Homepage

tfm-rubygem-rails vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the tfm-rubygem-rails package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Reliance on Untrusted Inputs in a Security Decision

<0:6.0.3.1-1.el7sat
  • H
Directory Traversal

<0:6.0.3.1-1.el7sat
  • H
Incorrect Default Permissions

<0:6.0.3.1-1.el7sat
  • H
Improper Validation of Certificate with Host Mismatch

<0:6.0.3.1-1.el7sat
  • H
Improper Input Validation

<0:6.0.3.1-1.el7sat
  • H
HTTP Request Smuggling

<0:6.0.3.1-1.el7sat
  • H
Cross-site Scripting (XSS)

<0:6.0.3.1-1.el7sat
  • H
Eval Injection

<0:6.0.3.1-1.el7sat
  • H
HTTP Response Splitting

<0:6.0.3.1-1.el7sat
  • H
Improper Authentication

<0:6.0.3.1-1.el7sat
  • H
Insufficiently Protected Credentials

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Improper Input Validation

<0:6.0.3.1-1.el7sat
  • H
Improperly Implemented Security Check for Standard

<0:6.0.3.1-1.el7sat
  • H
Cross-site Scripting (XSS)

<0:6.0.3.1-1.el7sat
  • H
CVE-2018-3258

<0:6.0.3.1-1.el7sat
  • H
Missing Authorization

<0:6.0.3.1-1.el7sat
  • M
Information Exposure

<0:6.0.3.4-1.el7sat
  • M
Missing Authorization

<0:6.0.3.4-1.el7sat
  • M
Information Exposure Through Log Files

<0:6.0.3.4-1.el7sat
  • H
Improper Input Validation

<0:6.0.3.1-1.el7sat
  • H
Cross-site Scripting (XSS)

<0:6.0.3.1-1.el7sat
  • M
Cleartext Transmission of Sensitive Information

<0:6.0.3.7-1.el7sat
  • M
Cleartext Transmission of Sensitive Information

<0:6.0.3.7-1.el7sat
  • M
Information Exposure

<0:6.0.3.7-1.el7sat
  • M
Information Exposure

<0:6.0.3.7-1.el7sat
  • M
Open Redirect

<0:6.0.3.7-1.el7sat
  • M
Open Redirect

<0:6.0.3.7-1.el7sat
  • M
Information Exposure

<0:6.0.3.7-1.el7sat
  • M
Information Exposure

<0:6.0.3.7-1.el7sat
  • M
Information Exposure

<0:6.0.3.4-1.el7sat
  • L
Cross-site Scripting (XSS)

*
  • H
Insufficiently Protected Credentials

<0:6.0.3.1-1.el7sat
  • H
Improper Authentication

<0:6.0.3.1-1.el7sat
  • M
Information Exposure

<0:6.0.3.4-1.el7sat
  • H
Information Exposure

<0:6.0.3.1-1.el7sat
  • H
Incorrect Default Permissions

<0:6.0.3.1-1.el7sat
  • M
SQL Injection

<0:6.0.3.4-1.el7sat
  • H
Improperly Implemented Security Check for Standard

<0:6.0.3.1-1.el7sat
  • M
Unchecked Error Condition

<0:6.0.3.7-1.el7sat
  • M
Unchecked Error Condition

<0:6.0.3.7-1.el7sat
  • M
Improper Verification of Cryptographic Signature

<0:6.0.3.7-1.el7sat
  • M
Improper Verification of Cryptographic Signature

<0:6.0.3.7-1.el7sat
  • M
Directory Traversal

<0:6.0.3.7-1.el7sat
  • M
Directory Traversal

<0:6.0.3.7-1.el7sat
  • M
Directory Traversal

<0:6.0.3.7-1.el7sat
  • M
Directory Traversal

<0:6.0.3.7-1.el7sat
  • M
Server-Side Request Forgery (SSRF)

