Showing 4 of 4 total issues
OS Command Injection in Rake Open
Open
rake (11.3.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-8130
Criticality: High
URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8
Solution: upgrade to >= 12.3.3
Unintended read access in kramdown gem Open
Open
kramdown (1.17.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-14001
Criticality: Critical
URL: https://github.com/advisories/GHSA-mqm2-cgpr-p4m6
Solution: upgrade to >= 2.3.0
Remote code execution in Kramdown Open
Open
kramdown (1.17.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-28834
Criticality: Critical
URL: https://github.com/advisories/GHSA-52p9-v744-mwjj
Solution: upgrade to >= 2.3.1
json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix) Open
Open
json (2.0.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-10663
Criticality: High
URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
Solution: upgrade to >= 2.3.0