You can run this check yourself using the bundle-audit tool. It uses the list of vulnerabilities from ruby-advisory-db.<p>Checking the git history, I see that phillmv is a contributor to ruby-advisory-db.<p><a href="https://github.com/rubysec/bundler-audit" rel="nofollow">https://github.com/rubysec/bundler-audit</a><p><a href="https://github.com/rubysec/ruby-advisory-db" rel="nofollow">https://github.com/rubysec/ruby-advisory-db</a>
Hey. We posted about our service last week and got great feedback. We took that feedback and decided to put isitvulnerable.com together to really showcase what you can get out of it / uh check your dang Gemfile.lock at least.<p>We're expanding platforms, so do tell us what to support next :).
If you're into PHP, SensioLabs has a similar service you can use in your Composer.lock file: <a href="https://security.sensiolabs.org/check" rel="nofollow">https://security.sensiolabs.org/check</a><p>It'll block any vulnerable version of a dependency in your project.
Someone should reestimate severity of those "CVEs". I got 10 warnings and none of them is any severe for my app(and yours too, likely), so I'm definitely not vulnerable.<p>Also LOL "CSRF Vulnerability in jquery-rails" is known as not a bug at all.
Great tool! Bookmarked.<p>Bug report: text here [1] is not rendering properly, but if I resize the window to be smaller it adjusts and is fine. Happens in Firefox 39.0.3 (no plugins) and Chrome 44.0.2403.130 (64-bit, no plugins) at 1000px window width on OSX Yosemite.<p>[1] <a href="http://i.imgur.com/rgQqli8.png" rel="nofollow">http://i.imgur.com/rgQqli8.png</a>
Looks great. Your formatting on the result page is messed up in my browser (chrome on osx). You can see a screen shot here...<p><a href="https://annotate.driftt.com/view?i=99nffsejxeiittq%2F2015-08-07_at_10.49_AM_(1).png%2F" rel="nofollow">https://annotate.driftt.com/view?i=99nffsejxeiittq%2F2015-08...</a>
I'd like to know if there is something similar for Python, or something like <a href="https://github.com/rubysec/ruby-advisory-db" rel="nofollow">https://github.com/rubysec/ruby-advisory-db</a> for Python.