Showing 127 of 127 total issues
Possible RCE escalation bug with Serialized Columns in Active Record Open
Open
activerecord (5.2.8)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-32224
Criticality: Critical
URL: https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U
Solution: upgrade to >= 5.2.8.1, ~> 5.2.8, >= 6.0.5.1, ~> 6.0.5, >= 6.1.6.1, ~> 6.1.6, >= 7.0.3.1
TODO found Open
Open
# TODO: these could use optimization but are better than prev:
- Exclude checks
TODO found Open
Open
* TODO: toolbar may still appear outside of frame. Create a getter for toolbar corners in LDI and then include them in this calculation
- Exclude checks
TODO found Open
Open
* TODO: the edit event is fire on handleDragEnd from LDI. This needs to be documented.
- Exclude checks
TODO found Open
Open
* TODO: toolbar may still appear outside of frame. Create a getter for toolbar corners in LDI and then include them in this calculation
- Exclude checks
TODO found Open
Open
/** ========== custom toolbar actions =========== */ /* TODO: find a better place for these */
- Exclude checks
TODO found Open
Open
# TODO: simplify/reduce # of parameters needed here:
- Exclude checks