Name: actionpack
Version: 7.1.4
CVE: CVE-2024-28103
GHSA: GHSA-fwhr-88qx-h9g7
Criticality: Medium
URL: https://github.com/rails/rails/security/advisories/GHSA-fwhr-88qx-h9g7
Title: Missing security headers in Action Pack on non-HTML responses
Solution: upgrade to '~> 6.1.7.8', '~> 7.0.8.4', '~> 7.1.3.4', '>= 7.2.0.beta2'

Name: actiontext
Version: 7.1.4
CVE: CVE-2024-32464
GHSA: GHSA-prjp-h48f-jgf6
Criticality: Medium
URL: https://github.com/rails/rails/security/advisories/GHSA-prjp-h48f-jgf6
Title: ActionText ContentAttachment can Contain Unsanitized HTML
Solution: upgrade to '~> 7.1.3.4', '>= 7.2.0.beta2'

Vulnerabilities found!