[tiptap-ruby/DB 10] Low in rails-html-sanitizer (rubygems) #37

dependabot-auto-bot · 2024-12-03T03:17:37Z

⚠️🔓 This is an automated security report from Dependabot.

Alert ID	[10](https://github.com/CompanyCam/Company-Cam-API/security/dependabot/10)
Package	rails-html-sanitizer (rubygems)
Severity	Low
Remediate By	2025-05-31

Summary

A security vulnerability of severity Low has been found in rails-html-sanitizer (rubygems). The full details
are contained in the Dependabot alert.

Next Steps

1. Confirm the vulnerability.

Verify that we are vulnerable to the reported issue. If we are not, close the dependabot alert with a comment explaining why. Then, you will need
to also close this issue with a comment explaining why.

2. Confirm the severity.

If there is reason to adjust the reported severity, do so and make a comment in this issue indicating the reasoning.

3. Remediate the issue by the deadline.

Update the package to a non-vulnerable version or apply patches to prevent the vulnerability from affecting us. (Be sure to reference this issue number in your PRs!)

dependabot-auto-bot bot added Severity: Low Type: Security labels Dec 3, 2024

dependabot-auto-bot bot assigned chadwilken Dec 3, 2024

chadwilken mentioned this issue Dec 3, 2024

Bump rails-html-sanitizer to 1.6.1 #38

Merged

chadwilken closed this as completed in #38 Dec 5, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[tiptap-ruby/DB 10] Low in rails-html-sanitizer (rubygems) #37

[tiptap-ruby/DB 10] Low in rails-html-sanitizer (rubygems) #37

dependabot-auto-bot bot commented Dec 3, 2024

[tiptap-ruby/DB 10] Low in rails-html-sanitizer (rubygems) #37

[tiptap-ruby/DB 10] Low in rails-html-sanitizer (rubygems) #37

Comments

dependabot-auto-bot bot commented Dec 3, 2024

Summary

Next Steps

1. Confirm the vulnerability.

2. Confirm the severity.

3. Remediate the issue by the deadline.