Gemfile.lock from ServiceInnovationLab/serviceinnovationlab.github.io

Gemfile.lock

Summary

Maintainability

Test Coverage

Remote code execution in Kramdown
Open

    kramdown (1.17.0)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Unintended read access in kramdown gem
Open

    kramdown (1.17.0)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Integer Overflow or Wraparound in libxml2 affects Nokogiri
Open

    nokogiri (1.10.9)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Out-of-bounds Write in zlib affects Nokogiri
Open

    nokogiri (1.10.9)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

ReDoS based DoS vulnerability in Active Support’s underscore
Open

    activesupport (6.0.3.2)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Update packaged dependency libxml2 from 2.9.10 to 2.9.12
Open

    nokogiri (1.10.9)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Open

    nokogiri (1.10.9)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Regular Expression Denial of Service in Addressable templates
Open

    addressable (2.7.0)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Denial of Service (DoS) in Nokogiri on JRuby
Open

    nokogiri (1.10.9)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Open

    nokogiri (1.10.9)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Improper Handling of Unexpected Data Type in Nokogiri
Open

    nokogiri (1.10.9)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
Open

    nokogiri (1.10.9)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability
Open

    nokogiri (1.10.9)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

XML Injection in Xerces Java affects Nokogiri
Open

    nokogiri (1.10.9)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Inefficient Regular Expression Complexity in Nokogiri
Open

    nokogiri (1.10.9)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

TZInfo relative path traversal vulnerability allows loading of arbitrary files
Open

    tzinfo (1.2.7)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

XML round-trip vulnerability in REXML
Open

    rexml (3.2.4)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Denial of service via header parsing in Rack
Open

    rack (2.2.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Denial of service via multipart parsing in Rack
Open

    rack (2.2.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Denial of Service Vulnerability in Rack Content-Disposition parsing
Open

    rack (2.2.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Possible shell escape sequence injection vulnerability in Rack
Open

    rack (2.2.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Denial of Service Vulnerability in Rack Multipart Parsing
Open

    rack (2.2.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

ServiceInnovationLab/serviceinnovationlab.github.io

Summary

Maintainability

Test Coverage

Showing 22 of 22 total issues

Remote code execution in Kramdown
Open

Unintended read access in kramdown gem
Open

Integer Overflow or Wraparound in libxml2 affects Nokogiri
Open

Out-of-bounds Write in zlib affects Nokogiri
Open

ReDoS based DoS vulnerability in Active Support’s underscore
Open

Update packaged dependency libxml2 from 2.9.10 to 2.9.12
Open

Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Open

Regular Expression Denial of Service in Addressable templates
Open

Denial of Service (DoS) in Nokogiri on JRuby
Open

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Open

Improper Handling of Unexpected Data Type in Nokogiri
Open

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
Open

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability
Open

XML Injection in Xerces Java affects Nokogiri
Open

Inefficient Regular Expression Complexity in Nokogiri
Open

TZInfo relative path traversal vulnerability allows loading of arbitrary files
Open

XML round-trip vulnerability in REXML
Open

Denial of service via header parsing in Rack
Open

Denial of service via multipart parsing in Rack
Open

Denial of Service Vulnerability in Rack Content-Disposition parsing
Open

Possible shell escape sequence injection vulnerability in Rack
Open

Denial of Service Vulnerability in Rack Multipart Parsing
Open

There are no issues that match your filters.

Category

Status

ServiceInnovationLab/serviceinnovationlab.github.io

Summary

Maintainability

Test Coverage

Showing 22 of 22 total issues

Remote code execution in Kramdown Open

Unintended read access in kramdown gem Open

Integer Overflow or Wraparound in libxml2 affects Nokogiri Open

Out-of-bounds Write in zlib affects Nokogiri Open

ReDoS based DoS vulnerability in Active Support’s underscore Open

Update packaged dependency libxml2 from 2.9.10 to 2.9.12 Open

Update bundled libxml2 to v2.10.3 to resolve multiple CVEs Open

Regular Expression Denial of Service in Addressable templates Open

Denial of Service (DoS) in Nokogiri on JRuby Open

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35) Open

Improper Handling of Unexpected Data Type in Nokogiri Open

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby Open

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability Open

XML Injection in Xerces Java affects Nokogiri Open

Inefficient Regular Expression Complexity in Nokogiri Open

TZInfo relative path traversal vulnerability allows loading of arbitrary files Open

XML round-trip vulnerability in REXML Open

Denial of service via header parsing in Rack Open

Denial of service via multipart parsing in Rack Open

Denial of Service Vulnerability in Rack Content-Disposition parsing Open

Possible shell escape sequence injection vulnerability in Rack Open

Denial of Service Vulnerability in Rack Multipart Parsing Open

There are no issues that match your filters.

Category

Status

Remote code execution in Kramdown
Open

Unintended read access in kramdown gem
Open

Integer Overflow or Wraparound in libxml2 affects Nokogiri
Open

Out-of-bounds Write in zlib affects Nokogiri
Open

ReDoS based DoS vulnerability in Active Support’s underscore
Open

Update packaged dependency libxml2 from 2.9.10 to 2.9.12
Open

Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Open

Regular Expression Denial of Service in Addressable templates
Open

Denial of Service (DoS) in Nokogiri on JRuby
Open

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Open

Improper Handling of Unexpected Data Type in Nokogiri
Open

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
Open

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability
Open

XML Injection in Xerces Java affects Nokogiri
Open

Inefficient Regular Expression Complexity in Nokogiri
Open

TZInfo relative path traversal vulnerability allows loading of arbitrary files
Open

XML round-trip vulnerability in REXML
Open

Denial of service via header parsing in Rack
Open

Denial of service via multipart parsing in Rack
Open

Denial of Service Vulnerability in Rack Content-Disposition parsing
Open

Possible shell escape sequence injection vulnerability in Rack
Open

Denial of Service Vulnerability in Rack Multipart Parsing
Open