Skip to content

Instantly share code, notes, and snippets.

@pxlpnk
Created September 24, 2018 07:08
Show Gist options
  • Save pxlpnk/1bf58c1929ace24853cfde38de896de1 to your computer and use it in GitHub Desktop.
Save pxlpnk/1bf58c1929ace24853cfde38de896de1 to your computer and use it in GitHub Desktop.
$ bundle audit check --update
Updating ruby-advisory-db ...
From https://github.com/rubysec/ruby-advisory-db
* branch master -> FETCH_HEAD
Already up to date.
Updated ruby-advisory-db
ruby-advisory-db: 322 advisories
Name: omniauth-oauth2
Version: 1.0.2
Advisory: CVE-2012-6134
Criticality: High
URL: http://www.osvdb.org/show/osvdb/90264
Title: Ruby on Rails omniauth-oauth2 Gem CSRF vulnerability
Solution: upgrade to >= 1.1.1
Name: rubyzip
Version: 1.2.1
Advisory: CVE-2018-1000544
Criticality: Unknown
URL: https://github.com/rubyzip/rubyzip/issues/369
Title: Directory Traversal in rubyzip
Solution: upgrade to >= 1.2.2
Vulnerabilities found!
require 'bundler/audit/task'
Bundler::Audit::Task.new
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment