We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#!/bin/bash -eo pipefail bundle exec bundle audit check --update Download ruby-advisory-db ... Cloning into '/home/circleci/.local/share/ruby-advisory-db'... Warning: Permanently added the ECDSA host key for IP address '140.82.114.4' to the list of known hosts. remote: Enumerating objects: 7692, done. remote: Counting objects: 100% (833/833), done. remote: Compressing objects: 100% (278/278), done. remote: Total 7692 (delta 592), reused 634 (delta 532), pack-reused 6859 Receiving objects: 100% (7692/7692), 1.29 MiB | 32.92 MiB/s, done. Resolving deltas: 100% (4093/4093), done. ruby-advisory-db: advisories: 606 advisories last updated: 2022-10-08 01:40:17 -0700 commit: 95cae91bd9ce9bb3ffc274d217487fd8c0d7fe54 Name: pdfkit Version: 0.8.6 CVE: CVE-2022-25765 GHSA: GHSA-rhwx-hjx2-x4qr Criticality: Critical URL: https://github.com/pdfkit/pdfkit/blob/46cdf53ec540da1a1a2e4da979e3e5fe2f92a257/lib/pdfkit/pdfkit.rb#L55-L58 Title: PDFKit vulnerable to Command Injection Solution: remove or disable this gem until a patch is available! Vulnerabilities found! Exited with code exit status 1 CircleCI received exit code 1
Potential fix in review: pdfkit/pdfkit#519
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Potential fix in review: pdfkit/pdfkit#519
The text was updated successfully, but these errors were encountered: