Showing 8 of 8 total issues
OS Command Injection in Rake Open
Open
rake (10.4.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-8130
Criticality: High
URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8
Solution: upgrade to >= 12.3.3
json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix) Open
Open
json (1.8.3)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-10663
Criticality: High
URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
Solution: upgrade to >= 2.3.0
Improper Certificate Validation in oauth ruby gem Open
Open
oauth (0.4.7)
- Read upRead up
- Exclude checks
Advisory: CVE-2016-11086
Criticality: High
URL: https://github.com/advisories/GHSA-7359-3c6r-hfc2
Solution: upgrade to >= 0.5.5
Regular Expression Denial of Service in Addressable templates Open
Open
addressable (2.4.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-32740
Criticality: High
URL: https://github.com/advisories/GHSA-jxhc-q857-3j6g
Solution: upgrade to >= 2.8.0
ruby-ffi DDL loading issue on Windows OS Open
Open
ffi (1.9.10)
- Read upRead up
- Exclude checks
Advisory: CVE-2018-1000201
Criticality: High
URL: https://github.com/ffi/ffi/releases/tag/1.9.24
Solution: upgrade to >= 1.9.24
FIXME found Open
Open
(TODO, FIXME, OPTIMIZE, HACK, REVIEW).
- Exclude checks
HACK found Open
Open
(TODO, FIXME, OPTIMIZE, HACK, REVIEW).
- Exclude checks
TODO found Open
Open
(TODO, FIXME, OPTIMIZE, HACK, REVIEW).
- Exclude checks