Bob McWhirter bobmcwhirter
bobmcwhirter
/ gist:4bd1bad88c7ab02ac4d83f001a5112b6
Created
July 23, 2024 18:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| add-license | |
| advisory-hash | |
| advisory-rest | |
| advisory-severity-column | |
| advisory-severity-vulns | |
| advisory-tstamps | |
| advisory-vuln-cvss-and-summary-ish-yeah-buddy | |
| advisory-vuln-relationships | |
| advisory-vuln-severity | |
| advisory-vuln-title-etc |
bobmcwhirter
/ foo
Created
July 9, 2024 18:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "identifier": "CVE-2024-29025", | |
| "title": "Netty HttpPostRequestDecoder can OOM", | |
| "description": "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpData` list. The decoder cumulates bytes in the `undecodedChunk` buffer until it can decode a field, this field can cumulate data without limits. This vulnerability is fixed in 4.1.108.Final.", | |
| "published": "2024-03-25T20:09:35.156Z", | |
| "modified": "2024-03-25T20:09:35.156Z", | |
| "cwe": "CWE-770", | |
| "average_severity": "medium", | |
| "average_score": 6.5, | |
| "advisories": [ |
bobmcwhirter
/ foo
Created
July 9, 2024 18:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /Users/bob/.cargo/bin/cargo test --color=always --lib vulnerability::service::test::statuses_too --no-fail-fast --manifest-path /Users/bob/repos/trustification/trustify/modules/fundamental/Cargo.toml -- --format=json --exact -Z unstable-options --show-output | |
| Testing started at 2:10 PM ... | |
| Finished `test` profile [unoptimized + debuginfo] target(s) in 0.27s | |
| Running unittests src/lib.rs (target/debug/deps/trustify_module_fundamental-2ed829e0f5f33056) | |
| { | |
| "identifier": "CVE-2024-29025", | |
| "title": "Netty HttpPostRequestDecoder can OOM", | |
| "description": "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpDa |
bobmcwhirter
/ check.log
Created
May 21, 2024 18:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| warning: external crate `async_std` unused in `migration`: remove the dependency or add `use async_std as _;` | |
| | | |
| = note: requested on the command line with `-W unused-crate-dependencies` | |
| warning: `trustify-migration` (lib) generated 1 warning | |
| warning: external crate `thiserror` unused in `trustify_cvss`: remove the dependency or add `use thiserror as _;` | |
| | | |
| = note: requested on the command line with `-W unused-crate-dependencies` | |
| warning: `trustify-cvss` (lib) generated 1 warning |
bobmcwhirter
/ gist:3fd8cfd24c42e0a2c4d437a47ac68203
Created
October 25, 2023 17:53
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "analysis": { | |
| "pkg:maven/org.postgresql/postgresql@42.5.0?type=jar": [ | |
| { | |
| "vendor": "snyk", | |
| "vulnerable": [ | |
| { | |
| "id": "snyk-java-orgpostgresql-3146847", | |
| "severity": [ | |
| { |
bobmcwhirter
/ gist:aa30a7393d601787f26d665fbd2ac2c3
Created
September 28, 2023 19:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "affected": { | |
| "pkg:maven/org.apache.logging.log4j/log4j-core@2.13.3": [ | |
| "ghsa-7rjr-3q55-vv33", | |
| "ghsa-8489-44mv-ggj8", | |
| "ghsa-jfh8-c2jp-5v3q", | |
| "ghsa-p6xc-xr62-6r2g", | |
| "cve-2021-44832", | |
| "cwe-94", | |
| "cve-2021-45105", |
bobmcwhirter
/ output.json
Created
September 27, 2023 13:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "affected": { | |
| "pkg:maven/org.apache.logging.log4j/log4j-core@2.13.3": [ | |
| "ghsa-7rjr-3q55-vv33", | |
| "ghsa-8489-44mv-ggj8", | |
| "ghsa-jfh8-c2jp-5v3q", | |
| "ghsa-p6xc-xr62-6r2g", | |
| "cve-2021-44832", | |
| "cwe-94", | |
| "cve-2021-45105", |
bobmcwhirter
/ main.rs
Created
November 30, 2021 16:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #![no_std] | |
| #![no_main] | |
| #![feature(trait_alias)] | |
| #![feature(type_alias_impl_trait)] | |
| #![allow(incomplete_features)] | |
| #![feature(generic_associated_types)] | |
| use bsp_blinky_app::{boot, App, BlinkyApp, Board, BlinkyDevice}; | |
| use bsp_blinky_app::{BlinkyBoard, BlinkyComponents}; | |
| use core::borrow::BorrowMut; |
bobmcwhirter
/ lib.rs
Created
November 30, 2021 16:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #![no_std] | |
| #![feature(generic_associated_types)] | |
| #![feature(type_alias_impl_trait)] | |
| use core::future::Future; | |
| use core::marker::PhantomData; | |
| use core::pin::Pin; | |
| use core::task::{Context, Poll}; | |
| use drogue_device::actors::button::{ButtonEvent, ButtonEventDispatcher, FromButtonEvent}; | |
| use drogue_device::actors::led::LedMessage; |
bobmcwhirter
/ gist:557d046131f401c138012b62a2958416
Created
November 15, 2021 15:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Compiling embassy-net v0.1.0 (/Users/bob/repos/embassy/embassy-net) | |
| error[E0061]: this function takes 1 argument but 2 arguments were supplied | |
| --> /Users/bob/repos/embassy/embassy-net/src/stack.rs:144:23 | |
| | | |
| 144 | if self.iface.poll(&mut self.sockets, timestamp).is_err() { | |
| | ^^^^ ----------------- --------- supplied 2 arguments | |
| | | | |
| | expected 1 argument | |
| | | |
| note: associated function defined here |
NewerOlder