28 lines
881 B
Plaintext
28 lines
881 B
Plaintext
Name: nokogiri
|
|
Version: 1.18.10
|
|
GHSA: GHSA-wx95-c6cv-8532
|
|
Criticality: Medium
|
|
URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532
|
|
Title: Nokogiri does not check the return value from xmlC14NExecute
|
|
Solution: update to '>= 1.19.1'
|
|
|
|
Name: rack
|
|
Version: 3.2.4
|
|
CVE: CVE-2026-22860
|
|
GHSA: GHSA-mxw3-3hh2-x2mh
|
|
Criticality: High
|
|
URL: https://github.com/rack/rack/security/advisories/GHSA-mxw3-3hh2-x2mh
|
|
Title: Rack has a Directory Traversal via Rack:Directory
|
|
Solution: update to '~> 2.2.22', '~> 3.1.20', '>= 3.2.5'
|
|
|
|
Name: rack
|
|
Version: 3.2.4
|
|
CVE: CVE-2026-25500
|
|
GHSA: GHSA-whrj-4476-wvmp
|
|
Criticality: Medium
|
|
URL: https://github.com/rack/rack/security/advisories/GHSA-whrj-4476-wvmp
|
|
Title: Stored XSS in Rack::Directory via javascript: filenames rendered into anchor href
|
|
Solution: update to '~> 2.2.22', '~> 3.1.20', '>= 3.2.5'
|
|
|
|
Vulnerabilities found!
|