Open Janell-Huyck opened 8 months ago
Note: Requires Require Ruby >= 2.3.0 (Current version 2.7.5)
We have httparty as part of kaltura v 0.1.1, which is pinned to that specific version, but kaltura only requires httparty (>= 0.7.8), so we should be able to update httparty.
For bundler-audit, error message:
Name: httparty Version: 0.20.0 GHSA: GHSA-5pq7-52mg-hr42 Criticality: Medium URL: https://github.com/jnunemaker/httparty/security/advisories/GHSA-5pq7-52mg-hr42 Title: httparty has multipart/form-data request tampering vulnerability Solution: upgrade to '>= 0.21.0'
Note: Requires Require Ruby >= 2.3.0 (Current version 2.7.5)
We have httparty as part of kaltura v 0.1.1, which is pinned to that specific version, but kaltura only requires httparty (>= 0.7.8), so we should be able to update httparty.
For bundler-audit, error message:
Name: httparty Version: 0.20.0 GHSA: GHSA-5pq7-52mg-hr42 Criticality: Medium URL: https://github.com/jnunemaker/httparty/security/advisories/GHSA-5pq7-52mg-hr42 Title: httparty has multipart/form-data request tampering vulnerability Solution: upgrade to '>= 0.21.0'