See the full list of npm packages compromised in the "TanStack Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Information ExposureCVE-2016-1000221
Affects logstash-core | Versions <2.3.4
Has fix
RubyGemsPublished 1 Aug 2023
- M
Regular Expression Denial of Service (ReDoS)CVE-2023-36617
Affects uri | Versions <0.10.3>=0.11.0, <0.11.2>=0.12.0, <0.12.2
Has fix
RubyGemsPublished 16 Jul 2023
- H
Directory TraversalCVE-2023-38337
Affects rswag | Versions <2.10.1
Has fix
RubyGemsPublished 16 Jul 2023
- M
Denial of Service (DoS)CVE-2023-37463
Affects commonmarker | Versions <0.23.10
Has fix
RubyGemsPublished 14 Jul 2023
- H
Cross-site Scripting (XSS)CVE-2023-34089
Affects decidim-core | Versions >=0.14.0, <0.26.6>=0.27.0, <0.27.3
Has fix
RubyGemsPublished 12 Jul 2023
- H
Cross-site Scripting (XSS)CVE-2023-34089
Affects decidim | Versions >=0.14.0, <0.26.6>=0.27.0, <0.27.3
Has fix
RubyGemsPublished 12 Jul 2023
- H
Information ExposureCVE-2023-34090
Affects decidim | Versions >=0.27.0, <0.27.3
Has fix
RubyGemsPublished 12 Jul 2023
- H
Information ExposureCVE-2023-34090
Affects decidim-meetings | Versions >=0.27.0, <0.27.3
Has fix
RubyGemsPublished 12 Jul 2023
- H
Cross-site Scripting (XSS)CVE-2023-32693
Affects decidim | Versions >=0.25.0, <0.26.6>=0.27.0, <0.27.3
Has fix
RubyGemsPublished 12 Jul 2023
- H
Cross-site Scripting (XSS)CVE-2023-32693
Affects decidim-core | Versions >=0.25.0, <0.26.6>=0.27.0, <0.27.3
Has fix
RubyGemsPublished 12 Jul 2023
- H
Cross-site Scripting (XSS)CVE-2023-36823
Affects sanitize | Versions >=3.0.0, <6.0.2
Has fix
RubyGemsPublished 7 Jul 2023
- L
Cross-site Scripting (XSS)CVE-2023-3445
Affects spina | Versions <2.15.1
Has fix
RubyGemsPublished 29 Jun 2023
- M
Cross-site Scripting (XSS)CVE-2023-28362
Affects actionpack | Versions <6.1.7.4>=7.0.0.0, <7.0.5.1
Has fix
RubyGemsPublished 28 Jun 2023
- M
Improper AuthenticationCVE-2023-34246
Affects doorkeeper | Versions <5.6.6
Has fix
RubyGemsPublished 13 Jun 2023
- H
Deserialization of Untrusted DataCVE-2023-27531
Affects kredis | Versions <1.3.0.1
Has fix
RubyGemsPublished 11 Jun 2023
- H
Information ExposureCVE-2015-5378
Affects logstash-core | Versions <1.5.3
Has fix
RubyGemsPublished 8 Jun 2023
- L
Information ExposureCVE-2015-1426
Affects facter | Versions >=1.6.0, <2.4.1
Has fix
RubyGemsPublished 8 Jun 2023
- M
Improper Certificate ValidationCVE-2015-5619
Affects logstash-core | Versions <1.5.4
Has fix
RubyGemsPublished 8 Jun 2023
- M
Regular Expression Denial of Service (ReDoS)CVE-2023-31606
Affects redcloth | Versions <4.3.3
Has fix
RubyGemsPublished 7 Jun 2023
- M
Cross-site Scripting (XSS)CVE-2023-34103
Affects avo | Versions <2.33.3
Has fix
RubyGemsPublished 6 Jun 2023
- H
Improper Input ValidationCVE-2023-34102
Affects avo | Versions <2.33.3
Has fix
RubyGemsPublished 6 Jun 2023
- C
Arbitrary Code ExecutionCVE-2015-20108
Affects zipruby | Versions <1.3.1
Has fix
RubyGemsPublished 28 May 2023
- C
Remote Code Execution (RCE)CVE-2023-30145
Affects camaleon_cms | Versions <2.7.4
Has fix
RubyGemsPublished 28 May 2023
- M
Cross-site Scripting (XSS)CVE-2023-25309
Affects rollout-ui | Versions <0.5.3
Has fix
RubyGemsPublished 12 May 2023
- H
Deserialization of Untrusted DataCVE-2020-7385
Affects metasploit-framework | Versions <6.0.33
Has fix
RubyGemsPublished 5 May 2023
- H
Improper Certificate ValidationCVE-2020-15134
Affects faye | Versions <1.4.0
Has fix
RubyGemsPublished 4 May 2023
- M
Race ConditionCVE-2024-22047
Affects audited | Versions >=4.0.0, <5.3.3
Has fix
RubyGemsPublished 2 May 2023
Affects flavour_saver | Versions <0.3.3
Has fix
RubyGemsPublished 23 Apr 2023
- L
Information ExposureCVE-2023-30618
Affects kitchen-terraform | Versions >=7.0.0, <7.0.1
Has fix
RubyGemsPublished 23 Apr 2023