mvalle21 / lamby_site Goto Github PK
View Code? Open in Web Editor NEWThis project forked from rails-lambda/lamby-site
Simple Rails & AWS Lambda Integration ๐๐ (PRODUCT SITE)
Home Page: https://lamby.custominktech.com
License: MIT License
This project forked from rails-lambda/lamby-site
Simple Rails & AWS Lambda Integration ๐๐ (PRODUCT SITE)
Home Page: https://lamby.custominktech.com
License: MIT License
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri.
Loofah excels at HTML sanitization (XSS prevention). It includes some nice HTML sanitizers, which are based on HTML5lib's safelist, so it most likely won't make your codes less secure. (These statements have not been evaluated by Netexperts.)
ActiveRecord extensions for sanitization are available in the loofah-activerecord
gem.
Library home page: https://rubygems.org/gems/loofah-2.3.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.2.0, < 2.19.1 uses recursion for sanitizing CDATA sections, making it susceptible to stack exhaustion and raising a SystemStackError exception. This may lead to a denial of service through CPU resource consumption. This issue is patched in version 2.19.1. Users who are unable to upgrade may be able to mitigate this vulnerability by limiting the length of the strings that are sanitized.
Publish Date: 2022-12-14
URL: CVE-2022-23516
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-3x8r-x6xp-q4vm
Release Date: 2022-12-14
Fix Resolution: loofah - 2.19.1
HTML sanitization for Rails applications
Library home page: https://rubygems.org/gems/rails-html-sanitizer-1.0.4.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags in either of the following ways: allow both "math" and "style" elements, or allow both "svg" and "style" elements. Code is only impacted if allowed tags are being overridden. . This issue is fixed in version 1.4.4. All users overriding the allowed tags to include "math" or "svg" and "style" should either upgrade or use the following workaround immediately: Remove "style" from the overridden allowed tags, or remove "math" and "svg" from the overridden allowed tags.
Publish Date: 2022-12-14
URL: CVE-2022-23519
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-9h9g-93gc-623h
Release Date: 2022-12-14
Fix Resolution: rails-html-sanitizer - 1.4.4
Simple, battle-tested conventions and helpers for building web pages.
Library home page: https://rubygems.org/gems/actionview-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j
or escape_javascript
methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.
Publish Date: 2020-03-19
URL: CVE-2020-5267
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5267
Release Date: 2020-03-19
Fix Resolution: actionview:6.0.2.2, 5.2.4.2
HTML sanitization for Rails applications
Library home page: https://rubygems.org/gems/rails-html-sanitizer-1.0.4.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer < 1.4.4 use an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption. This issue has been patched in version 1.4.4.
Publish Date: 2022-12-14
URL: CVE-2022-23517
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-5x79-w82f-gw8w
Release Date: 2022-12-14
Fix Resolution: rails-html-sanitizer - 1.4.4
Nokogiri (้ธ) is an HTML, XML, SAX, and Reader parser. Among Nokogiri's many features is the ability to search documents via XPath or CSS3 selectors.
Library home page: https://rubygems.org/gems/nokogiri-1.10.5.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX parser resolves external entities by default. Users of Nokogiri on JRuby who parse untrusted documents using any of these classes are affected: Nokogiri::XML::SAX::Parse, Nokogiri::HTML4::SAX::Parser or its alias Nokogiri::HTML::SAX::Parser, Nokogiri::XML::SAX::PushParser, and Nokogiri::HTML4::SAX::PushParser or its alias Nokogiri::HTML::SAX::PushParser. JRuby users should upgrade to Nokogiri v1.12.5 or later to receive a patch for this issue. There are no workarounds available for v1.12.4 or earlier. CRuby users are not affected.
Publish Date: 2021-09-27
URL: CVE-2021-41098
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41098
Release Date: 2021-09-27
Fix Resolution: nokogiri - 1.12.5
A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing.
Library home page: https://rubygems.org/gems/activesupport-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.
Publish Date: 2020-06-19
URL: CVE-2020-8165
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-2p68-f74v-9wc6
Release Date: 2020-06-19
Fix Resolution: 5.2.4.3,6.0.3.1
Attach cloud and local files in Rails applications.
Library home page: https://rubygems.org/gems/activestorage-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user bypassing upload limits.
