Official repository of the bootstrap_form gem, a Rails form builder that makes it super easy to create beautiful-looking forms using Bootstrap 5.
1.64k
stars
351
forks
source link
CVE fix breaks serialization of symbols -- fix test #649
Closed
lcreid closed 1 year ago
https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017 prevents serialization of a
Symbol
because it's potentially a security vulnerability. This PR changes a test so it serializes and attribute value with aString
key rather than aSymbol
.