René's URL Explorer Experiment


Title: [Snyk] Fix for 21 vulnerabilities by irinazheltisheva · Pull Request #10 · https-githubsup-com/pixellate · GitHub

Open Graph Title: [Snyk] Fix for 21 vulnerabilities by irinazheltisheva · Pull Request #10 · https-githubsup-com/pixellate

X Title: [Snyk] Fix for 21 vulnerabilities by irinazheltisheva · Pull Request #10 · https-githubsup-com/pixellate

Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `rubygems` dependencies of this project. Changes included in this PR Changes to the following files to upgrade the vulnerable dependencies to a fixed version: Gemfile Gemfile.lock Vulnerabilities that will be fixed With an upgrade: Severity Priority Score (*) Issue Breaking Change Exploit Maturity 479/1000 Why? Has a fix available, CVSS 5.3 Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIVESUPPORT-3237242 Yes No Known Exploit 591/1000 Why? Recently disclosed, Has a fix available, CVSS 6.1 Cross-site Scripting (XSS) SNYK-RUBY-ACTIVESUPPORT-3360028 Yes No Known Exploit 834/1000 Why? Mature exploit, Has a fix available, CVSS 8.1 Deserialization of Untrusted Data SNYK-RUBY-ACTIVESUPPORT-569598 Yes Mature 589/1000 Why? Has a fix available, CVSS 7.5 Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ADDRESSABLE-1316242 No No Known Exploit 654/1000 Why? Has a fix available, CVSS 8.8 Integer Overflow or Wraparound SNYK-RUBY-COMMONMARKER-2415031 Yes No Known Exploit 486/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.3 Out-of-bounds Read SNYK-RUBY-COMMONMARKER-3318398 Yes Proof of Concept 429/1000 Why? Has a fix available, CVSS 4.3 Denial of Service (DoS) SNYK-RUBY-COMMONMARKER-3318399 Yes No Known Exploit 646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5 Denial of Service (DoS) SNYK-RUBY-COMMONMARKER-3318400 Yes Proof of Concept 536/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.3 Denial of Service (DoS) SNYK-RUBY-COMMONMARKER-3318401 Yes Proof of Concept 505/1000 Why? Has a fix available, CVSS 5.6 Deserialization of Untrusted Data SNYK-RUBY-KRAMDOWN-1087436 Yes No Known Exploit 574/1000 Why? Has a fix available, CVSS 7.2 Remote Code Execution SNYK-RUBY-KRAMDOWN-585939 Yes No Known Exploit 344/1000 Why? Has a fix available, CVSS 2.6 XML External Entity (XXE) Injection SNYK-RUBY-NOKOGIRI-1055008 No No Known Exploit 696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 Denial of Service (DoS) SNYK-RUBY-NOKOGIRI-1293239 No Proof of Concept 589/1000 Why? Has a fix available, CVSS 7.5 XML External Entity (XXE) Injection SNYK-RUBY-NOKOGIRI-1726792 No No Known Exploit 619/1000 Why? Has a fix available, CVSS 8.1 Use After Free SNYK-RUBY-NOKOGIRI-2413994 No No Known Exploit 589/1000 Why? Has a fix available, CVSS 7.5 Regular Expression Denial of Service (ReDoS) SNYK-RUBY-NOKOGIRI-2620374 No No Known Exploit 589/1000 Why? Has a fix available, CVSS 7.5 Out-of-bounds Write SNYK-RUBY-NOKOGIRI-2630623 No No Known Exploit 589/1000 Why? Has a fix available, CVSS 7.5 Denial of Service (DoS) SNYK-RUBY-NOKOGIRI-2630898 No No Known Exploit 624/1000 Why? Has a fix available, CVSS 8.2 Improper Handling of Unexpected Data Type SNYK-RUBY-NOKOGIRI-2840634 No No Known Exploit 589/1000 Why? Has a fix available, CVSS 7.5 NULL Pointer Dereference SNYK-RUBY-NOKOGIRI-3052880 No No Known Exploit 589/1000 Why? Has a fix available, CVSS 7.5 Directory Traversal SNYK-RUBY-TZINFO-2958048 No No Known Exploit (*) Note that the real score may have changed since the PR was raised. Check the changes in this PR to ensure they won't cause issues with your project. Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: 🧐 View latest project report 🛠 Adjust project settings 📚 Read more about Snyk's upgrade and patch logic Learn how to fix vulnerabilities with free interactive lessons: 🦉 Regular Expression Denial of Service (ReDoS) 🦉 Cross-site Scripting (XSS) 🦉 Deserialization of Untrusted Data 🦉 More lessons are available in Snyk Learn

Open Graph Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `rubygems` dependencies of this project. Change...

X Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `rubygems` dependencies of this project. Change...

Opengraph URL: https://github.com/https-githubsup-com/pixellate/pull/10

X: @github

direct link

Domain: github.com

route-pattern/:user_id/:repository/pull/:id/files(.:format)
route-controllerpull_requests
route-actionfiles
fetch-noncev2:d168320e-28a6-8795-e9f1-ba0bdab83d86
current-catalog-service-hashae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-idB86C:2BD65D:46444E:5DC513:6A519337
html-safe-nonce099293241d716b153b438c1ac5557055ebbf3777e74567bb64136fcadc4a9b16
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJCODZDOjJCRDY1RDo0NjQ0NEU6NURDNTEzOjZBNTE5MzM3IiwidmlzaXRvcl9pZCI6IjcwNzE5MDkyNjY2NDc1MjAwNTUiLCJyZWdpb25fZWRnZSI6ImlhZCIsInJlZ2lvbl9yZW5kZXIiOiJpYWQifQ==
visitor-hmac28d9dcbaad434be2e78028c70bac6e9ed74387ff4e5fe5a8f18b0101f3b4c67e
hovercard-subject-tagpull_request:1302063577
github-keyboard-shortcutsrepository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///pull_requests/show/files
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/https-githubsup-com/pixellate/pull/10/files
twitter:imagehttps://avatars.githubusercontent.com/u/70594426?s=400&v=4
twitter:cardsummary_large_image
og:imagehttps://avatars.githubusercontent.com/u/70594426?s=400&v=4
og:image:altThis PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `rubygems` dependencies of this project. Change...
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
Noneb9a586c06a05a7a86fc7e3f4dbd03e42f6869085879aa184aa6369456dbd50fb
turbo-cache-controlno-preview
diff-viewunified
go-importgithub.com/https-githubsup-com/pixellate git https://github.com/https-githubsup-com/pixellate.git
octolytics-dimension-user_id70625322
octolytics-dimension-user_loginhttps-githubsup-com
octolytics-dimension-repository_id299540170
octolytics-dimension-repository_nwohttps-githubsup-com/pixellate
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forktrue
octolytics-dimension-repository_parent_id295381455
octolytics-dimension-repository_parent_nwoirinazheltisheva/pixellate
octolytics-dimension-repository_network_root_id295381455
octolytics-dimension-repository_network_root_nwoirinazheltisheva/pixellate
turbo-body-classeslogged-out env-production page-responsive full-width
disable-turbotrue
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release7aed05249554b889eb33d002851a973eebcc7e91
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/https-githubsup-com/pixellate/pull/10/files#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fhttps-githubsup-com%2Fpixellate%2Fpull%2F10%2Ffiles
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub Copilot appDirect agents from issue to mergehttps://github.com/features/ai/github-app
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
View all resourceshttps://github.com/resources
GitHub SponsorsFund open source developershttps://github.com/open-source/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/open-source/accelerator
GitHub Starshttps://stars.github.com
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/enterprise/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fhttps-githubsup-com%2Fpixellate%2Fpull%2F10%2Ffiles
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fpull_requests%2Fshow%2Ffiles&source=header-repo&source_repo=https-githubsup-com%2Fpixellate
Reloadhttps://github.com/https-githubsup-com/pixellate/pull/10/files
Reloadhttps://github.com/https-githubsup-com/pixellate/pull/10/files
Reloadhttps://github.com/https-githubsup-com/pixellate/pull/10/files
Please reload this pagehttps://github.com/https-githubsup-com/pixellate/pull/10/files
