-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This was carried out with: `bundle update rails --patch`, to fix: Name: actionpack Version: 7.0.7.2 CVE: CVE-2024-26143 Criticality: Unknown URL: https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947 Title: Possible XSS Vulnerability in Action Controller Solution: upgrade to '~> 7.0.8, >= 7.0.8.1', '>= 7.1.3.1' Name: activestorage Version: 7.0.7.2 CVE: CVE-2024-26144 Criticality: Unknown URL: https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945 Title: Possible Sensitive Session Information Leak in Active Storage Solution: upgrade to '~> 6.1.7, >= 6.1.7.7', '>= 7.0.8.1' Name: rack Version: 2.2.8 CVE: CVE-2024-25126 Criticality: Unknown URL: https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941 Title: Denial of Service Vulnerability in Rack Content-Type Parsing Solution: upgrade to '~> 2.2.8, >= 2.2.8.1', '>= 3.0.9.1' Name: rack Version: 2.2.8 CVE: CVE-2024-26141 Criticality: Unknown URL: https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944 Title: Possible DoS Vulnerability with Range Header in Rack Solution: upgrade to '~> 2.2.8, >= 2.2.8.1', '>= 3.0.9.1' Name: rack Version: 2.2.8 CVE: CVE-2024-26146 Criticality: Unknown URL: https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942 Title: Possible Denial of Service Vulnerability in Rack Header Parsing Solution: upgrade to '~> 2.0.9, >= 2.0.9.4', '~> 2.1.4, >= 2.1.4.4', '~> 2.2.8, >= 2.2.8.1', '>= 3.0.9.1'
- Loading branch information
1 parent
490dd57
commit 1a87f21
Showing
1 changed file
with
61 additions
and
61 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters