This repository has been archived by the owner on Dec 22, 2022. It is now read-only.
brakeman identified vulnerabilities #1187
Labels
Comments
|
== Warning Types == Denial of Service: 1 |
|
== Warning Types == Cross-Site Request Forgery: 1 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
To reproduce the full report
bundle exec brakeman -A== Brakeman Report ==
Application Path: /home/pjenkins/Code/discovery
Rails Version: 4.2.10
Brakeman Version: 4.3.1
Scan Date: 2018-06-27 14:58:31 -0600
Duration: 3.230230165 seconds
Checks Run: BasicAuth, BasicAuthTimingAttack, ContentTag, CreateWith, CrossSiteScripting, DefaultRoutes, Deserialize, DetailedException
s, DigestDoS, DivideByZero, DynamicFinders, EscapeFunction, Evaluation, Execute, FileAccess, FileDisclosure, FilterSkipping, ForgerySet
ting, HeaderDoS, I18nXSS, JRubyXML, JSONEncoding, JSONParsing, LinkTo, LinkToHref, MailTo, MassAssignment, MimeTypeDoS, ModelAttrAccess
ible, ModelAttributes, ModelSerialize, NestedAttributes, NestedAttributesBypass, NumberToCurrency, PermitAttributes, QuoteTableName, Re
direct, RegexDoS, Render, RenderDoS, RenderInline, ResponseSplitting, RouteDoS, SQL, SQLCVEs, SSLVerify, SafeBufferManipulation, Saniti
zeMethods, Secrets, SelectTag, SelectVulnerability, Send, SendFile, SessionManipulation, SessionSettings, SimpleFormat, SingleQuotes, S
kipBeforeFilter, StripTags, SymbolDoS, SymbolDoSCVE, TranslateBug, UnsafeReflection, UnscopedFind, ValidationRegex, WeakHash, WithoutPr
otection, XMLDoS, YAMLParsing
== Overview ==
Controllers: 14
Models: 5
Templates: 153
Errors: 1
Security Warnings: 7
== Warning Types ==
Cross-Site Scripting: 1
Denial of Service: 3
Dynamic Render Path: 1
SSL Verification Bypass: 2
The text was updated successfully, but these errors were encountered: