AMD64
Shell
Git
Scroll to End of Log
0.13s0.10s0.00s0.10sTopworker_info1Worker information2hostname: d307a9c9-47a0-41b9-b847-ecf4d3e6089b@1.worker-n2-com-779d777f7b-hxsb6.gce-production-13version: 6.2.22 https://github.com/travis-ci/worker/tree/858cb91994a513269f2fe9782c15fc113e9662314instance: travis-job-7d4861c6-08df-41da-9bf8-312c156c4684 travis-ci-ubuntu-2204-1698932501-7a1a9a36 (via amqp)5startup: 6.445648362ssystem_info7Build system information8Build language: shell9Build dist: jammy10Build id: 27036164311Job id: 62143926912Runtime kernel version: 6.2.0-1018-gcp13travis-build version: 22cc7fd414Build image provisioning date and time15Thu Nov 2 02:14:52 PM UTC 202316Operating System Details17Distributor ID: Ubuntu18Description: Ubuntu 22.04.3 LTS19Release: 22.0420Codename: jammy21Systemd Version22systemd 249 (249.11-0ubuntu3.11)23Cookbooks Version24f5d122e https://github.com/travis-ci/travis-cookbooks/tree/f5d122e25git version26git version 2.42.027bash version28GNU bash, version 5.1.16(1)-release (x86_64-pc-linux-gnu)29gcc version30gcc (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.031docker version32Client:33 Version: 24.0.534 API version: 1.4335 Go version: go1.20.336 Git commit: 24.0.5-0ubuntu1~22.04.137 Built: Mon Aug 21 19:50:14 202338 OS/Arch: linux/amd6439 Context: default41Server:42 Engine:43 Version: 24.0.544 API version: 1.43 (minimum version 1.12)45 Go version: go1.20.346 Git commit: 24.0.5-0ubuntu1~22.04.147 Built: Mon Aug 21 19:50:14 202348 OS/Arch: linux/amd6449 Experimental: false50 containerd:51 Version: 1.7.252 GitCommit:53 runc:54 Version: 1.1.7-0ubuntu1~22.04.155 GitCommit:56 docker-init:57 Version: 0.19.058 GitCommit:59clang version60clang version 16.0.061jq version62jq-1.663bats version64Bats 0.4.065shellcheck version660.7.267shfmt version68v3.2.169ccache version704.5.171cmake version72cmake version 3.26.373heroku version74heroku/8.7.0 linux-x64 node-v16.19.075imagemagick version76Version: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org77md5deep version784.479mercurial version80version 5.381mysql version82mysql Ver 8.0.35-0ubuntu0.22.04.1 for Linux on x86_64 ((Ubuntu))83openssl version84OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)85packer version861.7.587postgresql client version88psql (PostgreSQL) 14.9 (Ubuntu 14.9-0ubuntu0.22.04.1)89ragel version90Ragel State Machine Compiler version 6.10 March 201791sudo version921.9.993gzip version94gzip 1.1095zip version96Zip 3.097vim version98VIM - Vi IMproved 8.2 (2019 Dec 12, compiled Oct 16 2023 18:15:38)99iptables version100iptables v1.8.7 (nf_tables)101curl version102curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.5.16103wget version104GNU Wget 1.21.2 built on linux-gnu.105rsync version106rsync version 3.2.7 protocol version 31107gimme version108v1.5.4109nvm version1100.39.5111perlbrew version112/home/travis/perl5/perlbrew/bin/perlbrew - App::perlbrew/0.95113phpenv version114rbenv 1.2.0115rvm version116rvm 1.29.12 (latest) by Michal Papis, Piotr Kuczynski, Wayne E. Seguin [https://rvm.io]117default ruby version118ruby 2.7.8p225 (2023-03-30 revision 1f4d455848) [x86_64-linux]119default python version120Python 3.10.12121ElasticSearch version1227.16.3123Installed Firefox version124firefox 63.0.1125MongoDB version126MongoDB 6.0.11127Pre-installed Go versions1281.18.3129ant version130Apache Ant(TM) version 1.10.12 compiled on January 17 1970131mvn version132Apache Maven 3.9.5 (57804ffe001d7215b5e7bcb531cf83df38f93546)133gradle version134Gradle 5.1.1!135lein version136Leiningen 2.10.0 on Java 11.0.21 OpenJDK 64-Bit Server VM137Pre-installed Node.js versions138v10.24.1139v12.22.12140v14.21.3141v16.20.2142v18.18.2143v20.9.0144v4.9.1145v6.17.1146v8.17.0147v8.9148phpenv versions149 system150 8.1151* 8.1.2 (set by /home/travis/.phpenv/version)152 hhvm-stable153 hhvm154composer --version155Composer version 2.3.7 2022-06-06 16:43:28156Pre-installed Ruby versions157ruby-2.7.8158ruby-3.0.4159ruby-3.1.21620.00s0.07s0.00s0.02s0.13s0.00s0.00s0.00s0.01s0.00s0.10s0.00s1.03s0.00s0.07s6.04s0.00s3.77s0.00s2.39sdocker_mtu_and_registry_mirrorsresolvconfgit.checkout1630.01s1.69s$ git clone --depth=10 --branch=enterprise-3.0 https://github.com/travis-ci/travis-yml.git travis-ci/travis-yml164Cloning into 'travis-ci/travis-yml'...165$ cd travis-ci/travis-yml166$ git checkout -qf 5e64e0255b249470bf73b839fc2cbdc91cad6d841680.00s169Setting environment variables from repository settings170$ export QUAY_ROBOT_HANDLE=[secure]171$ export QUAY_ROBOT_TOKEN=[secure]173$ bash -c 'echo $BASH_VERSION'1745.1.16(1)-release176Skipping the before_install step, as specified in the configuration.177Skipping the install step, as specified in the configuration.179docker build --pull --no-cache -t travisci/travis-yml:5e64e02 .180DEPRECATED: The legacy builder is deprecated and will be removed in a future release.181 Install the buildx component to build images with BuildKit:182 https://docs.docker.com/go/buildx/184Sending build context to Docker daemon 3.469MB185Step 1/18 : FROM ruby:2.6.10-slim as base1862.6.10-slim: Pulling from library/ruby1871fe172e4850f: Pulling fs layer188100f29d0fcb2: Pulling fs layer189937a564b41a1: Pulling fs layer19096ed6bd3a152: Pulling fs layer19103e23c2ed14b: Pulling fs layer19296ed6bd3a152: Waiting19303e23c2ed14b: Waiting194937a564b41a1: Download complete195100f29d0fcb2: Verifying Checksum196100f29d0fcb2: Download complete19703e23c2ed14b: Verifying Checksum19803e23c2ed14b: Download complete1991fe172e4850f: Verifying Checksum2001fe172e4850f: Download complete20196ed6bd3a152: Verifying Checksum20296ed6bd3a152: Download complete2031fe172e4850f: Pull complete204100f29d0fcb2: Pull complete205937a564b41a1: Pull complete20696ed6bd3a152: Pull complete20703e23c2ed14b: Pull complete208Digest: sha256:3d641979a7dc819b4c253dc62d2f74800817053247005f72b871d164498109df209Status: Downloaded newer image for ruby:2.6.10-slim210 ---> 6c7e929006b0211Step 2/18 : RUN apt-get update > /dev/null 2>&1 && apt-get upgrade -y > /dev/null 2>&1 && rm -rf /var/lib/apt/lists/*212 ---> Running in f2d1b5e40710213Removing intermediate container f2d1b5e40710214 ---> 9301090caea7215Step 3/18 : WORKDIR /app216 ---> Running in e2b7fbe47826217Removing intermediate container e2b7fbe47826218 ---> 5b3b0aefc506219Step 4/18 : RUN gem update --system 3.4.13 > /dev/null 2>&1220 ---> Running in 04a24d060ae3221Removing intermediate container 04a24d060ae3222 ---> 01b2ca6c72ca223Step 5/18 : RUN echo "gem: --no-document" >> ~/.gemrc224 ---> Running in 30b88b8364b6225Removing intermediate container 30b88b8364b6226 ---> 762b04224506227Step 6/18 : RUN bundle config set --global no-cache 'true' && bundle config set --global frozen 'true' && bundle config set --global deployment 'true' && bundle config set --global without 'development test' && bundle config set --global clean 'true' && bundle config set --global jobs `expr $(cat /proc/cpuinfo | grep -c 'cpu cores')` && bundle config set --global retry 3228 ---> Running in a7a9b0c014a6229Removing intermediate container a7a9b0c014a6230 ---> f3ad9f51aed7231Step 7/18 : FROM base as builder232 ---> f3ad9f51aed7233Step 8/18 : RUN apt-get update > /dev/null 2>&1 && apt-get install -y --no-install-recommends git make gcc g++ > /dev/null 2>&1 && rm -rf /var/lib/apt/lists/*234 ---> Running in cc05bfa878e0235Removing intermediate container cc05bfa878e0236 ---> 1ea56483bc2a237Step 9/18 : COPY .ruby-version travis-yml.gemspec ./238 ---> 1e742d75bb0c239Step 10/18 : COPY ./lib/travis/yml/version.rb ./lib/travis/yml/version.rb240 ---> 0d5fad887bf9241Step 11/18 : COPY Gemfile Gemfile.lock ./242 ---> 96fd452ed7c1243Step 12/18 : RUN bundle install244 ---> Running in 4698c35260fd245Bundler 2.4.13 is running, but your lockfile was generated with 2.4.17. Installing Bundler 2.4.17 and restarting using that version.246Fetching gem metadata from https://rubygems.org/.247Fetching bundler 2.4.17248Installing bundler 2.4.17249Fetching https://github.com/travis-ci/travis-conditions250Fetching gem metadata from https://rubygems.org/.........251Fetching https://github.com/travis-ci/travis-conditions252Fetching https://github.com/travis-ci/travis-metrics253Fetching sexp_processor 4.14.1254Fetching atomic 1.1.101255Installing atomic 1.1.101 with native extensions256Installing sexp_processor 4.14.1257Fetching multipart-post 2.1.1258Installing multipart-post 2.1.1259Fetching hashr 2.0.1260Installing hashr 2.0.1261Fetching hitimes 1.3.1262Installing hitimes 1.3.1 with native extensions263Fetching memoyze 0.0.1264Installing memoyze 0.0.1265Fetching multi_json 1.15.0266Installing multi_json 1.15.0267Fetching ruby2_keywords 0.0.5268Installing ruby2_keywords 0.0.5269Fetching nio4r 2.5.8270Installing nio4r 2.5.8 with native extensions271Fetching oj 3.7.12272Installing oj 3.7.12 with native extensions273Fetching parslet 1.8.2274Installing parslet 1.8.2275Fetching rack 2.2.4276Installing rack 2.2.4277Fetching rack-ssl-enforcer 0.2.9278Installing rack-ssl-enforcer 0.2.9279Fetching redcarpet 3.5.1280Installing redcarpet 3.5.1 with native extensions281Fetching regstry 1.0.15282Installing regstry 1.0.15283Fetching ruby-obj 1.0.0284Installing ruby-obj 1.0.0285Fetching sh_vars 1.0.2286Installing sh_vars 1.0.2287Fetching tilt 2.0.11288Installing tilt 2.0.11289Fetching tins 1.24.1290Installing tins 1.24.1291Fetching ruby_parser 3.14.2292Installing ruby_parser 3.14.2293Fetching faraday 0.15.4294Installing faraday 0.15.4295Fetching travis-config 1.1.3296Installing travis-config 1.1.3297Fetching avl_tree 1.2.1298Installing avl_tree 1.2.1299Fetching mustermann 2.0.2300Installing mustermann 2.0.2301Fetching puma 4.3.12302Installing puma 4.3.12 with native extensions303Fetching rack-cors 1.1.1304Installing rack-cors 1.1.1305Fetching rack-protection 2.2.3306Installing rack-protection 2.2.3307Fetching protocol 2.0.0308Installing protocol 2.0.0309Fetching faraday_middleware 0.14.0310Installing faraday_middleware 0.14.0311Fetching sentry-raven 2.9.0312Installing sentry-raven 2.9.0313Fetching metriks 0.9.9.8314Installing metriks 0.9.9.8315Fetching sinatra 2.2.3316Installing sinatra 2.2.3317Fetching mize 0.4.0318Installing mize 0.4.0319Fetching metriks-librato_metrics 1.0.6320Installing metriks-librato_metrics 1.0.6321Fetching sinatra-contrib 2.2.3322Installing sinatra-contrib 2.2.3323Fetching amatch 0.4.0324Installing amatch 0.4.0 with native extensions325Bundle complete! 17 Gemfile dependencies, 41 gems now installed.326Gems in the groups 'development' and 'test' were not installed.327Bundled gems are installed into `./vendor/bundle`328Post-install message from atomic:329This gem has been deprecated and merged into Concurrent Ruby (http://concurrent-ruby.com).330Removing intermediate container 4698c35260fd331 ---> fbbb57fb5cb9332Step 13/18 : FROM base333 ---> f3ad9f51aed7334Step 14/18 : LABEL maintainer Travis CI GmbH <support+travis-live-docker-images@travis-ci.com>335 ---> Running in b5aefc015ffc336Removing intermediate container b5aefc015ffc337 ---> 70ff9b805050338Step 15/18 : COPY --from=builder /usr/local/bundle /usr/local/bundle339 ---> caacff986f1c340Step 16/18 : COPY --from=builder /app/vendor ./vendor341 ---> 99fb513d9f8e342Step 17/18 : COPY . ./343 ---> b74d2f1a1d63344Step 18/18 : CMD ["bundle", "exec", "puma", "-C", "lib/travis/yml/web/puma.rb"]345 ---> Running in 8026d8f8a2bb346Removing intermediate container 8026d8f8a2bb347 ---> 8f6fe17e0e50348Successfully built 8f6fe17e0e50349Successfully tagged travisci/travis-yml:5e64e02350docker