Skip to content

v1.21.6

Choose a tag to compare

View all tags
@conjur-jenkins conjur-jenkins released this 24 Sep 21:08
v1.21.6
6566647

[1.21.6] - 2025-08-12

Security

  • Remove the policy factory API endpoints from the config/routes.rb file to prevent
    anyone being able to call these endpoints and trigger the marshal.load call. CONJSE-2038
  • Bump nokogiri gem to resolve GHSA-353f-x4gh-cqq8. CONJSE-2031
  • Remove vulnerable activestorage gem from the dependencies to address CVE-2025-24293. CONJSE-2050
Assets 12
Loading