Affected by GO-2024-3136 and 11 other vulnerabilities

GO-2024-3136: Dragonfly2 has hard coded cyptographic key in d7y.io/dragonfly

GO-2025-3963: Dragonfly incorrectly handles a task structure’s usedTrac field in d7y.io/dragonfly

GO-2025-3964: Dragonfly's directories created via os.MkdirAll are not checked for permissions in d7y.io/dragonfly

GO-2025-3965: Dragonfly doesn't have authentication enabled for some Manager’s endpoints in d7y.io/dragonfly

GO-2025-3966: Dragonfly's manager makes requests to external endpoints with disabled TLS authentication in d7y.io/dragonfly

GO-2025-3968: Dragonfly vulnerable to server-side request forgery in d7y.io/dragonfly

GO-2025-3969: DragonFly's manager generates mTLS certificates for arbitrary IP addresses in d7y.io/dragonfly

GO-2025-3970: DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error in d7y.io/dragonfly

GO-2025-3971: DragonFly vulnerable to arbitrary file read and write on a peer machine in d7y.io/dragonfly

GO-2025-3972: Dragonfly vulnerable to timing attacks against Proxy’s basic authentication in d7y.io/dragonfly

GO-2025-3973: DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly

GO-2025-3974: DragonFly's tiny file download uses hard coded HTTP protocol in d7y.io/dragonfly

database

package

v2.0.2-alpha.8 Latest Latest Go to latest Published: Jan 4, 2022 License: Apache-2.0 Imports: 10 Imported by: 0

Details

This section is empty.

This section is empty.

func NewRedis(cfg *config.RedisConfig) (*redis.Client, error)

type Database struct {
	DB  *gorm.DB
	RDB *redis.Client
}

func New(cfg *config.Config) (*Database, error)