Publish Date: 2020-06-19
URL: CVE-2020-8162
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-m42x-37p3-fv5w
Release Date: 2020-06-19
Fix Resolution: 5.2.4.3,6.0.3.1
Nokogiri (้ธ) is an HTML, XML, SAX, and Reader parser. Among Nokogiri's many features is the ability to search documents via XPath or CSS3 selectors.
Library home page: https://rubygems.org/gems/nokogiri-1.10.5.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
Nokogiri before version 1.13.2 is vulnerable.
Publish Date: 2022-03-01
URL: WS-2022-0089
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-fq42-c5rg-92c2
Release Date: 2022-03-01
Fix Resolution: nokogiri - v1.13.2
Simple, battle-tested conventions and helpers for building web pages.
Library home page: https://rubygems.org/gems/actionview-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the t
and translate
helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default for a missing translation key named html or ending in _html, the default string is incorrectly marked as HTML-safe and not escaped. This is patched in versions 6.0.3.3 and 5.2.4.4. A workaround without upgrading is proposed in the source advisory.
Publish Date: 2020-09-11
URL: CVE-2020-15169
Base Score Metrics:
Type: Upgrade version
Origin: https://rubygems.org/gems/actionview/versions/6.0.3.3
Release Date: 2020-09-11
Fix Resolution: 6.0.3.3, 5.2.4.4
Attach cloud and local files in Rails applications.
Library home page: https://rubygems.org/gems/activestorage-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.
Publish Date: 2022-05-26
URL: CVE-2022-21831
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-w749-p3v6-hccq
Release Date: 2022-05-26
Fix Resolution: activestorage - 5.2.6.3,6.0.4.7,6.1.4.7,7.0.2.3
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri.
Loofah excels at HTML sanitization (XSS prevention). It includes some nice HTML sanitizers, which are based on HTML5lib's safelist, so it most likely won't make your codes less secure. (These statements have not been evaluated by Netexperts.)
ActiveRecord extensions for sanitization are available in the loofah-activerecord
gem.
Library home page: https://rubygems.org/gems/loofah-2.3.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah < 2.19.1 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption. This issue is patched in version 2.19.1.
Publish Date: 2022-12-14
URL: CVE-2022-23514
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-486f-hjj9-9vhh
Release Date: 2022-12-14
Fix Resolution: loofah - 2.19.1
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.
Publish Date: 2020-06-19
URL: CVE-2020-8164
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-8727-m6gj-mc37
Release Date: 2020-06-19
Fix Resolution: 5.2.4.3,6.0.3.1
Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process worker support to support CRuby well.
Library home page: https://rubygems.org/gems/puma-3.12.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.
Publish Date: 2020-05-22
URL: CVE-2020-11077
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-w64w-qqph-5gxm
Release Date: 2020-05-22
Fix Resolution: puma - 3.12.5,4.3.4
โ๏ธ Automatic Remediation will be attempted for this issue.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE.
Publish Date: 2022-12-05
URL: CVE-2022-32224
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-3hhc-qp5v-9p2j
Release Date: 2022-12-05
Fix Resolution: activerecord - 5.2.8.1,6.0.5.1,6.1.6.1,7.0.3.1
Rake is a Make-like program implemented in Ruby. Tasks and dependencies are specified in standard Ruby syntax. Rake has the following features: * Rakefiles (rake's version of Makefiles) are completely defined in standard Ruby syntax. No XML files to edit. No quirky Makefile syntax to worry about (is that a tab or a space?) * Users can specify tasks with prerequisites. * Rake supports rule patterns to synthesize implicit tasks. * Flexible FileLists that act like arrays but know about manipulating file names and paths. * Supports parallel execution of tasks.
Library home page: https://rubygems.org/gems/rake-12.3.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |
.
Publish Date: 2020-02-24
URL: CVE-2020-8130
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8130
Release Date: 2020-06-30
Fix Resolution: v12.3.3
Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process worker support to support CRuby well.
