Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • H
Information Exposure
puma<4.3.11>=5.0.0, <5.6.2RubyGems13 Feb 2022
  • H
Improper Certificate Validation
qpid_proton>=0.9, <0.27.1RubyGems26 Jan 2022
  • C
Improper Data Handling
openssl<2.1.2RubyGems26 Jan 2022
  • M
Cross-site Scripting (XSS)
xapian-core<1.4.6RubyGems26 Jan 2022
  • H
Improper Authentication
cgi>=0.3.0, <0.3.1>=0.2.0, <0.2.1<0.1.1RubyGems23 Jan 2022
  • H
Denial of Service (DoS)
sidekiq<5.2.10>=6.0.0.pre1, <6.4.0RubyGems23 Jan 2022
  • H
Denial of Service (DoS)
google-protobuf<3.19.2RubyGems7 Jan 2022
  • L
Cross-site Request Forgery (CSRF)
solidus_frontend<2.11.14>=3.0.0, <3.0.5>=3.1.0, <3.1.5RubyGems21 Dec 2021
  • M
Directory Traversal
message_bus<3.3.7RubyGems19 Dec 2021
  • M
Open Redirect
actionpack>=6.0.0, <6.0.4.2>=6.1.0, <6.1.4.2RubyGems15 Dec 2021
  • C
Remote Code Execution (RCE)
log4j-jars>=2.0.0rc1, <2.15.0RubyGems10 Dec 2021
  • M
Arbitrary Code Execution
bundler<2.2.33RubyGems9 Dec 2021
  • H
Regular Expression Denial of Service (ReDoS)
solidus_core>=3.1.0, <3.1.4>=3.0.0rc2, <3.0.4<2.11.13RubyGems8 Dec 2021
  • H
Authentication Bypass
devise_masquerade<1.3.1RubyGems8 Dec 2021
  • H
Buffer Overflow
cgi<0.3.1>=0.2.0, <0.2.1>=0.1.0, <0.1.1RubyGems25 Nov 2021
  • C
Cross-site Request Forgery (CSRF)
spree_auth_devise>=4.3.0, <4.4.1>=4.2.0, <4.2.1>=4.1.0, <4.1.1<4.0.1RubyGems19 Nov 2021
  • C
Cross-site Request Forgery (CSRF)
spree_auth_devise<4.0.1>=4.1.0, <4.1.1>=4.2.0, <4.2.1>=4.3.0, <4.4.1RubyGems18 Nov 2021
  • C
Cross-site Request Forgery (CSRF)
solidus_auth_devise>=3.1.0, <3.1.3>=3.0.0, <3.0.3>=2.6.0, <2.11.12>=1.0.0, <2.5.4RubyGems18 Nov 2021
  • M
Denial of Service (DoS)
puppet<6.25.1>=7.0.0, <7.12.1RubyGems17 Nov 2021
  • M
Information Disclosure
puppet<6.25.1>=7.0.0, <7.12.1RubyGems17 Nov 2021
  • M
Improper Input Validation
rails_multisite<4.0.0RubyGems16 Nov 2021
  • M
Regular Expression Denial of Service (ReDoS)
date<2.0.1>=3.0.0, <3.0.2>=3.1.0, <3.1.2>=3.2.0, <3.2.1RubyGems16 Nov 2021
  • M
Cross-site Scripting (XSS)
publify_core<9.2.5RubyGems10 Nov 2021
  • M
Access Restriction Bypass
publify_core>=9.0.0.pre1, <9.2.5RubyGems2 Nov 2021
  • M
Regular Expression Denial of Service (ReDoS)
fluentd>=0.14.14, <1.14.2.RubyGems31 Oct 2021
  • M
Cross-site Scripting (XSS)
rails<3.0.6RubyGems20 Oct 2021
  • H
Always-Incorrect Control Flow Implementation
evm<0.31.0RubyGems20 Oct 2021
  • M
Cross-site Scripting (XSS)
camaleon_cms<2.6.0.1RubyGems20 Oct 2021
  • M
Denial of Service (DoS)
camaleon_cms>=2.0.1, <2.6.0.1RubyGems20 Oct 2021
  • H
Insufficient Session Expiration
camaleon_cms>=0.1.7, <2.6.0.1RubyGems20 Oct 2021