-
Vulnerable Library - web-console-2.0.0.gem
Library home page: https://rubygems.org/gems/web-console-2.0.0.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /ruby/2.7.0/cache/we…
-
### The problem
Sometimes we are aware that a transitive dependency has a CVE. A `bundle update somegem` will update that gem in the lockfile temporarily, but it may slip back down later. We want t…
-
Hello,
There are vulnerabilities in Nokogiri https://github.com/advisories/GHSA-vr8q-g5c7-m54m and Loofah https://github.com/advisories/GHSA-c3gv-9cxf-6f57 which are affecting both ZAS & ZAT. We ha…
-
## CVE-2022-29181 - High Severity Vulnerability
Vulnerable Library - nokogiri-1.10.10.gem
Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser. Among
Nokogiri's many features is the ability to sear…
-
## CVE-2014-10077 - High Severity Vulnerability
Vulnerable Library - i18n-0.7.0.gem
New wave Internationalization support for Ruby.
Library home page: https://rubygems.org/gems/i18n-0.7.0.gem
Path t…
-
**What happened**:
Grype is reporting a (very old) vulnerability in the `webrick` ruby gem despite running a version with the fix:
```
> docker run --rm -it -v /var/run/docker.sock:/var/run/docke…
-
Vulnerable Library - github-pages-227.gem
Path to dependency file: /docs/Gemfile.lock
Path to vulnerable library: /home/wss-scanner/.gem/ruby/2.7.0/cache/activesupport-6.0.6.gem
Found in HEAD co…
-
## CVE-2020-10663 - High Severity Vulnerability
Vulnerable Library - json-1.8.6.gem
This is a JSON implementation as a Ruby extension in C.
Library home page: https://rubygems.org/gems/json-1.8.6.ge…
-
Without going into the details of all of them, this is what is reported when scanning the official images with trivy:
trivy image docker.elastic.co/logstash/logstash:7.16.2
2021-12-20T10:38:37.016…
-
**What happened**:
Scan on image that has ruby2.5-stdlib-2.5.9-150000.4.29.1.x86_64 installed.
It generates high vulnerability:
{
"vulnerability": {
"id": "GHSA-gwfg-cqmg-cf8f",
…