Issues - infusionvlc/ConexionFelina

Inefficient Regular Expression Complexity in Nokogiri
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2022-24836

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-crjr-9rc5-ghw8

Solution: upgrade to >= 1.13.4

Inefficient Regular Expression Complexity in Nokogiri
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2022-24836

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-crjr-9rc5-ghw8

Solution: upgrade to >= 1.13.4

Out-of-bounds Write in zlib affects Nokogiri
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2018-25032

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5

Solution: upgrade to >= 1.13.4

XML Injection in Xerces Java affects Nokogiri
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2022-23437

Criticality: Medium

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xxx9-3xcr-gjj3

Solution: upgrade to >= 1.13.4

Update packaged dependency libxml2 from 2.9.10 to 2.9.12
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory:

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-7rrm-v45f-jp64

Solution: upgrade to >= 1.11.4

XSS vulnerability in bootstrap
Open

    bootstrap (4.1.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2019-8331

Criticality: Medium

URL: https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/

Solution: upgrade to >= 4.3.1

Potential XSS vulnerability in jQuery
Open

    jquery-rails (4.3.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2020-11023

Criticality: Medium

URL: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released

Solution: upgrade to >= 4.4.0

Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer
Open

    rails-html-sanitizer (1.0.4)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2022-32209

Criticality: Medium

URL: https://groups.google.com/g/rubyonrails-security/c/ce9PhUANQ6s

Solution: upgrade to >= 1.4.3

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2021-30560

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2

Solution: upgrade to >= 1.13.2

Update packaged dependency libxml2 from 2.9.10 to 2.9.12
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory:

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-7rrm-v45f-jp64

Solution: upgrade to >= 1.11.4

Denial of Service (DoS) in Nokogiri on JRuby
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2022-24839

Criticality: High

URL: https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv

Solution: upgrade to >= 1.13.4

Integer Overflow or Wraparound in libxml2 affects Nokogiri
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory:

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-cgx6-hpwq-fhv5

Solution: upgrade to >= 1.13.5

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2020-26247

Criticality: Low

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-vr8q-g5c7-m54m

Solution: upgrade to >= 1.11.0.rc4

Improper Handling of Unexpected Data Type in Nokogiri
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2022-29181

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m

Solution: upgrade to >= 1.13.6

Loofah XSS Vulnerability
Open

    loofah (2.2.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2019-15587

Criticality: Medium

URL: https://github.com/flavorjones/loofah/issues/171

Solution: upgrade to >= 2.3.1

XML Injection in Xerces Java affects Nokogiri
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2022-23437

Criticality: Medium

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xxx9-3xcr-gjj3

Solution: upgrade to >= 1.13.4

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2021-41098

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-2rr5-8q37-2w7h

Solution: upgrade to >= 1.12.5

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2020-26247

Criticality: Low

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-vr8q-g5c7-m54m

Solution: upgrade to >= 1.11.0.rc4

Inefficient Regular Expression Complexity in Nokogiri
Open

    nokogiri (1.10.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2022-24836

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-crjr-9rc5-ghw8

Solution: upgrade to >= 1.13.4

Directory traversal in Rack::Directory app bundled with Rack
Open

    rack (2.0.7)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2020-8161

Criticality: High

URL: https://groups.google.com/forum/#!topic/ruby-security-ann/T4ZIsfRf2eA

Solution: upgrade to ~> 2.1.3, >= 2.2.0

infusionvlc/ConexionFelina

Showing 303 of 303 total issues

Inefficient Regular Expression Complexity in Nokogiri
Open

Inefficient Regular Expression Complexity in Nokogiri
Open

Out-of-bounds Write in zlib affects Nokogiri
Open

XML Injection in Xerces Java affects Nokogiri
Open

Update packaged dependency libxml2 from 2.9.10 to 2.9.12
Open

XSS vulnerability in bootstrap
Open

Potential XSS vulnerability in jQuery
Open

Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer
Open

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Open

Update packaged dependency libxml2 from 2.9.10 to 2.9.12
Open

Denial of Service (DoS) in Nokogiri on JRuby
Open

Integer Overflow or Wraparound in libxml2 affects Nokogiri
Open

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability
Open

Improper Handling of Unexpected Data Type in Nokogiri
Open

Loofah XSS Vulnerability
Open

XML Injection in Xerces Java affects Nokogiri
Open

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
Open

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability
Open

Inefficient Regular Expression Complexity in Nokogiri
Open

Directory traversal in Rack::Directory app bundled with Rack
Open

Severity

Category

Status

Source

Language

infusionvlc/ConexionFelina

Showing 303 of 303 total issues

Inefficient Regular Expression Complexity in Nokogiri Open

Inefficient Regular Expression Complexity in Nokogiri Open

Out-of-bounds Write in zlib affects Nokogiri Open

XML Injection in Xerces Java affects Nokogiri Open

Update packaged dependency libxml2 from 2.9.10 to 2.9.12 Open

XSS vulnerability in bootstrap Open

Potential XSS vulnerability in jQuery Open

Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer Open

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35) Open

Update packaged dependency libxml2 from 2.9.10 to 2.9.12 Open

Denial of Service (DoS) in Nokogiri on JRuby Open

Integer Overflow or Wraparound in libxml2 affects Nokogiri Open

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability Open

Improper Handling of Unexpected Data Type in Nokogiri Open

Loofah XSS Vulnerability Open

XML Injection in Xerces Java affects Nokogiri Open

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby Open

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability Open

Inefficient Regular Expression Complexity in Nokogiri Open

Directory traversal in Rack::Directory app bundled with Rack Open

Severity

Category

Status

Source

Language

Inefficient Regular Expression Complexity in Nokogiri
Open

Inefficient Regular Expression Complexity in Nokogiri
Open

Out-of-bounds Write in zlib affects Nokogiri
Open

XML Injection in Xerces Java affects Nokogiri
Open

Update packaged dependency libxml2 from 2.9.10 to 2.9.12
Open

XSS vulnerability in bootstrap
Open

Potential XSS vulnerability in jQuery
Open

Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer
Open

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Open

Update packaged dependency libxml2 from 2.9.10 to 2.9.12
Open

Denial of Service (DoS) in Nokogiri on JRuby
Open

Integer Overflow or Wraparound in libxml2 affects Nokogiri
Open

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability
Open

Improper Handling of Unexpected Data Type in Nokogiri
Open

Loofah XSS Vulnerability
Open

XML Injection in Xerces Java affects Nokogiri
Open

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
Open

Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability
Open

Inefficient Regular Expression Complexity in Nokogiri
Open

Directory traversal in Rack::Directory app bundled with Rack
Open