Sign upLogin

madetech/market_town

View on GitHub
Star
Gemfile.lock

Summary

Maintainability
Test Coverage

OS Command Injection in Rake
Open

    rake (11.2.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-8130

Criticality: High

URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8

Solution: upgrade to >= 12.3.3

Potential arbitrary file read vulnerability in yard server
Open

    yard (0.8.7.6)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2017-17042

Criticality: High

URL: https://nvd.nist.gov/vuln/detail/CVE-2017-17042

Solution: upgrade to >= 0.9.11

Possible arbitrary path traversal and file access via yard server
Open

    yard (0.8.7.6)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory:

URL: https://github.com/lsegal/yard/security/advisories/GHSA-xfhh-rx56-rxcr

Solution: upgrade to >= 0.9.20

Arbitrary path traversal and file access via yard server
Open

    yard (0.8.7.6)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2019-1020001

Criticality: High

URL: https://github.com/lsegal/yard/security/advisories/GHSA-xfhh-rx56-rxcr

Solution: upgrade to >= 0.9.20

There are no issues that match your filters.

Category
Status