vladzima / arbatovme Goto Github PK
View Code? Open in Web Editor NEWPersonal website on Jekyll and Github Pages
Home Page: https://arbatov.me
Personal website on Jekyll and Github Pages
Home Page: https://arbatov.me
You should use protection!
path: /var/lib/gems/2.3.0/cache/rack-protection-1.5.5.gem
Library home page: https://rubygems.org/gems/rack-protection-1.5.5.gem
Dependency Hierarchy:
Found in HEAD commit: b3959e9cf7e18549f4a5e974ecb62239f3b8eaf2
An issue was discovered in rack-protection/lib/rack/protection/path_traversal.rb in Sinatra 2.x before 2.0.1 on Windows. Path traversal is possible via backslash characters.
Publish Date: 2018-02-18
URL: CVE-2018-7212
Base Score Metrics:
Type: Change files
Origin: sinatra/sinatra@d17aa95#diff-6c83ca93df5ee9912c1da85f96d278cc
Release Date: 2018-01-09
Fix Resolution: Replace or update the following files: path_traversal.rb, base.rb
Step up your Open Source Security Game with WhiteSource here
Sinatra is a DSL for quickly creating web applications in Ruby with minimal effort.
path: /var/lib/gems/2.3.0/cache/sinatra-1.4.8.gem
Library home page: https://rubygems.org/gems/sinatra-1.4.8.gem
Dependency Hierarchy:
Found in HEAD commit: b3959e9cf7e18549f4a5e974ecb62239f3b8eaf2
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
Publish Date: 2018-05-31
URL: CVE-2018-11627
Base Score Metrics:
Type: Change files
Origin: sinatra/sinatra@1278686
Release Date: 2018-05-30
Fix Resolution: Replace or update the following file: base.rb
Step up your Open Source Security Game with WhiteSource here
Sinatra is a DSL for quickly creating web applications in Ruby with minimal effort.
path: /var/lib/gems/2.3.0/cache/sinatra-1.4.8.gem
Library home page: https://rubygems.org/gems/sinatra-1.4.8.gem
Dependency Hierarchy:
Found in HEAD commit: b3959e9cf7e18549f4a5e974ecb62239f3b8eaf2
Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.
Publish Date: 2018-03-07
URL: CVE-2018-1000119
Base Score Metrics:
Type: Change files
Origin: sinatra/sinatra@8aa6c42#commitcomment-27964109
Release Date: 2016-07-26
Fix Resolution: Replace or update the following files: authenticity_token.rb, base.rb
Step up your Open Source Security Game with WhiteSource here
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.