We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
检测到 bobohume/gonet 一共引入了87个开源组件,存在2个漏洞
漏洞标题:go-yaml < 2.2.8拒绝服务漏洞 缺陷组件:gopkg.in/[email protected] 漏洞编号:CVE-2019-11254 漏洞描述:gopkg.in/yaml.v2是go语言中用于处理yaml格式的包。 在2.2.8之前的版本中,处理恶意的yaml数据时,会导致CPU资源耗尽。 漏洞由Kubernetes开发者在fuzz测试中发现并提交修复补丁。 国家漏洞库信息:https://www.cnvd.org.cn/flaw/show/CNVD-2020-35519 影响范围:(∞, 2.2.8) 最小修复版本:2.2.8 缺陷组件引入路径:main@->gopkg.in/[email protected]
另外还有2个漏洞,详细报告:https://mofeisec.com/jr?p=a2214d
The text was updated successfully, but these errors were encountered:
@bobohume,同学,您好,上面的漏洞报告是我IDE运行时,安全插件提示您这个项目存在的几个漏洞的报告,辛苦您修复一下哈,担心其他人也会用到你这个项目,从而引入这些漏洞。:)
Sorry, something went wrong.
好的,3克友
嗯嗯辛苦哈
No branches or pull requests
检测到 bobohume/gonet 一共引入了87个开源组件,存在2个漏洞
另外还有2个漏洞,详细报告:https://mofeisec.com/jr?p=a2214d
The text was updated successfully, but these errors were encountered: