fga-gpp-mds/Falko-2017.2-BackEnd

View on GitHub

Showing 91 of 95 total issues

Possible shell escape sequence injection vulnerability in Rack
Open

rack (2.0.3)
Severity: Minor
Found in Gemfile.lock by bundler-audit

TZInfo relative path traversal vulnerability allows loading of arbitrary files
Open

tzinfo (1.2.3)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Denial of service via header parsing in Rack
Open

rack (2.0.3)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Moderate severity vulnerability that affects nokogiri
Open

nokogiri (1.8.1)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Method calculate_burndown has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

def calculate_burndown(metric)
values = 0
 
for i in 0..(metric.length - 1)
if metric[i] <= 10 || metric[i] >= 200
Severity: Minor
Found in app/helpers/metric_helper.rb - About 45 mins to fix

Loofah 2.1.1 is vulnerable (CVE-2018-8048). Upgrade to 2.1.2
Open

loofah (2.1.1)
Severity: Minor
Found in Gemfile.lock by brakeman

rails-html-sanitizer 1.0.3 is vulnerable (CVE-2018-3741). Upgrade to 1.0.4
Open

rails-html-sanitizer (1.0.3)
Severity: Minor
Found in Gemfile.lock by brakeman

Method validate_stories has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

def validate_stories(story_points, id, sprint_id)
current_user
verifies_id(id, sprint_id, "sprint")
release
project
Severity: Minor
Found in app/helpers/validations_helper.rb - About 25 mins to fix

Method request_github_token has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

def request_github_token
code_token = params[:code]
 
result = RestClient.post(
"https://github.com/login/oauth/access_token",
Severity: Minor
Found in app/controllers/users_controller.rb - About 25 mins to fix

Similar blocks of code found in 2 locations. Consider refactoring.
Open

def validate_grade(id, grade_id)
current_user
verifies_id(id, grade_id, "grade")
project_grade
user
Severity: Minor
Found in app/helpers/validations_helper.rb and 1 other location - About 15 mins to fix
app/helpers/validations_helper.rb on lines 103..113

Similar blocks of code found in 2 locations. Consider refactoring.
Open

def validate_release(id, release_id)
current_user
verifies_id(id, release_id, "release")
project
user
Severity: Minor
Found in app/helpers/validations_helper.rb and 1 other location - About 15 mins to fix
app/helpers/validations_helper.rb on lines 90..100
Severity
Category
Status
Source
Language