Sign upLogin

voxable-labs/hg

View on GitHub
Star

Showing 436 of 436 total issues

ReDoS based DoS vulnerability in GlobalID
Open

    globalid (0.4.1)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Module has too many lines. [189/100]
Open

      module ClassMethods
        def init
          subscribe_to_messages
          initialize_message_handlers
          initialize_get_started_button
Severity: Minor
Found in lib/hg/messenger/bot.rb by rubocop

ReDoS based DoS vulnerability in Action Dispatch
Open

    actionpack (5.1.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Inefficient Regular Expression Complexity in Nokogiri
Open

    nokogiri (1.8.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Cross-site Scripting in Sidekiq
Open

    sidekiq (5.1.1)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Denial of service in sidekiq
Open

    sidekiq (5.1.1)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Possible DoS Vulnerability in Action Controller Token Authentication
Open

    actionpack (5.1.4)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Possible Strong Parameters Bypass in ActionPack
Open

    actionpack (5.1.4)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Improper neutralization of data URIs may allow XSS in Loofah
Open

    loofah (2.1.1)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Loofah XSS Vulnerability
Open

    loofah (2.1.1)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Open

    rails-html-sanitizer (1.0.3)
Severity: Minor
Found in Gemfile.lock by bundler-audit

ReDoS based DoS vulnerability in Action Dispatch
Open

    actionpack (5.1.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Open

    nokogiri (1.8.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

CSRF Vulnerability in rails-ujs
Open

    actionview (5.1.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Possible Information Disclosure / Unintended Method Execution in Action Pack
Open

    actionpack (5.1.4)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Ability to forge per-form CSRF tokens given a global CSRF token
Open

    actionpack (5.1.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Possible DoS Vulnerability in Active Record PostgreSQL adapter
Open

    activerecord (5.1.4)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Open

    nokogiri (1.8.2)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Denial of Service (DoS) in Nokogiri on JRuby
Open

    nokogiri (1.8.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Nokogiri gem, via libxslt, is affected by improper access control vulnerability
Open

    nokogiri (1.8.2)
Severity: Minor
Found in Gemfile.lock by bundler-audit
Severity
Category
Status
Source
Language