Skip to content

Commit

Permalink
Bump Addressable from 2.3.6 to 2.8.0
Browse files Browse the repository at this point in the history 
This version fixes a ReDoS vulnerability in Addressable::Template#match

For more information about the issue:
- https://app.snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242
  • Loading branch information
@EduardoGHdez
EduardoGHdez committed Jul 16, 2021
1 parent a3e1c2c commit e561860
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion webmock.gemspec
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ Gem::Specification.new do |s|

s.required_ruby_version = '>= 2.0'

s.add_dependency 'addressable', '>= 2.3.6'
s.add_dependency 'addressable', '>= 2.8.0'
s.add_dependency 'crack', '>= 0.3.2'
s.add_dependency 'hashdiff', ['>= 0.4.0', '< 2.0.0']

Expand Down

0 comments on commit e561860

Please sign in to comment.