[Snyk] Fix for 57 vulnerabilities #95

UbuntuEvangelist · 2025-08-21T00:19:23Z

Snyk has created this PR to fix 57 vulnerabilities in the rubygems dependencies of this project.

Snyk changed the following file(s):

Gemfile

⚠️

Warning

Failed to update the Gemfile.lock, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Remote Code Execution (RCE) SNYK-RUBY-ACTIONVIEW-569156	876
	Deserialization of Untrusted Data SNYK-RUBY-ACTIVESUPPORT-569598	834
	Remote Code Execution (RCE) SNYK-RUBY-ACTIVERECORD-2960802	704
	Arbitrary Code Injection SNYK-RUBY-RACK-2848599	704
	Arbitrary Code Injection SNYK-RUBY-RAKE-552000	686
	Denial of Service (DoS) SNYK-RUBY-JSON-560838	679
	Allocation of Resources Without Limits or Throttling SNYK-RUBY-RACK-10074187	649
	Relative Path Traversal SNYK-RUBY-RACK-9398129	649
	Cross-site Request Forgery (CSRF) SNYK-RUBY-ACTIONPACK-569599	646
	Information Exposure SNYK-RUBY-ACTIONPACK-569600	646
	Cross-site Scripting (XSS) SNYK-RUBY-ACTIONVIEW-560837	646
	Cross-site Request Forgery (CSRF) SNYK-RUBY-RACK-572377	646
	Improper Neutralization SNYK-RUBY-ACTIVERECORD-11800112	631
	Cross-site Scripting (XSS) SNYK-RUBY-RAILSHTMLSANITIZER-3168647	626
	Web Cache Poisoning SNYK-RUBY-RACK-1061917	616
	Cross-site Scripting (XSS) SNYK-RUBY-ACTIONVIEW-2803851	591
	Denial of Service (DoS) SNYK-RUBY-ACTIONPACK-1290052	589
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIVERECORD-1080913	589
	Unsafe Query Generation SNYK-RUBY-ACTIVERECORD-20270	589
	Denial of Service (DoS) SNYK-RUBY-ACTIVERECORD-3237239	589
	Denial of Service (DoS) SNYK-RUBY-I18N-72582	589
	Denial of Service (DoS) SNYK-RUBY-RACK-2848600	589
	Denial of Service (DoS) SNYK-RUBY-RACK-3356639	589
	Directory Traversal SNYK-RUBY-RACK-569066	589
	Denial of Service (DoS) SNYK-RUBY-RACK-6274385	589
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-RAILSHTMLSANITIZER-3168646	589
	Directory Traversal SNYK-RUBY-TZINFO-2958048	589
	Information Exposure SNYK-RUBY-ACTIONPACK-1290051	586
	Cross-site Request Forgery (CSRF) SNYK-RUBY-ACTIONVIEW-569601	586
	Information Exposure SNYK-RUBY-ACTIONPACK-2400638	584
	Improper Output Neutralization for Logs SNYK-RUBY-RACK-8720151	569
	OS Command Injection SNYK-RUBY-THOR-10843853	569
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIONMAILER-8220269	559
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIONPACK-8220162	559
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIONPACK-8220268	559
	Improper Output Neutralization for Logs SNYK-RUBY-RACK-9058602	559
	Cross-site Scripting (XSS) SNYK-RUBY-RAILSHTMLSANITIZER-2935879	531
	Cross-site Scripting (XSS) SNYK-RUBY-ACTIONVIEW-20271	519
	Cross-site Scripting (XSS) SNYK-RUBY-ACTIVESUPPORT-3360028	519
	Cross-site Scripting (XSS) SNYK-RUBY-RACK-72567	519
	Cross-site Scripting (XSS) SNYK-RUBY-RAILSHTMLSANITIZER-22025	519
	Cross-site Scripting (XSS) SNYK-RUBY-RAILSHTMLSANITIZER-3168316	484
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIONPACK-3237231	479
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIONPACK-3237232	479
	Access Restriction Bypass SNYK-RUBY-ACTIVEJOB-72640	479
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIVESUPPORT-3237242	479
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-GLOBALID-3237234	479
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-RACK-3237240	479
	Information Exposure SNYK-RUBY-RACK-538324	479
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-RACK-6274383	479
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-RACK-6274384	479
	Timing Attack SNYK-RUBY-RAILTIES-20454	479
	Cross-site Scripting (XSS) SNYK-RUBY-ACTIONPACK-5741907	449
	Cross-site Scripting (XSS) SNYK-RUBY-ACTIONVIEW-632514	449
	Cross-site Scripting (XSS) SNYK-RUBY-ERUBIS-20482	424
	Cross-site Scripting (XSS) SNYK-RUBY-RAILSHTMLSANITIZER-3168648	424
	Race Condition SNYK-RUBY-RACK-10074188	329

Important

Check the changes in this PR to ensure they won't cause issues with your project.
Max score is 1000. Note that the real score may have changed since the PR was raised.
This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Cross-site Request Forgery (CSRF)
🦉 Cross-site Scripting (XSS)
🦉 More lessons are available in Snyk Learn

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Snyk] Fix for 57 vulnerabilities #95

[Snyk] Fix for 57 vulnerabilities #95

Uh oh!

UbuntuEvangelist commented Aug 21, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

[Snyk] Fix for 57 vulnerabilities #95

Are you sure you want to change the base?

[Snyk] Fix for 57 vulnerabilities #95

Uh oh!

Conversation

UbuntuEvangelist commented Aug 21, 2025

Snyk has created this PR to fix 57 vulnerabilities in the rubygems dependencies of this project.

Snyk changed the following file(s):

Vulnerabilities that will be fixed with an upgrade:

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants