Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

PACKAGE MANAGER

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • H
Inadequate Encryption Strength
random_password_generator Open this link in a new tab >=0.0.0 RubyGems 18 May 2022
  • M
Cross-site Scripting (XSS)
publify_core Open this link in a new tab <9.2.8 RubyGems 17 May 2022
  • L
Information Exposure
publify_core Open this link in a new tab <9.2.8 RubyGems 17 May 2022
  • L
Improper Access Control
publify_core Open this link in a new tab <9.2.8 RubyGems 17 May 2022
  • M
CSV Injection
csv-safe Open this link in a new tab <3.0.0 RubyGems 2 May 2022
  • H
Improper Input Validation
sinatra Open this link in a new tab <2.2.0 RubyGems 2 May 2022
  • M
Cross-site Scripting (XSS)
actionview Open this link in a new tab <5.2.7.1 >=6.0.0.beta1, <6.0.4.8 >=6.1.0.rc1, <6.1.5.1 >=7.0.0.alpha1, <7.0.2.4 RubyGems 27 Apr 2022
  • M
Cross-site Scripting (XSS)
actionpack Open this link in a new tab >=5.2.0, <5.2.7.1 >=6.0.0.beta1, <6.0.4.8 >=6.1.0.rc1, <6.1.5.1 >=7.0.0.alpha1, <7.0.2.4 RubyGems 27 Apr 2022
  • M
Server-side Request Forgery (SSRF)
gibbon Open this link in a new tab <3.4.4 RubyGems 25 Apr 2022
  • M
SQL Injection
blazer Open this link in a new tab <2.6.0 RubyGems 21 Apr 2022
  • H
Command Injection
git Open this link in a new tab <1.11.0 RubyGems 19 Apr 2022
  • H
Out-of-bounds Write
nokogiri Open this link in a new tab <1.13.4 RubyGems 12 Apr 2022
  • H
Regular Expression Denial of Service (ReDoS)
nokogiri Open this link in a new tab <1.13.4 RubyGems 12 Apr 2022
  • H
Denial of Service (DoS)
nokogiri Open this link in a new tab <1.13.4 RubyGems 12 Apr 2022
  • M
Time-Based One-Time Password (TOTP) Reuse
devise-two-factor Open this link in a new tab <4.0.2 RubyGems 10 Apr 2022
  • M
Denial of Service (DoS)
yajl-ruby Open this link in a new tab <1.4.2 RubyGems 6 Apr 2022
  • H
Command Injection
cocoapods-downloader Open this link in a new tab <1.6.0 >=1.6.2, <1.6.3 RubyGems 1 Apr 2022
  • H
Command Injection
cocoapods-downloader Open this link in a new tab <1.6.2 RubyGems 1 Apr 2022
  • C
Command Injection
asciidoctor-include-ext Open this link in a new tab <0.4.0 RubyGems 1 Apr 2022
  • C
HTTP Request Smuggling
puma Open this link in a new tab <4.3.12 >=5.0.0, <5.6.4 RubyGems 31 Mar 2022
  • M
Improper Authorization
smart_proxy_salt Open this link in a new tab >=0.0.0 RubyGems 31 Mar 2022
  • H
Improper Certificate Validation
kubeclient Open this link in a new tab <4.9.3 RubyGems 25 Mar 2022
  • H
Arbitrary Code Injection
activestorage Open this link in a new tab >=5.2.0, <5.2.6.3 >=6.0.0, <6.0.4.7 >=6.1.0, <6.1.4.7 >=7.0.0, <7.0.2.3 RubyGems 9 Mar 2022
  • H
Integer Overflow or Wraparound
commonmarker Open this link in a new tab <0.23.4 RubyGems 4 Mar 2022
  • M
Cross-site Scripting (XSS)
view_component Open this link in a new tab >=2.31.0, <2.31.2 >=2.32.0, <2.49.1 RubyGems 3 Mar 2022
  • C
Arbitrary Code Execution
image_processing Open this link in a new tab <1.12.2 RubyGems 2 Mar 2022
  • H
Use After Free
nokogiri Open this link in a new tab <1.13.2 RubyGems 23 Feb 2022
  • H
Information Exposure
actionpack Open this link in a new tab <5.2.6.2 >=6.0.0.0, <6.0.4.6 >=6.1.0.0, <6.1.4.6 >=7.0.0.0, <7.0.2.2 RubyGems 13 Feb 2022
  • H
Information Exposure
puma Open this link in a new tab <4.3.11 >=5.0.0, <5.6.2 RubyGems 13 Feb 2022
  • H
Improper Authentication
cgi Open this link in a new tab >=0.3.0, <0.3.1 >=0.2.0, <0.2.1 <0.1.1 RubyGems 23 Jan 2022