Library home page: https://rubygems.org/gems/puma-3.12.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
Puma is a concurrent HTTP 1.1 server for Ruby/Rack applications. The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted from having their requests starved by greedy persistent-connections saturating all threads in the same process. However, new connections may still be starved by greedy persistent-connections saturating all threads in all processes in the cluster. A puma
server which received more concurrent keep-alive
connections than the server had threads in its threadpool would service only a subset of connections, denying service to the unserved connections. This problem has been fixed in puma
4.3.8 and 5.3.1. Setting queue_requests false
also fixes the issue. This is not advised when using puma
without a reverse proxy, such as nginx
or apache
, because you will open yourself to slow client attacks (e.g. slowloris). The fix is very small and a git patch is available for those using unsupported versions of Puma.
Publish Date: 2021-05-11
URL: CVE-2021-29509
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-q28m-8xjw-8vr5
Release Date: 2021-05-11
Fix Resolution: puma - 4.3.8,5.3.1
โ๏ธ Automatic Remediation will be attempted for this issue.
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
Also see https://rack.github.io/.
Library home page: https://rubygems.org/gems/rack-2.0.8.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
Publish Date: 2020-07-02
URL: CVE-2020-8161
Base Score Metrics:
Library home page: https://rubygems.org/gems/websocket-extensions-0.1.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header.
Publish Date: 2020-06-02
URL: CVE-2020-7663
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7663
Release Date: 2020-09-17
Fix Resolution: websocket-extensions:0.1.5
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri.
Loofah excels at HTML sanitization (XSS prevention). It includes some nice HTML sanitizers, which are based on HTML5lib's safelist, so it most likely won't make your codes less secure. (These statements have not been evaluated by Netexperts.)
ActiveRecord extensions for sanitization are available in the loofah-activerecord
gem.
Library home page: https://rubygems.org/gems/loofah-2.3.1.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1.
Publish Date: 2022-12-14
URL: CVE-2022-23515
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-228g-948r-83gx
Release Date: 2022-12-14
Fix Resolution: loofah - 2.19.1
Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process worker support to support CRuby well.
Library home page: https://rubygems.org/gems/puma-3.12.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. CR
, LF
or/r
, /n
) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.
Publish Date: 2020-02-28
URL: CVE-2020-5247
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-84j7-475p-hp8v
Release Date: 2020-02-28
Fix Resolution: 3.12.3;4.3.2
โ๏ธ Automatic Remediation will be attempted for this issue.
Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.
Library home page: https://rubygems.org/gems/activerecord-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the money
type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS attack. This only impacts Rails applications that are using PostgreSQL along with money type columns that take user input.
Publish Date: 2021-02-11
URL: CVE-2021-22880
Base Score Metrics:
Type: Upgrade version
Release Date: 2021-02-11
Fix Resolution: 5.2.4.5,6.0.3.5,6.1.2.1
โ๏ธ Automatic Remediation will be attempted for this issue.
Nokogiri (้ธ) is an HTML, XML, SAX, and Reader parser. Among Nokogiri's many features is the ability to search documents via XPath or CSS3 selectors.
Library home page: https://rubygems.org/gems/nokogiri-1.10.5.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
Publish Date: 2020-01-21
URL: CVE-2020-7595
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2020-7595
Release Date: 2020-01-21
Fix Resolution: nokogiri - 1.10.8
Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process worker support to support CRuby well.
Library home page: https://rubygems.org/gems/puma-3.12.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using puma
with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. The only proxy which has this behavior, as far as the Puma team is aware of, is Apache Traffic Server. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This vulnerability was patched in Puma 5.5.1 and 4.3.9. As a workaround, do not use Apache Traffic Server with puma
.
Publish Date: 2021-10-12
URL: CVE-2021-41136
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-48w2-rm65-62xx
Release Date: 2021-10-12
Fix Resolution: puma - 4.3.9, 5.5.1
โ๏ธ Automatic Remediation will be attempted for this issue.
Nokogiri (้ธ) is an HTML, XML, SAX, and Reader parser. Among Nokogiri's many features is the ability to search documents via XPath or CSS3 selectors.
Library home page: https://rubygems.org/gems/nokogiri-1.10.5.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri < v1.13.4
contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri >= 1.13.4
. There are no known workarounds for this issue.
Publish Date: 2022-04-11
URL: CVE-2022-24836
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-crjr-9rc5-ghw8
Release Date: 2022-04-11
Fix Resolution: nokogiri - 1.13.4
TZInfo provides daylight savings aware transformations between times in different time zones.
