Gemfile.lock
OS Command Injection in Rake Open
Open
rake (10.4.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-8130
Criticality: High
URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8
Solution: upgrade to >= 12.3.3
json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix) Open
Open
json (1.8.3)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-10663
Criticality: High
URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
Solution: upgrade to >= 2.3.0
Regular Expression Denial of Service in Addressable templates Open
Open
addressable (2.4.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-32740
Criticality: High
URL: https://github.com/advisories/GHSA-jxhc-q857-3j6g
Solution: upgrade to >= 2.8.0
httparty has multipart/form-data request tampering vulnerability Open
Open
httparty (0.13.7)
- Read upRead up
- Exclude checks
Advisory:
Criticality: Medium
URL: https://github.com/jnunemaker/httparty/security/advisories/GHSA-5pq7-52mg-hr42
Solution: upgrade to >= 0.21.0
RuboCop gem Insecure use of /tmp Open
Open
rubocop (0.35.1)
- Read upRead up
- Exclude checks
Advisory: CVE-2017-8418
Criticality: Low
URL: https://github.com/bbatsov/rubocop/issues/4336
Solution: upgrade to >= 0.49.0