wiseadvice_public_repos
/
bundle-audit-results
3
0
Fork 0
Code Wiki

commit by to_remotes 2026-02-24 10:13:59 +0100 from cicd

main
cicd 2026-02-24 10:13:59 +01:00
parent 78b01d72a4
commit 21f377e151
4 changed files with 4 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bundle-audit-time.txt
View File

@ -1 +1 @@
2026-02-24T10:09:45+01:00 2026-02-24T10:13:58+01:00

2
bundle-audit.json
View File

File diff suppressed because one or more lines are too long

28
report.txt
View File

@ -1,27 +1 @@
Name: nokogiri No vulnerabilities found
Version: 1.18.10
GHSA: GHSA-wx95-c6cv-8532
Criticality: Medium
URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532
Title: Nokogiri does not check the return value from xmlC14NExecute
Solution: update to '>= 1.19.1'
Name: rack
Version: 3.2.4
CVE: CVE-2026-22860
GHSA: GHSA-mxw3-3hh2-x2mh
Criticality: High
URL: https://github.com/rack/rack/security/advisories/GHSA-mxw3-3hh2-x2mh
Title: Rack has a Directory Traversal via Rack:Directory
Solution: update to '~> 2.2.22', '~> 3.1.20', '>= 3.2.5'
Name: rack
Version: 3.2.4
CVE: CVE-2026-25500
GHSA: GHSA-whrj-4476-wvmp
Criticality: Medium
URL: https://github.com/rack/rack/security/advisories/GHSA-whrj-4476-wvmp
Title: Stored XSS in Rack::Directory via javascript: filenames rendered into anchor href
Solution: update to '~> 2.2.22', '~> 3.1.20', '>= 3.2.5'
Vulnerabilities found!

10
update-info.txt
View File

@ -1,13 +1,5 @@
Updating ruby-advisory-db ... Updating ruby-advisory-db ...
Updating ceb1564..23d78a1 Already up to date.
Fast-forward
gems/nokogiri/GHSA-wx95-c6cv-8532.yml | 46 ++++++++++++++++++++++++++++++
gems/rack/CVE-2026-22860.yml | 43 ++++++++++++++++++++++++++++
gems/rack/CVE-2026-25500.yml | 53 +++++++++++++++++++++++++++++++++++
3 files changed, 142 insertions(+)
create mode 100644 gems/nokogiri/GHSA-wx95-c6cv-8532.yml
create mode 100644 gems/rack/CVE-2026-22860.yml
create mode 100644 gems/rack/CVE-2026-25500.yml
Updated ruby-advisory-db Updated ruby-advisory-db
ruby-advisory-db: ruby-advisory-db:
advisories: 1061 advisories advisories: 1061 advisories