RubyGems - bundler-audit - Versions diffs - 0.6.1 → 0.7.0 - Mend

bundler-audit 0.6.1 → 0.7.0

Files changed (391) hide show

data/data/ruby-advisory-db/gems/passenger/OSVDB-90738.yml DELETED

@@ -1,16 +0,0 @@
----
-gem: passenger
-cve: 2012-6135
-osvdb: 90738
-url: http://old.blog.phusion.nl/2013/03/05/phusion-passenger-4-0-beta-1-and-2-arbitrary-file-deletion-vulnerability/
-title: Phusion Passenger Gem for Ruby Arbitrary File Deletion
-date: 2012-02-01
-description: Phusion Passenger Gem for Ruby contains a flaw that is triggered
-  during application startup. This issue may allow a local attacker to delete
-  arbitrary files via an application process. If the program has completed the
-  start up process this vulnerability is no longer exploitable.
-cvss_v2: 2.1
-patched_versions:
-  - ">= 4.0.0"
-unaffected_versions:
-  - "< 4.0.0"

data/data/ruby-advisory-db/gems/passenger/OSVDB-93752.yml DELETED

@@ -1,15 +0,0 @@
----
-gem: passenger
-cve: 2013-2119
-osvdb: 93752
-url: http://osvdb.org/show/osvdb/93752
-title: Phusion Passenger Gem for Ruby Predictable Temporary Filename Generation Symlink Local Privilege Escalation
-date: 2013-05-29
-description: Phusion Passenger Gem for Ruby contains a flaw as the program creates
-  temporary files insecurely. It is possible for a local attacker to use a symlink
-  attack against the Nginx config file to cause the program to unexpectedly overwrite
-  the file, allowing a local attacker to execute code with elevated privileges.
-cvss_v2: 4.6
-patched_versions:
-  - "~> 3.0.21"
-  - ">= 4.0.5"

data/data/ruby-advisory-db/gems/passenger/OSVDB-94074.yml DELETED

@@ -1,14 +0,0 @@
----
-gem: passenger
-cve: 2013-4136
-osvdb: 94074
-url: http://osvdb.org/show/osvdb/94074
-title: Phusion Passenger Gem for Ruby Utils.cpp Temporary Directory Creation Symlink Local Privilege Escalation
-date: 2013-06-10
-description: Phusion Passenger Gem for Ruby contains a flaw as the program creates
-  temporary directories insecurely. It is possible for a local attacker to use a
-  symlink attack against the Utils.cpp file to allow the attacker to gain elevated
-  privileges.
-cvss_v2: 4.6
-patched_versions:
-  - ">= 4.0.8"

data/data/ruby-advisory-db/gems/pdfkit/OSVDB-90867.yml DELETED

@@ -1,11 +0,0 @@
----
-gem: pdfkit
-cve: 2013-1607
-osvdb: 90867
-url: http://osvdb.org/show/osvdb/90867
-title: PDFKit Gem for Ruby PDF File Generation Parameter Handling Remote Code Execution
-date: 2013-02-21
-description: PDFKit Gem for Ruby contains a flaw that is due to the program failing to properly validate input during the handling of parameters when generating PDF files. This may allow a remote attacker to potentially execute arbitrary code via the pdfkit generation options.
-cvss_v2:
-patched_versions:
-  - ">= 0.5.3"

data/data/ruby-advisory-db/gems/point-cli/OSVDB-108577.yml DELETED

@@ -1,8 +0,0 @@
----
-gem: point-cli
-cve: 2014-4997
-osvdb: 108577
-url: http://osvdb.org/show/osvdb/108577
-title: point-cli Gem for Ruby /lib/commands/setup.rb Process Table Local Plaintext Credential Disclosure
-date: 2014-06-30
-description: point-cli Gem for Ruby contains a flaw in /lib/commands/setup.rb that is due to the application exposing credential information in plaintext in the process table. This may allow a local attacker to gain access to credential information.

data/data/ruby-advisory-db/gems/quick_magick/OSVDB-106954.yml DELETED

@@ -1,7 +0,0 @@
----
-gem: quick_magick
-osvdb: 106954
-url: http://osvdb.org/show/osvdb/106954
-title: quick_magick Gem for Ruby QuickMagick::Image.read Function Crafted String Handling Remote Command Injection
-date: 2011-01-12
-description: quick_magick Gem for Ruby contains a flaw in the QuickMagick::Image.read function. The issue is triggered when handling a specially crafted string. This may allow a remote attacker to inject arbitrary commands.

data/data/ruby-advisory-db/gems/rack-attack/OSVDB-132234.yml DELETED

@@ -1,26 +0,0 @@
----
-gem: rack-attack
-osvdb: 132234
-url: https://github.com/kickstarter/rack-attack/releases/tag/v4.3.1
-title: |
-  rack-attack Gem for Ruby missing normalization before request path
-  processing
-date: 2015-12-18
-description: |
-  When using rack-attack with a rails app, developers expect the request
-  path to be normalized. In particular, trailing slashes are stripped so
-  a request path "/login/" becomes "/login" by the time you're in
-  ActionController.
-  Since Rack::Attack runs before ActionDispatch, the request path is not
-  yet normalized. This can cause throttles and blacklists to not work as
-  expected.
-  E.g., a throttle:
-  `throttle('logins', ...) {|req| req.path == "/login" }`
-  would not match a request to '/login/', though Rails would route
-  '/login/' to the same '/login' action.
-patched_versions:
-  - ">= 4.3.1"

data/data/ruby-advisory-db/gems/rack-cache/OSVDB-83077.yml DELETED

@@ -1,18 +0,0 @@
----
-gem: rack-cache
-cve: 2012-2671
-osvdb: 83077
-url: http://osvdb.org/83077
-title: rack-cache Rubygem Sensitive HTTP Header Caching Weakness
-date: 2012-06-06
-description: |
-  Rack::Cache (rack-cache) contains a flaw related to the rubygem caching
-  sensitive HTTP headers. This will result in a weakness that may make it
-  easier for an attacker to gain access to a user's session via a specially
-  crafted header.
-cvss_v2: 7.5
-patched_versions:
-  - ">= 1.2"

data/data/ruby-advisory-db/gems/rack-mini-profiler/CVE-2016-4442.yml DELETED

@@ -1,17 +0,0 @@
----
-gem: rack-mini-profiler
-cve: 2016-4442
-url: https://github.com/MiniProfiler/rack-mini-profiler/commit/4273771d65f1a7411e3ef5843329308d0e2d257c
-title: rack-mini-profiler may disclose information to unauthorized users
-date: 2016-05-18
-description: >-
-  Carefully crafted requests can expose information about
-  strings and objects allocated during the request for unauthorised
-  users.
-patched_versions:
-  - ">= 0.10.1"
-related:
-  url:
-    - http://seclists.org/oss-sec/2016/q2/516

data/data/ruby-advisory-db/gems/rack-ssl/OSVDB-104734.yml DELETED

@@ -1,11 +0,0 @@
----
-gem: rack-ssl
-cve: 2014-2538
-osvdb: 104734
-url: http://osvdb.org/show/osvdb/104734
-title: rack-ssl Gem for Ruby Error Message Reflected XSS
-date: 2013-07-09
-description: rack-ssl Gem for Ruby contains a flaw that allows a reflected cross-site scripting (XSS) attack. This flaw exists because the program does not validate input passed via error messages before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.
-cvss_v2: 4.3
-patched_versions:
-  - ">= 1.3.4"

data/data/ruby-advisory-db/gems/rack/CVE-2015-3225.yml DELETED

@@ -1,18 +0,0 @@
----
-gem: rack
-cve: 2015-3225
-url: https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc
-title: |
-  Potential Denial of Service Vulnerability in Rack
-date: 2015-06-16
-description: |
-  Carefully crafted requests can cause a `SystemStackError` and potentially
-  cause a denial of service attack.
-  All users running an affected release should upgrade.
-patched_versions:
-  - ">= 1.6.2"
-  - "~> 1.5.4"
-  - "~> 1.4.6"

data/data/ruby-advisory-db/gems/rack/OSVDB-78121.yml DELETED

@@ -1,21 +0,0 @@
----
-gem: rack
-cve: 2011-5036
-osvdb: 78121
-url: http://osvdb.org/show/osvdb/78121
-title: |
-  Rack Hash Collision Form Parameter Parsing Remote DoS
-date: 2011-12-28
-description: |
-  Rack contains a flaw that may allow a remote denial of service. The issue is
-  triggered when an attacker sends multiple crafted parameters which trigger
-  hash collisions, and will result in loss of availability for the program via
-  CPU consumption.
-cvss_v2: 5.0
-patched_versions:
-  - "~> 1.1.3"
-  - "~> 1.2.5"
-  - "~> 1.3.6"
-  - ">= 1.4.0"

data/data/ruby-advisory-db/gems/rack/OSVDB-89317.yml DELETED

@@ -1,21 +0,0 @@
----
-gem: rack
-cve: 2012-6109
-osvdb: 89317
-url: http://osvdb.org/show/osvdb/89317
-title: |
-  Rack Regular Expressions Engine Content-Disposition Header Parsing Infinite Loop Remote DoS
-date: 2012-05-04
-description: |
-  Rack contains a flaw in the Regular Expressions Engine that may allow a remote
-  denial of service. The issue is triggered when parsing context-disposition
-  headers. With a specially crafted header, a remote attacker can cause an
-  infinite loop, which will result in a loss of availability for the webserver.
-cvss_v2: 4.3
-patched_versions:
-  - "~> 1.1.4"
-  - "~> 1.2.6"
-  - "~> 1.3.7"
-  - ">= 1.4.2"

