Gemfile.lock from ESheahan/espolea

Gemfile.lock

Summary

Maintainability

Test Coverage

Rails 4.2.1 is vulnerable to denial of service via mime type caching (CVE-2016-0751). Upgrade to Rails version 4.2.5.1
Open

    rails (4.2.1)

Found in Gemfile.lock by brakeman

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Rails 4.2.1 does not encode JSON keys (CVE-2015-3226). Upgrade to Rails version 4.2.2
Open

    rails (4.2.1)

Found in Gemfile.lock by brakeman

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Rails 4.2.1 content_tag does not escape double quotes in attribute values (CVE-2016-6316). Upgrade to 4.2.7.1
Open

    rails (4.2.1)

Found in Gemfile.lock by brakeman

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Loofah 2.0.3 is vulnerable (CVE-2018-8048). Upgrade to 2.1.2
Open

    loofah (2.0.3)

Found in Gemfile.lock by brakeman

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Rails 4.2.1 contains a SQL injection vulnerability (CVE-2016-6317). Upgrade to 4.2.7.1
Open

    rails (4.2.1)

Found in Gemfile.lock by brakeman

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Rails 4.2.1 is vulnerable to denial of service via XML parsing (CVE-2015-3227). Upgrade to Rails version 4.2.2
Open

    rails (4.2.1)

Found in Gemfile.lock by brakeman

Read up
Read up
Exclude checks
- Disable engine
- Disable check

rails-html-sanitizer 1.0.3 is vulnerable (CVE-2018-3741). Upgrade to 1.0.4
Open

    rails-html-sanitizer (1.0.3)

Found in Gemfile.lock by brakeman

Read up
Read up
Exclude checks
- Disable engine
- Disable check

ESheahan/espolea

Summary

Maintainability

Test Coverage

Rails 4.2.1 is vulnerable to denial of service via mime type caching (CVE-2016-0751). Upgrade to Rails version 4.2.5.1
Open

Rails 4.2.1 does not encode JSON keys (CVE-2015-3226). Upgrade to Rails version 4.2.2
Open

Rails 4.2.1 content_tag does not escape double quotes in attribute values (CVE-2016-6316). Upgrade to 4.2.7.1
Open

Loofah 2.0.3 is vulnerable (CVE-2018-8048). Upgrade to 2.1.2
Open

Rails 4.2.1 contains a SQL injection vulnerability (CVE-2016-6317). Upgrade to 4.2.7.1
Open

Rails 4.2.1 is vulnerable to denial of service via XML parsing (CVE-2015-3227). Upgrade to Rails version 4.2.2
Open

rails-html-sanitizer 1.0.3 is vulnerable (CVE-2018-3741). Upgrade to 1.0.4
Open

There are no issues that match your filters.

Category

Status

ESheahan/espolea

Summary

Maintainability

Test Coverage

Rails 4.2.1 is vulnerable to denial of service via mime type caching (CVE-2016-0751). Upgrade to Rails version 4.2.5.1 Open

Rails 4.2.1 does not encode JSON keys (CVE-2015-3226). Upgrade to Rails version 4.2.2 Open

Rails 4.2.1 content_tag does not escape double quotes in attribute values (CVE-2016-6316). Upgrade to 4.2.7.1 Open

Loofah 2.0.3 is vulnerable (CVE-2018-8048). Upgrade to 2.1.2 Open

Rails 4.2.1 contains a SQL injection vulnerability (CVE-2016-6317). Upgrade to 4.2.7.1 Open

Rails 4.2.1 is vulnerable to denial of service via XML parsing (CVE-2015-3227). Upgrade to Rails version 4.2.2 Open

rails-html-sanitizer 1.0.3 is vulnerable (CVE-2018-3741). Upgrade to 1.0.4 Open

There are no issues that match your filters.

Category

Status

Rails 4.2.1 is vulnerable to denial of service via mime type caching (CVE-2016-0751). Upgrade to Rails version 4.2.5.1
Open

Rails 4.2.1 does not encode JSON keys (CVE-2015-3226). Upgrade to Rails version 4.2.2
Open

Rails 4.2.1 content_tag does not escape double quotes in attribute values (CVE-2016-6316). Upgrade to 4.2.7.1
Open

Loofah 2.0.3 is vulnerable (CVE-2018-8048). Upgrade to 2.1.2
Open

Rails 4.2.1 contains a SQL injection vulnerability (CVE-2016-6317). Upgrade to 4.2.7.1
Open

Rails 4.2.1 is vulnerable to denial of service via XML parsing (CVE-2015-3227). Upgrade to Rails version 4.2.2
Open

rails-html-sanitizer 1.0.3 is vulnerable (CVE-2018-3741). Upgrade to 1.0.4
Open