From f409c2e133fefc0ea2042087cb183c9c78fa8071 Mon Sep 17 00:00:00 2001
From: ag <ag@wiseadvice.eu>
Date: Tue, 23 Jan 2024 12:13:11 +0100
Subject: [PATCH] commit by to_remotes 2024-01-23 12:13:11 +0100 from vmdevac

---
 bundle-audit-time.txt |   2 +-
 bundle-audit.json     |   2 +-
 report.txt            | 137 +++++++++++++++++++++++++++++++++++++++++-
 3 files changed, 138 insertions(+), 3 deletions(-)

diff --git a/bundle-audit-time.txt b/bundle-audit-time.txt
index 7c7d6c4..6948f7b 100644
--- a/bundle-audit-time.txt
+++ b/bundle-audit-time.txt
@@ -1 +1 @@
-2024-01-23T10:28:05+01:00
+2024-01-23T12:13:10+01:00
diff --git a/bundle-audit.json b/bundle-audit.json
index 8b1e210..14ad616 100644
--- a/bundle-audit.json
+++ b/bundle-audit.json
@@ -1 +1 @@
-{"version":"0.9.1","created_at":"2024-01-23 10:28:04 +0100","results":[]}
\ No newline at end of file
+{"version":"0.9.1","created_at":"2024-01-23 12:13:09 +0100","results":[{"type":"unpatched_gem","gem":{"name":"actionpack","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/actionpack/CVE-2022-22577.yml","id":"CVE-2022-22577","url":"https://groups.google.com/g/ruby-security-ann/c/NuFRKaN5swI","title":"Possible XSS Vulnerability in Action Pack","date":"2022-04-27","description":"There is a possible XSS vulnerability in Rails / Action Pack. This vulnerability has been\nassigned the CVE identifier CVE-2022-22577.\n\nVersions Affected:  >= 5.2.0\nNot affected:       < 5.2.0\nFixed Versions:     7.0.2.4, 6.1.5.1, 6.0.4.8, 5.2.7.1\n\n## Impact\n\nCSP headers were only sent along with responses that Rails considered as\n\"HTML\" responses.  This left API requests without CSP headers, which could\npossibly expose users to XSS attacks.\n\n## Releases\n\nThe FIXED releases are available at the normal locations.\n\n## Workarounds\n\nSet a CSP for your API responses manually.\n","cvss_v2":null,"cvss_v3":6.1,"cve":"2022-22577","osvdb":null,"ghsa":"mm33-5vfq-3mm3","unaffected_versions":["< 5.2.0"],"patched_versions":["~> 5.2.7, >= 5.2.7.1","~> 6.0.4, >= 6.0.4.8","~> 6.1.5, >= 6.1.5.1",">= 7.0.2.4"],"criticality":"medium"}},{"type":"unpatched_gem","gem":{"name":"actionpack","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/actionpack/CVE-2022-23633.yml","id":"CVE-2022-23633","url":"https://groups.google.com/g/ruby-security-ann/c/FkTM-_7zSNA/m/K2RiMJBlBAAJ","title":"Possible exposure of information vulnerability in Action Pack","date":"2022-02-11","description":"## Impact\n\nUnder certain circumstances response bodies will not be closed, for example a\nbug in a webserver (https://github.com/puma/puma/pull/2812) or a bug in a Rack\nmiddleware. In the event a response is not notified of a `close`,\n`ActionDispatch::Executor` will not know to reset thread local state for the\nnext request. This can lead to data being leaked to subsequent requests,\nespecially when interacting with `ActiveSupport::CurrentAttributes`.\n\nUpgrading to the FIXED versions of Rails will ensure mitigation if this issue\neven in the context of a buggy webserver or middleware implementation.\n\n## Patches\n\nThis has been fixed in Rails 7.0.2.2, 6.1.4.6, 6.0.4.6, and 5.2.6.2.\n\n## Workarounds\n\nUpgrading is highly recommended, but to work around this problem the following\nmiddleware can be used:\n\n```\nclass GuardedExecutor < ActionDispatch::Executor\n  def call(env)\n    ensure_completed!\n    super\n  end\n\n  private\n\n    def ensure_completed!\n      @executor.new.complete! if @executor.active?