Homepage About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

PACKAGE MANAGER

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • H
Inadequate Encryption Strength 		random_password_generator Open this link in a new tab >=0.0.0 RubyGems 18 May 2022
  • M
Cross-site Scripting (XSS) 		publify_core Open this link in a new tab <9.2.8 RubyGems 17 May 2022
  • L
Information Exposure 		publify_core Open this link in a new tab <9.2.8 RubyGems 17 May 2022
  • L
Improper Access Control 		publify_core Open this link in a new tab <9.2.8 RubyGems 17 May 2022
  • M
CSV Injection 		csv-safe Open this link in a new tab <3.0.0 RubyGems 2 May 2022
  • H
Improper Input Validation 		sinatra Open this link in a new tab <2.2.0 RubyGems 2 May 2022
  • M
Cross-site Scripting (XSS) 		actionview Open this link in a new tab <5.2.7.1 >=6.0.0.beta1, <6.0.4.8 >=6.1.0.rc1, <6.1.5.1 >=7.0.0.alpha1, <7.0.2.4 RubyGems 27 Apr 2022
  • M
Cross-site Scripting (XSS) 		actionpack Open this link in a new tab >=5.2.0, <5.2.7.1 >=6.0.0.beta1, <6.0.4.8 >=6.1.0.rc1, <6.1.5.1 >=7.0.0.alpha1, <7.0.2.4 RubyGems 27 Apr 2022
  • M
Server-side Request Forgery (SSRF) 		gibbon Open this link in a new tab <3.4.4 RubyGems 25 Apr 2022
  • M
SQL Injection 		blazer Open this link in a new tab <2.6.0 RubyGems 21 Apr 2022
  • H
Command Injection 		git Open this link in a new tab <1.11.0 RubyGems 19 Apr 2022
  • H
Out-of-bounds Write 		nokogiri Open this link in a new tab <1.13.4 RubyGems 12 Apr 2022
  • H
Regular Expression Denial of Service (ReDoS) 		nokogiri Open this link in a new tab <1.13.4 RubyGems 12 Apr 2022
  • H
Denial of Service (DoS) 		nokogiri Open this link in a new tab <1.13.4 RubyGems 12 Apr 2022
  • M
Time-Based One-Time Password (TOTP) Reuse 		devise-two-factor Open this link in a new tab <4.0.2 RubyGems 10 Apr 2022
  • M
Denial of Service (DoS) 		yajl-ruby Open this link in a new tab <1.4.2 RubyGems 6 Apr 2022
  • H
Command Injection 		cocoapods-downloader Open this link in a new tab <1.6.0 >=1.6.2, <1.6.3 RubyGems 1 Apr 2022
  • H
Command Injection 		cocoapods-downloader Open this link in a new tab <1.6.2 RubyGems 1 Apr 2022
  • C
Command Injection 		asciidoctor-include-ext Open this link in a new tab <0.4.0 RubyGems 1 Apr 2022
  • C
HTTP Request Smuggling 		puma Open this link in a new tab <4.3.12 >=5.0.0, <5.6.4 RubyGems 31 Mar 2022
  • M
Improper Authorization 		smart_proxy_salt Open this link in a new tab >=0.0.0 RubyGems 31 Mar 2022
  • H
Improper Certificate Validation 		kubeclient Open this link in a new tab <4.9.3 RubyGems 25 Mar 2022
  • H
Arbitrary Code Injection 		activestorage Open this link in a new tab >=5.2.0, <5.2.6.3 >=6.0.0, <6.0.4.7 >=6.1.0, <6.1.4.7 >=7.0.0, <7.0.2.3 RubyGems 9 Mar 2022
  • H
Integer Overflow or Wraparound 		commonmarker Open this link in a new tab <0.23.4 RubyGems 4 Mar 2022
  • M
Cross-site Scripting (XSS) 		view_component Open this link in a new tab >=2.31.0, <2.31.2 >=2.32.0, <2.49.1 RubyGems 3 Mar 2022
  • C
Arbitrary Code Execution 		image_processing Open this link in a new tab <1.12.2 RubyGems 2 Mar 2022
  • H
Use After Free 		nokogiri Open this link in a new tab <1.13.2 RubyGems 23 Feb 2022
  • H
Information Exposure 		actionpack Open this link in a new tab <5.2.6.2 >=6.0.0.0, <6.0.4.6 >=6.1.0.0, <6.1.4.6 >=7.0.0.0, <7.0.2.2 RubyGems 13 Feb 2022
  • H
Information Exposure 		puma Open this link in a new tab <4.3.11 >=5.0.0, <5.6.2 RubyGems 13 Feb 2022
  • H
Improper Authentication 		cgi Open this link in a new tab >=0.3.0, <0.3.1 >=0.2.0, <0.2.1 <0.1.1 RubyGems 23 Jan 2022