login -u=[secure] -p=[secure] quay.io351WARNING! Using --password via the CLI is insecure. Use --password-stdin.352WARNING! Your password will be stored unencrypted in /home/travis/.docker/config.json.353Configure a credential helper to remove this warning. See354https://docs.docker.com/engine/reference/commandline/login/#credentials-store356Login Succeeded357docker tag travisci/travis-yml:5e64e02 quay.io/travisci/travis-yml:5e64e02-enterprise-3.0358docker push quay.io/travisci/travis-yml:5e64e02-enterprise-3.0359The push refers to repository [quay.io/travisci/travis-yml]360f0a39d3f7950: Preparing361afa9cf1003ce: Preparing36238d4af8463f7: Preparing3634cc9626f8927: Preparing364f68b97eb95b9: Preparing365ceed96a5eb55: Preparing36608fd1ccefd4b: Preparing367bb071dfcf595: Preparing3689ce6f9af70fc: Preparing36972325fcd36b7: Preparing370833c59850580: Preparing3713471fad30f0e: Preparing3729c1b6dd6c1e6: Preparing373ceed96a5eb55: Waiting37408fd1ccefd4b: Waiting375bb071dfcf595: Waiting3769ce6f9af70fc: Waiting37772325fcd36b7: Waiting378833c59850580: Waiting3793471fad30f0e: Waiting3809c1b6dd6c1e6: Waiting3814cc9626f8927: Pushed382f68b97eb95b9: Pushed383f0a39d3f7950: Pushed38438d4af8463f7: Pushed3859ce6f9af70fc: Layer already exists386afa9cf1003ce: Pushed38708fd1ccefd4b: Pushed38872325fcd36b7: Layer already exists389833c59850580: Layer already exists3909c1b6dd6c1e6: Layer already exists3913471fad30f0e: Layer already exists392ceed96a5eb55: Pushed393bb071dfcf595: Pushed3945e64e02-enterprise-3.0: digest: sha256:3ee92f628db55978bd0bcc3dd91505e430e4eebc0b935698eb6d4a314739adaf size: 3041395docker run --rm -v /tmp:/root/.cache/ -v /var/run/docker.sock:/var/run/docker.sock aquasec/trivy i --ignore-unfixed quay.io/travisci/travis-yml:5e64e02-enterprise-3.0396Unable to find image 'aquasec/trivy:latest' locally397latest: Pulling from aquasec/trivy3984abcf2066143: Pulling fs layer399bd6651fa9674: Pulling fs layer400e8ba746a6b5b: Pulling fs layer401405581c47843: Pulling fs layer402405581c47843: Waiting403bd6651fa9674: Verifying Checksum404bd6651fa9674: Download complete4054abcf2066143: Verifying Checksum4064abcf2066143: Download complete4074abcf2066143: Pull complete408e8ba746a6b5b: Verifying Checksum409e8ba746a6b5b: Download complete410405581c47843: Verifying Checksum411405581c47843: Download complete412bd6651fa9674: Pull complete413e8ba746a6b5b: Pull complete414405581c47843: Pull complete415Digest: sha256:3cd377b27f4b9e52fc66e4b62c9b73b15bd07f0f5dfb7cdb9f21aeaaf72dbd9e416Status: Downloaded newer image for aquasec/trivy:latest4172024-05-08T07:01:08Z INFO Need to update DB4182024-05-08T07:01:08Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"41922.35 MiB / 45.97 MiB [----------------------------->_______________________________] 48.62% ? p/s ?45.97 MiB / 45.97 MiB [----------------------------------------------------------->] 100.00% ? p/s ?45.97 MiB / 45.97 MiB [----------------------------------------------------------->] 100.00% ? p/s ?45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 39.36 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 39.36 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 39.36 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 36.82 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 36.82 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 36.82 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 34.45 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [-------------------------------------------------] 100.00% 25.32 MiB p/s 2.0s2024-05-08T07:01:10Z INFO Vulnerability scanning is enabled4202024-05-08T07:01:10Z INFO Secret scanning is enabled4212024-05-08T07:01:10Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning4222024-05-08T07:01:10Z INFO Please see also https://aquasecurity.github.io/trivy/v0.51/docs/scanner/secret/#recommendation