Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

APPLICATION

Expand this section

OPERATING SYSTEM

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • M
Use of Uninitialized Resource 		trilogy <2.1.1 RubyGems 7 Jun 2022
  • M
Cross-site Scripting (XSS) 		publify_core >=8.0, <9.2.5 RubyGems 6 Jun 2022
  • L
Cross-site Request Forgery (CSRF) 		solidus_backend <2.11.16 >=3.0.0, <3.0.6 >=3.1.0, <3.1.6 RubyGems 2 Jun 2022
  • H
Denial of Service (DoS) 		rack >=1.2, <2.0.9.1 >=2.1.0, <2.1.4.1 >=2.2.0, <2.2.3.1 RubyGems 28 May 2022
  • C
Arbitrary Code Injection 		rack <2.0.9.1 >=2.1.0, <2.1.4.1 >=2.2.0, <2.2.3.1 RubyGems 28 May 2022
  • M
Improper Access Control 		publify_core <9.2.9 RubyGems 24 May 2022
  • M
Cross-site Scripting (XSS) 		publify_core <9.2.9 RubyGems 24 May 2022
  • H
Improper Handling of Unexpected Data Type 		nokogiri <1.13.6 RubyGems 20 May 2022
  • H
Inadequate Encryption Strength 		random_password_generator >=0.0.0 RubyGems 18 May 2022
  • M
Cross-site Scripting (XSS) 		publify_core <9.2.8 RubyGems 17 May 2022
  • L
Information Exposure 		publify_core <9.2.8 RubyGems 17 May 2022
  • L
Improper Access Control 		publify_core <9.2.8 RubyGems 17 May 2022
  • M
CSV Injection 		csv-safe <3.0.0 RubyGems 2 May 2022
  • H
Improper Input Validation 		sinatra <2.2.0 RubyGems 2 May 2022
  • M
Cross-site Scripting (XSS) 		actionview <5.2.7.1 >=6.0.0.beta1, <6.0.4.8 >=6.1.0.rc1, <6.1.5.1 >=7.0.0.alpha1, <7.0.2.4 RubyGems 27 Apr 2022
  • M
Cross-site Scripting (XSS) 		actionpack >=5.2.0, <5.2.7.1 >=6.0.0.beta1, <6.0.4.8 >=6.1.0.rc1, <6.1.5.1 >=7.0.0.alpha1, <7.0.2.4 RubyGems 27 Apr 2022
  • M
Server-side Request Forgery (SSRF) 		gibbon <3.4.4 RubyGems 25 Apr 2022
  • M
SQL Injection 		blazer <2.6.0 RubyGems 21 Apr 2022
  • H
Command Injection 		git <1.11.0 RubyGems 19 Apr 2022
  • H
Out-of-bounds Write 		nokogiri <1.13.4 RubyGems 12 Apr 2022
  • H
Regular Expression Denial of Service (ReDoS) 		nokogiri <1.13.4 RubyGems 12 Apr 2022
  • H
Denial of Service (DoS) 		nokogiri <1.13.4 RubyGems 12 Apr 2022
  • M
Time-Based One-Time Password (TOTP) Reuse 		devise-two-factor <4.0.2 RubyGems 10 Apr 2022
  • M
Denial of Service (DoS) 		yajl-ruby <1.4.2 RubyGems 6 Apr 2022
  • H
Command Injection 		cocoapods-downloader <1.6.0 >=1.6.2, <1.6.3 RubyGems 1 Apr 2022
  • H
Command Injection 		cocoapods-downloader <1.6.2 RubyGems 1 Apr 2022
  • C
Command Injection 		asciidoctor-include-ext <0.4.0 RubyGems 1 Apr 2022
  • M
Improper Authorization 		smart_proxy_salt >=0.0.0 RubyGems 31 Mar 2022
  • C
HTTP Request Smuggling 		puma <4.3.12 >=5.0.0, <5.6.4 RubyGems 31 Mar 2022
  • H
Improper Certificate Validation 		kubeclient <4.9.3 RubyGems 25 Mar 2022