Showing 1,441 of 1,441 total issues
XSS Vulnerability in Chartkick Ruby Gem Open
chartkick (2.2.5)
- Read upRead up
- Exclude checks
Advisory: CVE-2019-12732
Criticality: Medium
URL: https://github.com/ankane/chartkick/issues/488
Solution: upgrade to >= 3.2.0
XSS Vulnerability on closeText option of Dialog jQuery UI Open
jquery-ui-rails (5.0.5)
- Read upRead up
- Exclude checks
Advisory: CVE-2016-7103
Criticality: Medium
URL: https://github.com/jquery/api.jqueryui.com/issues/281
Solution: upgrade to >= 6.0.0
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in puma Open
puma (3.11.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-41136
Criticality: Low
URL: https://github.com/puma/puma/security/advisories/GHSA-48w2-rm65-62xx
Solution: upgrade to ~> 4.3.9, >= 5.5.1
Information Exposure with Puma when used with Rails Open
puma (3.11.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-23634
Criticality: High
URL: https://github.com/puma/puma/security/advisories/GHSA-rmj8-8hhh-gv5h
Solution: upgrade to ~> 4.3.11, >= 5.6.2
Keepalive Connections Causing Denial Of Service in puma Open
puma (3.11.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-29509
Criticality: High
URL: https://github.com/puma/puma/security/advisories/GHSA-q28m-8xjw-8vr5
Solution: upgrade to ~> 4.3.8, >= 5.3.1
HTTP Request Smuggling in puma Open
puma (3.11.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-24790
Criticality: Critical
URL: https://github.com/puma/puma/security/advisories/GHSA-h99w-9q5r-gjq9
Solution: upgrade to ~> 4.3.12, >= 5.6.4
CSS injection with width and height options Open
chartkick (2.2.5)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-16254
Criticality: Medium
URL: https://github.com/ankane/chartkick/issues/546
Solution: upgrade to >= 3.4.0
json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix) Open
json (1.8.6)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-10663
Criticality: High
URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
Solution: upgrade to >= 2.3.0
ReDoS based DoS vulnerability in GlobalID Open
globalid (0.4.1)
- Read upRead up
- Exclude checks
Advisory: CVE-2023-22799
URL: https://github.com/rails/globalid/releases/tag/v1.0.1
Solution: upgrade to >= 1.0.1
simple_form Gem for Ruby Incorrect Access Control for forms based on user input Open
simple_form (3.5.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2019-16676
Criticality: Critical
URL: https://github.com/plataformatec/simple_form/security/advisories/GHSA-r74q-gxcg-73hx
Solution: upgrade to >= 5.0
RDoc OS command injection vulnerability Open
rdoc (4.3.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-31799
Criticality: High
URL: https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc/
Solution: upgrade to ~> 6.1.2.1, ~> 6.2.1.1, >= 6.3.1
Block has too many lines. [434/25] Open
RSpec.describe Project, type: :model do
before(:each) do
@project = FactoryGirl.build(:project)
end
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [339/25] Open
RSpec.describe 'Statistics API', type: :request do
before(:each) do
@auth_token = ApplicationController.generate_auth_token
end
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [300/25] Open
RSpec.describe 'AnnotationDocuments API', type: :request do
before(:each) do
@auth_token = ApplicationController.generate_auth_token
end
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [276/25] Open
RSpec.describe RawDatum, type: :model do
before(:each) do
@raw_datum = FactoryGirl.build(:raw_datum)
end
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [258/25] Open
RSpec.describe Service, type: :model do
before(:each) do
@iterate_service = FactoryGirl.build(:iterate_service)
@ml_service = FactoryGirl.build(:machine_learning_service)
@merge_service = FactoryGirl.build(:merge_service)
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Class has too many lines. [244/100] Open
class ProjectsController < ApplicationController
include ServiceRoles
before_action :authenticate_user,
only: [:index, :show]
- Read upRead up
- Exclude checks
This cop checks if the length a class exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.
Block has too many lines. [213/25] Open
RSpec.describe Interface, type: :model do
before(:each) do
@interface = FactoryGirl.build(:interface)
end
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Class has too many lines. [229/100] Open
class StatisticsController < BaseController
include Swagger::Blocks
before_action :set_statistic,
only: [
- Read upRead up
- Exclude checks
This cop checks if the length a class exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.
Class has too many lines. [227/100] Open
class AnnotationDocumentsController < BaseController
include Swagger::Blocks
include ErrorResponse
before_action :set_annotation_document,
- Read upRead up
- Exclude checks
This cop checks if the length a class exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.