eternalcodeteam / lobbyheads Goto Github PK
View Code? Open in Web Editor NEW✨ Decorative heads for your server Hub!
Home Page: https://www.eternalcode.pl
License: GNU General Public License v3.0
✨ Decorative heads for your server Hub!
Home Page: https://www.eternalcode.pl
License: GNU General Public License v3.0
Path to dependency file: /lobbyheads-core/build.gradle.kts
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.testng/testng/7.5/1416a607fae667c14e390b484e8d02b5824c0674/testng-7.5.jar
Found in HEAD commit: 7c809472b2402d7790f1f93c239e9487ec97477b
CVE | Severity | CVSS | Dependency | Type | Fixed in (groovy-all version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2022-4065 | High | 7.8 | testng-7.5.jar | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Testing framework for Java
Library home page: https://testng.org
Path to dependency file: /lobbyheads-core/build.gradle.kts
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.testng/testng/7.5/1416a607fae667c14e390b484e8d02b5824c0674/testng-7.5.jar
Dependency Hierarchy:
Found in HEAD commit: 7c809472b2402d7790f1f93c239e9487ec97477b
Found in base branch: master
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to path traversal. The attack can be launched remotely. Upgrading to version 7.5.1 and 7.7.1 is able to address this issue. The patch is named 9150736cd2c123a6a3b60e6193630859f9f0422b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-214027.
Publish Date: 2022-11-19
URL: CVE-2022-4065
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-11-19
Fix Resolution: org.testng:testng:7.7.0
Step up your Open Source Security Game with Mend here
Leaderboard with the number of players who have swapped heads the most times.
Path to dependency file: /lobbyheads-core/build.gradle.kts
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.testng/testng/7.5/1416a607fae667c14e390b484e8d02b5824c0674/testng-7.5.jar
Found in HEAD commit: a16033fa669ef4a29f157f46fef0a713f3e536b6
CVE | Severity | CVSS | Dependency | Type | Fixed in (groovy-all version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2022-4065 | High | 7.8 | testng-7.5.jar | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Testing framework for Java
Library home page: https://testng.org
Path to dependency file: /lobbyheads-core/build.gradle.kts
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.testng/testng/7.5/1416a607fae667c14e390b484e8d02b5824c0674/testng-7.5.jar
Dependency Hierarchy:
Found in HEAD commit: a16033fa669ef4a29f157f46fef0a713f3e536b6
Found in base branch: master
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to path traversal. The attack can be launched remotely. Upgrading to version 7.5.1 and 7.7.1 is able to address this issue. The patch is named 9150736cd2c123a6a3b60e6193630859f9f0422b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-214027.
Publish Date: 2022-11-19
URL: CVE-2022-4065
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-11-19
Fix Resolution: org.testng:testng:7.7.0
Step up your Open Source Security Game with Mend here
Add updater via GitCheck lib.
When I add this plugin to the server and enter /head add, it writes to me that there is no such command
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates are currently rate-limited. Click on a checkbox below to force their creation now.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
.github/workflows/gradle.yml
actions/checkout v4.1.1
actions/setup-java v4.2.1
actions/cache v3.3.3
actions/upload-artifact v4.3.2
settings.gradle.kts
buildSrc/build.gradle.kts
buildSrc/src/main/kotlin/lobbyheads-checkstyle.gradle.kts
checkstyle 10.15.0
buildSrc/src/main/kotlin/lobbyheads-java-17.gradle.kts
buildSrc/src/main/kotlin/lobbyheads-java-unit-test.gradle.kts
org.codehaus.groovy:groovy-all 3.0.21
org.junit:junit-bom 5.9.1
org.mockito:mockito-core 5.6.0
buildSrc/src/main/kotlin/lobbyheads-publish.gradle.kts
buildSrc/src/main/kotlin/lobbyheads-repositories.gradle.kts
lobbyheads-api/build.gradle.kts
org.spigotmc:spigot-api 1.20.2-R0.1-SNAPSHOT
org.jetbrains:annotations 24.1.0
lobbyheads-core/build.gradle.kts
net.minecrell.plugin-yml.bukkit 0.6.0
com.github.johnrengelman.shadow 8.1.1
xyz.jpenilla.run-paper 2.2.3
eu.okaeri:okaeri-configs-yaml-snakeyaml 5.0.1
eu.okaeri:okaeri-configs-serdes-commons 5.0.1
net.kyori:adventure-platform-bukkit 4.3.2
net.kyori:adventure-text-minimessage 4.14.0
dev.rollczi:liteskullapi 1.3.0
org.spigotmc:spigot-api 1.20.2-R0.1-SNAPSHOT
org.spigotmc:spigot-api 1.20.2-R0.1-SNAPSHOT
com.mojang:authlib 5.0.47
com.github.unldenis:holoeasy 3.0.1
me.clip:placeholderapi 2.11.5
org.bstats:bstats-bukkit 3.0.2
com.eternalcode:gitcheck 1.0.0
org.codehaus.groovy:groovy-all 3.0.21
org.junit:junit-bom 5.9.1
org.mockito:mockito-core 5.6.0
gradle/wrapper/gradle-wrapper.properties
gradle 8.4
Add global cooldown before another player replace head, and add optional option to see particles around head before global cooldown end.
Create placeholderapi hook instead of static PlaceholderAPI#setPlaceholders method to set placeholder from papi in hologram.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.