\n    end\nend\n\n# Ensure the guard is inserted before ActionDispatch::Executor\nRails.application.configure do\n  config.middleware.swap ActionDispatch::Executor, GuardedExecutor, executor\nend\n```\n","cvss_v2":null,"cvss_v3":7.4,"cve":"2022-23633","osvdb":null,"ghsa":"wh98-p28r-vrc9","unaffected_versions":["< 5.0.0"],"patched_versions":["~> 5.2.6, >= 5.2.6.2","~> 6.0.4, >= 6.0.4.6","~> 6.1.4, >= 6.1.4.6",">= 7.0.2.2"],"criticality":"high"}},{"type":"unpatched_gem","gem":{"name":"actionpack","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/actionpack/CVE-2023-22792.yml","id":"CVE-2023-22792","url":"https://github.com/rails/rails/releases/tag/v7.0.4.1","title":"ReDoS based DoS vulnerability in Action Dispatch","date":"2023-01-18","description":"There is a possible regular expression based DoS vulnerability in Action\nDispatch. This vulnerability has been assigned the CVE identifier\nCVE-2023-22792.\n\nVersions Affected: >= 3.0.0\nNot affected: < 3.0.0\nFixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1\n\n# Impact\n\nSpecially crafted cookies, in combination with a specially crafted\nX_FORWARDED_HOST header can cause the regular expression engine to enter a\nstate of catastrophic backtracking. This can cause the process to use large\namounts of CPU and memory, leading to a possible DoS vulnerability All users\nrunning an affected release should either upgrade or use one of the\nworkarounds immediately.\n\n# Workarounds\n\nWe recommend that all users upgrade to one of the FIXED versions. In the\nmeantime, users can mitigate this vulnerability by using a load balancer or\nother device to filter out malicious X_FORWARDED_HOST headers before they\nreach the application.\n","cvss_v2":null,"cvss_v3":null,"cve":"2023-22792","osvdb":null,"ghsa":"p84v-45xj-wwqj","unaffected_versions":["< 3.0.0"],"patched_versions":["~> 5.2.8, >= 5.2.8.15","~> 6.1.7, >= 6.1.7.1",">= 7.0.4.1"],"criticality":null}},{"type":"unpatched_gem","gem":{"name":"actionpack","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/actionpack/CVE-2023-22795.yml","id":"CVE-2023-22795","url":"https://github.com/rails/rails/releases/tag/v7.0.4.1","title":"ReDoS based DoS vulnerability in Action Dispatch","date":"2023-01-18","description":"There is a possible regular expression based DoS vulnerability in Action\nDispatch related to the If-None-Match header. This vulnerability has been\nassigned the CVE identifier CVE-2023-22795.\n\nVersions Affected: All\nNot affected: None\nFixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1\n\n# Impact\n\nA specially crafted HTTP If-None-Match header can cause the regular\nexpression engine to enter a state of catastrophic backtracking, when on a\nversion of Ruby below 3.2.0. This can cause the process to use large amounts\nof CPU and memory, leading to a possible DoS vulnerability All users running\nan affected release should either upgrade or use one of the workarounds\nimmediately.\n\n# Workarounds\n\nWe recommend that all users upgrade to one of the FIXED versions. In the\nmeantime, users can mitigate this vulnerability by using a load balancer or\nother device to filter out malicious If-None-Match headers before they reach\nthe application.\n\nUsers on Ruby 3.2.0 or greater are not affected by this vulnerability.\n","cvss_v2":null,"cvss_v3":null,"cve":"2023-22795","osvdb":null,"ghsa":"8xww-x3g3-6jcv","unaffected_versions":[],"patched_versions":["~> 5.2.8, >= 5.2.8.15","~> 6.1.7, >= 6.1.7.1",">= 7.0.4.1"],"criticality":null}},{"type":"unpatched_gem","gem":{"name":"actionpack","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/actionpack/CVE-2023-22797.yml","id":"CVE-2023-22797","url":"https://github.com/rails/rails/releases/tag/v7.0.4.1","title":"Open Redirect Vulnerability in Action Pack","date":"2023-01-18","description":"There is a vulnerability in Action Controller’s redirect_to. This\nvulnerability has been assigned the CVE identifier CVE-2023-22797.\n\nVersions Affected: >= 7.0.0\nNot affected: < 7.0.0\nFixed Versions: 7.0.4.1\n\n# Impact\n\nThere is a possible open redirect when using the redirect_to helper with\nuntrusted user input.\n\nVulnerable code will look like this:\n```\nredirect_to(params[:some_param])\n```\n\nRails 7.0 introduced protection against open redirects from calling\nredirect_to with untrusted user input. In prior versions the developer was\nfully responsible for only providing trusted input. However the check\nintroduced could be bypassed by a carefully crafted URL.