Issues - rootstrap/exception_hunter

ReDoS based DoS vulnerability in GlobalID
Open

    globalid (0.4.2)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Open

    rails-html-sanitizer (1.3.0)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Integer Overflow or Wraparound in libxml2 affects Nokogiri
Open

    nokogiri (1.11.5)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Uncontrolled Recursion in Loofah
Open

    loofah (2.9.1)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Inefficient Regular Expression Complexity in rails-html-sanitizer
Open

    rails-html-sanitizer (1.3.0)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

XML Injection in Xerces Java affects Nokogiri
Open

    nokogiri (1.11.5)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Open

    nokogiri (1.11.5)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Inefficient Regular Expression Complexity in Loofah
Open

    loofah (2.9.1)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
Open

    nokogiri (1.11.5)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Out-of-bounds Write in zlib affects Nokogiri
Open

    nokogiri (1.11.5)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Cross-site Scripting in Sidekiq
Open

    sidekiq (6.0.7)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Denial of service in sidekiq
Open

    sidekiq (6.0.7)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Denial of Service (DoS) in Nokogiri on JRuby
Open

    nokogiri (1.11.5)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Inefficient Regular Expression Complexity in Nokogiri
Open

    nokogiri (1.11.5)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Improper neutralization of data URIs may allow XSS in Loofah
Open

    loofah (2.9.1)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Open

    nokogiri (1.11.5)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Improper Handling of Unexpected Data Type in Nokogiri
Open

    nokogiri (1.11.5)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer
Open

    rails-html-sanitizer (1.3.0)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Open

    rails-html-sanitizer (1.3.0)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Improper neutralization of data URIs may allow XSS in rails-html-sanitizer
Open

    rails-html-sanitizer (1.3.0)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Exclude checks
- Disable engine
- Disable check

rootstrap/exception_hunter

Showing 42 of 42 total issues

ReDoS based DoS vulnerability in GlobalID
Open

Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Open

Integer Overflow or Wraparound in libxml2 affects Nokogiri
Open

Uncontrolled Recursion in Loofah
Open

Inefficient Regular Expression Complexity in rails-html-sanitizer
Open

XML Injection in Xerces Java affects Nokogiri
Open

Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Open

Inefficient Regular Expression Complexity in Loofah
Open

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
Open

Out-of-bounds Write in zlib affects Nokogiri
Open

Cross-site Scripting in Sidekiq
Open

Denial of service in sidekiq
Open

Denial of Service (DoS) in Nokogiri on JRuby
Open

Inefficient Regular Expression Complexity in Nokogiri
Open

Improper neutralization of data URIs may allow XSS in Loofah
Open

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Open

Improper Handling of Unexpected Data Type in Nokogiri
Open

Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer
Open

Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Open

Improper neutralization of data URIs may allow XSS in rails-html-sanitizer
Open

Severity

Category

Status

Source

Language

rootstrap/exception_hunter

Showing 42 of 42 total issues

ReDoS based DoS vulnerability in GlobalID Open

Possible XSS vulnerability with certain configurations of rails-html-sanitizer Open

Integer Overflow or Wraparound in libxml2 affects Nokogiri Open

Uncontrolled Recursion in Loofah Open

Inefficient Regular Expression Complexity in rails-html-sanitizer Open

XML Injection in Xerces Java affects Nokogiri Open

Update bundled libxml2 to v2.10.3 to resolve multiple CVEs Open

Inefficient Regular Expression Complexity in Loofah Open

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby Open

Out-of-bounds Write in zlib affects Nokogiri Open

Cross-site Scripting in Sidekiq Open

Denial of service in sidekiq Open

Denial of Service (DoS) in Nokogiri on JRuby Open

Inefficient Regular Expression Complexity in Nokogiri Open

Improper neutralization of data URIs may allow XSS in Loofah Open

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35) Open

Improper Handling of Unexpected Data Type in Nokogiri Open

Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer Open

Possible XSS vulnerability with certain configurations of rails-html-sanitizer Open

Improper neutralization of data URIs may allow XSS in rails-html-sanitizer Open

Severity

Category

Status

Source

Language

ReDoS based DoS vulnerability in GlobalID
Open

Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Open

Integer Overflow or Wraparound in libxml2 affects Nokogiri
Open

Uncontrolled Recursion in Loofah
Open

Inefficient Regular Expression Complexity in rails-html-sanitizer
Open

XML Injection in Xerces Java affects Nokogiri
Open

Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Open

Inefficient Regular Expression Complexity in Loofah
Open

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
Open

Out-of-bounds Write in zlib affects Nokogiri
Open

Cross-site Scripting in Sidekiq
Open

Denial of service in sidekiq
Open

Denial of Service (DoS) in Nokogiri on JRuby
Open

Inefficient Regular Expression Complexity in Nokogiri
Open

Improper neutralization of data URIs may allow XSS in Loofah
Open

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Open

Improper Handling of Unexpected Data Type in Nokogiri
Open

Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer
Open

Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Open

Improper neutralization of data URIs may allow XSS in rails-html-sanitizer
Open