data/data/ruby-advisory-db/gems/rack/OSVDB-89320.yml DELETED

@@ -1,19 +0,0 @@
----
-gem: rack
-cve: 2013-0183
-osvdb: 89320
-url: http://osvdb.org/show/osvdb/89320
-title: |
-  Rack Long String Parsing Memory Consumption Remote DoS
-date: 2013-01-07
-description: |
-  Rack contains a flaw that may allow a remote denial of service. The issue is
-  triggered when parsing an overly long string. With a specially crafted string,
-  a remote attacker can cause a consumption of memory. This will result in a
-  loss of availability for the webserver.
-cvss_v2: 5.0
-patched_versions:
-  - "~> 1.3.8"
-  - ">= 1.4.3"

data/data/ruby-advisory-db/gems/rack/OSVDB-89327.yml DELETED

@@ -1,20 +0,0 @@
----
-gem: rack
-cve: 2013-0184
-osvdb: 89327
-url: http://osvdb.org/show/osvdb/89327
-title: |
-  Rack Rack::Auth::AbstractRequest Class Unspecified Remote DoS
-date: 2013-01-13
-description: |
-  Rack contains a flaw in the Rack::Auth::AbstractRequest class that may allow
-  a remote denial of service. The issue is triggered when an unspecified error
-  occurs, which will result in a loss of availability for the webserver.
-cvss_v2: 4.3
-patched_versions:
-  - "~> 1.1.5"
-  - "~> 1.2.7"
-  - "~> 1.3.9"
-  - ">= 1.4.4"

data/data/ruby-advisory-db/gems/rack/OSVDB-89938.yml DELETED

@@ -1,18 +0,0 @@
----
-gem: rack
-cve: 2013-0262
-osvdb: 89938
-url: http://osvdb.org/show/osvdb/89938
-title: |
-  Rack Rack::File Function Symlink Traversal Arbitrary File Disclosure
-date: 2013-02-07
-description: |
-  Rack contains a flaw as the Rack::File function creates temporary files
-  insecurely. It is possible for a local attacker to use a symlink attack to
-  traverse to an arbitrary file and disclose its contents
-cvss_v2: 4.3
-patched_versions:
-- "~> 1.4.5"
-- ">= 1.5.2"

data/data/ruby-advisory-db/gems/rack/OSVDB-89939.yml DELETED

@@ -1,23 +0,0 @@
----
-gem: rack
-cve: 2013-0263
-osvdb: 89939
-url: http://osvdb.org/show/osvdb/89939
-title: |
-  Rack Rack::Session::Cookie Function Timing Attack Remote Code Execution
-date: 2013-02-07
-description: |
-  Rack contains a flaw that is due to an error in the Rack::Session::Cookie
-  function. Users of the Marshal session cookie encoding (the default), are
-  subject to a timing attack that may lead an attacker to execute arbitrary
-  code. This attack is more practical against 'cloud' users as intra-cloud
-  latencies are sufficiently low to make the attack viable.
-cvss_v2: 5.1
-patched_versions:
-  - ~> 1.1.6
-  - ~> 1.2.8
-  - ~> 1.3.10
-  - ~> 1.4.5
-  - ">= 1.5.2"

data/data/ruby-advisory-db/gems/rails-html-sanitizer/CVE-2015-7578.yml DELETED

@@ -1,47 +0,0 @@
----
-gem: rails-html-sanitizer
-cve: 2015-7578
-date: 2016-01-25
-url: "https://groups.google.com/forum/#!topic/rubyonrails-security/uh--W4TDwmI"
-title: Possible XSS vulnerability in rails-html-sanitizer
-description: |
-  There is a possible XSS vulnerability in rails-html-sanitizer. This
-  vulnerability has been assigned the CVE identifier CVE-2015-7578.
-  Versions Affected:  All.
-  Not affected:       None.
-  Fixed Versions:     1.0.3
-  Impact
-  ------
-  There is a possible XSS vulnerability in rails-html-sanitizer.  Certain
-  attributes are not removed from tags when they are sanitized, and these
-  attributes can lead to an XSS attack on target applications.
-  All users running an affected release should either upgrade or use one of the
-  workarounds immediately.
-  Releases
-  --------
-  The FIXED releases are available at the normal locations.
-  Workarounds
-  -----------
-  There are no feasible workarounds for this issue.
-  Patches
-  -------
-  To aid users who aren't able to upgrade immediately we have provided patches for
-  the two supported release series. They are in git-am format and consist of a
-  single changeset.
-  * 1-0-sanitize_data_attributes.patch - Patch for 1.0 series
-  Credits
-  -------
-  Thanks to Ben Murphy and Marien for reporting this.
-patched_versions:
-  - "~> 1.0.3"

