Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Resave Dependabot Alerts #44

Open
5 tasks
cpruitt opened this issue Mar 17, 2022 · 0 comments
Open
5 tasks

Resave Dependabot Alerts #44

cpruitt opened this issue Mar 17, 2022 · 0 comments

Comments

@cpruitt
Copy link
Collaborator

cpruitt commented Mar 17, 2022

We have several Dependabot alerts that need to b resolved by dependency updates.

See: https://github.com/testdouble/double-up/security/dependabot

  • Possible code injection vulnerability in Rails / Active Storage
  • Open Redirect in actionpack
  • Vulnerable dependencies in Nokogiri
  • Information Exposure when using Puma with Rails
  • Exposure of information in Action Pack
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant