Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Vulnerable Dependencies in the Repository #9115

Open
quantumseclabs opened this issue Dec 8, 2024 · 1 comment
Open

Vulnerable Dependencies in the Repository #9115

quantumseclabs opened this issue Dec 8, 2024 · 1 comment
Labels
bug If this is a PR, this PR fixes a bug. If this is an issue, this issue reports a bug.

Comments

@quantumseclabs
Copy link

quantumseclabs commented Dec 8, 2024

Pull Request

No response

What happened?

Bug Report: Vulnerable Dependencies in the Repository

Description

Two dependencies in the Gemfile.lock that are affected by known vulnerabilities, which may pose a risk to the security and reliability of the repository.

  1. Dependency: [email protected]

  2. Dependency: [email protected]

File Location

  • Gemfile.lock:
    • webrick (1.8.1) at line 288.
    • rexml (3.2.5) at line 260.

Impact

These vulnerabilities could expose the repository to security risks, such as HTTP smuggling attacks and potential Denial of Service (DoS) threats. It is recommended to update these dependencies promptly.

Relevant log output

No response

@quantumseclabs quantumseclabs added the bug If this is a PR, this PR fixes a bug. If this is an issue, this issue reports a bug. label Dec 8, 2024
@Fendyzainol9
Copy link

Alhamdulillah

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug If this is a PR, this PR fixes a bug. If this is an issue, this issue reports a bug.
Projects
None yet
Development

No branches or pull requests

2 participants