config/routes.rb from hrzlvn/coursequestionbank

config/routes.rb

Summary

Maintainability

0 mins

Test Coverage

Issues
Source
Stats

Rails 3.2.16 with globbing routes is vulnerable to directory traversal and remote code execution. Patch or upgrade to 3.2.18
Open

Coursequestionbank::Application.routes.draw do

Found in config/routes.rb by brakeman

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Brakeman reports on several cases of remote code execution, in which a user is able to control and execute code in ways unintended by application authors.

The obvious form of this is the use of eval with user input.

However, Brakeman also reports on dangerous uses of send, constantize, and other methods which allow creation of arbitrary objects or calling of arbitrary methods.

hrzlvn/coursequestionbank

Summary

Maintainability

Test Coverage

Rails 3.2.16 with globbing routes is vulnerable to directory traversal and remote code execution. Patch or upgrade to 3.2.18
Open

There are no issues that match your filters.

Category

Status

hrzlvn/coursequestionbank

Summary

Maintainability

Test Coverage

Rails 3.2.16 with globbing routes is vulnerable to directory traversal and remote code execution. Patch or upgrade to 3.2.18 Open

There are no issues that match your filters.

Category

Status

Rails 3.2.16 with globbing routes is vulnerable to directory traversal and remote code execution. Patch or upgrade to 3.2.18
Open