Gemfile.lock from jbender/motion-pods

Gemfile.lock

Summary

Maintainability

Test Coverage

json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)
Open

    json (1.8.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2020-10663

Criticality: High

URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/

Solution: upgrade to >= 2.3.0

Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore
Open

    activesupport (4.2.6)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2020-8165

Criticality: Critical

URL: https://groups.google.com/forum/#!topic/rubyonrails-security/bv6fW4S0Y1c

Solution: upgrade to >= 5.2.4.3, ~> 5.2.4, >= 6.0.3.1

OS Command Injection in Rake
Open

    rake (11.1.2)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2020-8130

Criticality: High

URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8

Solution: upgrade to >= 12.3.3

ReDoS based DoS vulnerability in Active Support’s underscore
Open

    activesupport (4.2.6)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2023-22796

URL: https://github.com/rails/rails/releases/tag/v7.0.4.1

Solution: upgrade to >= 5.2.8.15, ~> 5.2.8, >= 6.1.7.1, ~> 6.1.7, >= 7.0.4.1

Command injection in cocoapods-downloader
Open

    cocoapods-downloader (1.0.0.beta.2)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2022-24440

Criticality: High

URL: https://github.com/CocoaPods/cocoapods-downloader/pull/124

Solution: upgrade to = 1.6.0, >= 1.6.3

Command injection in cocoapods-downloader
Open

    cocoapods-downloader (1.0.0.beta.2)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2022-21223

Criticality: High

URL: https://github.com/CocoaPods/cocoapods-downloader/pull/127

Solution: upgrade to >= 1.6.2

i18n Gem for Ruby lib/i18n/core_ext/hash.rb Hash#slice() Function Hash Handling DoS
Open

    i18n (0.7.0)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2014-10077

URL: https://github.com/svenfuchs/i18n/pull/289

Solution: upgrade to >= 0.8.0

TZInfo relative path traversal vulnerability allows loading of arbitrary files
Open

    tzinfo (1.2.2)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2022-31163

Criticality: High

URL: https://github.com/tzinfo/tzinfo/security/advisories/GHSA-5cm2-9h8c-rvfx

Solution: upgrade to ~> 0.3.61, >= 1.2.10

jbender/motion-pods

Summary

Maintainability

Test Coverage

json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)
Open

Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore
Open

OS Command Injection in Rake
Open

ReDoS based DoS vulnerability in Active Support’s underscore
Open

Command injection in cocoapods-downloader
Open

Command injection in cocoapods-downloader
Open

i18n Gem for Ruby lib/i18n/core_ext/hash.rb Hash#slice() Function Hash Handling DoS
Open

TZInfo relative path traversal vulnerability allows loading of arbitrary files
Open

There are no issues that match your filters.

Category

Status

jbender/motion-pods

Summary

Maintainability

Test Coverage

json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix) Open

Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore Open

OS Command Injection in Rake Open

ReDoS based DoS vulnerability in Active Support’s underscore Open

Command injection in cocoapods-downloader Open

Command injection in cocoapods-downloader Open

i18n Gem for Ruby lib/i18n/core_ext/hash.rb Hash#slice() Function Hash Handling DoS Open

TZInfo relative path traversal vulnerability allows loading of arbitrary files Open

There are no issues that match your filters.

Category

Status

json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)
Open

Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore
Open

OS Command Injection in Rake
Open

ReDoS based DoS vulnerability in Active Support’s underscore
Open

Command injection in cocoapods-downloader
Open

Command injection in cocoapods-downloader
Open

i18n Gem for Ruby lib/i18n/core_ext/hash.rb Hash#slice() Function Hash Handling DoS
Open

TZInfo relative path traversal vulnerability allows loading of arbitrary files
Open