Sign upLogin

lenawu/mak-169

View on GitHub
Star

Showing 5,341 of 5,341 total issues

Potential XSS vulnerability in jQuery
Open

    jquery-rails (3.1.0)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-11023

Criticality: Medium

URL: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released

Solution: upgrade to >= 4.4.0

Percent-encoded cookies can be used to overwrite existing prefixed cookie names
Open

    rack (1.6.4)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-8184

Criticality: High

URL: https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak

Solution: upgrade to ~> 2.1.4, >= 2.2.3

ReDoS based DoS vulnerability in Action Dispatch
Open

    actionpack (4.2.5)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2023-22795

URL: https://github.com/rails/rails/releases/tag/v7.0.4.1

Solution: upgrade to >= 5.2.8.15, ~> 5.2.8, >= 6.1.7.1, ~> 6.1.7, >= 7.0.4.1

Potential XSS vulnerability in Action View
Open

    actionview (4.2.5)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-15169

Criticality: Medium

URL: https://groups.google.com/g/rubyonrails-security/c/b-C9kSGXYrc

Solution: upgrade to >= 5.2.4.4, ~> 5.2.4, >= 6.0.3.3

CSRF Vulnerability in rails-ujs
Open

    actionview (4.2.5)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-8167

Criticality: Medium

URL: https://groups.google.com/forum/#!topic/rubyonrails-security/x9DixQDG9a0

Solution: upgrade to >= 5.2.4.3, ~> 5.2.4, >= 6.0.3.1

Possible RCE escalation bug with Serialized Columns in Active Record
Open

    activerecord (4.2.5)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2022-32224

Criticality: Critical

URL: https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U

Solution: upgrade to >= 5.2.8.1, ~> 5.2.8, >= 6.0.5.1, ~> 6.0.5, >= 6.1.6.1, ~> 6.1.6, >= 7.0.3.1

Possible DoS Vulnerability in Active Record PostgreSQL adapter
Open

    activerecord (4.2.5)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2021-22880

Criticality: Medium

URL: https://groups.google.com/g/rubyonrails-security/c/ZzUqCh9vyhI

Solution: upgrade to >= 5.2.4.5, ~> 5.2.4, >= 6.0.3.5, ~> 6.0.3, >= 6.1.2.1

Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore
Open

    activesupport (4.2.5)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-8165

Criticality: Critical

URL: https://groups.google.com/forum/#!topic/rubyonrails-security/bv6fW4S0Y1c

Solution: upgrade to >= 5.2.4.3, ~> 5.2.4, >= 6.0.3.1

Directory traversal in Rack::Directory app bundled with Rack
Open

    rack (1.6.4)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-8161

Criticality: High

URL: https://groups.google.com/forum/#!topic/ruby-security-ann/T4ZIsfRf2eA

Solution: upgrade to ~> 2.1.3, >= 2.2.0

ReDoS based DoS vulnerability in Action Dispatch
Open

    actionpack (4.2.5)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2023-22792

URL: https://github.com/rails/rails/releases/tag/v7.0.4.1

Solution: upgrade to >= 5.2.8.15, ~> 5.2.8, >= 6.1.7.1, ~> 6.1.7, >= 7.0.4.1

Prototype pollution attack through jQuery $.extend
Open

    jquery-rails (3.1.0)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2019-11358

Criticality: Medium

URL: https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/

Solution: upgrade to >= 4.3.4

Possible shell escape sequence injection vulnerability in Rack
Open

    rack (1.6.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2022-30123

Criticality: Critical

URL: https://groups.google.com/g/ruby-security-ann/c/LWB10kWzag8

Solution: upgrade to >= 2.0.9.1, ~> 2.0.9, >= 2.1.4.1, ~> 2.1.4, >= 2.2.3.1

Function has too many statements (261). Maximum allowed is 30.
Open

}(typeof window !== "undefined" ? window : this, function( window, noGlobal ) {
Severity: Minor
Found in public/assets/application-06080ef504ef5c1a1ad0d7a679eece7494fb894502a658bbd3157ae4dd59bac8.js by eslint

enforce a maximum number of statements allowed in function blocks (max-statements)

The max-statements rule allows you to specify the maximum number of statements allowed in a function.

function foo() {
  var bar = 1; // one statement
  var baz = 2; // two statements
  var qux = 3; // three statements
}

Rule Details

This rule enforces a maximum number of statements allowed in function blocks.