data/data/ruby-advisory-db/gems/rails-html-sanitizer/CVE-2015-7579.yml DELETED

@@ -1,75 +0,0 @@
----
-gem: rails-html-sanitizer
-cve: 2015-7579
-date: 2016-01-25
-url: "https://groups.google.com/forum/#!topic/rubyonrails-security/OU9ugTZcbjc"
-title: XSS vulnerability in rails-html-sanitizer
-description: |
-  There is a XSS vulnerability in `Rails::Html::FullSanitizer` used by Action View's `strip_tags`.
-  This vulnerability has been assigned the CVE identifier CVE-2015-7579.
-  Versions Affected:  1.0.2
-  Not affected:       1.0.0, 1.0.1
-  Fixed Versions:     1.0.3
-  Impact
-  ------
-  Due to the way that `Rails::Html::FullSanitizer` is implemented, if an attacker
-  passes an already escaped HTML entity to the input of Action View's `strip_tags`
-  these entities will be unescaped what may cause a XSS attack if used in combination
-  with `raw` or `html_safe`.
-  For example:
-      strip_tags("&lt;script&gt;alert('XSS')&lt;/script&gt;")
-  Would generate:
-      <script>alert('XSS')</script>
-  After the fix it will generate:
-      &lt;script&gt;alert('XSS')&lt;/script&gt;
-  All users running an affected release should either upgrade or use one of the
-  workarounds immediately.
-  Releases
-  --------
-  The FIXED releases are available at the normal locations.
-  Workarounds
-  -----------
-  If you can't upgrade, please use the following monkey patch in an initializer
-  that is loaded before your application:
-  ```
-  $ cat config/initializers/strip_tags_fix.rb
-  class ActionView::Base
-    def strip_tags(html)
-      self.class.full_sanitizer.sanitize(html)
-    end
-  end
-  ```
-  Patches
-  -------
-  To aid users who aren't able to upgrade immediately we have provided patches
-  for the two supported release series. They are in git-am format and consist
-  of a single changeset.
-  * Do-not-unescape-already-escaped-HTML-entities.patch
-  Credits
-  -------
-  Thank you to Arthur Neves from GitHub and Spyros Livathinos from Zendesk for
-  reporting the problem and working with us to fix it.
-unaffected_versions:
-  - "~> 1.0.0"
-  - "~> 1.0.1"
-patched_versions:
-  - "~> 1.0.3"

data/data/ruby-advisory-db/gems/rails-html-sanitizer/CVE-2015-7580.yml DELETED

@@ -1,70 +0,0 @@
----
-gem: rails-html-sanitizer
-cve: 2015-7580
-date: 2016-01-25
-url: "https://groups.google.com/forum/#!topic/rubyonrails-security/uh--W4TDwmI"
-title: Possible XSS vulnerability in rails-html-sanitizer
-description: |
-  There is a possible XSS vulnerability in the white list sanitizer in the
-  rails-html-sanitizer gem. This vulnerability has been assigned the CVE
-  identifier CVE-2015-7580.
-  Versions Affected:  All.
-  Not affected:       None.
-  Fixed Versions:     v1.0.3
-  Impact
-  ------
-  Carefully crafted strings can cause user input to bypass the sanitization in
-  the white list sanitizer which will can lead to an XSS attack.
-  Vulnerable code will look something like this:
-    <%= sanitize user_input, tags: %w(em) %>
-  All users running an affected release should either upgrade or use one of the
-  workarounds immediately.
-  Releases
-  --------
-  The FIXED releases are available at the normal locations.
-  Workarounds
-  -----------
-  Putting the following monkey patch in an initializer can help to mitigate the
-  issue:
-  ```
-  class Rails::Html::PermitScrubber
-    alias :old_scrub :scrub
-    alias :old_skip_node? :skip_node?
-    def scrub(node)
-      if node.cdata?
-        text = node.document.create_text_node node.text
-        node.replace text
-        return CONTINUE
-      end
-      old_scrub node
-    end
-    def skip_node?(node); node.text?; end
-  end
-  ```
-  Patches
-  -------
-  To aid users who aren't able to upgrade immediately we have provided patches for
-  the two supported release series. They are in git-am format and consist of a
-  single changeset.
-  * 1-0-whitelist_sanitizer_xss.patch - Patch for 1.0 series
-  Credits
-  -------
-  Thanks to Arnaud Germis, Nate Clark, and John Colvin for reporting this issue.
-patched_versions:
-  - "~> 1.0.3"