\n\nAll users running an affected release should either upgrade or use one of\nthe workarounds immediately.\n\n# Workarounds\n\nThere are no feasible workarounds for this issue.\n","cvss_v2":null,"cvss_v3":6.1,"cve":"2023-22797","osvdb":null,"ghsa":"9445-4cr6-336r","unaffected_versions":["< 7.0.0"],"patched_versions":[">= 7.0.4.1"],"criticality":"medium"}},{"type":"unpatched_gem","gem":{"name":"actionpack","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/actionpack/CVE-2023-28362.yml","id":"CVE-2023-28362","url":"https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132","title":"Possible XSS via User Supplied Values to redirect_to","date":"2023-06-26","description":"The redirect_to method in Rails allows provided values to contain characters\nwhich are not legal in an HTTP header value. This results in the potential for\ndownstream services which enforce RFC compliance on HTTP response headers to\nremove the assigned Location header. This vulnerability has been assigned the\nCVE identifier CVE-2023-28362.\n\nVersions Affected: All. Not affected: None Fixed Versions: 7.0.5.1, 6.1.7.4\n\n# Impact\n\nThis introduces the potential for a Cross-site-scripting (XSS) payload to be\ndelivered on the now static redirection page. Note that this both requires\nuser interaction and for a Rails app to be configured to allow redirects to\nexternal hosts (defaults to false in Rails >= 7.0.x).\n\n# Releases\n\nThe FIXED releases are available at the normal locations.\n\n# Workarounds\n\nAvoid providing user supplied URLs with arbitrary schemes to the redirect_to\nmethod.\n","cvss_v2":null,"cvss_v3":null,"cve":"2023-28362","osvdb":null,"ghsa":"4g8v-vg43-wpgf","unaffected_versions":[],"patched_versions":["~> 6.1.7.4",">= 7.0.5.1"],"criticality":null}},{"type":"unpatched_gem","gem":{"name":"actionview","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/actionview/CVE-2022-27777.yml","id":"CVE-2022-27777","url":"https://groups.google.com/g/ruby-security-ann/c/9wJPEDv-iRw","title":"Possible XSS Vulnerability in Action View tag helpers","date":"2022-04-26","description":"There is a possible XSS vulnerability in Action View tag helpers.  Passing\nuntrusted input as hash keys can lead to a possible XSS vulnerability. This\nvulnerability has been assigned the CVE identifier CVE-2022-27777.\n\nVersions Affected:  ALL\nNot affected:       NONE\nFixed Versions:     7.0.2.4, 6.1.5.1, 6.0.4.8, 5.2.7.1\n\n## Impact\n\nIf untrusted data is passed as the hash key for tag attributes, there is a\npossibility that the untrusted data may not be properly escaped which can\nlead to an XSS vulnerability.\n\nImpacted code will look something like this:\n\n```\ncheck_box_tag('thename', 'thevalue', false, aria: { malicious_input => 'thevalueofaria' })\n```\n\nWhere the \"malicious_input\" variable contains untrusted data.\n\nAll users running an affected release should either upgrade or use one of the\nworkarounds immediately.\n\n## Releases\n\nThe FIXED releases are available at the normal locations.\n\n## Workarounds\n\nEscape the untrusted data before using it as a key for tag helper methods.\n","cvss_v2":null,"cvss_v3":6.1,"cve":"2022-27777","osvdb":null,"ghsa":"ch3h-j2vf-95pv","unaffected_versions":[],"patched_versions":["~> 5.2.7, >= 5.2.7.1","~> 6.0.4, >= 6.0.4.8","~> 6.1.5, >= 6.1.5.1",">= 7.0.2.4"],"criticality":"medium"}},{"type":"unpatched_gem","gem":{"name":"actionview","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/actionview/CVE-2023-23913.yml","id":"CVE-2023-23913","url":"https://discuss.rubyonrails.org/t/cve-2023-23913-dom-based-cross-site-scripting-in-rails-ujs-for-contenteditable-html-elements/82468","title":"DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements","date":"2023-03-13","description":"NOTE: rails-ujs is part of Rails/actionview since 5.1.0.