Options

This rule has a number or object option:

  • "max" (default 10) enforces a maximum number of statements allows in function blocks

Deprecated: The object property maximum is deprecated; please use the object property max instead.

This rule has an object option:

  • "ignoreTopLevelFunctions": true ignores top-level functions

max

Examples of incorrect code for this rule with the default { "max": 10 } option:

/*eslint max-statements: ["error", 10]*/
/*eslint-env es6*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;

  var foo11 = 11; // Too many.
}

let foo = () => {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;

  var foo11 = 11; // Too many.
};

Examples of correct code for this rule with the default { "max": 10 } option:

/*eslint max-statements: ["error", 10]*/
/*eslint-env es6*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  return function () {

    // The number of statements in the inner function does not count toward the
    // statement maximum.

    return 42;
  };
}

let foo = () => {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  return function () {

    // The number of statements in the inner function does not count toward the
    // statement maximum.

    return 42;
  };
}

ignoreTopLevelFunctions

Examples of additional correct code for this rule with the { "max": 10 }, { "ignoreTopLevelFunctions": true } options:

/*eslint max-statements: ["error", 10, { "ignoreTopLevelFunctions": true }]*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  var foo11 = 11;
}

Related Rules

  • [complexity](complexity.md)
  • [max-depth](max-depth.md)
  • [max-len](max-len.md)
  • [max-nested-callbacks](max-nested-callbacks.md)
  • [max-params](max-params.md) Source: http://eslint.org/docs/rules/

Function has too many statements (261). Maximum allowed is 30.
Open

}(typeof window !== "undefined" ? window : this, function( window, noGlobal ) {
Severity: Minor
Found in public/assets/application-3de31b09ce5af5ace72b740f732bf261b9ef8ab2984139e9a64ad50ce3029033.js by eslint

enforce a maximum number of statements allowed in function blocks (max-statements)

The max-statements rule allows you to specify the maximum number of statements allowed in a function.

function foo() {
  var bar = 1; // one statement
  var baz = 2; // two statements
  var qux = 3; // three statements
}

Rule Details

This rule enforces a maximum number of statements allowed in function blocks.

Options

This rule has a number or object option:

  • "max" (default 10) enforces a maximum number of statements allows in function blocks

Deprecated: The object property maximum is deprecated; please use the object property max instead.

This rule has an object option:

  • "ignoreTopLevelFunctions": true ignores top-level functions

max

Examples of incorrect code for this rule with the default { "max": 10 } option:

/*eslint max-statements: ["error", 10]*/
/*eslint-env es6*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;

  var foo11 = 11; // Too many.
}

let foo = () => {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;

  var foo11 = 11; // Too many.
};

Examples of correct code for this rule with the default { "max": 10 } option:

/*eslint max-statements: ["error", 10]*/
/*eslint-env es6*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  return function () {

    // The number of statements in the inner function does not count toward the
    // statement maximum.

    return 42;
  };
}

let foo = () => {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  return function () {

    // The number of statements in the inner function does not count toward the
    // statement maximum.

    return 42;
  };
}

ignoreTopLevelFunctions

Examples of additional correct code for this rule with the { "max": 10 }, { "ignoreTopLevelFunctions": true } options:

/*eslint max-statements: ["error", 10, { "ignoreTopLevelFunctions": true }]*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  var foo11 = 11;
}

Related Rules

  • [complexity](complexity.md)
  • [max-depth](max-depth.md)
  • [max-len](max-len.md)
  • [max-nested-callbacks](max-nested-callbacks.md)
  • [max-params](max-params.md) Source: http://eslint.org/docs/rules/

Function has too many statements (261). Maximum allowed is 30.
Open

}(typeof window !== "undefined" ? window : this, function( window, noGlobal ) {
Severity: Minor
Found in public/assets/application-ad8aef6c82d9ff1f73fde45d0b2a159ea1a5fe6ebf2104f0e0df3b112f607403.js by eslint

enforce a maximum number of statements allowed in function blocks (max-statements)

The max-statements rule allows you to specify the maximum number of statements allowed in a function.

function foo() {
  var bar = 1; // one statement
  var baz = 2; // two statements
  var qux = 3; // three statements
}

Rule Details

This rule enforces a maximum number of statements allowed in function blocks.

Options

This rule has a number or object option:

  • "max" (default 10) enforces a maximum number of statements allows in function blocks

Deprecated: The object property maximum is deprecated; please use the object property max instead.