for faster secret detection4232024-05-08T07:01:21Z INFO Detected OS family="debian" version="11.9"4242024-05-08T07:01:21Z INFO [debian] Detecting vulnerabilities... os_version="11" pkg_num=1204252024-05-08T07:01:21Z INFO Number of language-specific files num=34262024-05-08T07:01:21Z INFO [cargo] Detecting vulnerabilities...4272024-05-08T07:01:21Z INFO [gemspec] Detecting vulnerabilities...4282024-05-08T07:01:21Z INFO Table result includes only package filenames. Use '--format json' option to get the full path to the package file.430quay.io/travisci/travis-yml:5e64e02-enterprise-3.0 (debian 11.9)431================================================================432Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)435Ruby (gemspec)436==============437Total: 14 (UNKNOWN: 0, LOW: 1, MEDIUM: 7, HIGH: 6, CRITICAL: 0)439┌───────────────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬──────────────────────────────────────────────────────────┬────────────────────────────────────────────────────────────┐440│ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │441├───────────────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤442│ json (json-2.1.0.gemspec) │ CVE-2020-10663 │ HIGH │ fixed │ 2.1.0 │ >= 2.3.0 │ rubygem-json: Unsafe object creation vulnerability in JSON │443│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-10663 │444├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼─────────────────────────���──────────────────────────────────┤445│ puma (puma-4.3.12.gemspec) │ CVE-2023-40175 │ MEDIUM │ │ 4.3.12 │ ~> 5.6.7, >= 6.3.1 │ rubygem-puma: HTTP request smuggling when parsing chunked │446│ │ │ │ │ │ │ transfer encoding bodies and zero-length... │447│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-40175 │448│ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤449│ │ CVE-2024-21647 │ │ │ │ ~> 5.6.8, >= 6.4.2 │ rubygem-puma: HTTP request smuggling when parsing chunked │450│ │ │ │ │ │ │ Transfer-Encoding Bodies │451│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-21647 │452├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤453│ rack (rack-2.2.4.gemspec) │ CVE-2022-44570 │ HIGH │ │ 2.2.4 │ ~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= │ rubygem-rack: denial of service in Content-Disposition │454│ │ │ │ │ │ 2.2.6.2, >= 3.0.4.1 │ parsing │455│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-44570 │456│ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤457│ │ CVE-2022-44571 │ │ │ │ ~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= │ rubygem-rack: denial of service in Content-Disposition │458│ │ │ │ │ │ 2.2.6.1, >= 3.0.4.1 │ parsing │459│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-44571 │460│ ├────────────────┤ │ │ │ ├────────────────────────────────────────────────────────────┤461│ │ CVE-2022-44572 │ │ │ │ │ rubygem-rack: denial of service in Content-Disposition │462│ │ │ │ │ │ │ parsing │463│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-44572 │464│ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤465│ │ CVE-2023-27530 │ │ │ │ ~> 2.0.9, >= 2.0.9.3, ~> 2.1.4, >= 2.1.4.3, ~> 2.2.6, >= │ rubygem-rack: Denial of service in Multipart MIME parsing │466│ │ │ │ │ │ 2.2.6.3, >= 3.0.4.2 │ https://avd.aquasec.com/nvd/cve-2023-27530 │467│ ├────────────────┼──────────┤ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤468│ │ CVE-2023-27539 │ MEDIUM │ │ │ ~> 2.0, >= 2.2.6.4, >= 3.0.6.1 │ rubygem-rack: denial of service in header parsing │469│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-27539 │470│ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤471│ │ CVE-2024-25126 │ │ │ │ ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1 │ rubygem-rack: Denial of Service Vulnerability in Rack │472│ │ │ │ │ │ │ Content-Type Parsing │473│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-25126 │474│ ├────────────────┤ │ │ │ ├────────────────────────────────────────────────────────────┤475│ │ CVE-2024-26141 │ │ │ │ │ rubygem-rack: Possible DoS Vulnerability with Range Header │476│ │ │ │ │ │ │ in Rack │477│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-26141 │478│ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤479│ │ CVE-2024-26146 │ │ │ │ ~> 2.0.9, >= 2.0.9.4, ~> 2.1.4, >= 2.1.4.4, ~> 2.2.8, >= │ rubygem-rack: Possible Denial of Service Vulnerability in │480│ │ │ │ │ │ 2.2.8.1, >= 3.0.9.1 │ Rack Header Parsing │481│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-26146 │482├───────────────────────────────────┼────────────────┤ │ ├───────────────────┼──────────────────────────────────────────────────────────┼──────────────────────────────────────────���─────────────────┤483│ rdoc (rdoc-6.1.2.1.gemspec) │ CVE-2024-27281 │ │ │ 6.1.2.1 │ ~> 6.3.4, >= 6.3.4.1, ~> 6.4.1, >= 6.4.1.1, >= 6.5.1.1 │ ruby: RCE vulnerability with .rdoc_options in RDoc │484│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-27281 │485├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤486│ stringio (stringio-0.0.2.gemspec) │ CVE-2024-27280 │ LOW │ │ 0.0.2 │ >= 3.0.1.1 │ ruby: Buffer overread vulnerability in StringIO │487│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-27280 │488├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤489│ webrick (webrick-1.4.4.gemspec) │ CVE-2020-25613 │ HIGH │ │ 1.4.4 │ >= 1.6.1 │ ruby: Potential HTTP request smuggling in WEBrick │490│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-25613 │491└───────────────────────────────────┴────────────────┴──────────┴────────┴───────────────────┴──────────────────────────────────────────────────────────┴────────────────────────────────────────────────────────────┘493usr/local/bundle/gems/rubygems-update-3.4.13/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.lock (cargo)494========================================================================================================================================495Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)497┌─────────┬─────────────────────┬──────────┬────────┬───────────────────┬───────────────┬───────────────────────────────────────────────────┐498│ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │499├─────────┼─────────────────────┼──────────┼────────┼───────────────────┼───────────────┼───────────────────────────────────────────────────┤500│ shlex │ GHSA-r7qv-8r2h-pg27 │ HIGH │ fixed │ 1.1.0 │ 1.3.0 │ Multiple issues involving quote API in shlex │501│ │ │ │ │ │ │ https://github.com/advisories/GHSA-r7qv-8r2h-pg27 │502└─────────┴─────────────────────┴──────────┴────────┴───────────────────┴───────────────┴───────────────────────────────────────────────────┘504usr/local/bundle/gems/rubygems-update-3.4.13/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.lock (cargo)505==========================================================================================================================506Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)508┌─────────┬─────────────────────┬──────────┬────────┬───────────────────┬───────────────┬───────────────────────────────────────────────────┐509│ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │510├─────────┼─────────────────────┼──────────┼────────┼───────────────────┼───────────────���───────────────────────────────────────────────────┤511│ shlex │ GHSA-r7qv-8r2h-pg27 │ HIGH │ fixed │ 1.1.0 │ 1.3.0 │ Multiple issues involving quote API in shlex │512│ │ │ │ │ │ │ https://github.com/advisories/GHSA-r7qv-8r2h-pg27 │513└─────────┴─────────────────────┴──────────┴────────┴───────────────────┴───────────────┴───────────────────────────────────────────────────┘514The command "make ship" exited with 0.517Done. Your build exited with 0.