\n\nThere is a potential DOM based cross-site scripting issue in rails-ujs\nwhich leverages the Clipboard API to target HTML elements that are\nassigned the contenteditable attribute. This has the potential to\noccur when pasting malicious HTML content from the clipboard that\nincludes a data-method, data-remote or data-disable-with attribute.\n\nThis vulnerability has been assigned the CVE identifier CVE-2023-23913.\n\nNot affected: < 5.1.0\nVersions Affected: >= 5.1.0\nFixed Versions: 6.1.7.3, 7.0.4.3\n\nImpact\n  If the specified malicious HTML clipboard content is provided to a\n  contenteditable element, this could result in the arbitrary execution\n  of javascript on the origin in question.\n\nReleases\n  The FIXED releases are available at the normal locations.\n\nWorkarounds\n  We recommend that all users upgrade to one of the FIXED versions.\n  In the meantime, users can attempt to mitigate this vulnerability\n  by removing the contenteditable attribute from elements in pages\n  that rails-ujs will interact with.\n\nPatches\n  To aid users who aren’t able to upgrade immediately we have provided\n  patches for the two supported release series. They are in git-am\n  format and consist of a single changeset.\n\n* rails-ujs-data-method-contenteditable-6-1.patch - Patch for 6.1 series\n* rails-ujs-data-method-contenteditable-7-0.patch - Patch for 7.0 series\n\nPlease note that only the 7.0.Z and 6.1.Z series are\nsupported at present, and 6.0.Z for severe vulnerabilities.\n\nUsers of earlier unsupported releases are advised to upgrade as\nsoon as possible as we cannot guarantee the continued availability\nof security fixes for unsupported releases.\n\nCredits\n  We would like to thank ryotak 15 for reporting this!\n\n* rails-ujs-data-method-contenteditable-6-1.patch (8.5 KB)\n* rails-ujs-data-method-contenteditable-7-0.patch (8.5 KB)\n* rails-ujs-data-method-contenteditable-main.patch (8.9 KB)\n","cvss_v2":null,"cvss_v3":7.5,"cve":"2023-23913","osvdb":null,"ghsa":"xp5h-f8jf-rc8q","unaffected_versions":["< 5.1.0"],"patched_versions":["~> 6.1.7.3",">= 7.0.4.3"],"criticality":"high"}},{"type":"unpatched_gem","gem":{"name":"activerecord","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/activerecord/CVE-2022-32224.yml","id":"CVE-2022-32224","url":"https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U","title":"Possible RCE escalation bug with Serialized Columns in Active Record","date":"2022-07-12","description":"There is a possible escalation to RCE when using YAML serialized columns in\nActive Record. This vulnerability has been assigned the CVE identifier\nCVE-2022-32224.\n\nVersions Affected:  All.\nNot affected:       None\nFixed Versions:     7.0.3.1, 6.1.6.1, 6.0.5.1, 5.2.8.1\n\nImpact\n------\nWhen serialized columns that use YAML (the default) are deserialized, Rails\nuses `YAML.unsafe_load` to convert the YAML data in to Ruby objects.  If an\nattacker can manipulate data in the database (via means like SQL injection),\nthen it may be possible for the attacker to escalate to an RCE.\n\nImpacted Active Record models will look something like this:\n\n```ruby\nclass User < ApplicationRecord\n  serialize :options       # Vulnerable: Uses YAML for serialization\n  serialize :values, Array # Vulnerable: Uses YAML for serialization\n  serialize :values, JSON  # Not vulnerable\nend\n```\n\nAll users running an affected release should either upgrade or use one of the\nworkarounds immediately.\n\nReleases\n--------\nThe FIXED releases are available at the normal locations.\n\nThe released versions change the default YAML deserializer to use\n`YAML.safe_load`, which prevents deserialization of possibly dangerous\nobjects.  This may introduce backwards compatibility issues with existing\ndata.\n\nIn order to cope with that situation, the released version also contains two\nnew Active Record configuration options.  