linux Debian Fedora Linux Raspberry Pi Gnome Ubuntu Windows 10 Windows XP Windows 95

Browers

Google Chrome Firefox

IDE

Atom Visual Studio Code

Tools

Apollo GraphQL Cypress ESLint GraphQL Gravatar Jira Libreoffice OBS Studio OpenSSL Postman Prettier RenovateBot Swagger Trello VirtualBox

Social

Discord Instagram Linkedin Microsoft Teams Nintendo Network Reddit Slack Snapchat Tiktok Twitch Twitter Youtube

Mes projects

projet description Continuous Integration
docker docker Continuous Integration
js-commands js-commands Continuous Integration
labstag labstag Continuous Integration
lampy lampy Continuous Integration
repocheck repocheck Continuous Integration
streamchat streamchat Continuous Integration
userscripts userscripts Continuous Integration
webcrawler webcrawler Continuous Integration
webserver webserver Continuous Integration

Stats

No activity tracked

Koromerzhin's github stats

Top Langs

modpack-beyond-celtic's People

Contributors

koromerzhin avatar mend-bolt-for-github[bot] avatar renovate-bot avatar renovate[bot] avatar restyled-commits avatar

Watchers

avatar avatar

modpack-beyond-celtic's Issues

scala-compiler-2.11.1.jar: 1 vulnerabilities (highest severity is: 7.8)

Vulnerable Library - scala-compiler-2.11.1.jar

Compiler for the Scala Programming Language

Library home page: http://www.scala-lang.org/

Path to vulnerable library: /libraries/org/scala-lang/scala-compiler/2.11.1/scala-compiler-2.11.1.jar

Found in HEAD commit: f192d0288b4a97da7b9c2d49e2b9af6541868d50

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (scala-compiler version) Remediation Possible**
CVE-2017-15288 High 7.8 scala-compiler-2.11.1.jar Direct 2.11.12 โŒ

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2017-15288

Vulnerable Library - scala-compiler-2.11.1.jar

Compiler for the Scala Programming Language

Library home page: http://www.scala-lang.org/

Path to vulnerable library: /libraries/org/scala-lang/scala-compiler/2.11.1/scala-compiler-2.11.1.jar

Dependency Hierarchy:

  • โŒ scala-compiler-2.11.1.jar (Vulnerable Library)

Found in HEAD commit: f192d0288b4a97da7b9c2d49e2b9af6541868d50

Found in base branch: main

Vulnerability Details

The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-devel/${USER:shared}/scalac-compile-server-port, which allows local users to write to arbitrary class files and consequently gain privileges.

Publish Date: 2017-11-15

URL: CVE-2017-15288

CVSS 3 Score Details (7.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-15288

Release Date: 2017-11-15

Fix Resolution: 2.11.12

Step up your Open Source Security Game with Mend here

Change version of Gobber2

The following file versions have been removed from CurseForge:
overrides/mods/Gobber2-Forge-1.16.5-2.3.51.jar

akka-actor_2.11-2.3.3.jar: 1 vulnerabilities (highest severity is: 8.1)

Vulnerable Library - akka-actor_2.11-2.3.3.jar

akka-actor

Library home page: http://akka.io/

Path to vulnerable library: /libraries/com/typesafe/akka/akka-actor_2.11/2.3.3/akka-actor_2.11-2.3.3.jar

Found in HEAD commit: f192d0288b4a97da7b9c2d49e2b9af6541868d50

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (akka-actor_2.11 version) Remediation Possible**
CVE-2017-1000034 High 8.1 akka-actor_2.11-2.3.3.jar Direct 2.4.11.2 โŒ

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2017-1000034

Vulnerable Library - akka-actor_2.11-2.3.3.jar

akka-actor

Library home page: http://akka.io/

Path to vulnerable library: /libraries/com/typesafe/akka/akka-actor_2.11/2.3.3/akka-actor_2.11-2.3.3.jar

Dependency Hierarchy:

  • โŒ akka-actor_2.11-2.3.3.jar (Vulnerable Library)

Found in HEAD commit: f192d0288b4a97da7b9c2d49e2b9af6541868d50

Found in base branch: main

Vulnerability Details

Akka versions <=2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem.

Publish Date: 2017-07-17

URL: CVE-2017-1000034

CVSS 3 Score Details (8.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: High
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-1000034

Release Date: 2017-07-13

Fix Resolution: 2.4.11.2

Step up your Open Source Security Game with Mend here

jline-3.5.1.jar: 1 vulnerabilities (highest severity is: 5.5)

Vulnerable Library - jline-3.5.1.jar

JLine

Library home page: http://nexus.sonatype.org/oss-repository-hosting.html/jline-parent/jline

Path to vulnerable library: /libraries/org/jline/jline/3.5.1/jline-3.5.1.jar

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (jline version) Remediation Possible**
CVE-2023-50572 Medium 5.5 jline-3.5.1.jar Direct 3.25.0 โŒ

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2023-50572

Vulnerable Library - jline-3.5.1.jar

JLine

Library home page: http://nexus.sonatype.org/oss-repository-hosting.html/jline-parent/jline

Path to vulnerable library: /libraries/org/jline/jline/3.5.1/jline-3.5.1.jar

Dependency Hierarchy:

  • โŒ jline-3.5.1.jar (Vulnerable Library)

Found in base branch: main

Vulnerability Details

An issue in the component GroovyEngine.execute of jline-groovy v3.24.1 allows attackers to cause an OOM (OutofMemory) error.

Publish Date: 2023-12-29

URL: CVE-2023-50572

CVSS 3 Score Details (5.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2023-12-29

Fix Resolution: 3.25.0

Step up your Open Source Security Game with Mend here

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

This repository currently has no open or pending branches.

Detected dependencies

github-actions
.github/workflows/ci.yml
  • actions/checkout v4
  • Check this box to trigger a request for Renovate to run again on this repository

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.