Showing 2,813 of 2,813 total issues
Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter Open
activerecord (4.2.7.1)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-44566
URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
Solution: upgrade to >= 5.2.8.15, ~> 5.2.8, >= 6.1.7.1, ~> 6.1.7, >= 7.0.4.1
Possible XSS Vulnerability in Action View tag helpers Open
actionview (4.2.7.1)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-27777
Criticality: Medium
URL: https://groups.google.com/g/ruby-security-ann/c/9wJPEDv-iRw
Solution: upgrade to >= 5.2.7.1, ~> 5.2.7, >= 6.0.4.8, ~> 6.0.4, >= 6.1.5.1, ~> 6.1.5, >= 7.0.2.4
Percent-encoded cookies can be used to overwrite existing prefixed cookie names Open
rack (1.6.11)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-8184
Criticality: High
URL: https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak
Solution: upgrade to ~> 2.1.4, >= 2.2.3
Possible RCE escalation bug with Serialized Columns in Active Record Open
activerecord (4.2.7.1)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-32224
Criticality: Critical
URL: https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U
Solution: upgrade to >= 5.2.8.1, ~> 5.2.8, >= 6.0.5.1, ~> 6.0.5, >= 6.1.6.1, ~> 6.1.6, >= 7.0.3.1
Denial of Service Vulnerability in Rack Content-Disposition parsing Open
rack (1.6.11)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-44571
URL: https://github.com/rack/rack/releases/tag/v3.0.4.1
Solution: upgrade to >= 2.0.9.2, ~> 2.0.9, >= 2.1.4.2, ~> 2.1.4, >= 2.2.6.1, ~> 2.2.6, >= 3.0.4.1
ReDoS based DoS vulnerability in Action Dispatch Open
actionpack (4.2.7.1)
- Read upRead up
- Exclude checks
Advisory: CVE-2023-22792
URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
Solution: upgrade to >= 5.2.8.15, ~> 5.2.8, >= 6.1.7.1, ~> 6.1.7, >= 7.0.4.1
json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix) Open
json (1.8.6)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-10663
Criticality: High
URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
Solution: upgrade to >= 2.3.0
Directory traversal in Rack::Directory app bundled with Rack Open
rack (1.6.11)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-8161
Criticality: High
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/T4ZIsfRf2eA
Solution: upgrade to ~> 2.1.3, >= 2.2.0
activerecord-session_store Timing Attack Open
activerecord-session_store (1.1.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2019-25025
Criticality: Medium
URL: https://github.com/advisories/GHSA-cvw2-xj8r-mjf7
Solution: upgrade to >= 2.0.0
Denial of Service Vulnerability in Rack Multipart Parsing Open
rack (1.6.11)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-30122
Criticality: High
URL: https://groups.google.com/g/ruby-security-ann/c/L2Axto442qk
Solution: upgrade to >= 2.0.9.1, ~> 2.0.9, >= 2.1.4.1, ~> 2.1.4, >= 2.2.3.1
Block has too many lines. [593/25] Open
describe "assignment function" do
before(:each) do
create(:deadline_type, name: "submission")
create(:deadline_type, name: "review")
create(:deadline_type, name: "metareview")
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [575/25] Open
describe QuestionnairesController do
let(:questionnaire) do
build(id: 1, name: 'questionnaire', ta_id: 8, course_id: 1, private: false, min_question_score: 0, max_question_score: 5, type: 'ReviewQuestionnaire')
end
let(:questionnaire) { build(:questionnaire) }
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [523/25] Open
describe ReviewMappingController do
let(:assignment) { double('Assignment', id: 1) }
let(:review_response_map) do
double('ReviewResponseMap', id: 1, map_id: 1, assignment: assignment,
reviewer: double('Participant', id: 1, name: 'reviewer'), reviewee: double('Participant', id: 2, name: 'reviewee'))
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [488/25] Open
describe Assignment do
let(:assignment) { build(:assignment, id: 1, name: 'no assignment', participants: [participant], teams: [team]) }
let(:instructor) { build(:instructor, id: 6) }
let(:student) { build(:student, id: 3, name: 'no one') }
let(:review_response_map) { build(:review_response_map, response: [response], reviewer: build(:participant), reviewee: build(:assignment_team)) }
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [430/25] Open
describe SignUpSheetController do
let(:assignment) { build(:assignment, id: 1, instructor_id: 6, due_dates: [due_date], microtask: true, staggered_deadline: true) }
let(:instructor) { build(:instructor, id: 6) }
let(:student) { build(:student, id: 8) }
let(:participant) { build(:participant, id: 1, user_id: 6, assignment: assignment) }
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [412/25] Open
FactoryBot.define do
factory :institution, class: Institution do
name 'North Carolina State University'
end
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [374/25] Open
describe User do
let(:user) do
User.new name: 'abc', fullname: 'abc xyz', email: 'abcxyz@gmail.com', password: '12345678', password_confirmation: '12345678',
email_on_submission: 1, email_on_review: 1, email_on_review_of_review: 0, copy_of_emails: 1, handle: 'handle'
end
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [370/25] Open
describe UsersController do
let(:admin) { build(:admin, id: 3) }
let(:super_admin) {build (:superadmin)}
let(:instructor) { build(:instructor, id: 2) }
let(:student1) { build(:student, id: 1, name: :lily) }
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [369/25] Open
describe AssignmentParticipant do
let(:response) { build(:response) }
let(:team) { build(:assignment_team, id: 1) }
let(:team2) { build(:assignment_team, id: 2) }
let(:response_map) { build(:review_response_map, reviewer_id: 2, response: [response]) }
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [352/25] Open
describe 'AssignmentTeam' do
let(:team_without_submitted_hyperlinks) { build(:assignment_team, submitted_hyperlinks: "") }
let(:team) { build(:assignment_team, id: 1, parent_id: 1) }
let(:assignment) { build(:assignment, id: 1) }
let(:participant1) { build(:participant, id: 1) }
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.