Affected by GO-2024-2430 and 4 other vulnerabilities

GO-2024-2430: Authenticated users can crash the CubeFS servers with maliciously crafted requests in github.com/cubefs/cubefs

GO-2024-2431: Insecure random string generator used for sensitive data in github.com/cubefs/cubefs

GO-2024-2432: CubeFS timing attack can leak user passwords in github.com/cubefs/cubefs

GO-2024-2433: CubeFS leaks magic secret key when starting Blobstore access service in github.com/cubefs/cubefs

GO-2024-2434: CubeFS leaks users key in logs in github.com/cubefs/cubefs

cubefs

module

v1.1.0 Latest Latest Go to latest Published: May 9, 2019 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

ChubaoFS (储宝文件系统) is a distributed file system for cloud native applications. It has the following features:

For more details, please refer to our SIGMOD 2019 paper "ChubaoFS: A Distributed File System for Large Scale Container Platforms".

Licensed under the Apache License, Version 2.0. For detail see LICENSE and NOTICE.

Path	Synopsis
blobstore module
client
fs
cmd
datanode
depends
jacobsa/fuse Module
master
metanode
proto
raftstore
repl
sdk
data/stream
data/wrapper
meta
storage
util
btree Package btree implements in-memory B-Trees of arbitrary degree.	Package btree implements in-memory B-Trees of arbitrary degree.
buf
config
errors
exporter
log
ump