Sha256: 83e76c3cc70c2db7a868635542430af365ef64f29c3cfcdbf5fd57a827542854
Contents?: true
Size: 542 Bytes
Versions: 1
Compression:
Stored size: 542 Bytes
Contents
--- gem: simple_form cve: 2019-16676 ghsa: r74q-gxcg-73hx url: https://github.com/plataformatec/simple_form/security/advisories/GHSA-r74q-gxcg-73hx title: simple_form Gem for Ruby Incorrect Access Control for forms based on user input date: 2019-09-27 description: | Simple Form before 5.0 has Incorrect Access Control in `file_method?` in `lib/simple_form/form_builder.rb`, because a user-supplied string is invoked as a method call. This only happens for pages that build forms based on user input. patched_versions: - ">= 5.0"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/simple_form/CVE-2019-16676.yml |