markpundsack
/ heroku-CVE-2013-0156.rb
Last active
November 27, 2023 15:44
— forked from elliottkember/heroku-CVE-2013-0156.rb
Forked from https://gist.github.com/4489689 by elliottkember. CVE-2013-0156 is a nasty vulnerability in many versions of Rails. This script checks all your Heroku apps for this vulnerability in one quick (slow) move. More info: https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## The quick-and-nasty CVE-2013-0156 Heroku inspector! | |
| ## Originally brought to you by @elliottkember with changes by @markpundsack @ Heroku | |
| ## Download and run using: | |
| ## ruby heroku-CVE-2013-0156.rb | |
| `heroku list`.split("\n").each do |app| | |
| app = app.strip | |
| # Some "heroku apps" lines have === formatting for grouping. They're not apps. | |
| next if app[0..2] == "===" |