wiseadvice_public_repos
/
bundle-audit-results
3
0
Fork 0
Code Wiki

commit by to_remotes 2024-10-17 09:11:38 +0200 from cicd

main
cicd 2024-10-17 09:11:38 +02:00
parent e44752af65
commit 2e91073e67
4 changed files with 4 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bundle-audit-time.txt
View File

@ -1 +1 @@
2024-10-17T09:08:44+02:00 2024-10-17T09:11:37+02:00

2
bundle-audit.json
View File

File diff suppressed because one or more lines are too long

38
report.txt
View File

@ -1,37 +1 @@
Name: actionmailer No vulnerabilities found
Version: 7.1.3.4
CVE: CVE-2024-47889
GHSA: GHSA-h47h-mwp9-c6q6
Criticality: Unknown
URL: https://github.com/rails/rails/security/advisories/GHSA-h47h-mwp9-c6q6
Title: Possible ReDoS vulnerability in block_format in Action Mailer
Solution: update to '~> 6.1.7.9', '~> 7.0.8.5', '~> 7.1.4.1', '>= 7.2.1.1'
Name: actionpack
Version: 7.1.3.4
CVE: CVE-2024-41128
GHSA: GHSA-x76w-6vjr-8xgj
Criticality: Unknown
URL: https://github.com/rails/rails/security/advisories/GHSA-x76w-6vjr-8xgj
Title: Possible ReDoS vulnerability in query parameter filtering in Action Dispatch
Solution: update to '~> 6.1.7.9', '~> 7.0.8.5', '~> 7.1.4.1', '>= 7.2.1.1'
Name: actionpack
Version: 7.1.3.4
CVE: CVE-2024-47887
GHSA: GHSA-vfg9-r3fq-jvx4
Criticality: Unknown
URL: https://github.com/rails/rails/security/advisories/GHSA-vfg9-r3fq-jvx4
Title: Possible ReDoS vulnerability in HTTP Token authentication in Action Controller
Solution: update to '~> 6.1.7.9', '~> 7.0.8.5', '~> 7.1.4.1', '>= 7.2.1.1'
Name: actiontext
Version: 7.1.3.4
CVE: CVE-2024-47888
GHSA: GHSA-wwhv-wxv9-rpgw
Criticality: Unknown
URL: https://github.com/rails/rails/security/advisories/GHSA-wwhv-wxv9-rpgw
Title: Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text
Solution: update to '~> 6.1.7.9', '~> 7.0.8.5', '~> 7.1.4.1', '>= 7.2.1.1'
Vulnerabilities found!

12
update-info.txt
View File

@ -1,15 +1,5 @@
Updating ruby-advisory-db ... Updating ruby-advisory-db ...
Updating a93d52d..443cfb9 Already up to date.
Fast-forward
gems/actionmailer/CVE-2024-47889.yml | 47 ++++++++++++++++++++++++++++++++++
gems/actionpack/CVE-2024-41128.yml | 46 +++++++++++++++++++++++++++++++++
gems/actionpack/CVE-2024-47887.yml | 49 ++++++++++++++++++++++++++++++++++++
gems/actiontext/CVE-2024-47888.yml | 48 +++++++++++++++++++++++++++++++++++
4 files changed, 190 insertions(+)
create mode 100644 gems/actionmailer/CVE-2024-47889.yml
create mode 100644 gems/actionpack/CVE-2024-41128.yml
create mode 100644 gems/actionpack/CVE-2024-47887.yml
create mode 100644 gems/actiontext/CVE-2024-47888.yml
Updated ruby-advisory-db Updated ruby-advisory-db
ruby-advisory-db: ruby-advisory-db:
advisories: 942 advisories advisories: 942 advisories