GMS-2014-3: Information Exposure

April 6, 2014

This package is vulnerable to Information Exposure. When an exception message occurs, it contains the full path of the project directory.

References

github.com/carrierwaveuploader/carrierwave/commit/96314bb42c32d6b24278474e1c877b53a88bfaf8
github.com/carrierwaveuploader/carrierwave/pull/1361

Detect and mitigate GMS-2014-3 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →