Sign upLogin

dpaluy/sendgrid-threads

View on GitHub
Star

Showing 51 of 51 total issues

Out-of-bounds Write in zlib affects Nokogiri
Open

    nokogiri (1.6.6.4)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2018-25032

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5

Solution: upgrade to >= 1.13.4

Nokogiri gem contains a heap-based buffer overflow vulnerability in libxml2
Open

    nokogiri (1.6.6.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2015-7499

Criticality: Medium

URL: https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM

Solution: upgrade to >= 1.6.7.2

Denial of service or RCE from libxml2 and libxslt
Open

    nokogiri (1.6.6.4)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2015-8806

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/issues/1473

Solution: upgrade to >= 1.6.8

Possible XSS vulnerability in Rack
Open

    rack (1.6.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2018-16471

URL: https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o

Solution: upgrade to ~> 1.6.11, >= 2.0.6

Possible information leak / session hijack vulnerability
Open

    rack (1.6.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2019-16782

Criticality: Medium

URL: https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3

Solution: upgrade to ~> 1.6.12, >= 2.0.8

TZInfo relative path traversal vulnerability allows loading of arbitrary files
Open

    tzinfo (1.2.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2022-31163

Criticality: High

URL: https://github.com/tzinfo/tzinfo/security/advisories/GHSA-5cm2-9h8c-rvfx

Solution: upgrade to ~> 0.3.61, >= 1.2.10

Nokogiri gem contains several vulnerabilities in libxml2
Open

    nokogiri (1.6.6.4)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2015-5312

Criticality: High

URL: https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s

Solution: upgrade to >= 1.6.7.1

Method SendgridThreads::Config#logger is defined at both lib/sendgrid_threads/config.rb:6 and lib/sendgrid_threads/config.rb:8.
Open

    def logger
Severity: Minor
Found in lib/sendgrid_threads/config.rb by rubocop

This cop checks for duplicated instance (or singleton) method definitions.

Example:

# bad

def duplicated
  1
end

def duplicated
  2
end

Example:

# bad

def duplicated
  1
end

alias duplicated other_duplicated

Example:

# good

def duplicated
  1
end

def other_duplicated
  2
end

HACK found
Open

                 (TODO, FIXME, OPTIMIZE, HACK, REVIEW).
Severity: Minor
Found in .rubocop.yml by fixme

FIXME found
Open

                 (TODO, FIXME, OPTIMIZE, HACK, REVIEW).
Severity: Minor
Found in .rubocop.yml by fixme

TODO found
Open

                 (TODO, FIXME, OPTIMIZE, HACK, REVIEW).
Severity: Minor
Found in .rubocop.yml by fixme
Severity
Category
Status
Source
Language