The configuration options are as\nfollows:\n\n* `config.active_record.use_yaml_unsafe_load`\n\nWhen set to true, this configuration option tells Rails to use the old\n\"unsafe\" YAML loading strategy, maintaining the existing behavior but leaving\nthe possible escalation vulnerability in place.  Setting this option to true\nis *not* recommended, but can aid in upgrading.\n\n* `config.active_record.yaml_column_permitted_classes`\n\nThe \"safe YAML\" loading method does not allow all classes to be deserialized\nby default.  This option allows you to specify classes deemed \"safe\" in your\napplication.  For example, if your application uses Symbol and Time in\nserialized data, you can add Symbol and Time to the allowed list as follows:\n\n```\nconfig.active_record.yaml_column_permitted_classes = [Symbol, Date, Time]\n```\n\nWorkarounds\n-----------\nThere are no feasible workarounds for this issue, but other coders (such as\nJSON) are not impacted.\n","cvss_v2":null,"cvss_v3":9.8,"cve":"2022-32224","osvdb":null,"ghsa":"3hhc-qp5v-9p2j","unaffected_versions":[],"patched_versions":["~> 5.2.8, >= 5.2.8.1","~> 6.0.5, >= 6.0.5.1","~> 6.1.6, >= 6.1.6.1",">= 7.0.3.1"],"criticality":"critical"}},{"type":"unpatched_gem","gem":{"name":"activerecord","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/activerecord/CVE-2022-44566.yml","id":"CVE-2022-44566","url":"https://github.com/rails/rails/releases/tag/v7.0.4.1","title":"Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter","date":"2023-01-18","description":"There is a potential denial of service vulnerability present in\nActiveRecord’s PostgreSQL adapter.\n\nThis has been assigned the CVE identifier CVE-2022-44566.\n\nVersions Affected: All.\nNot affected: None.\nFixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1\n\n# Impact\n\nIn ActiveRecord <7.0.4.1 and <6.1.7.1, when a value outside the range for a\n64bit signed integer is provided to the PostgreSQL connection adapter, it\nwill treat the target column type as numeric. Comparing integer values\nagainst numeric values can result in a slow sequential scan resulting in\npotential Denial of Service.\n\n# Workarounds\n\nEnsure that user supplied input which is provided to ActiveRecord clauses do\nnot contain integers wider than a signed 64bit representation or floats.\n","cvss_v2":null,"cvss_v3":7.5,"cve":"2022-44566","osvdb":null,"ghsa":"579w-22j4-4749","unaffected_versions":[],"patched_versions":["~> 5.2.8, >= 5.2.8.15","~> 6.1.7, >= 6.1.7.1",">= 7.0.4.1"],"criticality":"high"}},{"type":"unpatched_gem","gem":{"name":"activerecord","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/activerecord/CVE-2023-22794.yml","id":"CVE-2023-22794","url":"https://github.com/rails/rails/releases/tag/v7.0.4.1","title":"SQL Injection Vulnerability via ActiveRecord comments","date":"2023-01-18","description":"There is a possible vulnerability in ActiveRecord related to the\nsanitization of comments. This vulnerability has been assigned the CVE\nidentifier CVE-2023-22794.\n\nVersions Affected: >= 6.0.0\nNot affected: < 6.0.0\nFixed Versions: 6.0.6.1, 6.1.7.1, 7.0.4.1\n\n# Impact\n\nPreviously the implementation of escaping for comments was insufficient for\n\nIf malicious user input is passed to either the annotate query method, the\noptimizer_hints query method, or through the QueryLogs interface which\nautomatically adds annotations, it may be sent to the database with\ninsufficient sanitization and be able to inject SQL outside of the comment.\n\nIn most cases these interfaces won’t be used with user input and users\nshould avoid doing so.\n\nExample vulnerable code:\n```\nPost.where(id: 1).annotate(\"#{params[:user_input]}\")\n\nPost.where(id: 1).optimizer_hints(\"#{params[:user_input]}\")\n```\n\nExample vulnerable QueryLogs configuration (the default configuration is not\nvulnerable):\n```\nconfig.active_record.query_log_tags = [\n  {\n    something: -> { <some value including user input> }\n  }\n]\n```\nAll users running an affected release should either upgrade or use one of the\nworkarounds immediately.