20 lines
643 B
Plaintext
20 lines
643 B
Plaintext
Name: actionpack
|
|
Version: 7.1.3.3
|
|
CVE: CVE-2024-28103
|
|
GHSA: GHSA-fwhr-88qx-h9g7
|
|
Criticality: Medium
|
|
URL: https://github.com/rails/rails/security/advisories/GHSA-fwhr-88qx-h9g7
|
|
Title: Missing security headers in Action Pack on non-HTML responses
|
|
Solution: upgrade to '~> 6.1.7.8', '~> 7.0.8.4', '~> 7.1.3.4', '>= 7.2.0.beta2'
|
|
|
|
Name: actiontext
|
|
Version: 7.1.3.3
|
|
CVE: CVE-2024-32464
|
|
GHSA: GHSA-prjp-h48f-jgf6
|
|
Criticality: Medium
|
|
URL: https://github.com/rails/rails/security/advisories/GHSA-prjp-h48f-jgf6
|
|
Title: ActionText ContentAttachment can Contain Unsanitized HTML
|
|
Solution: upgrade to '~> 7.1.3.4', '>= 7.2.0.beta2'
|
|
|
|
Vulnerabilities found!
|