Giter Site home page Giter Site logo

codekin.tech's Introduction

veritem

CI

Me in your Terminal

Example:

Makuza Mugabo Verite
Curious Open source developer
Version: 0.0.1


Usage: veritem [command] [option]

Options
 -h,--help               Shows Help messages
 -v,--version            Show the current version of cli


Commands

 $ github, gh            Open his github Profile
 $ twitter, twr          Open his twitter Profile
 $ blog, blg             Open his Blog Profile
 $ home, hm              Open his Personal Website
 $ birthDay,bd           View his cake date

To setup this on linux you just need to download it's binary here and execute it

Built with Deno ๐Ÿฆ•

Licence

This project is under MIT Licence

codekin.tech's People

Stargazers

avatar avatar

Forkers

hirwablessing ishgervais best-verie sauvejeanluc ntwari-egide

codekin.tech's Issues

CVE-2020-7753 (High) detected in trim-0.0.1.tgz

CVE-2020-7753 - High Severity Vulnerability

Vulnerable Library - trim-0.0.1.tgz

Trim string whitespace

Library home page: https://registry.npmjs.org/trim/-/trim-0.0.1.tgz

Path to dependency file: codekin.tech/package.json

Path to vulnerable library: codekin.tech/node_modules/trim/package.json

Dependency Hierarchy:

  • loader-1.6.22.tgz (Root Library)
    • mdx-1.6.22.tgz
      • remark-parse-8.0.3.tgz
        • โŒ trim-0.0.1.tgz (Vulnerable Library)

Found in HEAD commit: 97f904496220a079745bf198bb4cb1bcc34d59df

Found in base branch: main

Vulnerability Details

All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().

Publish Date: 2020-10-27

URL: CVE-2020-7753

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: component/trim#8

Release Date: 2020-10-27

Fix Resolution: trim - 0.0.3

Step up your Open Source Security Game with WhiteSource here

CVE-2021-32723 (Medium) detected in prismjs-1.23.0.tgz

CVE-2021-32723 - Medium Severity Vulnerability

Vulnerable Library - prismjs-1.23.0.tgz

Lightweight, robust, elegant syntax highlighting. A spin-off project from Dabblet.

Library home page: https://registry.npmjs.org/prismjs/-/prismjs-1.23.0.tgz

Path to dependency file: codekin.tech/package.json

Path to vulnerable library: codekin.tech/node_modules/mdx-prism/node_modules/prismjs/package.json

Dependency Hierarchy:

  • mdx-prism-0.3.3.tgz (Root Library)
    • refractor-3.3.0.tgz
      • โŒ prismjs-1.23.0.tgz (Vulnerable Library)

Found in base branch: main

Vulnerability Details

Prism is a syntax highlighting library. Some languages before 1.24.0 are vulnerable to Regular Expression Denial of Service (ReDoS). When Prism is used to highlight untrusted (user-given) text, an attacker can craft a string that will take a very very long time to highlight. This problem has been fixed in Prism v1.24. As a workaround, do not use ASCIIDoc or ERB to highlight untrusted text. Other languages are not affected and can be used to highlight untrusted text.

Publish Date: 2021-06-28

URL: CVE-2021-32723

CVSS 3 Score Details (6.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-gj77-59wh-66hg

Release Date: 2021-06-28

Fix Resolution: prismjs - 1.24.0

Step up your Open Source Security Game with WhiteSource here

WS-2021-0154 (Medium) detected in glob-parent-2.0.0.tgz

WS-2021-0154 - Medium Severity Vulnerability

Vulnerable Library - glob-parent-2.0.0.tgz

Strips glob magic from a string to provide the parent path

Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-2.0.0.tgz

Path to dependency file: codekin.tech/package.json

Path to vulnerable library: codekin.tech/node_modules/glob-base/node_modules/glob-parent/package.json

Dependency Hierarchy:

  • jit-0.1.18.tgz (Root Library)
    • parse-glob-3.0.4.tgz
      • glob-base-0.3.0.tgz
        • โŒ glob-parent-2.0.0.tgz (Vulnerable Library)

Found in HEAD commit: 97f904496220a079745bf198bb4cb1bcc34d59df

Found in base branch: main

Vulnerability Details

Regular Expression Denial of Service (ReDoS) vulnerability was found in glob-parent before 5.1.2.

Publish Date: 2021-01-27

URL: WS-2021-0154

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2

Release Date: 2021-01-27

Fix Resolution: glob-parent - 5.1.2

Step up your Open Source Security Game with WhiteSource here

CVE-2021-23382 (Medium) detected in postcss-6.0.23.tgz

CVE-2021-23382 - Medium Severity Vulnerability

Vulnerable Library - postcss-6.0.23.tgz

Tool for transforming styles with JS plugins

Library home page: https://registry.npmjs.org/postcss/-/postcss-6.0.23.tgz

Path to dependency file: codekin.tech/package.json

Path to vulnerable library: codekin.tech/node_modules/postcss-functions/node_modules/postcss/package.json

Dependency Hierarchy:

  • tailwindcss-2.1.4.tgz (Root Library)
    • postcss-functions-3.0.0.tgz
      • โŒ postcss-6.0.23.tgz (Vulnerable Library)

Found in HEAD commit: 97f904496220a079745bf198bb4cb1bcc34d59df

Found in base branch: main

Vulnerability Details

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /*\s* sourceMappingURL=(.*).

Publish Date: 2021-04-26

URL: CVE-2021-23382

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23382

Release Date: 2021-04-26

Fix Resolution: postcss - 8.2.13

Step up your Open Source Security Game with WhiteSource here

CVE-2020-28469 (High) detected in glob-parent-2.0.0.tgz

CVE-2020-28469 - High Severity Vulnerability

Vulnerable Library - glob-parent-2.0.0.tgz

Strips glob magic from a string to provide the parent path

Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-2.0.0.tgz

Path to dependency file: codekin.tech/package.json

Path to vulnerable library: codekin.tech/node_modules/glob-base/node_modules/glob-parent/package.json

Dependency Hierarchy:

  • jit-0.1.18.tgz (Root Library)
    • parse-glob-3.0.4.tgz
      • glob-base-0.3.0.tgz
        • โŒ glob-parent-2.0.0.tgz (Vulnerable Library)

Found in HEAD commit: 97f904496220a079745bf198bb4cb1bcc34d59df

Found in base branch: main

Vulnerability Details

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.

Publish Date: 2021-06-03

URL: CVE-2020-28469

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28469

Release Date: 2021-06-03

Fix Resolution: glob-parent - 5.1.2

Step up your Open Source Security Game with WhiteSource here

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.