\n\n# Workarounds\n\nAvoid passing user input to annotate and avoid using QueryLogs configuration\nwhich can include user input.\n","cvss_v2":null,"cvss_v3":8.8,"cve":"2023-22794","osvdb":null,"ghsa":"hq7p-j377-6v63","unaffected_versions":["< 6.0.0"],"patched_versions":["~> 6.0.6, >= 6.0.6.1","~> 6.1.7, >= 6.1.7.1",">= 7.0.4.1"],"criticality":"high"}},{"type":"unpatched_gem","gem":{"name":"activestorage","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/activestorage/CVE-2022-21831.yml","id":"CVE-2022-21831","url":"https://groups.google.com/g/rubyonrails-security/c/n-p-W1yxatI","title":"Possible code injection vulnerability in Rails / Active Storage","date":"2022-03-08","description":"There is a possible code injection vulnerability in the Active Storage module\nof Rails. This vulnerability has been assigned the CVE identifier\nCVE-2022-21831.\n\nVersions Affected:  >= 5.2.0\nNot affected:       < 5.2.0\nFixed Versions:     7.0.2.3, 6.1.4.7, 6.0.4.7, 5.2.6.3\n\nImpact\n------\nThere is a possible code injection vulnerability in the Active Storage module\nof Rails.  This vulnerability impacts applications that use Active Storage\nwith the image_processing processing in addition to the mini_magick back end\nfor image_processing.\n\nVulnerable code will look something similar to this:\n\n```ruby\n<%= image_tag blob.variant(params[:t] => params[:v]) %>\n```\n\nWhere the transformation method or its arguments are untrusted arbitrary\ninput.\n\nAll users running an affected release should either upgrade or use one of the\nworkarounds immediately.\n\nWorkarounds\n-----------\nTo work around this issue, applications should implement a strict allow-list\non accepted transformation methods or arguments.  Additionally, a strict image\nmagick security policy will help mitigate this issue.\n\n  https://imagemagick.org/script/security-policy.php\n","cvss_v2":null,"cvss_v3":9.8,"cve":"2022-21831","osvdb":null,"ghsa":"w749-p3v6-hccq","unaffected_versions":["< 5.2.0"],"patched_versions":["~> 5.2.6, >= 5.2.6.3","~> 6.0.4, >= 6.0.4.7","~> 6.1.4, >= 6.1.4.7",">= 7.0.2.3"],"criticality":"critical"}},{"type":"unpatched_gem","gem":{"name":"activesupport","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/activesupport/CVE-2023-22796.yml","id":"CVE-2023-22796","url":"https://github.com/rails/rails/releases/tag/v7.0.4.1","title":"ReDoS based DoS vulnerability in Active Support’s underscore","date":"2023-01-18","description":"There is a possible regular expression based DoS vulnerability in Active\nSupport. This vulnerability has been assigned the CVE identifier\nCVE-2023-22796.\n\nVersions Affected: All\nNot affected: None\nFixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1\n\n# Impact\n\nA specially crafted string passed to the underscore method can cause the\nregular expression engine to enter a state of catastrophic backtracking.\nThis can cause the process to use large amounts of CPU and memory, leading\nto a possible DoS vulnerability.\n\nThis affects String#underscore, ActiveSupport::Inflector.underscore,\nString#titleize, and any other methods using these.\n\nAll users running an affected release should either upgrade or use one of the\nworkarounds immediately.\n\n# Workarounds\n\nThere are no feasible workarounds for this issue.\n\nUsers on Ruby 3.2.0 or greater may be able to reduce the impact by\nconfiguring Regexp.timeout.