See the full list of npm packages compromised in the "TanStack Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
Affects personnummer | Versions <3.0.1
Has fix
RubyGemsPublished 22 Sept 2022
- H
Arbitrary Code ExecutionCVE-2022-39224
Affects arr-pm | Versions <0.0.12
Has fix
RubyGemsPublished 22 Sept 2022
Affects pageflow | Versions <14.5.2>=15.0.0, <15.7.1
Has fix
RubyGemsPublished 15 Sept 2022
Affects pageflow | Versions <14.5.2>=15.0.0, <15.7.1
Has fix
RubyGemsPublished 15 Sept 2022
- C
Command InjectionCVE-2022-25765
Affects pdfkit | Versions <0.8.7.2
Has fix
RubyGemsPublished 8 Sept 2022
- L
Insecure PermissionsCVE-2022-31072
Affects octokit | Versions >=4.23.0, <4.25.0
Has fix
RubyGemsPublished 22 Aug 2022
- H
Improper AuthenticationCVE-2020-36599
Affects omniauth | Versions <1.9.2
Has fix
RubyGemsPublished 19 Aug 2022
- H
SQL InjectionCVE-2022-35956
Affects update_by_case | Versions <0.1.3
Has fix
RubyGemsPublished 12 Aug 2022
- H
Directory TraversalCVE-2022-31163
Affects tzinfo | Versions <0.3.61>=1.0.0, <1.2.10
Has fix
RubyGemsPublished 22 Jul 2022
- M
Information ExposureCVE-2022-2394
Affects bolt | Versions <3.24.0
Has fix
RubyGemsPublished 20 Jul 2022
- M
Cross-site Scripting (XSS)CVE-2020-35305
Affects gollum | Versions >=5.0.0, <5.1.2
Has fix
RubyGemsPublished 17 Jul 2022
- C
Remote Code Execution (RCE)CVE-2022-32224
Affects activerecord | Versions <5.2.8.1>=6.0.0, <6.0.5.1>=6.1.0, <6.1.6.1>=7.0.0, <7.0.3.1
Has fix
RubyGemsPublished 13 Jul 2022
- M
HTTP Request SmugglingCVE-2022-32214
Affects llhttp | Versions >=0.0.0
Has fix
RubyGemsPublished 10 Jul 2022
- M
HTTP Request SmugglingCVE-2022-32215
Affects llhttp | Versions >=0.0.0
Has fix
RubyGemsPublished 10 Jul 2022
- M
HTTP Request SmugglingCVE-2022-32213
Affects llhttp | Versions >=0.0.0
Has fix
RubyGemsPublished 10 Jul 2022
- H
Deserialization of Untrusted DataCVE-2022-31115
Affects opensearch-ruby | Versions <2.0.2
Has fix
RubyGemsPublished 1 Jul 2022
- M
Access Restriction BypassCVE-2021-3779
Affects ruby-mysql | Versions <2.10.0
Has fix
RubyGemsPublished 29 Jun 2022
- M
Cross-site Scripting (XSS)CVE-2022-32209
Affects rails-html-sanitizer | Versions <1.4.3
Has fix
RubyGemsPublished 26 Jun 2022
- H
Remote Code Execution (RCE)CVE-2022-33127
Affects diffy | Versions <3.4.1
Has fix
RubyGemsPublished 24 Jun 2022
- H
Improper Encoding or Escaping of OutputCVE-2022-23079
Affects motor-admin | Versions <0.2.61
Has fix
RubyGemsPublished 22 Jun 2022
- L
Insecure PermissionsCVE-2022-31071
Affects octopoller | Versions >=0.2.0, <0.3.0
Has fix
RubyGemsPublished 16 Jun 2022
- M
Insufficiently Protected CredentialsCVE-2022-31033
Affects mechanize | Versions <2.8.5
Has fix
RubyGemsPublished 10 Jun 2022
- H
Deserialization of Untrusted DataCVE-2022-32511
Affects jmespath | Versions <1.6.1
Has fix
RubyGemsPublished 7 Jun 2022
- M
Use of Uninitialized ResourceCVE-2022-31026
Affects trilogy | Versions <2.1.1
Has fix
RubyGemsPublished 7 Jun 2022
- M
Cross-site Scripting (XSS)CVE-2021-25975
Affects publify_core | Versions >=8.0, <9.2.5
Has fix
RubyGemsPublished 6 Jun 2022
- L
Cross-site Request Forgery (CSRF)CVE-2022-31000
Affects solidus_backend | Versions <2.11.16>=3.0.0, <3.0.6>=3.1.0, <3.1.6
Has fix
RubyGemsPublished 2 Jun 2022
- H
Denial of Service (DoS)CVE-2022-30122
Affects rack | Versions >=1.2, <2.0.9.1>=2.1.0, <2.1.4.1>=2.2.0, <2.2.3.1
Has fix
RubyGemsPublished 28 May 2022
- C
Arbitrary Code InjectionCVE-2022-30123
Affects rack | Versions <2.0.9.1>=2.1.0, <2.1.4.1>=2.2.0, <2.2.3.1
Has fix
RubyGemsPublished 28 May 2022
- M
Improper Access ControlCVE-2022-1810
Affects publify_core | Versions <9.2.9
Has fix
RubyGemsPublished 24 May 2022
- M
Cross-site Scripting (XSS)CVE-2022-1811
Affects publify_core | Versions <9.2.9
Has fix
RubyGemsPublished 24 May 2022