Library home page: https://rubygems.org/gems/tzinfo-1.2.5.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ruby data source tzinfo-data, are vulnerable to relative path traversal. With the Ruby data source, time zones are defined in Ruby files. There is one file per time zone. Time zone files are loaded with require
on demand. In the affected versions, TZInfo::Timezone.get
fails to validate time zone identifiers correctly, allowing a new line character within the identifier. With Ruby version 1.9.3 and later, TZInfo::Timezone.get
can be made to load unintended files with require
, executing them within the Ruby process. Versions 0.3.61 and 1.2.10 include fixes to correctly validate time zone identifiers. Versions 2.0.0 and later are not vulnerable. Version 0.3.61 can still load arbitrary files from the Ruby load path if their name follows the rules for a valid time zone identifier and the file has a prefix of tzinfo/definition
within a directory in the load path. Applications should ensure that untrusted files are not placed in a directory on the load path. As a workaround, the time zone identifier can be validated before passing to TZInfo::Timezone.get
by ensuring it matches the regular expression \A[A-Za-z0-9+\-_]+(?:\/[A-Za-z0-9+\-_]+)*\z
.
Publish Date: 2022-07-22
URL: CVE-2022-31163
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-5cm2-9h8c-rvfx
Release Date: 2022-07-22
Fix Resolution: tzinfo - 0.3.61,1.2.10
A fast, safe and extensible Markdown to (X)HTML parser
Library home page: https://rubygems.org/gems/redcarpet-3.4.0.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the :escape_html
option was being used. This is fixed in version 3.5.1 by the referenced commit.
Publish Date: 2021-01-11
URL: CVE-2020-26298
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-q3wr-qw3g-3p4h
Release Date: 2021-01-11
Fix Resolution: redcarpet - 3.5.1
โ๏ธ Automatic Remediation will be attempted for this issue.
Nokogiri (้ธ) is an HTML, XML, SAX, and Reader parser. Among Nokogiri's many features is the ability to search documents via XPath or CSS3 selectors.
Library home page: https://rubygems.org/gems/nokogiri-1.10.5.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accessed over the network, potentially enabling XXE or SSRF attacks. This behavior is counter to the security policy followed by Nokogiri maintainers, which is to treat all input as untrusted by default whenever possible. This is fixed in Nokogiri version 1.11.0.rc4.
Publish Date: 2020-12-30
URL: CVE-2020-26247
Base Score Metrics:
HTML sanitization for Rails applications
Library home page: https://rubygems.org/gems/rails-html-sanitizer-1.0.4.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4.
Publish Date: 2022-12-14
URL: CVE-2022-23518
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-mcvf-2q2m-x72m
Release Date: 2022-12-14
Fix Resolution: rails-html-sanitizer - 1.4.4
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.js
Path to vulnerable library: /vendor/assets/javascripts/jquery-3.3.1.js
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
Release Date: 2020-04-29
Fix Resolution: jQuery - 3.5.0
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
Also see https://rack.github.io/.
Library home page: https://rubygems.org/gems/rack-2.0.8.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
Publish Date: 2020-06-19
URL: CVE-2020-8184
Base Score Metrics:
Type: Upgrade version
Origin: https://groups.google.com/forum/#!topic/rubyonrails-security/OWtmozPH9Ak
Release Date: 2020-06-19
Fix Resolution: rack - 2.1.4, 2.2.3
Implements JMESPath for Ruby
Library home page: https://rubygems.org/gems/jmespath-1.4.0.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable.
Publish Date: 2022-06-06
URL: CVE-2022-32511
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-5c5f-7vfq-3732
Release Date: 2022-06-06
Fix Resolution: jmespath - 1.6.1
Nokogiri (้ธ) is an HTML, XML, SAX, and Reader parser. Among Nokogiri's many features is the ability to search documents via XPath or CSS3 selectors.
Library home page: https://rubygems.org/gems/nokogiri-1.10.5.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a String
by calling #to_s
or equivalent.
Publish Date: 2022-05-20
URL: CVE-2022-29181
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29181
Release Date: 2022-05-20
Fix Resolution: nokogiri - 1.13.6
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.js
Path to vulnerable library: /vendor/assets/javascripts/jquery-3.3.1.js
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.