\n","cvss_v2":null,"cvss_v3":null,"cve":"2023-22796","osvdb":null,"ghsa":"j6gc-792m-qgm2","unaffected_versions":[],"patched_versions":["~> 5.2.8, >= 5.2.8.15","~> 6.1.7, >= 6.1.7.1",">= 7.0.4.1"],"criticality":null}},{"type":"unpatched_gem","gem":{"name":"activesupport","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/activesupport/CVE-2023-28120.yml","id":"CVE-2023-28120","url":"https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469","title":"Possible XSS Security Vulnerability in SafeBuffer#bytesplice","date":"2023-03-13","description":"There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.\nThis vulnerability has been assigned the CVE identifier CVE-2023-28120.\n\nVersions Affected: All. Not affected: None Fixed Versions: 7.0.4.3, 6.1.7.3\n\n# Impact\n\nActiveSupport uses the SafeBuffer string subclass to tag strings as html_safe after they have been sanitized.\nWhen these strings are mutated, the tag is should be removed to mark them as no longer being html_safe.\n\nRuby 3.2 introduced a new bytesplice method which ActiveSupport did not yet understand to be a mutation.\nUsers on older versions of Ruby are likely unaffected.\n\nAll users running an affected release and using bytesplice should either upgrade or use one of the workarounds immediately.\n\n# Workarounds\n\nAvoid calling bytesplice on a SafeBuffer (html_safe) string with untrusted user input.\n","cvss_v2":null,"cvss_v3":null,"cve":"2023-28120","osvdb":null,"ghsa":"pj73-v5mw-pm9j","unaffected_versions":[],"patched_versions":["~> 6.1.7, >= 6.1.7.3",">= 7.0.4.3"],"criticality":null}},{"type":"unpatched_gem","gem":{"name":"activesupport","version":"7.0.1"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/activesupport/CVE-2023-38037.yml","id":"CVE-2023-38037","url":"https://github.com/rails/rails/releases/tag/v7.0.7.1","title":"Possible File Disclosure of Locally Encrypted Files","date":"2023-08-23","description":"There is a possible file disclosure of locally encrypted files in Active Support. This vulnerability has been assigned the CVE identifier CVE-2023-38037.\n\nVersions Affected: >= 5.2.0 Not affected: < 5.2.0 Fixed Versions: 7.0.7.1, 6.1.7.5\n\n# Impact\nActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file’s permissions are defaulted to the user’s current umask settings, meaning that it’s possible for other users on the same system to read the contents of the temporary file.\n\nAttackers that have access to the file system could possibly read the contents of this temporary file while a user is editing it.\n\nAll users running an affected release should either upgrade or use one of the workarounds immediately.\n\n# Releases\nThe fixed releases are available at the normal locations.\n\n# Workarounds\nTo work around this issue, you can set your umask to be more restrictive like this:\n\n```ruby\n$ umask 0077\n```\n","cvss_v2":null,"cvss_v3":null,"cve":"2023-38037","osvdb":null,"ghsa":"cr5q-6q9f-rq6q","unaffected_versions":["< 5.2.0"],"patched_versions":["~> 6.1.7, >= 6.1.7.5",">= 7.0.7.1"],"criticality":null}}]}
\ No newline at end of file
diff --git a/report.txt b/report.txt
index 8900c02..dff046f 100644
--- a/report.txt
+++ b/report.txt
@@ -1 +1,136 @@
-No vulnerabilities found
+Name: actionpack
+Version: 7.0.1
+CVE: CVE-2022-22577
+GHSA: GHSA-mm33-5vfq-3mm3
+Criticality: Medium
+URL: https://groups.google.com/g/ruby-security-ann/c/NuFRKaN5swI
+Title: Possible XSS Vulnerability in Action Pack
+Solution: upgrade to '~> 5.2.7, >= 5.2.7.1', '~> 6.0.4, >= 6.0.4.8', '~> 6.1.5, >= 6.1.5.1', '>= 7.0.2.4'
+
+Name: actionpack
+Version: 7.0.1
+CVE: CVE-2022-23633
+GHSA: GHSA-wh98-p28r-vrc9
+Criticality: High
+URL: https://groups.google.com/g/ruby-security-ann/c/FkTM-_7zSNA/m/K2RiMJBlBAAJ
+Title: Possible exposure of information vulnerability in Action Pack
+Solution: upgrade to '~> 5.2.6, >= 5.2.6.2', '~> 6.0.4, >= 6.0.4.6', '~> 6.1.4, >= 6.1.4.6', '>= 7.0.2.2'
+
+Name: actionpack
+Version: 7.0.1
+CVE: CVE-2023-22792
+GHSA: GHSA-p84v-45xj-wwqj
+Criticality: Unknown
+URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
+Title: ReDoS based DoS vulnerability in Action Dispatch
+Solution: upgrade to '~> 5.2.8, >= 5.2.8.15', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'
