Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

github.com/u-root/u-root

Ecosystem:
go
Package URL:
pkg:golang/github.com/u-root/u-root
Total PRs:
28 Dependabot PRs
Latest PR:
about 2 months ago
Unique Repositories:
20 repositories
Unique Repos (30 days):
1 repository
Security Advisories
github.com/u-root/u-root/pkg/tarutil Arbitrary File Write via Archive Extraction (Zip Slip)
GHSA-75qf-wgfj-v652 CVE-2020-7669 HIGH published about 5 years ago • updated 5 days ago
This affects all versions up to and including version 0.7.0 of package github.com/u-root/u-root/pkg/tarutil. It is vulnerable to both leading and n...
Path traversal in u-root
GHSA-58pf-pcwv-qg85 CVE-2020-7665 HIGH published about 5 years ago • updated about 2 months ago
This affects all versions of package github.com/u-root/u-root/pkg/uzip. It is vulnerable to both leading and non-leading relative path traversal at...
Recent PRs (filtered by: Merged )
RSS Feed Clear filter
Bump the all-deps group across 1 directory with 6 updates

google/trillian-examples #1342

0.14.0 → 0.15.0 Minor PR
Merged 10 months ago 1 comment
google
build(deps): bump github.com/u-root/u-root from 0.14.0 to 0.15.0

chainguard-dev/apko #1828

0.14.0 → 0.15.0 Minor PR
Merged 10 months ago
chainguard-dev
Package Details
Name: github.com/u-root/u-root
Ecosystem: go
PURL Type: golang
Package URL: pkg:golang/github.com/u-root/u-root
JSON API: View JSON
Security Advisories

2

Active advisories
HIGH 2
View All golang Advisories
Package Information
Description:

Command u-root builds CPIO archives with the given files and Go commands.

Repository: https://github.com/u-root/u-root
Homepage: https://github.com/u-root/u-root
Latest Release: v0.15.0
10 months ago
Dependent Repos: 514
Dependent Packages: 164
Ranking: Top 0.3123% by dependent repos Top 0.3489% by dependent pkgs
PR Status
Open 17 (60.7%)
Merged 2 (7.1%)
Closed 9 (32.1%)
PR Types
Minor 28 (100.0%)