wiseadvice_public_repos
/
bundle-audit-results
3
0
Fork 0
Code Wiki

commit by to_remotes 2024-02-28 09:45:22 +0100 from vmdevac

main
ag 2024-02-28 09:45:22 +01:00
parent 4610626340
commit 80324d929a
3 changed files with 3 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bundle-audit-time.txt
View File

@ -1 +1 @@
2024-02-28T09:36:40+01:00 2024-02-28T09:45:20+01:00

2
bundle-audit.json
View File

@ -1 +1 @@
{"version":"0.9.1","created_at":"2024-02-28 09:36:39 +0100","results":[{"type":"unpatched_gem","gem":{"name":"rack-cors","version":"2.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/rack-cors/CVE-2024-27456.yml","id":"CVE-2024-27456","url":"https://github.com/advisories/GHSA-785g-282q-pwvx","title":"Rack CORS Middleware has Insecure File Permissions","date":"2024-02-26","description":"rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 permissions\nfor the .rb files.\n","cvss_v2":null,"cvss_v3":null,"cve":"2024-27456","osvdb":null,"ghsa":"785g-282q-pwvx","unaffected_versions":["< 2.0.1"],"patched_versions":[],"criticality":null}}]} {"version":"0.9.1","created_at":"2024-02-28 09:45:20 +0100","results":[]}

11
report.txt
View File

@ -1,10 +1 @@
Name: rack-cors No vulnerabilities found
Version: 2.0.1
CVE: CVE-2024-27456
GHSA: GHSA-785g-282q-pwvx
Criticality: Unknown
URL: https://github.com/advisories/GHSA-785g-282q-pwvx
Title: Rack CORS Middleware has Insecure File Permissions
Solution: remove or disable this gem until a patch is available!
Vulnerabilities found!