cube-soft / cube.core Goto Github PK
View Code? Open in Web Editor NEWProvides support the MVVM pattern in WPF and/or WinForms applications, and additional utilities.
Home Page: https://docs.cube-soft.jp/
License: Apache License 2.0
Provides support the MVVM pattern in WPF and/or WinForms applications, and additional utilities.
Home Page: https://docs.cube-soft.jp/
License: Apache License 2.0
I have been hunting for an up to data MVC/MVP / Mvvm packages and was almost going to use your core, when I found it has requirement for NLog, is not .net 48 and has loads of other stuff that my app does not need.
So please separate the Core into a code base that just performs MVxxx style code, and produce a nuget for that.
Please also include some of the Bindable style stuff from Winforms down into that package as well (i.e. remove it from WindowsBase!)
Internal implementation package not meant for direct consumption. Please do not reference directly....
Library home page: https://api.nuget.org/packages/system.private.uri.4.3.0.nupkg
Path to vulnerable library: /packages/system.private.uri/4.3.0/system.private.uri.4.3.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: 15170da484d366175b3e70ba0b83b8fab75356fa
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980.
Publish Date: 2019-05-16
URL: CVE-2019-0981
Base Score Metrics:
Type: Upgrade version
Origin: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0981
Release Date: 2019-05-16
Fix Resolution: 4.3.2
Step up your Open Source Security Game with WhiteSource here
Internal implementation package not meant for direct consumption. Please do not reference directly....
Library home page: https://api.nuget.org/packages/system.private.uri.4.3.0.nupkg
Path to vulnerable library: /packages/system.private.uri/4.3.0/system.private.uri.4.3.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: 15170da484d366175b3e70ba0b83b8fab75356fa
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981.
Publish Date: 2019-05-16
URL: CVE-2019-0980
Base Score Metrics:
Type: Upgrade version
Origin: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0980
Release Date: 2019-05-16
Fix Resolution: 4.3.2
Step up your Open Source Security Game with WhiteSource here
Apache log4net for .NET Framework 4.5
Library home page: https://api.nuget.org/packages/log4net.2.0.8.nupkg
Path to vulnerable library: /packages/opencover/4.7.922/tools/log4net.dll
Dependency Hierarchy:
An open source code coverage tool (branch and sequence point) for all .NET Frameworks 2 and above. A...
Library home page: https://api.nuget.org/packages/opencover.4.7.922.nupkg
Path to dependency file: Cube.Core/Tests/FileSystem/Cube.FileSystem.Tests.csproj
Path to vulnerable library: /packages/opencover/4.7.922/opencover.4.7.922.nupkg,Cube.Core/../packages/opencover/4.7.922/opencover.4.7.922.nupkg,Cube.Core/../packages/opencover/4.7.922/opencover.4.7.922.nupkg
Dependency Hierarchy:
Found in HEAD commit: 38e5989cefb3d13be89a15ab297370e8ae26770d
Found in base branch: master
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.
Publish Date: 2020-05-11
URL: CVE-2018-1285
Base Score Metrics:
Type: Upgrade version
Origin: https://github.com/apache/logging-log4net/tree/rel/2.0.10
Release Date: 2020-05-11
Fix Resolution: log4net - 2.0.10
Step up your Open Source Security Game with WhiteSource here
Internal implementation package not meant for direct consumption. Please do not reference directly....
Library home page: https://api.nuget.org/packages/system.private.uri.4.3.0.nupkg
Path to vulnerable library: /packages/system.private.uri/4.3.0/system.private.uri.4.3.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: 15170da484d366175b3e70ba0b83b8fab75356fa
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.
Publish Date: 2019-03-05
URL: CVE-2019-0657
Base Score Metrics:
Type: Upgrade version
Origin: https://github.com/dotnet/corefx/issues/35265
Release Date: 2018-11-26
Fix Resolution: Microsoft.NETCore.App.nupkg - 2.1.8,2.2.2;System.Private.Uri.nupkg - 4.3.1
Step up your Open Source Security Game with WhiteSource here
An open source code coverage tool (branch and sequence point) for all .NET Frameworks 2 and above. A...
Library home page: https://api.nuget.org/packages/opencover.4.7.1221.nupkg
Path to dependency file: /Tests/FileSystem/Cube.FileSystem.Tests.csproj
Path to vulnerable library: /../packages/opencover/4.7.1221/opencover.4.7.1221.nupkg,/../packages/opencover/4.7.1221/opencover.4.7.1221.nupkg
Dependency Hierarchy:
Found in HEAD commit: 298706ba8643d090cef86463b2aaea38eccf3eac
Found in base branch: master
Improper Handling of Exceptional Conditions in Newtonsoft.Json.
Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults due to improper handling of StackOverFlow exception (SOE) whenever nested expressions are being processed. Exploiting this vulnerability results in Denial Of Service (DoS), and it is exploitable when an attacker sends 5 requests that cause SOE in time frame of 5 minutes. This vulnerability affects Internet Information Services (IIS) Applications.
Publish Date: 2022-06-22
URL: WS-2022-0161
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-5crp-9r3c-p9vr
Release Date: 2022-06-22
Fix Resolution: Newtonsoft.Json - 13.0.1
Step up your Open Source Security Game with Mend here
Provides the System.Text.RegularExpressions.Regex class, an implementation of a regular expression e...
Library home page: https://api.nuget.org/packages/system.text.regularexpressions.4.3.0.nupkg
Path to dependency file: Cube.Core/Tests/FileSystem/Cube.FileSystem.Tests.csproj
Path to vulnerable library: /usr/share/dotnet/sdk/NuGetFallbackFolder/system.text.regularexpressions/4.3.0/system.text.regularexpressions.4.3.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: 15170da484d366175b3e70ba0b83b8fab75356fa
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
Publish Date: 2019-05-16
URL: CVE-2019-0820
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.