Sign upLogin

fga-gpp-mds/Falko-2017.2-BackEnd

View on GitHub
Star

Showing 91 of 95 total issues

Denial of Service Vulnerability in Action View
Open

    actionview (5.1.4)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Possible information leak / session hijack vulnerability
Open

    rack (2.0.3)
Severity: Minor
Found in Gemfile.lock by bundler-audit

TZInfo relative path traversal vulnerability allows loading of arbitrary files
Open

    tzinfo (1.2.3)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Denial of service via multipart parsing in Rack
Open

    rack (2.0.3)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Method calculate_burndown has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

  def calculate_burndown(metric)
    values = 0
 
    for i in 0..(metric.length - 1)
      if metric[i] <= 10 || metric[i] >= 200
Severity: Minor
Found in app/helpers/metric_helper.rb - About 45 mins to fix

rails-html-sanitizer 1.0.3 is vulnerable (CVE-2018-3741). Upgrade to 1.0.4
Open

    rails-html-sanitizer (1.0.3)
Severity: Minor
Found in Gemfile.lock by brakeman

Loofah 2.1.1 is vulnerable (CVE-2018-8048). Upgrade to 2.1.2
Open

    loofah (2.1.1)
Severity: Minor
Found in Gemfile.lock by brakeman

Method request_github_token has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def request_github_token
    code_token = params[:code]
 
    result = RestClient.post(
      "https://github.com/login/oauth/access_token",
Severity: Minor
Found in app/controllers/users_controller.rb - About 25 mins to fix

Method validate_stories has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def validate_stories(story_points, id, sprint_id)
    current_user
    verifies_id(id, sprint_id, "sprint")
    release
    project
Severity: Minor
Found in app/helpers/validations_helper.rb - About 25 mins to fix

Similar blocks of code found in 2 locations. Consider refactoring.
Open

  def validate_grade(id, grade_id)
    current_user
    verifies_id(id, grade_id, "grade")
    project_grade
    user
Severity: Minor
Found in app/helpers/validations_helper.rb and 1 other location - About 15 mins to fix
app/helpers/validations_helper.rb on lines 103..113

Similar blocks of code found in 2 locations. Consider refactoring.
Open

  def validate_release(id, release_id)
    current_user
    verifies_id(id, release_id, "release")
    project
    user
Severity: Minor
Found in app/helpers/validations_helper.rb and 1 other location - About 15 mins to fix
app/helpers/validations_helper.rb on lines 90..100
Severity
Category
Status
Source
Language