Homepage

rubygems vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the rubygems package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
Inefficient Regular Expression Complexity

*
  • H
Arbitrary Argument Injection

<3.3.5-1
  • H
CVE-2020-36327

<3.3.5-1
  • L
Cryptographic Issues

<3.2.0~rc.1-1
  • L
Cryptographic Issues

<3.2.0~rc.1-1
  • M
Cryptographic Issues

<1.8.24-1
  • M
CVE-2012-2125

<1.8.24-1
  • H
Directory Traversal

<3.2.0~rc.1-1
  • H
Arbitrary Code Injection

<3.2.0~rc.1-1
  • H
Arbitrary Code Injection

<3.2.0~rc.1-1
  • H
Arbitrary Argument Injection

<3.2.0~rc.1-1
  • H
Arbitrary Code Injection

<3.2.0~rc.1-1
  • H
Arbitrary Code Injection

<3.2.0~rc.1-1
  • C
Improper Verification of Cryptographic Signature

<3.2.0~rc.1-1
  • H
Deserialization of Untrusted Data

<3.2.0~rc.1-1
  • M
Cross-site Scripting (XSS)

<3.2.0~rc.1-1
  • H
Link Following

<3.2.0~rc.1-1
  • M
Directory Traversal

<3.2.0~rc.1-1
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<3.2.0~rc.1-1
  • M
Improper Input Validation

<3.2.0~rc.1-1
  • C
Deserialization of Untrusted Data

<3.2.0~rc.1-1
  • H
Improper Input Validation

<3.2.0~rc.1-1
  • H
Improper Input Validation

<3.2.0~rc.1-1
  • L
Arbitrary Code Injection

<3.2.0~rc.1-1
  • H
Origin Validation Error

<3.2.0~rc.1-1