about summary refs log tree commit diff
path: root/Gemfile
diff options
context:
space:
mode:
authorKaspar V <casaper@users.noreply.github.com>2023-01-22 23:09:02 +0100
committerGitHub <noreply@github.com>2023-01-22 23:09:02 +0100
commit9b795a25cd7a014d8c08cc213031b55dff83bb69 (patch)
treeebb0913be834983a189ed69084e9990ffce1768f /Gemfile
parent628dcbb73257110979cce77bd3ed722e5f163c9b (diff)
fix(pghero): update because CVE-2023-22626 (#23190)
There is a vulnerability
[CVE-2023-22626](https://github.com/advisories/GHSA-vf99-xw26-86g5)

```
Name: pghero
Version: 2.8.3
CVE: CVE-2023-22626
GHSA: GHSA-vf99-xw26-86g5
Criticality: High
URL: https://github.com/ankane/pghero/issues/439
Title: Information Disclosure Through EXPLAIN Feature
Solution: upgrade to '>= 3.1.0'
```
Diffstat (limited to 'Gemfile')
-rw-r--r--Gemfile2
1 files changed, 1 insertions, 1 deletions
diff --git a/Gemfile b/Gemfile
index 6a72fec54..9c1c9586a 100644
--- a/Gemfile
+++ b/Gemfile
@@ -15,7 +15,7 @@ gem 'rack', '~> 2.2.6'
 gem 'hamlit-rails', '~> 0.2'
 gem 'pg', '~> 1.4'
 gem 'makara', '~> 0.5'
-gem 'pghero', '~> 2.8'
+gem 'pghero'
 gem 'dotenv-rails', '~> 2.8'
 
 gem 'aws-sdk-s3', '~> 1.117', require: false