We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
For CVE reasons:
Name: loofah Version: 2.2.3 Advisory: CVE-2019-15587 Criticality: Unknown URL: flavorjones/loofah#171 Title: Loofah XSS Vulnerability Solution: upgrade to >= 2.3.1
Name: nokogiri Version: 1.8.5 Advisory: CVE-2019-5477 Criticality: High URL: sparklemotion/nokogiri#1915 Title: Nokogiri Command Injection Vulnerability via Nokogiri::CSS::Tokenizer#load_file Solution: upgrade to >= 1.10.4
Name: nokogiri Version: 1.8.5 Advisory: CVE-2019-11068 Criticality: Unknown URL: sparklemotion/nokogiri#1892 Title: Nokogiri gem, via libxslt, is affected by improper access control vulnerability Solution: upgrade to >= 1.10.3
Name: rubyzip Version: 1.2.4 Advisory: CVE-2019-16892 Criticality: Unknown URL: rubyzip/rubyzip#403 Title: Denial of Service in rubyzip ("zip bombs") Solution: upgrade to >= 1.3.0
The text was updated successfully, but these errors were encountered:
No branches or pull requests
For CVE reasons:
Name: loofah
Version: 2.2.3
Advisory: CVE-2019-15587
Criticality: Unknown
URL: flavorjones/loofah#171
Title: Loofah XSS Vulnerability
Solution: upgrade to >= 2.3.1
Name: nokogiri
Version: 1.8.5
Advisory: CVE-2019-5477
Criticality: High
URL: sparklemotion/nokogiri#1915
Title: Nokogiri Command Injection Vulnerability via Nokogiri::CSS::Tokenizer#load_file
Solution: upgrade to >= 1.10.4
Name: nokogiri
Version: 1.8.5
Advisory: CVE-2019-11068
Criticality: Unknown
URL: sparklemotion/nokogiri#1892
Title: Nokogiri gem, via libxslt, is affected by improper access control vulnerability
Solution: upgrade to >= 1.10.3
Name: rubyzip
Version: 1.2.4
Advisory: CVE-2019-16892
Criticality: Unknown
URL: rubyzip/rubyzip#403
Title: Denial of Service in rubyzip ("zip bombs")
Solution: upgrade to >= 1.3.0
The text was updated successfully, but these errors were encountered: