-
## Describe the task
Cumulative security patch required for the Wicked Lab app.
Patch vulnerabilities and release an update.
## Additional Notes
Reported CVEs
```
Name: activesupport
…
-
Is it possible that grype confuse following Rugy gems with other nodejs or rpm packages that contains CVE?
To reproduce the problem:
- docker pull ruby:3.1.0-bullseye
- syft packages docker:rub…
-
# 每日安全资讯(2023-08-16)
- HackerOne Hacker Activity
- [ ] [CVE-2023-36617: ReDoS vulnerability in URI (Ruby)](https://hackerone.com/reports/2071561)
- [ ] [[CVE-2023-27531] Possible Deserialization …
-
### Steps to reproduce
Have models as follow:
```
class Event < ApplicationRecord
belongs_to :deal
has_many :events_users
has_many :users, through: :events_users
end
class Deal < ApplicationR…
-
## Description
we run our build on bitbucket, when we run the audit check it says git is not installed. git is the first thing installed.
## Steps To Reproduce
Steps to reproduce the bug:…
-
I want use mysql, however:
DATABASE_URL = mysql://username:password@172.17.0.1:3306/docuseals
`require': Could not load the 'mysql' Active Record adapter. Ensure that the adapter is spelled corr…
-
お世話になっております。
今現在Herokuへのデプロイでのエラーを潰しているのですが、gem周りのなかなか減らず、`heroku run rails c`でコンソールを立ち上げようとするとアプリがクラッシュしてしまいます。ご助言をお願いいたします。
データベースはMySQLを使用予定です。
Gemfileは一度更新し、Procfileファイルは作っております。
Heroku、Node.j…
-
Yesterday an incorrect GHSA was processed by dependabot sending out incorrect security warnings.
The version numbers in the original report are incorrect. They are the version of the underlying lib…
-
Automate unaffected_versions conversion from GHSA to ruby-advisory-db
-
https://github.com/rubysec/ruby-advisory-db