blazer

Name: blazer Version: 2.4.7 CVE: CVE-2022-29498 GHSA: GHSA-qf9q-q4hh-qph3 Criticality: High URL: https://github.com/ankane/blazer/issues/392 Title: SQL injection for certain queries with variables Solution: upgrade to >= 2.6.0
2024-11-22 20:26:22 +00:00 · 2022-06-29 18:26:29 -03:00 · 2022-06-29 18:26:29 -03:00 · 76d614a93b
commit 76d614a93b
parent ae194ad5ba
1 changed files with 11 additions and 11 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -104,7 +104,7 @@ GEM
    bcrypt_pbkdf (1.1.0-x86_64-linux-musl)
    benchmark-ips (2.9.2)
    bindex (0.8.1-x86_64-linux-musl)
-    blazer (2.4.7)
+    blazer (2.6.4)
      activerecord (>= 5)
      chartkick (>= 3.2)
      railties (>= 5)
@ -122,7 +122,7 @@ GEM
      rack (>= 1.0.0)
      rack-test (>= 0.5.4)
      xpath (>= 2.0, < 4.0)
-    chartkick (4.1.2)
+    chartkick (4.2.0)
    childprocess (4.1.0)
    coderay (1.1.3)
    colorator (1.1.0)
@ -191,7 +191,7 @@ GEM
    em-websocket (0.5.3)
      eventmachine (>= 0.12.9)
      http_parser.rb (~> 0)
-    errbase (0.2.1)
+    errbase (0.2.2)
    erubi (1.10.0)
    eventmachine (1.2.7-x86_64-linux-musl)
    exception_notification (4.4.3)
@ -247,7 +247,7 @@ GEM
    httparty (0.18.1)
      mime-types (~> 3.0)
      multi_xml (>= 0.5.2)
-    i18n (1.8.11)
+    i18n (1.10.0)
      concurrent-ruby (~> 1.0)
    icalendar (2.7.1)
      ice_cube (~> 0.16)
@ -353,7 +353,7 @@ GEM
      activesupport (>= 4)
      railties (>= 4)
      request_store (~> 1.0)
-    loofah (2.12.0)
+    loofah (2.18.0)
      crass (~> 1.0.2)
      nokogiri (>= 1.5.9)
    mail (2.7.1)
@ -373,7 +373,7 @@ GEM
      jekyll (>= 3.5, < 5.0)
      jekyll-feed (~> 0.9)
      jekyll-seo-tag (~> 2.1)
-    minitest (5.14.4)
+    minitest (5.16.1)
    mobility (1.2.4)
      i18n (>= 0.6.10, < 2)
      request_store (~> 1.0)
@ -413,8 +413,8 @@ GEM
      rack (>= 1.2.0)
    rack-proxy (0.7.0)
      rack
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
+    rack-test (2.0.2)
+      rack (>= 1.3)
    radios-comunitarias-jekyll-theme (0.1.5)
      jekyll (~> 4.0)
      jekyll-data (~> 1.1)
@ -444,7 +444,7 @@ GEM
    rails-dom-testing (2.0.3)
      activesupport (>= 4.2.0)
      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.4.2)
+    rails-html-sanitizer (1.4.3)
      loofah (~> 2.3)
    rails-i18n (6.0.0)
      i18n (>= 0.7, < 2)
@ -612,7 +612,7 @@ GEM
    temple (0.8.2)
    terminal-table (2.0.0)
      unicode-display_width (~> 1.1, >= 1.1.1)
-    thor (1.1.0)
+    thor (1.2.1)
    tilt (2.0.10)
    timecop (0.9.4)
    turbolinks (5.2.1)
@ -647,7 +647,7 @@ GEM
    websocket-extensions (0.1.5)
    xpath (3.2.0)
      nokogiri (~> 1.8)
-    zeitwerk (2.5.1)
+    zeitwerk (2.6.0)

 PLATFORMS
  ruby