See the full list of npm packages compromised in the "TanStack Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Denial of Service (DoS)CVE-2023-22486
Affects commonmarker | Versions <0.23.7
Has fix
RubyGemsPublished 27 Jan 2023
- M
Improper NeutralizationCVE-2017-10906
Affects fluentd | Versions >=0.12.29, <0.12.41
Has fix
RubyGemsPublished 25 Jan 2023
- H
Improper Input ValidationCVE-2015-2784
Affects papercrop | Versions <0.3.0
Has fix
RubyGemsPublished 25 Jan 2023
- M
Cross-site Scripting (XSS)CVE-2018-18260
Affects camaleon_cms | Versions >=2.4
Has fix
RubyGemsPublished 25 Jan 2023
- M
Cross-site Scripting (XSS)CVE-2019-10226
Affects fat_free_crm | Versions >=0.0.0
Has fix
RubyGemsPublished 24 Jan 2023
- M
Denial of Service (DoS)CVE-2023-22483
Affects commonmarker | Versions <0.23.7
Has fix
RubyGemsPublished 24 Jan 2023
- M
Denial of Service (DoS)CVE-2023-22484
Affects commonmarker | Versions <0.23.7
Has fix
RubyGemsPublished 24 Jan 2023
- L
Out-of-bounds ReadCVE-2023-22485
Affects commonmarker | Versions <0.23.7
Has fix
RubyGemsPublished 24 Jan 2023
- M
Regular Expression Denial of Service (ReDoS)CVE-2022-4891
Affects sisimai | Versions <4.25.14
Has fix
RubyGemsPublished 22 Jan 2023
- M
Regular Expression Denial of Service (ReDoS)CVE-2023-22796
Affects activesupport | Versions <6.1.7.1>=7.0.0, <7.0.4.1
Has fix
RubyGemsPublished 19 Jan 2023
- M
Regular Expression Denial of Service (ReDoS)CVE-2022-44570
Affects rack | Versions >=1.5.0, <2.0.9.2>=2.1.0.0, <2.1.4.2>=2.2.0.0, <2.2.6.2>=3.0.0.0, <3.0.4.1
Has fix
RubyGemsPublished 19 Jan 2023
- H
Denial of Service (DoS)CVE-2022-44566
Affects activerecord | Versions <6.1.7.1>=7.0.0, <7.0.4.1
Has fix
RubyGemsPublished 19 Jan 2023
- M
Regular Expression Denial of Service (ReDoS)CVE-2022-44572
Affects rack | Versions >=2.0.0, <2.0.9.2>=2.1.0.0, <2.1.4.2>=2.2.0.0, <2.2.6.1>=3.0.0.0, <3.0.4.1
Has fix
RubyGemsPublished 19 Jan 2023
- H
SQL InjectionCVE-2023-22794
Affects activerecord | Versions >=6.0.0, <6.0.6.1>=6.1.0, <6.1.7.1>=7.0.0, <7.0.4.1
Has fix
RubyGemsPublished 19 Jan 2023
- M
Regular Expression Denial of Service (ReDoS)CVE-2023-22799
Affects globalid | Versions >=0.2.1, <1.0.1
Has fix
RubyGemsPublished 19 Jan 2023
- M
Regular Expression Denial of Service (ReDoS)CVE-2022-44571
Affects rack | Versions >=2.0.0, <2.0.9.2>=2.1.0, <2.1.4.2>=2.2.0, <2.2.6.1>=3.0.0.0, <3.0.4.1
Has fix
RubyGemsPublished 19 Jan 2023
- M
Regular Expression Denial of Service (ReDoS)CVE-2023-22792
Affects actionpack | Versions >=3.0.0, <6.1.7.1>=7.0.0, <7.0.4.1
Has fix
RubyGemsPublished 19 Jan 2023
- M
Regular Expression Denial of Service (ReDoS)CVE-2023-22795
Affects actionpack | Versions <6.1.7.1>=7.0.0, <7.0.4.1
Has fix
RubyGemsPublished 19 Jan 2023
- M
Open RedirectCVE-2023-22797
Affects actionpack | Versions >=7.0.0, <7.0.4.1
Has fix
RubyGemsPublished 19 Jan 2023
- M
SQL InjectionCVE-2015-10053
Affects curupira | Versions <0.1.4
Has fix
RubyGemsPublished 16 Jan 2023
- M
Denial of Service (DoS)CVE-2023-0299
Affects publify_core | Versions <9.2.10
Has fix
RubyGemsPublished 15 Jan 2023
- H
Integer Overflow or WraparoundCVE-2022-1812
Affects publify_core | Versions <9.2.10
Has fix
RubyGemsPublished 15 Jan 2023
- M
Information ExposureCVE-2022-2815
Affects publify_core | Versions <9.2.10
Has fix
RubyGemsPublished 15 Jan 2023
- H
Remote Code Execution (RCE)CVE-2022-46648
Affects git | Versions >=1.2.0, <1.13.0
Has fix
RubyGemsPublished 10 Jan 2023
- L
Cross-site Scripting (XSS)CVE-2020-36644
Affects inline_svg | Versions <1.7.2
Has fix
RubyGemsPublished 8 Jan 2023
- M
Information ExposureCVE-2023-22626
Affects pghero | Versions >=0.1.1, <3.1.0
Has fix
RubyGemsPublished 5 Jan 2023
- M
External Control of Assumed-Immutable Web ParameterCVE-2024-22049
Affects httparty | Versions <0.21.0
Has fix
RubyGemsPublished 4 Jan 2023
- L
Cross-site Scripting (XSS)CVE-2017-20159
Affects keynote | Versions <1.0.0
Has fix
RubyGemsPublished 1 Jan 2023
- C
Arbitrary Command InjectionCVE-2017-20156
Affects printer | Versions >=0.1.0
Has fix
RubyGemsPublished 1 Jan 2023
- L
Cross-site Scripting (XSS)CVE-2019-25088
Affects oxidized-web | Versions <0.14.0
Has fix
RubyGemsPublished 28 Dec 2022