This rule has an object option:

  • "ignoreTopLevelFunctions": true ignores top-level functions

max

Examples of incorrect code for this rule with the default { "max": 10 } option:

/*eslint max-statements: ["error", 10]*/
/*eslint-env es6*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;

  var foo11 = 11; // Too many.
}

let foo = () => {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;

  var foo11 = 11; // Too many.
};

Examples of correct code for this rule with the default { "max": 10 } option:

/*eslint max-statements: ["error", 10]*/
/*eslint-env es6*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  return function () {

    // The number of statements in the inner function does not count toward the
    // statement maximum.

    return 42;
  };
}

let foo = () => {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  return function () {

    // The number of statements in the inner function does not count toward the
    // statement maximum.

    return 42;
  };
}

ignoreTopLevelFunctions

Examples of additional correct code for this rule with the { "max": 10 }, { "ignoreTopLevelFunctions": true } options:

/*eslint max-statements: ["error", 10, { "ignoreTopLevelFunctions": true }]*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  var foo11 = 11;
}

Related Rules

  • [complexity](complexity.md)
  • [max-depth](max-depth.md)
  • [max-len](max-len.md)
  • [max-nested-callbacks](max-nested-callbacks.md)
  • [max-params](max-params.md) Source: http://eslint.org/docs/rules/

Function has too many statements (261). Maximum allowed is 30.
Open

}(typeof window !== "undefined" ? window : this, function( window, noGlobal ) {
Severity: Minor
Found in public/assets/application-f37836b92ca080fc7658a7a0cdb3063f1d9c99dc607232a10edc1658da37f645.js by eslint

enforce a maximum number of statements allowed in function blocks (max-statements)

The max-statements rule allows you to specify the maximum number of statements allowed in a function.

function foo() {
  var bar = 1; // one statement
  var baz = 2; // two statements
  var qux = 3; // three statements
}

Rule Details

This rule enforces a maximum number of statements allowed in function blocks.

Options

This rule has a number or object option:

  • "max" (default 10) enforces a maximum number of statements allows in function blocks

Deprecated: The object property maximum is deprecated; please use the object property max instead.

This rule has an object option:

  • "ignoreTopLevelFunctions": true ignores top-level functions

max

Examples of incorrect code for this rule with the default { "max": 10 } option:

/*eslint max-statements: ["error", 10]*/
/*eslint-env es6*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;

  var foo11 = 11; // Too many.
}

let foo = () => {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;

  var foo11 = 11; // Too many.
};

Examples of correct code for this rule with the default { "max": 10 } option:

/*eslint max-statements: ["error", 10]*/
/*eslint-env es6*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  return function () {

    // The number of statements in the inner function does not count toward the
    // statement maximum.

    return 42;
  };
}

let foo = () => {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  return function () {

    // The number of statements in the inner function does not count toward the
    // statement maximum.

    return 42;
  };
}

ignoreTopLevelFunctions

Examples of additional correct code for this rule with the { "max": 10 }, { "ignoreTopLevelFunctions": true } options:

/*eslint max-statements: ["error", 10, { "ignoreTopLevelFunctions": true }]*/

function foo() {
  var foo1 = 1;
  var foo2 = 2;
  var foo3 = 3;
  var foo4 = 4;
  var foo5 = 5;
  var foo6 = 6;
  var foo7 = 7;
  var foo8 = 8;
  var foo9 = 9;
  var foo10 = 10;
  var foo11 = 11;
}

Related Rules

  • [complexity](complexity.md)
  • [max-depth](max-depth.md)
  • [max-len](max-len.md)
  • [max-nested-callbacks](max-nested-callbacks.md)
  • [max-params](max-params.md) Source: http://eslint.org/docs/rules/

Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Open

    nokogiri (1.6.7.2)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2017-16932

URL: https://github.com/sparklemotion/nokogiri/issues/1714

Solution: upgrade to >= 1.8.1

Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Open

    nokogiri (1.6.7.2)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2017-15412

URL: https://github.com/sparklemotion/nokogiri/issues/1714

Solution: upgrade to >= 1.8.2

Nokogiri Command Injection Vulnerability via Nokogiri::CSS::Tokenizer#load_file
Open

    nokogiri (1.6.7.2)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2019-5477

Criticality: Critical

URL: https://github.com/sparklemotion/nokogiri/issues/1915

Solution: upgrade to >= 1.10.4

Out-of-bounds Write in zlib affects Nokogiri
Open

    nokogiri (1.6.7.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2018-25032

Criticality: High

URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5

Solution: upgrade to >= 1.13.4

Severity
Category
Status
Source
Language