Showing 90 of 90 total issues
Possible Information Leak Vulnerability in Action View Open
actionview (4.1.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2016-0752
Criticality: High
URL: https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00
Solution: upgrade to >= 5.0.0.beta1.1, >= 4.2.5.1, ~> 4.2.5, >= 4.1.14.1, ~> 4.1.14
Nested attributes rejection proc bypass in Active Record Open
activerecord (4.1.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2015-7577
Criticality: Medium
URL: https://groups.google.com/forum/#!topic/rubyonrails-security/cawsWcQ6c8g
Solution: upgrade to >= 5.0.0.beta1.1, >= 4.2.5.1, ~> 4.2.5, >= 4.1.14.1, ~> 4.1.14, ~> 3.2.22.1
rack-cors Gem Missing Anchor permits unauthorized CORS requests Open
rack-cors (0.4.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2017-11173
Criticality: High
URL: https://github.com/cyu/rack-cors/issues/86
Solution: upgrade to >= 0.4.1
Path Traversal in Sprockets Open
sprockets (2.12.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2018-3760
Criticality: High
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/2S9Pwz2i16k
Solution: upgrade to < 3.0.0, >= 2.12.5, < 4.0.0, >= 3.7.2, >= 4.0.0.beta8
Object leak vulnerability for wildcard controller routes in Action Pack Open
actionpack (4.1.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2015-7581
Criticality: High
URL: https://groups.google.com/forum/#!topic/rubyonrails-security/dthJ5wL69JE
Solution: upgrade to >= 4.2.5.1, ~> 4.2.5, >= 4.1.14.1, ~> 4.1.14
Possible Information Leak Vulnerability in Action View Open
actionview (4.1.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2016-2097
Criticality: Medium
URL: https://groups.google.com/forum/#!topic/rubyonrails-security/ddY6HgqB2z4
Solution: upgrade to >= 4.1.14.2, ~> 4.1.14
Data Injection Vulnerability in Active Record Open
activerecord (4.1.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2014-3514
Criticality: High
URL: https://groups.google.com/forum/#!msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ
Solution: upgrade to ~> 4.0.9, >= 4.1.5
XSS Vulnerability in ActiveSupport::JSON.encode Open
activesupport (4.1.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2015-3226
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/7VlB_pck3hU
Solution: upgrade to >= 4.2.2, ~> 4.1.11
Rails 4.1.4 does not encode JSON keys (CVE-2015-3226). Upgrade to Rails version 4.1.11 Open
rails (4.1.4)
- Read upRead up
- Exclude checks
create_with is vulnerable to strong params bypass. Upgrade to Rails 4.1.5 or patch Open
rails (4.1.4)
- Read upRead up
- Exclude checks
Rails 4.1.4 is vulnerable to denial of service via mime type caching (CVE-2016-0751). Upgrade to Rails version 4.1.14.1 Open
rails (4.1.4)
- Read upRead up
- Exclude checks
Rails 4.1.4 is vulnerable to denial of service via XML parsing (CVE-2015-3227). Upgrade to Rails version 4.1.11 Open
rails (4.1.4)
- Read upRead up
- Exclude checks
Rails 4.1.4 content_tag does not escape double quotes in attribute values (CVE-2016-6316). Upgrade to 4.2.7.1 Open
rails (4.1.4)
- Read upRead up
- Exclude checks
Parsing error: 'import' and 'export' may appear only with 'sourceType: module' Open
import React from 'react';
- Read upRead up
- Exclude checks
For more information visit Source: http://eslint.org/docs/rules/
Parsing error: 'import' and 'export' may appear only with 'sourceType: module' Open
import { combineReducers } from 'redux'
- Read upRead up
- Exclude checks
For more information visit Source: http://eslint.org/docs/rules/
Parsing error: 'import' and 'export' may appear only with 'sourceType: module' Open
import React from 'react';
- Read upRead up
- Exclude checks
For more information visit Source: http://eslint.org/docs/rules/
Rule doesn't have all its properties in alphabetical order. Open
body {
- Exclude checks
Parsing error: 'import' and 'export' may appear only with 'sourceType: module' Open
import React, { Component } from 'react';
- Read upRead up
- Exclude checks
For more information visit Source: http://eslint.org/docs/rules/
Parsing error: Unexpected token ... Open
...state,
- Read upRead up
- Exclude checks
For more information visit Source: http://eslint.org/docs/rules/
Parsing error: 'import' and 'export' may appear only with 'sourceType: module' Open
import React, { Component } from 'react';
- Read upRead up
- Exclude checks
For more information visit Source: http://eslint.org/docs/rules/