Uploaded image for project: 'Data Management'
  1. Data Management
  2. DM-13745

[lsst-sqre/git-lfs-s3-server] One of your dependencies may have a security vulnerability

    Details

    • Templates:
    • Story Points:
      10
    • Epic Link:
    • Team:
      SQuaRE

      Description

      Email from github:

      sqreadmin,
       
      We found a potential security vulnerability in a repository for which you have been granted security alert access.
      @lsst-sqre 	lsst-sqre/git-lfs-s3-server
      Known moderate severity security vulnerability detected in rack-protection < 2.0.0 defined in Gemfile.lock.
      Gemfile.lock update suggested: rack-protection ~> 2.0.0.
      Always verify the validity and compatibility of suggestions with your codebase.
      

      CVE: https://nvd.nist.gov/vuln/detail/CVE-2018-1000119

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jhoblitt Joshua Hoblitt
                Reporter:
                jhoblitt Joshua Hoblitt
                Watchers:
                J Matt Peterson [X] (Inactive), Joshua Hoblitt
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Summary Panel