Homepage

tfm-rubygem-wicked vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the tfm-rubygem-wicked package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Information Exposure Through Log Files

<0:1.3.3-1.el7sat
  • M
Cross-site Scripting (XSS)

<0:1.3.3-1.el7sat
  • M
Cross-site Scripting (XSS)

<0:1.3.3-1.el7sat
  • M
Cross-site Scripting (XSS)

<0:1.3.3-1.el7sat
  • H
Information Exposure

<0:1.3.2-1.el7sat
  • H
SQL Injection

<0:1.3.2-1.el7sat
  • H
Information Exposure

<0:1.3.2-1.el7sat
  • H
Deserialization of Untrusted Data

<0:1.3.2-1.el7sat
  • H
Cross-site Scripting (XSS)

<0:1.3.2-1.el7sat
  • H
Cross-site Scripting (XSS)

<0:1.3.2-1.el7sat
  • H
XML External Entity (XXE) Injection

<0:1.3.2-1.el7sat
  • H
Information Exposure

<0:1.3.2-1.el7sat
  • H
Use of a Broken or Risky Cryptographic Algorithm

<0:1.3.2-1.el7sat
  • H
Improper Access Control

<0:1.3.2-1.el7sat
  • H
Missing Required Cryptographic Step

<0:1.3.2-1.el7sat
  • H
Missing Required Cryptographic Step

<0:1.3.2-1.el7sat
  • H
Information Exposure

<0:1.3.2-1.el7sat
  • H
Covert Timing Channel

<0:1.3.2-1.el7sat
  • H
Incorrect Calculation

<0:1.3.2-1.el7sat
  • H
Missing Required Cryptographic Step

<0:1.3.2-1.el7sat
  • H
Missing Required Cryptographic Step

<0:1.3.2-1.el7sat
  • H
Missing Required Cryptographic Step

<0:1.3.2-1.el7sat
  • M
Directory Traversal

<0:1.3.3-1.el7sat
  • H
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

<0:1.3.2-1.el7sat
  • H
Improper Certificate Validation

<0:1.3.2-1.el7sat
  • M
CVE-2013-6668

<0:1.1.0-4.el7sat
  • M
Information Exposure

<0:1.1.0-3.el7sat
  • M
Improper Input Validation

<0:1.1.0-3.el7sat
  • M
Incorrect Permission Assignment for Critical Resource

<0:1.3.3-1.el7sat
  • M
Cleartext Storage of Sensitive Information

<0:1.3.3-1.el7sat
  • M
Improper Authentication

<0:1.3.3-1.el7sat
  • H
Information Exposure

<0:1.3.2-1.el7sat
  • H
Improper Input Validation

<0:1.3.2-1.el7sat
  • H
Improper Input Validation

<0:1.3.2-1.el7sat
  • H
Cross-site Scripting (XSS)

<0:1.3.2-1.el7sat
  • M
Cross-site Scripting (XSS)

<0:1.3.3-1.el7sat
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<0:1.3.2-1.el7sat
  • M
Omission of Security-relevant Information

<0:1.1.0-4.el7sat
  • H
Information Exposure

<0:1.3.2-1.el7sat
  • M
Resource Exhaustion

<0:1.3.3-1.el7sat
  • H
Incomplete Blacklist

<0:1.3.2-1.el7sat
  • M
Resource Exhaustion

<0:1.1.0-4.el7sat
  • M
HTTP Response Splitting

<0:1.3.3-1.el7sat
  • M
Arbitrary Argument Injection

<0:1.3.3-1.el7sat
  • H
Out-of-Bounds

<0:1.3.2-1.el7sat
  • M
Improper Neutralization of Special Elements

<0:1.3.3-1.el7sat
  • M
CVE-2016-6346

<0:1.3.3-1.el7sat
  • M
Improper Neutralization of Special Elements

<0:1.3.3-1.el7sat
  • M
Access Restriction Bypass

<0:1.1.0-3.el7sat
  • M
Improper Data Handling

<0:1.1.0-3.el7sat
  • M
Improper Data Handling

<0:1.1.0-3.el7sat
  • M
Algorithmic Complexity

<0:1.1.0-3.el7sat