treym-wss / ast Goto Github PK
View Code? Open in Web Editor NEWThis project forked from att/ast
AST - AT&T Software Technology
License: Eclipse Public License 1.0
This project forked from att/ast
AST - AT&T Software Technology
License: Eclipse Public License 1.0
Library home page: https://source.codeaurora.org/quic/lc/native_client/nacl-toolchain/
Zlib in versions v0.8 to v1.2.11 is vulnerable to use-of-uninitialized-value in inflate.
There are a couple of places in inflate() where UPDATE is called with state->check as its first parameter, without a guarantee that this value has been initialized (state comes from a ZALLOC in inflateInit). This causes use of uninitialized check value.
Publish Date: 2020-02-22
URL: WS-2020-0368
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/WS-2020-0368
Release Date: 2020-02-22
Fix Resolution: cmake-native - 3.15.5;binutils-cross-testsuite - 2.35;libstd-rs - 1.57.0;gdb - 11.1,9.2;tcl - 8.6.11;sudo - 1.8.32;binutils - 2.35,2.28;ccache - 3.3.3,4.1;libgit2 - 1.3.0;cmake - 3.19.5,3.7.0,3.7.2,3.22.0,3.17.3;cmake-native - 3.17.3,3.7.0,3.22.0,3.18.4;ghostscript - 9.55.0
Library home page: https://source.codeaurora.org/quic/lc/native_client/nacl-toolchain/
Found in HEAD commit: c737a944939a4a34307d1d70f0054109ace029a2
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
Publish Date: 2022-08-05
URL: CVE-2022-37434
Base Score Metrics:
This is the AT&T Software Technology ast software download site from AT&T Research. The AT&T AST OpenSource Software Collection provides an overview and Practical Reusable UNIX Software provides a historical perspective. You can join the ast and uwin mailgroups, or monitor the mail archives. There is also an AT&T internal talk. The man page index contains most of the ast commands and library functions; command man pages are also available at runtime using the --man or --html option of any ast command.
Library home page: https://github.com/att/ast.git
Found in HEAD commit: c737a944939a4a34307d1d70f0054109ace029a2
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.
Publish Date: 2020-04-02
URL: CVE-2019-14868
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2019-14868
Release Date: 2020-10-09
Fix Resolution: ksh - 20120801-253,20120801-138,20120801-140,20120801-253,20120801-140,20120801-253,20120801-140,20120801-253,20120801-26,20120801-36,20120801-138,20120801-253,20120801-138,20120801-140,20120801-38,20120801-26,20120801-253,20120801-140,20120801-36,20120801-140,20120801-27,20120801-36,20120801-253,20120801-140,20120801-140,20120801-38,20120801-27,20120801-253,20120801-38,20120801-138;ksh-debugsource - 20120801-253,20120801-253;ksh-debuginfo - 20120801-36,20120801-26,20120801-38,20120801-140,20120801-253,20120801-253,20120801-140,20120801-38,20120801-138,20120801-27
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.