Publish Date: 2019-04-20
URL: CVE-2019-11358
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
Release Date: 2019-04-20
Fix Resolution: jquery - 3.4.0
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
Also see https://rack.github.io/.
Library home page: https://rubygems.org/gems/rack-2.0.8.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.
Publish Date: 2022-12-05
URL: CVE-2022-30122
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-hxqx-xwvh-44m2
Release Date: 2022-12-05
Fix Resolution: rack - 2.0.9.1,2.1.4.1,2.2.3.1
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.js
Path to vulnerable library: /vendor/assets/javascripts/jquery-3.3.1.js
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11023
Base Score Metrics:
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
** DISPUTED ** A vulnerability classified as problematic has been found in Ruby on Rails. This affects an unknown part of the file actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The real existence of this vulnerability is still doubted at the moment. The name of the patch is be177e4566747b73ff63fd5f529fab564e475ed4. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-212319. NOTE: Maintainer declares that there isnโt a valid attack vector. The issue was wrongly reported as a security vulnerability by a non-member of the Rails team.
Publish Date: 2022-10-26
URL: CVE-2022-3704
Base Score Metrics:
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive regular expression. Impacted code uses authenticate_or_request_with_http_token
or authenticate_with_http_token
for request authentication.
Publish Date: 2021-06-11
URL: CVE-2021-22904
Base Score Metrics:
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration.
Library home page: https://rubygems.org/gems/rails-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
Publish Date: 2020-06-19
URL: CVE-2020-8167
Base Score Metrics:
Type: Upgrade version
Origin: https://rubygems.org/gems/rails/versions/6.0.3.1
Release Date: 2020-06-19
Fix Resolution: 6.0.3.1,5.2.4.3
โ๏ธ Automatic Remediation will be attempted for this issue.
Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process worker support to support CRuby well.
Library home page: https://rubygems.org/gems/puma-3.12.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough. This vulnerability is patched in Puma 4.3.1 and 3.12.2.
Publish Date: 2019-12-05
URL: CVE-2019-16770
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16770
Release Date: 2019-12-05
Fix Resolution: v4.3.1
โ๏ธ Automatic Remediation will be attempted for this issue.
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
Also see https://rack.github.io/.
Library home page: https://rubygems.org/gems/rack-2.0.8.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
Publish Date: 2022-12-05
URL: CVE-2022-30123
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-wq4h-7r42-5hrr
Release Date: 2022-12-05
Fix Resolution: rack - 2.0.9.1,2.1.4.1,2.2.3.1
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process worker support to support CRuby well.
Library home page: https://rubygems.org/gems/puma-3.12.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
Puma is a Ruby/Rack web server built for parallelism. Prior to puma
version 5.6.2
, puma
may not always call close
on the response body. Rails, prior to version 7.0.2.2
, depended on the response body being closed in order for its CurrentAttributes
implementation to work correctly. The combination of these two behaviors (Puma not closing the body + Rails' Executor implementation) causes information leakage. This problem is fixed in Puma versions 5.6.2 and 4.3.11. This problem is fixed in Rails versions 7.02.2, 6.1.4.6, 6.0.4.6, and 5.2.6.2. Upgrading to a patched Rails or Puma version fixes the vulnerability.
Publish Date: 2022-02-11
URL: CVE-2022-23634
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-wh98-p28r-vrc9
Release Date: 2022-02-11
Fix Resolution: puma - 4.3.11, 5.6.2; actionpack - 5.2.6.2, 6.0.4.6, 6.1.4.6, 7.0.2.2
โ๏ธ Automatic Remediation will be attempted for this issue.
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is not notified of a close
, ActionDispatch::Executor
will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used.
Publish Date: 2022-02-11
URL: CVE-2022-23633
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-wh98-p28r-vrc9
Release Date: 2022-02-11
Fix Resolution: 5.2.6.2, 6.0.4.6, 6.1.4.6, 7.0.2.2
Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process worker support to support CRuby well.
Library home page: https://rubygems.org/gems/puma-3.12.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2020-5247, which fixed this vulnerability but only for regular responses. This has been fixed in 4.3.3 and 3.12.4.
Publish Date: 2020-03-02
URL: CVE-2020-5249
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5249
Release Date: 2020-04-09
Fix Resolution: puma - 3.12.4,4.3.3
โ๏ธ Automatic Remediation will be attempted for this issue.
