About Snyk
Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
Expand this section
PACKAGE MANAGER
any
cocoapods
Composer
Go
hex
Linux
Maven
npm
NuGet
pip
RubyGems
Unmanaged (C/C++)
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
H
Inadequate Encryption Strength
random_password_generator
Open this link in a new tab
>=0.0.0
RubyGems
18 May 2022
M
Cross-site Scripting (XSS)
publify_core
Open this link in a new tab
<9.2.8
RubyGems
17 May 2022
L
Information Exposure
publify_core
Open this link in a new tab
<9.2.8
RubyGems
17 May 2022
L
Improper Access Control
publify_core
Open this link in a new tab
<9.2.8
RubyGems
17 May 2022
M
CSV Injection
csv-safe
Open this link in a new tab
<3.0.0
RubyGems
2 May 2022
H
Improper Input Validation
sinatra
Open this link in a new tab
<2.2.0
RubyGems
2 May 2022
M
Cross-site Scripting (XSS)
actionview
Open this link in a new tab
<5.2.7.1
>=6.0.0.beta1, <6.0.4.8
>=6.1.0.rc1, <6.1.5.1
>=7.0.0.alpha1, <7.0.2.4
RubyGems
27 Apr 2022
M
Cross-site Scripting (XSS)
actionpack
Open this link in a new tab
>=5.2.0, <5.2.7.1
>=6.0.0.beta1, <6.0.4.8
>=6.1.0.rc1, <6.1.5.1
>=7.0.0.alpha1, <7.0.2.4
RubyGems
27 Apr 2022
M
Server-side Request Forgery (SSRF)
gibbon
Open this link in a new tab
<3.4.4
RubyGems
25 Apr 2022
M
SQL Injection
blazer
Open this link in a new tab
<2.6.0
RubyGems
21 Apr 2022
H
Command Injection
git
Open this link in a new tab
<1.11.0
RubyGems
19 Apr 2022
H
Out-of-bounds Write
nokogiri
Open this link in a new tab
<1.13.4
RubyGems
12 Apr 2022
H
Regular Expression Denial of Service (ReDoS)
nokogiri
Open this link in a new tab
<1.13.4
RubyGems
12 Apr 2022
H
Denial of Service (DoS)
nokogiri
Open this link in a new tab
<1.13.4
RubyGems
12 Apr 2022
M
Time-Based One-Time Password (TOTP) Reuse
devise-two-factor
Open this link in a new tab
<4.0.2
RubyGems
10 Apr 2022
M
Denial of Service (DoS)
yajl-ruby
Open this link in a new tab
<1.4.2
RubyGems
6 Apr 2022
H
Command Injection
cocoapods-downloader
Open this link in a new tab
<1.6.0
>=1.6.2, <1.6.3
RubyGems
1 Apr 2022
H
Command Injection
cocoapods-downloader
Open this link in a new tab
<1.6.2
RubyGems
1 Apr 2022
C
Command Injection
asciidoctor-include-ext
Open this link in a new tab
<0.4.0
RubyGems
1 Apr 2022
C
HTTP Request Smuggling
puma
Open this link in a new tab
<4.3.12
>=5.0.0, <5.6.4
RubyGems
31 Mar 2022
M
Improper Authorization
smart_proxy_salt
Open this link in a new tab
>=0.0.0
RubyGems
31 Mar 2022
H
Improper Certificate Validation
kubeclient
Open this link in a new tab
<4.9.3
RubyGems
25 Mar 2022
H
Arbitrary Code Injection
activestorage
Open this link in a new tab
>=5.2.0, <5.2.6.3
>=6.0.0, <6.0.4.7
>=6.1.0, <6.1.4.7
>=7.0.0, <7.0.2.3
RubyGems
9 Mar 2022
H
Integer Overflow or Wraparound
commonmarker
Open this link in a new tab
<0.23.4
RubyGems
4 Mar 2022
M
Cross-site Scripting (XSS)
view_component
Open this link in a new tab
>=2.31.0, <2.31.2
>=2.32.0, <2.49.1
RubyGems
3 Mar 2022
C
Arbitrary Code Execution
image_processing
Open this link in a new tab
<1.12.2
RubyGems
2 Mar 2022
H
Use After Free
nokogiri
Open this link in a new tab
<1.13.2
RubyGems
23 Feb 2022
H
Information Exposure
actionpack
Open this link in a new tab
<5.2.6.2
>=6.0.0.0, <6.0.4.6
>=6.1.0.0, <6.1.4.6
>=7.0.0.0, <7.0.2.2
RubyGems
13 Feb 2022
H
Information Exposure
puma
Open this link in a new tab
<4.3.11
>=5.0.0, <5.6.2
RubyGems
13 Feb 2022
H
Improper Authentication
cgi
Open this link in a new tab
>=0.3.0, <0.3.1
>=0.2.0, <0.2.1
<0.1.1
RubyGems
23 Jan 2022