Giter VIP home page Giter VIP logo

ssh-keys-alfred-workflow's Introduction

SSH-Keys Workflow for Alfred 2

This Alfred workflow looks up public SSH keys for users on github.com, allowing you to search for the user intuitively, and copies all of that user's SSH keys to the clipboard.

To get started, simply download the workflow, and double-click to have Alfred install it for you. You should then be able to use it like this:

ssh keys demo

Commands

Search for a users's keys:

  • keys <username|partial username>

Log in/Save github API credentials for higher query rates + better suggestions: Not Implemented

  • keys login

Log out/destroy locally saved github API credentials: Not Implemented

  • keys logout

ssh-keys-alfred-workflow's People

Contributors

geofffranks avatar mend-bolt-for-github[bot] avatar teancom avatar

Stargazers

avatar avatar

Watchers

avatar avatar

Forkers

rkoster teancom

ssh-keys-alfred-workflow's Issues

CVE-2021-4235 (Medium) detected in github.com/go-yaml/yaml-v2.0.0+incompatible

CVE-2021-4235 - Medium Severity Vulnerability

Vulnerable Library - github.com/go-yaml/yaml-v2.0.0+incompatible

YAML support for the Go language.

Library home page: https://proxy.golang.org/github.com/go-yaml/yaml/@v/v2.0.0+incompatible.zip

Dependency Hierarchy:

  • github.com/go-yaml/yaml-v2.0.0+incompatible (Vulnerable Library)

Found in HEAD commit: 2f8b12df3a2bf883fe01937a9f307fb9fba89384

Vulnerability Details

Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.

Publish Date: 2022-12-27

URL: CVE-2021-4235

CVSS 3 Score Details (6.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2022-12-27

Fix Resolution: v2.2.3

Step up your Open Source Security Game with Mend here

CVE-2022-28948 (Medium) detected in github.com/go-yaml/yaml-v2.0.0 - autoclosed

CVE-2022-28948 - Medium Severity Vulnerability

Vulnerable Library - github.com/go-yaml/yaml-v2.0.0

YAML support for the Go language.

Dependency Hierarchy:

  • github.com/go-yaml/yaml-v2.0.0 (Vulnerable Library)

Found in HEAD commit: 2f8b12df3a2bf883fe01937a9f307fb9fba89384

Vulnerability Details

An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.

Publish Date: 2022-05-19

URL: CVE-2022-28948

CVSS 3 Score Details (5.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-fm53-mpmp-7qw2

Release Date: 2022-05-19

Fix Resolution: v3.0.0

Step up your Open Source Security Game with Mend here

CVE-2019-11254 (Medium) detected in github.com/go-yaml/yaml-v2.0.0+incompatible

CVE-2019-11254 - Medium Severity Vulnerability

Vulnerable Library - github.com/go-yaml/yaml-v2.0.0+incompatible

YAML support for the Go language.

Library home page: https://proxy.golang.org/github.com/go-yaml/yaml/@v/v2.0.0+incompatible.zip

Dependency Hierarchy:

  • github.com/go-yaml/yaml-v2.0.0+incompatible (Vulnerable Library)

Found in HEAD commit: 2f8b12df3a2bf883fe01937a9f307fb9fba89384

Vulnerability Details

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.

Publish Date: 2020-04-01

URL: CVE-2019-11254

CVSS 3 Score Details (6.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2020-10-02

Fix Resolution: v2.2.8

Step up your Open Source Security Game with Mend here

CVE-2022-3064 (High) detected in github.com/go-yaml/yaml-v2.0.0+incompatible

CVE-2022-3064 - High Severity Vulnerability

Vulnerable Library - github.com/go-yaml/yaml-v2.0.0+incompatible

YAML support for the Go language.

Library home page: https://proxy.golang.org/github.com/go-yaml/yaml/@v/v2.0.0+incompatible.zip

Dependency Hierarchy:

  • github.com/go-yaml/yaml-v2.0.0+incompatible (Vulnerable Library)

Found in HEAD commit: 2f8b12df3a2bf883fe01937a9f307fb9fba89384

Vulnerability Details

Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.

Publish Date: 2022-12-27

URL: CVE-2022-3064

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://pkg.go.dev/vuln/GO-2022-0956

Release Date: 2022-12-27

Fix Resolution: v2.2.4

Step up your Open Source Security Game with Mend here

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.