https-githubsup-com https://github.com/https-githubsup-com
pixellatehttps://github.com/https-githubsup-com/pixellate
irinazheltisheva/pixellatehttps://github.com/irinazheltisheva/pixellate
Notifications https://github.com/login?return_to=%2Fhttps-githubsup-com%2Fpixellate
Fork 0 https://github.com/login?return_to=%2Fhttps-githubsup-com%2Fpixellate
Star 0 https://github.com/login?return_to=%2Fhttps-githubsup-com%2Fpixellate
Code https://github.com/https-githubsup-com/pixellate
Pull requests 25 https://github.com/https-githubsup-com/pixellate/pulls
Actions https://github.com/https-githubsup-com/pixellate/actions
Projects https://github.com/https-githubsup-com/pixellate/projects
Security and quality 0 https://github.com/https-githubsup-com/pixellate/security
Insights https://github.com/https-githubsup-com/pixellate/pulse
Code https://github.com/https-githubsup-com/pixellate
Pull requests https://github.com/https-githubsup-com/pixellate/pulls
Actions https://github.com/https-githubsup-com/pixellate/actions
Projects https://github.com/https-githubsup-com/pixellate/projects
Security and quality https://github.com/https-githubsup-com/pixellate/security
Insights https://github.com/https-githubsup-com/pixellate/pulse
Sign up for GitHub https://github.com/signup?return_to=%2Fhttps-githubsup-com%2Fpixellate%2Fissues%2Fnew%2Fchoose
terms of servicehttps://docs.github.com/terms
privacy statementhttps://docs.github.com/privacy
Sign inhttps://github.com/login?return_to=%2Fhttps-githubsup-com%2Fpixellate%2Fissues%2Fnew%2Fchoose
irinazheltishevahttps://github.com/irinazheltisheva
masterhttps://github.com/https-githubsup-com/pixellate/tree/master
snyk-fix-dbdc853402e92144fcaa08624edce29ehttps://github.com/https-githubsup-com/pixellate/tree/snyk-fix-dbdc853402e92144fcaa08624edce29e
Conversation 0 https://github.com/https-githubsup-com/pixellate/pull/10
Commits 1 https://github.com/https-githubsup-com/pixellate/pull/10/commits
Checks 0 https://github.com/https-githubsup-com/pixellate/pull/10/checks
Files changed https://github.com/https-githubsup-com/pixellate/pull/10/files
Please reload this pagehttps://github.com/https-githubsup-com/pixellate/pull/10/files
[Snyk] Fix for 21 vulnerabilities https://github.com/https-githubsup-com/pixellate/pull/10/files#top
Show all changes 1 commit https://github.com/https-githubsup-com/pixellate/pull/10/files
5d52c49 fix: Gemfile & Gemfile.lock to reduce vulnerabilities snyk-bot Apr 4, 2023 https://github.com/https-githubsup-com/pixellate/pull/10/commits/5d52c496f6a8c309d4e4ba3796ecb9063dbe696f
Clear filters https://github.com/https-githubsup-com/pixellate/pull/10/files
Please reload this pagehttps://github.com/https-githubsup-com/pixellate/pull/10/files
Please reload this pagehttps://github.com/https-githubsup-com/pixellate/pull/10/files
Gemfile https://github.com/https-githubsup-com/pixellate/pull/10/files#diff-d09ea66f8227784ff4393d88a19836f321c915ae10031d16c93d67e6283ab55f
Gemfile.lock https://github.com/https-githubsup-com/pixellate/pull/10/files#diff-89cade48462044ee1b672dc5f4c3ec250fbd29effcd8932096a23c1283c6731f
Gemfilehttps://github.com/https-githubsup-com/pixellate/pull/10/files#diff-d09ea66f8227784ff4393d88a19836f321c915ae10031d16c93d67e6283ab55f
View file https://github.com/https-githubsup-com/pixellate/blob/5d52c496f6a8c309d4e4ba3796ecb9063dbe696f/Gemfile
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/https-githubsup-com/pixellate/pull/10/{{ revealButtonHref }}
Please reload this pagehttps://github.com/https-githubsup-com/pixellate/pull/10/files
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width


URLs of crawlers that visited me.