issues Search Results · repo:rubysec/ruby-advisory-db language:Ruby
Filter by
174 results
(87 ms)174 results
inrubysec/ruby-advisory-db (press backspace or delete to remove)For CVE-2024-37031 the current fixed version range of patched_versions: ~ 3.2.2 , = 4.0.0.beta7 is incorrect, because
this range does not consider the 3.x versions that have the fix, as is the case of ...
correction
djpremier
- 3
- Opened on Mar 8
- #858
For CVE-2021-31799 the current fixed version range of patched_versions: ~ 6.1.2.1 , ~ 6.2.1.1 , = 6.3.1 is incorrect.
Currently, the range implies that everything less than 6.1.2.1 is affected. However, ...
colbybr
- 1
- Opened on Nov 13, 2024
- #836
For CVE-2019-17383 the current fixed version range of = 2.0.4 is incorrect. Version 1.5.3 is additionally a fixed
version [1] [2] [3]. It should be adjusted to =1.5.3, = 2.0.4.
References: [1] https://github.com/advisories/GHSA-49pj-69vf-c689 ...
correction
- Opened on Oct 21, 2024
- #829
We re unable to clone this repo when using the deploy key that s set up in our CircleCI. The key is correctly set up in
github as a deploy key. Here s the error message that git returns when trying to ...
cgrafton
- 2
- Opened on Oct 9, 2024
- #827
Both 45409 as well as cvp8-5r8g-fhvq have a patched version requirement that is too strict.
jw9c-mfg7-9rx2 has been updated to include 1.10.5 in addition to the listed = 2.2.0.
cvp8-5r8g-fhvq has also ...
correction
jlocke2
- 1
- Opened on Sep 20, 2024
- #814
Ruby-SAML in = 12.2 and 1.13.0 = 1.16.0 does not properly verify the signature of the SAML Response.
An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a ...
fauresebast
- Opened on Sep 11, 2024
- #809
Both 28103 as well as 32464 have a patched version requirement that is too strict - the newly released 7.1.4 isn t
covered as a fixed version by the included constraints.
By my understanding both should ...
colszowka
- 4
- Opened on Aug 26, 2024
- #806
Add Rspec check to avoid embedded formatting, such as \n s.
This issue will be used to track all the work associated with embedded formatting checking.
linting
jasnow
- 1
- Opened on Jun 21, 2024
- #788
Since Rails 7.0.8.2 7.0.8.3 were released on May 17th, a fix has been made available for this: CVE-2024-34341,
https://discuss.rubyonrails.org/t/xss-vulnerabilities-in-trix-editor/85803
I ve been waiting ...
advisory
ddalcino
- 2
- Opened on May 31, 2024
- #783
CVE-2024-0227 was withdrawn/rejected.
https://github.com/advisories/GHSA-chcr-x7hc-8fp8 https://nvd.nist.gov/vuln/detail/CVE-2024-0227
ri4a
- Opened on Apr 25, 2024
- #777
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip!
Restrict your search to the title by using the in:title qualifier.Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip!
Press the /
key to activate the search input again and adjust your query.