<0:6.0.3.7-1.el7sat
  • M
Server-Side Request Forgery (SSRF)

<0:6.0.3.7-1.el7sat
  • M
Directory Traversal

<0:6.0.3.7-1.el7sat
  • M
Directory Traversal

<0:6.0.3.7-1.el7sat
  • H
Missing Authorization

<0:6.0.3.1-1.el7sat
  • H
Improper Validation of Certificate with Host Mismatch

<0:6.0.3.1-1.el7sat
  • M
Execution with Unnecessary Privileges

<0:6.0.3.4-1.el7sat
  • M
Resource Exhaustion

<0:6.0.3.7-1.el7sat
  • M
Resource Exhaustion

<0:6.0.3.7-1.el7sat
  • H
HTTP Request Smuggling

<0:6.0.3.1-1.el7sat
  • M
Exposure of Private Information ('Privacy Violation')

*
  • M
Out-of-Bounds

<0:6.0.3.4-1.el7sat
  • M
Information Exposure

<0:6.0.3.7-1.el7sat
  • M
Information Exposure

<0:6.0.3.7-1.el7sat
  • M
Information Exposure

<0:6.0.3.4-1.el7sat
  • M
Resource Exhaustion

<0:6.0.3.7-1.el7sat
  • M
Resource Exhaustion

<0:6.0.3.7-1.el7sat
  • M
Cross-site Request Forgery (CSRF)

<0:6.0.3.4-1.el7sat
  • M
Resource Exhaustion

<0:6.0.3.7-1.el7sat
  • M
Resource Exhaustion

<0:6.0.3.7-1.el7sat
  • M
Resource Exhaustion

<0:6.0.3.7-1.el7sat
  • M
Resource Exhaustion

<0:6.0.3.7-1.el7sat
  • H
Cross-site Scripting (XSS)

<0:6.0.3.1-1.el7sat
  • M
Cross-site Request Forgery (CSRF)

<0:6.0.3.4-1.el7sat
  • H
Improper Input Validation

<0:6.0.3.1-1.el7sat
  • M
Cross-site Scripting (XSS)

<0:6.0.3.4-1.el7sat
  • M
Improper Input Validation

<0:6.0.3.4-1.el7sat
  • M
Improper Input Validation

<0:6.0.3.4-1.el7sat
  • H
Eval Injection

<0:6.0.3.1-1.el7sat
  • M
Information Exposure

<0:6.0.3.7-1.el7sat
  • M
Information Exposure

<0:6.0.3.7-1.el7sat
  • M
OS Command Injection

<0:6.0.3.7-1.el7sat
  • M
OS Command Injection

<0:6.0.3.7-1.el7sat
  • M
XML External Entity (XXE) Injection

<0:6.0.3.7-1.el7sat
  • M
XML External Entity (XXE) Injection

<0:6.0.3.7-1.el7sat
  • H
Directory Traversal

<0:6.0.3.1-1.el7sat
  • H
HTTP Response Splitting

<0:6.0.3.1-1.el7sat
  • H
Reliance on Untrusted Inputs in a Security Decision

<0:6.0.3.1-1.el7sat
  • M
Improper Input Validation

<0:6.0.3.7-1.el7sat
  • M
Improper Input Validation

<0:6.0.3.7-1.el7sat
  • H
CVE-2018-3258

<0:6.0.3.1-1.el7sat
  • H
Covert Timing Channel

<0:6.0.3.1-1.el7sat
  • M
Covert Timing Channel

<0:6.0.3.4-1.el7sat
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:6.0.3.7-1.el7sat
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:6.0.3.7-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • M
Incorrect Default Permissions

<0:6.0.3.7-1.el7sat
  • M
Incorrect Default Permissions

<0:6.0.3.7-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • M
Information Exposure

<0:6.0.3.4-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • H
Deserialization of Untrusted Data

<0:6.0.3.1-1.el7sat
  • M
Use After Free

<0:6.0.3.4-1.el7sat