image_processing

Name: image_processing Version: 1.12.1 CVE: CVE-2022-24720 GHSA: GHSA-cxf7-qrc5-9446 Criticality: Unknown URL: https://github.com/janko/image_processing/security/advisories/GHSA-cxf7-qrc5-9446 Title: Remote shell execution vulnerability when applying commands from user input Solution: upgrade to >= 1.12.2
2024-11-22 15:56:20 +00:00 · 2022-06-29 18:24:50 -03:00 · 2022-06-29 18:24:50 -03:00 · ae194ad5ba
commit ae194ad5ba
parent e59b39b7ed
1 changed files with 2 additions and 2 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -205,7 +205,7 @@ GEM
      railties (>= 5.0.0)
    fast_blank (1.0.1-x86_64-linux-musl)
    fast_jsonparser (0.5.0-x86_64-linux-musl)
-    ffi (1.15.4-x86_64-linux-musl)
+    ffi (1.15.5-x86_64-linux-musl)
    flamegraph (0.9.5)
    forwardable-extended (2.6.0)
    friendly_id (5.4.2)
@ -252,7 +252,7 @@ GEM
    icalendar (2.7.1)
      ice_cube (~> 0.16)
    ice_cube (0.16.4)
-    image_processing (1.12.1)
+    image_processing (1.12.2)
      mini_magick (>= 4.9.5, < 5)
      ruby-vips (>= 2.0.17, < 3)
    inline_svg (1.7.2)