e3ch icon indicating copy to clipboard operation
e3ch copied to clipboard

Published 20 hours ago verified publisher icon soyking

Metadata

etcd v3 client with hierarchy

Results 1 e3ch issues
Sort by recently updated
recently updated
newest added

同学,您这个项目引入了67个开源组件,存在2个漏洞,辛苦升级一下

1 comment

检测到 soyking/e3ch 一共引入了67个开源组件,存在2个漏洞 ``` 漏洞标题:go-yaml < 2.2.8拒绝服务漏洞 漏洞编号:CVE-2019-11254 漏洞描述:gopkg.in/yaml.v2是go语言中用于处理yaml格式的包。 在2.2.8之前的版本中,处理恶意的yaml数据时,会导致CPU资源耗尽。 漏洞由Kubernetes开发者在fuzz测试中发现并提交修复补丁。 国家漏洞库信息:https://www.cnvd.org.cn/flaw/show/CNVD-2020-35519 影响范围:(∞, 2.2.8) 最小修复版本:2.2.8 缺陷组件引入路径:github.com/soyking/e3ch@->go.etcd.io/etcd/api/[email protected]>github.com/grpc-ecosystem/[email protected]>gopkg.in/[email protected] ``` 另外还有2个漏洞,详细报告:https://mofeisec.com/jr?p=n661af

ghost avatar ghost

Metadata

29
Stars
18
Forks
Watchers

Owner

verified publisher icon soyking

Metadata

etcd v3 client with hierarchy

Back