wiseadvice_public_repos
/
bundle-audit-results
3
0
Fork 0
Code Wiki

commit by to_remotes 2024-10-17 09:08:44 +0200 from cicd

main
cicd 2024-10-17 09:08:44 +02:00
parent 7d322679a8
commit e44752af65
4 changed files with 53 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bundle-audit-time.txt
View File

@ -1 +1 @@
2024-10-16T12:58:40+02:00
2024-10-17T09:08:44+02:00

2
bundle-audit.json
View File

File diff suppressed because one or more lines are too long

38
report.txt
View File

@ -1 +1,37 @@
No vulnerabilities found
Name: actionmailer
Version: 7.1.3.4
CVE: CVE-2024-47889
GHSA: GHSA-h47h-mwp9-c6q6
Criticality: Unknown
URL: https://github.com/rails/rails/security/advisories/GHSA-h47h-mwp9-c6q6
Title: Possible ReDoS vulnerability in block_format in Action Mailer
Solution: update to '~> 6.1.7.9', '~> 7.0.8.5', '~> 7.1.4.1', '>= 7.2.1.1'
Name: actionpack
Version: 7.1.3.4
CVE: CVE-2024-41128
GHSA: GHSA-x76w-6vjr-8xgj
Criticality: Unknown
URL: https://github.com/rails/rails/security/advisories/GHSA-x76w-6vjr-8xgj
Title: Possible ReDoS vulnerability in query parameter filtering in Action Dispatch
Solution: update to '~> 6.1.7.9', '~> 7.0.8.5', '~> 7.1.4.1', '>= 7.2.1.1'
Name: actionpack
Version: 7.1.3.4
CVE: CVE-2024-47887
GHSA: GHSA-vfg9-r3fq-jvx4
Criticality: Unknown
URL: https://github.com/rails/rails/security/advisories/GHSA-vfg9-r3fq-jvx4
Title: Possible ReDoS vulnerability in HTTP Token authentication in Action Controller
Solution: update to '~> 6.1.7.9', '~> 7.0.8.5', '~> 7.1.4.1', '>= 7.2.1.1'
Name: actiontext
Version: 7.1.3.4
CVE: CVE-2024-47888
GHSA: GHSA-wwhv-wxv9-rpgw
Criticality: Unknown
URL: https://github.com/rails/rails/security/advisories/GHSA-wwhv-wxv9-rpgw
Title: Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text
Solution: update to '~> 6.1.7.9', '~> 7.0.8.5', '~> 7.1.4.1', '>= 7.2.1.1'
Vulnerabilities found!

18
update-info.txt
View File

@ -1,7 +1,17 @@
Updating ruby-advisory-db ...
Already up to date.
Updating a93d52d..443cfb9
Fast-forward
gems/actionmailer/CVE-2024-47889.yml | 47 ++++++++++++++++++++++++++++++++++
gems/actionpack/CVE-2024-41128.yml | 46 +++++++++++++++++++++++++++++++++
gems/actionpack/CVE-2024-47887.yml | 49 ++++++++++++++++++++++++++++++++++++
gems/actiontext/CVE-2024-47888.yml | 48 +++++++++++++++++++++++++++++++++++
4 files changed, 190 insertions(+)
create mode 100644 gems/actionmailer/CVE-2024-47889.yml
create mode 100644 gems/actionpack/CVE-2024-41128.yml
create mode 100644 gems/actionpack/CVE-2024-47887.yml
create mode 100644 gems/actiontext/CVE-2024-47888.yml
Updated ruby-advisory-db
ruby-advisory-db:
advisories: 938 advisories
last updated: 2024-10-09 10:55:24 -0700
commit: a93d52dcd4cfa74522551a07bf8cbe0572b35ef0
advisories: 942 advisories
last updated: 2024-10-16 11:03:13 -0700
commit: 443cfb9e8e4860c471417e16c02ead507dbb1b9a