Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

APPLICATION

Expand this section

OPERATING SYSTEM

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • H
Arbitrary Code Injection 		activestorage >=5.2.0, <5.2.6.3 >=6.0.0, <6.0.4.7 >=6.1.0, <6.1.4.7 >=7.0.0, <7.0.2.3 RubyGems 9 Mar 2022
  • H
Integer Overflow or Wraparound 		commonmarker <0.23.4 RubyGems 4 Mar 2022
  • M
Cross-site Scripting (XSS) 		view_component >=2.31.0, <2.31.2 >=2.32.0, <2.49.1 RubyGems 3 Mar 2022
  • C
Arbitrary Code Execution 		image_processing <1.12.2 RubyGems 2 Mar 2022
  • H
Use After Free 		nokogiri <1.13.2 RubyGems 23 Feb 2022
  • H
Information Exposure 		actionpack <5.2.6.2 >=6.0.0.0, <6.0.4.6 >=6.1.0.0, <6.1.4.6 >=7.0.0.0, <7.0.2.2 RubyGems 13 Feb 2022
  • H
Information Exposure 		puma <4.3.11 >=5.0.0, <5.6.2 RubyGems 13 Feb 2022
  • H
Improper Certificate Validation 		qpid_proton >=0.9, <0.27.1 RubyGems 26 Jan 2022
  • C
Improper Data Handling 		openssl <2.1.2 RubyGems 26 Jan 2022
  • M
Cross-site Scripting (XSS) 		xapian-core <1.4.6 RubyGems 26 Jan 2022
  • H
Improper Authentication 		cgi >=0.3.0, <0.3.1 >=0.2.0, <0.2.1 <0.1.1 RubyGems 23 Jan 2022
  • H
Denial of Service (DoS) 		sidekiq <5.2.10 >=6.0.0.pre1, <6.4.0 RubyGems 23 Jan 2022
  • H
Denial of Service (DoS) 		google-protobuf <3.19.2 RubyGems 7 Jan 2022
  • L
Cross-site Request Forgery (CSRF) 		solidus_frontend <2.11.14 >=3.0.0, <3.0.5 >=3.1.0, <3.1.5 RubyGems 21 Dec 2021
  • M
Directory Traversal 		message_bus <3.3.7 RubyGems 19 Dec 2021
  • M
Open Redirect 		actionpack >=6.0.0, <6.0.4.2 >=6.1.0, <6.1.4.2 RubyGems 15 Dec 2021
  • C
Remote Code Execution (RCE) 		log4j-jars >=2.0.0rc1, <2.15.0 RubyGems 10 Dec 2021
  • M
Arbitrary Code Execution 		bundler <2.2.33 RubyGems 9 Dec 2021
  • H
Regular Expression Denial of Service (ReDoS) 		solidus_core >=3.1.0, <3.1.4 >=3.0.0rc2, <3.0.4 <2.11.13 RubyGems 8 Dec 2021
  • H
Authentication Bypass 		devise_masquerade <1.3.1 RubyGems 8 Dec 2021
  • H
Buffer Overflow 		cgi <0.3.1 >=0.2.0, <0.2.1 >=0.1.0, <0.1.1 RubyGems 25 Nov 2021
  • C
Cross-site Request Forgery (CSRF) 		spree_auth_devise >=4.3.0, <4.4.1 >=4.2.0, <4.2.1 >=4.1.0, <4.1.1 <4.0.1 RubyGems 19 Nov 2021
  • C
Cross-site Request Forgery (CSRF) 		spree_auth_devise <4.0.1 >=4.1.0, <4.1.1 >=4.2.0, <4.2.1 >=4.3.0, <4.4.1 RubyGems 18 Nov 2021
  • C
Cross-site Request Forgery (CSRF) 		solidus_auth_devise >=3.1.0, <3.1.3 >=3.0.0, <3.0.3 >=2.6.0, <2.11.12 >=1.0.0, <2.5.4 RubyGems 18 Nov 2021
  • M
Denial of Service (DoS) 		puppet <6.25.1 >=7.0.0, <7.12.1 RubyGems 17 Nov 2021
  • M
Information Disclosure 		puppet <6.25.1 >=7.0.0, <7.12.1 RubyGems 17 Nov 2021
  • M
Improper Input Validation 		rails_multisite <4.0.0 RubyGems 16 Nov 2021
  • M
Regular Expression Denial of Service (ReDoS) 		date <2.0.1 >=3.0.0, <3.0.2 >=3.1.0, <3.1.2 >=3.2.0, <3.2.1 RubyGems 16 Nov 2021
  • M
Cross-site Scripting (XSS) 		publify_core <9.2.5 RubyGems 10 Nov 2021
  • M
Access Restriction Bypass 		publify_core >=9.0.0.pre1, <9.2.5 RubyGems 2 Nov 2021