Sign upLogin

fga-gpp-mds/Falko-2017.2-BackEnd

View on GitHub
Star

Showing 91 of 95 total issues

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Open

    nokogiri (1.8.1)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Nokogiri gem, via libxslt, is affected by improper access control vulnerability
Open

    nokogiri (1.8.1)
Severity: Minor
Found in Gemfile.lock by bundler-audit

ReDoS based DoS vulnerability in Action Dispatch
Open

    actionpack (5.1.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Inefficient Regular Expression Complexity in rails-html-sanitizer
Open

    rails-html-sanitizer (1.0.3)
Severity: Critical
Found in Gemfile.lock by bundler-audit

OS Command Injection in Rake
Open

    rake (12.1.0)
Severity: Critical
Found in Gemfile.lock by bundler-audit

ReDoS based DoS vulnerability in Action Dispatch
Open

    actionpack (5.1.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Regular Expression Denial of Service in Addressable templates
Open

    addressable (2.5.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Inefficient Regular Expression Complexity in Loofah
Open

    loofah (2.1.1)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Loofah XSS Vulnerability
Open

    loofah (2.1.1)
Severity: Minor
Found in Gemfile.lock by bundler-audit

HTTP Response Splitting (Early Hints) in Puma
Open

    puma (3.10.0)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Integer Overflow or Wraparound in libxml2 affects Nokogiri
Open

    nokogiri (1.8.1)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Open

    rails-html-sanitizer (1.0.3)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Possible DoS Vulnerability in Action Controller Token Authentication
Open

    actionpack (5.1.4)
Severity: Critical
Found in Gemfile.lock by bundler-audit

libxml2 2.9.10 has an infinite loop in a certain end-of-file situation
Open

    nokogiri (1.8.1)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Directory traversal in Rack::Directory app bundled with Rack
Open

    rack (2.0.3)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Open

    rails-html-sanitizer (1.0.3)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Possible DoS Vulnerability in Active Record PostgreSQL adapter
Open

    activerecord (5.1.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Denial of Service (DoS) in Nokogiri on JRuby
Open

    nokogiri (1.8.1)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
Open

    nokogiri (1.8.1)
Severity: Critical
Found in Gemfile.lock by bundler-audit

XML Injection in Xerces Java affects Nokogiri
Open

    nokogiri (1.8.1)
Severity: Minor
Found in Gemfile.lock by bundler-audit
Severity
Category
Status
Source
Language