+
+Name: actionpack
+Version: 7.0.1
+CVE: CVE-2023-22795
+GHSA: GHSA-8xww-x3g3-6jcv
+Criticality: Unknown
+URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
+Title: ReDoS based DoS vulnerability in Action Dispatch
+Solution: upgrade to '~> 5.2.8, >= 5.2.8.15', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'
+
+Name: actionpack
+Version: 7.0.1
+CVE: CVE-2023-22797
+GHSA: GHSA-9445-4cr6-336r
+Criticality: Medium
+URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
+Title: Open Redirect Vulnerability in Action Pack
+Solution: upgrade to '>= 7.0.4.1'
+
+Name: actionpack
+Version: 7.0.1
+CVE: CVE-2023-28362
+GHSA: GHSA-4g8v-vg43-wpgf
+Criticality: Unknown
+URL: https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132
+Title: Possible XSS via User Supplied Values to redirect_to
+Solution: upgrade to '~> 6.1.7.4', '>= 7.0.5.1'
+
+Name: actionview
+Version: 7.0.1
+CVE: CVE-2022-27777
+GHSA: GHSA-ch3h-j2vf-95pv
+Criticality: Medium
+URL: https://groups.google.com/g/ruby-security-ann/c/9wJPEDv-iRw
+Title: Possible XSS Vulnerability in Action View tag helpers
+Solution: upgrade to '~> 5.2.7, >= 5.2.7.1', '~> 6.0.4, >= 6.0.4.8', '~> 6.1.5, >= 6.1.5.1', '>= 7.0.2.4'
+
+Name: actionview
+Version: 7.0.1
+CVE: CVE-2023-23913
+GHSA: GHSA-xp5h-f8jf-rc8q
+Criticality: High
+URL: https://discuss.rubyonrails.org/t/cve-2023-23913-dom-based-cross-site-scripting-in-rails-ujs-for-contenteditable-html-elements/82468
+Title: DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements
+Solution: upgrade to '~> 6.1.7.3', '>= 7.0.4.3'
+
+Name: activerecord
+Version: 7.0.1
+CVE: CVE-2022-32224
+GHSA: GHSA-3hhc-qp5v-9p2j
+Criticality: Critical
+URL: https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U
+Title: Possible RCE escalation bug with Serialized Columns in Active Record
+Solution: upgrade to '~> 5.2.8, >= 5.2.8.1', '~> 6.0.5, >= 6.0.5.1', '~> 6.1.6, >= 6.1.6.1', '>= 7.0.3.1'
+
+Name: activerecord
+Version: 7.0.1
+CVE: CVE-2022-44566
+GHSA: GHSA-579w-22j4-4749
+Criticality: High
+URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
+Title: Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter
+Solution: upgrade to '~> 5.2.8, >= 5.2.8.15', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'
+
+Name: activerecord
+Version: 7.0.1
+CVE: CVE-2023-22794
+GHSA: GHSA-hq7p-j377-6v63
+Criticality: High
+URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
+Title: SQL Injection Vulnerability via ActiveRecord comments
+Solution: upgrade to '~> 6.0.6, >= 6.0.6.1', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'
+
+Name: activestorage
+Version: 7.0.1
+CVE: CVE-2022-21831
+GHSA: GHSA-w749-p3v6-hccq
+Criticality: Critical
+URL: https://groups.google.com/g/rubyonrails-security/c/n-p-W1yxatI
+Title: Possible code injection vulnerability in Rails / Active Storage
+Solution: upgrade to '~> 5.2.6, >= 5.2.6.3', '~> 6.0.4, >= 6.0.4.7', '~> 6.1.4, >= 6.1.4.7', '>= 7.0.2.3'
+
+Name: activesupport
+Version: 7.0.1
+CVE: CVE-2023-22796
+GHSA: GHSA-j6gc-792m-qgm2
+Criticality: Unknown
+URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
+Title: ReDoS based DoS vulnerability in Active Support’s underscore
+Solution: upgrade to '~> 5.2.8, >= 5.2.8.15', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'
+
+Name: activesupport
+Version: 7.0.1
+CVE: CVE-2023-28120
+GHSA: GHSA-pj73-v5mw-pm9j
+Criticality: Unknown
+URL: https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469
+Title: Possible XSS Security Vulnerability in SafeBuffer#bytesplice
+Solution: upgrade to '~> 6.1.7, >= 6.1.7.3', '>= 7.0.4.3'
+
+Name: activesupport
+Version: 7.0.1
+CVE: CVE-2023-38037
+GHSA: GHSA-cr5q-6q9f-rq6q
+Criticality: Unknown
+URL: https://github.com/rails/rails/releases/tag/v7.0.7.1
+Title: Possible File Disclosure of Locally Encrypted Files
+Solution: upgrade to '~> 6.1.7, >= 6.1.7.5', '>= 7.0.7.1'
+
+Vulnerabilities found!