Skip to content

gem security updates#10

Open
btihen wants to merge 1 commit into
LAS-IT:masterfrom
btihen:update_gems_for_security_2026_05_12
Open

gem security updates#10
btihen wants to merge 1 commit into
LAS-IT:masterfrom
btihen:update_gems_for_security_2026_05_12

Conversation

@btihen

@btihen btihen commented Jun 12, 2026

Copy link
Copy Markdown
Contributor

update gems for security

wti0405@GREM-VPJQF2D52M ❯ bundle-audit 
Name: addressable
Version: 2.8.7
CVE: CVE-2026-35611
GHSA: GHSA-h27x-rffw-24p4
Criticality: High
URL: https://github.com/sporkmonger/addressable/security/advisories/GHSA-h27x-rffw-24p4
Title: Addressable has a Regular Expression Denial of Service in Addressable templates
Solution: update to '>= 2.9.0'

Name: httparty
Version: 0.18.0
CVE: CVE-2024-22049
GHSA: GHSA-5pq7-52mg-hr42
Criticality: Medium
URL: https://github.com/jnunemaker/httparty/security/advisories/GHSA-5pq7-52mg-hr42
Title: httparty has multipart/form-data request tampering vulnerability
Solution: update to '>= 0.21.0'

Name: httparty
Version: 0.18.0
CVE: CVE-2025-68696
GHSA: GHSA-hm5p-x4rq-38w4
Criticality: High
URL: https://github.com/jnunemaker/httparty/security/advisories/GHSA-hm5p-x4rq-38w4
Title: httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage
Solution: update to '>= 0.24.0'

Vulnerabilities found!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant