Open dahogenelst opened 2 years ago
https://github.com/locomotivecms/steam/blob/d3f1f6730a168dcd8373a95479d449f1ae5fdd47/locomotivecms_steam.gemspec#L23
Name: nokogiri Version: 1.11.7 CVE: CVE-2021-41098 GHSA: GHSA-2rr5-8q37-2w7h Criticality: High URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-2rr5-8q37-2w7h Title: Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby Solution: upgrade to >= 1.12.5
https://github.com/locomotivecms/steam/blob/d3f1f6730a168dcd8373a95479d449f1ae5fdd47/locomotivecms_steam.gemspec#L23
Name: nokogiri Version: 1.11.7 CVE: CVE-2021-41098 GHSA: GHSA-2rr5-8q37-2w7h Criticality: High URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-2rr5-8q37-2w7h Title: Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby Solution: upgrade to >= 1.12.5