Simple, battle-tested conventions and helpers for building web pages.
Library home page: https://rubygems.org/gems/actionview-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes.
Publish Date: 2022-05-26
URL: CVE-2022-27777
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-ch3h-j2vf-95pv
Release Date: 2022-05-26
Fix Resolution: actionview - 5.2.7.1,6.0.4.8,6.1.5.1,7.0.2.4
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.
Publish Date: 2022-05-26
URL: CVE-2022-22577
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-mm33-5vfq-3mm3
Release Date: 2022-05-26
Fix Resolution: actionpack - 5.2.7.1,6.0.4.8,6.1.5.1,7.0.2.4
HTML sanitization for Rails applications
Library home page: https://rubygems.org/gems/rails-html-sanitizer-1.0.4.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
select
and style
elements.Code is only impacted if allowed tags are being overridden. This may be done via application configuration:ruby# In config/application.rbconfig.action_view.sanitized_allowed_tags = ["select", "style"]
see https://guides.rubyonrails.org/configuring.html#configuring-action-viewOr it may be done with a :tags
option to the Action View helper sanitize
:<%= sanitize @comment.body, tags: ["select", "style"] %>
see https://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html#method-i-sanitizeOr it may be done with Rails::Html::SafeListSanitizer directly:ruby# class-level optionRails::Html::SafeListSanitizer.allowed_tags = ["select", "style"]
orruby# instance-level optionRails::Html::SafeListSanitizer.new.sanitize(@article.body, tags: ["select", "style"])
All users overriding the allowed tags by any of the above mechanisms to include both "select" and "style" should either upgrade or use one of the workarounds immediately.## ReleasesThe FIXED releases are available at the normal locations.## WorkaroundsRemove either select
or style
from the overridden allowed tags.## CreditsThis vulnerability was responsibly reported by windshock.Publish Date: 2022-06-24
URL: CVE-2022-32209
Base Score Metrics:
Type: Upgrade version
Origin: https://discuss.rubyonrails.org/t/cve-2022-32209-possible-xss-vulnerability-in-rails-sanitizer/80800
Release Date: 2022-06-24
Fix Resolution: rails-html-sanitizer - 1.4.3
Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process worker support to support CRuby well.
Library home page: https://rubygems.org/gems/puma-3.12.2.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.
Publish Date: 2020-05-22
URL: CVE-2020-11076
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-x7jg-6pwg-fx5h
Release Date: 2020-05-22
Fix Resolution: puma - 3.12.5;4.3.4
โ๏ธ Automatic Remediation will be attempted for this issue.
Nokogiri (้ธ) is an HTML, XML, SAX, and Reader parser. Among Nokogiri's many features is the ability to search documents via XPath or CSS3 selectors.
Library home page: https://rubygems.org/gems/nokogiri-1.10.5.gem
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
nokogiri up to and including 1.13.8 is affected by several vulnerabilities (CVE-2022-40303, CVE-2022-40304 and CVE-2022-2309) in the dependency bundled libxml2 library. Version 1.13.9 of nokogiri contains a patch where the dependency is upgraded with the patches as well.
Publish Date: 2022-10-18
URL: WS-2022-0334
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-2qc6-mcvw-92cw
Release Date: 2022-10-18
Fix Resolution: nokogiri - 1.13.9
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in base branch: master
A possible information disclosure / unintended method execution vulnerability in Action Pack >= 2.0.0 when using the redirect_to
or polymorphic_url
helper with untrusted user input.
Publish Date: 2021-05-27
URL: CVE-2021-22885
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-hjg4-8q5f-x6fm
Release Date: 2021-05-27
Fix Resolution: actionpack - 5.2.4.6,5.2.6,6.0.3.7,6.1.3.2
Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.
Library home page: https://rubygems.org/gems/actionpack-5.2.3.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /Gemfile.lock
Dependency Hierarchy:
Found in HEAD commit: 58d2ba7cfe9616216cb126c69803c5ccd10d32b9
Found in base branch: master
A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.
Publish Date: 2020-07-02
URL: CVE-2020-8166
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-jp5v-5gx4-jmj9
Release Date: 2020-07-02
Fix Resolution: 5.2.4.3,6.0.3.1
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.