Vulnerable Dependencies in the Repository

### Pull Request

_No response_

### What happened?

### Bug Report: Vulnerable Dependencies in the Repository

#### Description
Two dependencies in the `Gemfile.lock` that are affected by known vulnerabilities, which may pose a risk to the security and reliability of the repository.

1. **Dependency**: `webrick@1.8.1`
   - **Issue**: Vulnerable to [CVE-2024-47220](https://nvd.nist.gov/vuln/detail/CVE-2024-47220) (HTTP request smuggling).
   - **Recommendation**: Update to `webrick@1.8.2` or later.

2. **Dependency**: `rexml@3.2.5`
   - **Issue**: Vulnerable to [CVE-2024-49761](https://nvd.nist.gov/vuln/detail/CVE-2024-49761) (Regular Expression Denial of Service - ReDoS).
   - **Recommendation**: Update to `rexml@3.3.9` or later.

#### File Location
- `Gemfile.lock`:
  - `webrick (1.8.1)` at line 288.
  - `rexml (3.2.5)` at line 260.

#### Impact
These vulnerabilities could expose the repository to security risks, such as HTTP smuggling attacks and potential Denial of Service (DoS) threats. It is recommended to update these dependencies promptly.



### Relevant log output

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Vulnerable Dependencies in the Repository #9115

Pull Request

What happened?

Bug Report: Vulnerable Dependencies in the Repository

Description

File Location

Impact

Relevant log output

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Vulnerable Dependencies in the Repository #9115

Description

Pull Request

What happened?

Bug Report: Vulnerable Dependencies in the Repository

Description

File Location

Impact

Relevant log output

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions