Showing 2,813 of 2,813 total issues
Integer Overflow or Wraparound in libxml2 affects Nokogiri Open
nokogiri (1.8.5)
- Read upRead up
- Exclude checks
Advisory:
Criticality: High
URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-cgx6-hpwq-fhv5
Solution: upgrade to >= 1.13.5
Possible XSS vulnerability with certain configurations of rails-html-sanitizer Open
rails-html-sanitizer (1.0.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-23520
Criticality: Medium
URL: https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-rrfc-7g8p-99q8
Solution: upgrade to >= 1.4.4
Denial of Service in rubyzip ("zip bombs") Open
rubyzip (1.2.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2019-16892
Criticality: Medium
URL: https://github.com/rubyzip/rubyzip/pull/403
Solution: upgrade to >= 1.3.0
Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby Open
nokogiri (1.8.5)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-41098
Criticality: High
URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-2rr5-8q37-2w7h
Solution: upgrade to >= 1.12.5
Possible XSS vulnerability with certain configurations of rails-html-sanitizer Open
rails-html-sanitizer (1.0.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-23519
Criticality: Medium
URL: https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-9h9g-93gc-623h
Solution: upgrade to >= 1.4.4
Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer Open
rails-html-sanitizer (1.0.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-32209
Criticality: Medium
URL: https://groups.google.com/g/rubyonrails-security/c/ce9PhUANQ6s
Solution: upgrade to >= 1.4.3
Inefficient Regular Expression Complexity in rails-html-sanitizer Open
rails-html-sanitizer (1.0.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-23517
Criticality: High
URL: https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-5x79-w82f-gw8w
Solution: upgrade to >= 1.4.4
Denial of service in sidekiq Open
sidekiq (5.1.3)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-23837
Criticality: High
URL: https://github.com/mperham/sidekiq/commit/7785ac1399f1b28992adb56055f6acd88fd1d956
Solution: upgrade to >= 6.4.0, ~> 5.2.10
Block has too many lines. [121/25] Open
describe 'response_report' do
before(:each) do
stub_const('WEBSERVICE_CONFIG', 'summary_webservice_url' => 'expertiza.ncsu.edu')
end
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [120/25] Open
describe ParticipantsController do
let(:instructor) { build(:instructor, id: 6) }
let(:student) { build(:student) }
let(:course_participant) { build(:course_participant) }
let(:participant) { build(:participant) }
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Assignment Branch Condition size for submit_file is too high. [69.35/15] Open
def submit_file
participant = AssignmentParticipant.find(params[:id])
return unless current_user_id?(participant.user_id)
file = params[:uploaded_file]
participant.team.set_student_directory_num
- Read upRead up
- Exclude checks
This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric
File assignment.rb
has 494 lines of code (exceeds 250 allowed). Consider refactoring. Open
class Assignment < ActiveRecord::Base
require 'analytic/assignment_analytic'
include AssignmentAnalytic
include ReviewAssignment
include QuizAssignment
Block has too many lines. [115/25] Open
describe "assignment submisstion test" do
before(:each) do
# create assignment and topic
create(:assignment, name: "Assignment1684", directory_path: "Assignment1684")
create_list(:participant, 3)
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
File assignment_spec.rb
has 490 lines of code (exceeds 250 allowed). Consider refactoring. Open
describe Assignment do
let(:assignment) { build(:assignment, id: 1, name: 'no assignment', participants: [participant], teams: [team]) }
let(:instructor) { build(:instructor, id: 6) }
let(:student) { build(:student, id: 3, name: 'no one') }
let(:review_response_map) { build(:review_response_map, response: [response], reviewer: build(:participant), reviewee: build(:assignment_team)) }
Assignment Branch Condition size for delete_signup_as_instructor is too high. [66.6/15] Open
def delete_signup_as_instructor
# find participant using assignment using team and topic ids
team = Team.find(params[:id])
assignment = Assignment.find(team.parent_id)
user = TeamsUser.find_by(team_id: team.id).user
- Read upRead up
- Exclude checks
This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric
Function render
has 190 lines of code (exceeds 25 allowed). Consider refactoring. Open
render: function() {
var moreContent = []
var buttonContent = ""
var moreButtonStyle = {
"display": "",
Block has too many lines. [111/25] Open
describe VmQuestionResponse do
let(:review_questionnaire) { build(:questionnaire) }
let(:author_feedback_questionnaire) { AuthorFeedbackQuestionnaire.new }
let(:teammate_review_questionnaire) { TeammateReviewQuestionnaire.new }
let(:metareview_questionnaire) { MetareviewQuestionnaire.new }
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Block has too many lines. [111/25] Open
describe "due_date_functions" do
before(:each) do
@deadline_type = build(:deadline_type)
@deadline_right = build(:deadline_right)
@assignment_due_date = build(:assignment_due_date, deadline_type: @deadline_type,
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Function methods
has 187 lines of code (exceeds 25 allowed). Consider refactoring. Open
var methods = (function () {
// private properties and methods go here
var c = {
bcClass: 'sf-breadcrumb',
menuClass: 'sf-js-enabled',
File questionnaires_controller.rb
has 477 lines of code (exceeds 250 allowed). Consider refactoring. Open
class QuestionnairesController < ApplicationController
# Controller for Questionnaire objects
# A Questionnaire can be of several types (QuestionnaireType)
# Each Questionnaire contains zero or more questions (Question)
# Generally a questionnaire is associated with an assignment (Assignment)