codeclimate-community/codeclimate-markdownlint

View on GitHub

Showing 4 of 4 total issues

Unintended read access in kramdown gem
Open

    kramdown (1.17.0)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-14001

Criticality: Critical

URL: https://github.com/advisories/GHSA-mqm2-cgpr-p4m6

Solution: upgrade to >= 2.3.0

OS Command Injection in Rake
Open

    rake (11.3.0)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-8130

Criticality: High

URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8

Solution: upgrade to >= 12.3.3

Remote code execution in Kramdown
Open

    kramdown (1.17.0)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2021-28834

Criticality: Critical

URL: https://github.com/advisories/GHSA-52p9-v744-mwjj

Solution: upgrade to >= 2.3.1

json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)
Open

    json (2.0.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-10663

Criticality: High

URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/

Solution: upgrade to >= 2.3.0

Severity
Category
Status
Source
Language