Sign upLogin

atzorvas/ccradio

View on GitHub
Star

Showing 218 of 218 total issues

Devise Gem for Ruby Time-of-check Time-of-use race condition with lockable module
Open

    devise (3.5.2)
Severity: Minor
Found in Gemfile.lock by bundler-audit

CSRF vulnerability in OmniAuth's request phase
Open

    omniauth (1.2.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

HTTP Request Smuggling in puma
Open

    puma (2.14.0)
Severity: Minor
Found in Gemfile.lock by bundler-audit

OS Command Injection in Rake
Open

    rake (10.4.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Devise Gem for Ruby confirmation token validation with a blank string
Open

    devise (3.5.2)
Severity: Minor
Found in Gemfile.lock by bundler-audit

RDoc OS command injection vulnerability
Open

    rdoc (4.2.0)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Ability to forge per-form CSRF tokens given a global CSRF token
Open

    actionpack (4.2.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Potential XSS vulnerability in Action View
Open

    actionview (4.2.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

ReDoS based DoS vulnerability in Active Support’s underscore
Open

    activesupport (4.2.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Denial of service via multipart parsing in Rack
Open

    rack (1.6.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

HTTP Response Splitting (Early Hints) in Puma
Open

    puma (2.14.0)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Cross-site Scripting in Sidekiq
Open

    sidekiq (3.5.2)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Sinatra vulnerable to Reflected File Download attack
Open

    sinatra (1.4.6)
Severity: Critical
Found in Gemfile.lock by bundler-audit

sinatra does not validate expanded path matches
Open

    sinatra (1.4.6)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Information Exposure with Puma when used with Rails
Open

    puma (2.14.0)
Severity: Critical
Found in Gemfile.lock by bundler-audit

HTTP Smuggling via Transfer-Encoding Header in Puma
Open

    puma (2.14.0)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Denial of Service Vulnerability in Rack Multipart Parsing
Open

    rack (1.6.4)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Keepalive Connections Causing Denial Of Service in puma
Open

    puma (2.14.0)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Possible shell escape sequence injection vulnerability in Rack
Open

    rack (1.6.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Denial of service in sidekiq
Open

    sidekiq (3.5.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit
Severity
Category
Status
Source
Language