5
0
Fork 0
mirror of https://0xacab.org/sutty/sutty synced 2024-11-26 07:16:21 +00:00
Name: blazer
Version: 2.4.7
CVE: CVE-2022-29498
GHSA: GHSA-qf9q-q4hh-qph3
Criticality: High
URL: https://github.com/ankane/blazer/issues/392
Title: SQL injection for certain queries with variables
Solution: upgrade to >= 2.6.0
This commit is contained in:
f 2022-06-29 18:26:29 -03:00
parent ae194ad5ba
commit 76d614a93b

View file

@ -104,7 +104,7 @@ GEM
bcrypt_pbkdf (1.1.0-x86_64-linux-musl) bcrypt_pbkdf (1.1.0-x86_64-linux-musl)
benchmark-ips (2.9.2) benchmark-ips (2.9.2)
bindex (0.8.1-x86_64-linux-musl) bindex (0.8.1-x86_64-linux-musl)
blazer (2.4.7) blazer (2.6.4)
activerecord (>= 5) activerecord (>= 5)
chartkick (>= 3.2) chartkick (>= 3.2)
railties (>= 5) railties (>= 5)
@ -122,7 +122,7 @@ GEM
rack (>= 1.0.0) rack (>= 1.0.0)
rack-test (>= 0.5.4) rack-test (>= 0.5.4)
xpath (>= 2.0, < 4.0) xpath (>= 2.0, < 4.0)
chartkick (4.1.2) chartkick (4.2.0)
childprocess (4.1.0) childprocess (4.1.0)
coderay (1.1.3) coderay (1.1.3)
colorator (1.1.0) colorator (1.1.0)
@ -191,7 +191,7 @@ GEM
em-websocket (0.5.3) em-websocket (0.5.3)
eventmachine (>= 0.12.9) eventmachine (>= 0.12.9)
http_parser.rb (~> 0) http_parser.rb (~> 0)
errbase (0.2.1) errbase (0.2.2)
erubi (1.10.0) erubi (1.10.0)
eventmachine (1.2.7-x86_64-linux-musl) eventmachine (1.2.7-x86_64-linux-musl)
exception_notification (4.4.3) exception_notification (4.4.3)
@ -247,7 +247,7 @@ GEM
httparty (0.18.1) httparty (0.18.1)
mime-types (~> 3.0) mime-types (~> 3.0)
multi_xml (>= 0.5.2) multi_xml (>= 0.5.2)
i18n (1.8.11) i18n (1.10.0)
concurrent-ruby (~> 1.0) concurrent-ruby (~> 1.0)
icalendar (2.7.1) icalendar (2.7.1)
ice_cube (~> 0.16) ice_cube (~> 0.16)
@ -353,7 +353,7 @@ GEM
activesupport (>= 4) activesupport (>= 4)
railties (>= 4) railties (>= 4)
request_store (~> 1.0) request_store (~> 1.0)
loofah (2.12.0) loofah (2.18.0)
crass (~> 1.0.2) crass (~> 1.0.2)
nokogiri (>= 1.5.9) nokogiri (>= 1.5.9)
mail (2.7.1) mail (2.7.1)
@ -373,7 +373,7 @@ GEM
jekyll (>= 3.5, < 5.0) jekyll (>= 3.5, < 5.0)
jekyll-feed (~> 0.9) jekyll-feed (~> 0.9)
jekyll-seo-tag (~> 2.1) jekyll-seo-tag (~> 2.1)
minitest (5.14.4) minitest (5.16.1)
mobility (1.2.4) mobility (1.2.4)
i18n (>= 0.6.10, < 2) i18n (>= 0.6.10, < 2)
request_store (~> 1.0) request_store (~> 1.0)
@ -413,8 +413,8 @@ GEM
rack (>= 1.2.0) rack (>= 1.2.0)
rack-proxy (0.7.0) rack-proxy (0.7.0)
rack rack
rack-test (1.1.0) rack-test (2.0.2)
rack (>= 1.0, < 3) rack (>= 1.3)
radios-comunitarias-jekyll-theme (0.1.5) radios-comunitarias-jekyll-theme (0.1.5)
jekyll (~> 4.0) jekyll (~> 4.0)
jekyll-data (~> 1.1) jekyll-data (~> 1.1)
@ -444,7 +444,7 @@ GEM
rails-dom-testing (2.0.3) rails-dom-testing (2.0.3)
activesupport (>= 4.2.0) activesupport (>= 4.2.0)
nokogiri (>= 1.6) nokogiri (>= 1.6)
rails-html-sanitizer (1.4.2) rails-html-sanitizer (1.4.3)
loofah (~> 2.3) loofah (~> 2.3)
rails-i18n (6.0.0) rails-i18n (6.0.0)
i18n (>= 0.7, < 2) i18n (>= 0.7, < 2)
@ -612,7 +612,7 @@ GEM
temple (0.8.2) temple (0.8.2)
terminal-table (2.0.0) terminal-table (2.0.0)
unicode-display_width (~> 1.1, >= 1.1.1) unicode-display_width (~> 1.1, >= 1.1.1)
thor (1.1.0) thor (1.2.1)
tilt (2.0.10) tilt (2.0.10)
timecop (0.9.4) timecop (0.9.4)
turbolinks (5.2.1) turbolinks (5.2.1)
@ -647,7 +647,7 @@ GEM
websocket-extensions (0.1.5) websocket-extensions (0.1.5)
xpath (3.2.0) xpath (3.2.0)
nokogiri (~> 1.8) nokogiri (~> 1.8)
zeitwerk (2.5.1) zeitwerk (2.6.0)
PLATFORMS PLATFORMS
ruby ruby