Created
September 24, 2018 07:08
-
-
Save pxlpnk/1bf58c1929ace24853cfde38de896de1 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ bundle audit check --update | |
Updating ruby-advisory-db ... | |
From https://github.com/rubysec/ruby-advisory-db | |
* branch master -> FETCH_HEAD | |
Already up to date. | |
Updated ruby-advisory-db | |
ruby-advisory-db: 322 advisories | |
Name: omniauth-oauth2 | |
Version: 1.0.2 | |
Advisory: CVE-2012-6134 | |
Criticality: High | |
URL: http://www.osvdb.org/show/osvdb/90264 | |
Title: Ruby on Rails omniauth-oauth2 Gem CSRF vulnerability | |
Solution: upgrade to >= 1.1.1 | |
Name: rubyzip | |
Version: 1.2.1 | |
Advisory: CVE-2018-1000544 | |
Criticality: Unknown | |
URL: https://github.com/rubyzip/rubyzip/issues/369 | |
Title: Directory Traversal in rubyzip | |
Solution: upgrade to >= 1.2.2 | |
Vulnerabilities found! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'bundler/audit/task' | |
Bundler::Audit::Task.new |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment