Go module
github.com/bitflow-stream/go-bitflow
history
arrow_drop_downv0.0.34
Newer version availableSecurity Advisories
17
In the dependencies
Similar advisories
Similar advisories
golang.org/x/text Infinite loop
7.5 MODERATE·GHSA-5rcv-m4m3-hfh7
Similar advisories
Excessive Platform Resource Consumption within a Loop in Kubernetes
6.5 MODERATE·GHSA-wxc4-f4m6-wwqv
Similar advisories
Inconsistent Interpretation of HTTP Requests in github.com/gin-gonic/gin
7.1 HIGH·GHSA-h395-qcrw-5vmq
Similar advisories
YAML Go package vulnerable to denial of service
5.5 MODERATE·GHSA-r88r-gmrh-7j83
Similar advisories
golang.org/x/text/language Out-of-bounds Read vulnerability
7.5 HIGH·GHSA-ppp9-7jff-5vj2
Similar advisories
golang.org/x/sys/unix has Incorrect privilege reporting in syscall
5.3 MODERATE·GHSA-p782-xgp4-8hr8
Similar advisories
yaml package for Go can consume excessive amounts of CPU or memory
7.5 HIGH·GHSA-6q6q-88xp-6f2r
Similar advisories
golang.org/x/text/language Denial of service via crafted Accept-Language header
7.5 HIGH·GHSA-69ch-w2m2-3vjp
Similar advisories
Uncontrolled Resource Consumption in golang.org/x/image
5.5 MODERATE·GHSA-qgc7-mgm3-q253
Similar advisories
Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function
4.3 MODERATE·GHSA-2c4m-59x9-fr2g
Similar advisories
Golang TIFF decoder does not place a limit on the size of compressed tile data
6.5 MODERATE·GHSA-x92r-3vfx-4cv3
Similar advisories
Golang TIFF decoder vulnerable to excessive CPU consumption
6.5 MODERATE·GHSA-j3p8-6mrq-6g7h
Similar advisories
Panic when parsing invalid palette-color images in golang.org/x/image
7.5 HIGH·GHSA-9phm-fm57-rhg8
Improper input validation in github.com/gin-gonic/gin
5.6 MODERATE·GHSA-3vp4-m3rf-835h
Gin mishandles a wildcard at the end of an origin string
9.1 CRITICAL·GHSA-869c-j7wc-8jqv
Dependents
This package has no known dependents.
Package metadata as of .
Links
- Origin
- Repo
Projects
bitflow-stream/go-bitflow
GitHub
Bitflow's dataflow engine, a lightweight framework for real-time processing of data streams through a graph of operators
call_split 3 forks
star 19 stars
OpenSSF scorecard
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
View information about checks and how to fix failures.
Score
3.2/10
Scorecard as of .
Maintained
0/10
Determines if the project is "actively maintained".
Reasoning
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Code-Review
10/10
Determines if the project requires human code review before pull requests (aka merge requests) are merged.
Reasoning
all changesets reviewed
Binary-Artifacts
10/10
Determines if the project has generated executable (binary) artifacts in the source repository.
Reasoning
no binaries found in the repo
CII-Best-Practices
0/10
Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.
Reasoning
no effort to earn an OpenSSF best practices badge detected
Fuzzing
0/10
Determines if the project uses fuzzing.
Reasoning
project is not fuzzed
Security-Policy
0/10
Determines if the project has published a security policy.
Reasoning
security policy file not detected
License
10/10
Determines if the project has defined a license.
Reasoning
license file detected
SAST
0/10
Determines if the project uses static code analysis.
Reasoning
SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities
0/10
Determines if the project has open, known unfixed vulnerabilities.
Reasoning
21 existing vulnerabilities detected
Pinned-Dependencies
0/10
Determines if the project has declared and pinned the dependencies of its build process.
Reasoning
dependency not pinned by hash detected -- score normalized to 0
Project metadata as of .