Showing 65 of 65 total issues
Denial of Service Vulnerability in Rack Multipart Parsing Open
rack (2.2.3)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-30122
Criticality: High
URL: https://groups.google.com/g/ruby-security-ann/c/L2Axto442qk
Solution: upgrade to >= 2.0.9.1, ~> 2.0.9, >= 2.1.4.1, ~> 2.1.4, >= 2.2.3.1
Possible Information Disclosure / Unintended Method Execution in Action Pack Open
actionpack (5.2.4.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-22885
Criticality: High
URL: https://groups.google.com/g/rubyonrails-security/c/NiQl-48cXYI
Solution: upgrade to ~> 5.2.4.6, ~> 5.2.6, >= 6.0.3.7, ~> 6.0.3, >= 6.1.3.2
Possible DoS Vulnerability in Active Record PostgreSQL adapter Open
activerecord (5.2.4.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-22880
Criticality: Medium
URL: https://groups.google.com/g/rubyonrails-security/c/ZzUqCh9vyhI
Solution: upgrade to >= 5.2.4.5, ~> 5.2.4, >= 6.0.3.5, ~> 6.0.3, >= 6.1.2.1
Possible shell escape sequence injection vulnerability in Rack Open
rack (2.2.3)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-30123
Criticality: Critical
URL: https://groups.google.com/g/ruby-security-ann/c/LWB10kWzag8
Solution: upgrade to >= 2.0.9.1, ~> 2.0.9, >= 2.1.4.1, ~> 2.1.4, >= 2.2.3.1
Possible DoS Vulnerability in Action Controller Token Authentication Open
actionpack (5.2.4.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-22904
Criticality: High
URL: https://groups.google.com/g/rubyonrails-security/c/Pf1TjkOBdyQ
Solution: upgrade to ~> 5.2.4.6, ~> 5.2.6, >= 6.0.3.7, ~> 6.0.3, >= 6.1.3.2