See the full list of npm packages compromised in the "Antv Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Improper Handling of Unexpected Data TypeCVE-2022-29181
Affects nokogiri | Versions <1.13.6
Has fix
RubyGemsPublished 20 May 2022
- H
Inadequate Encryption StrengthCVE-2019-25061
Affects random_password_generator | Versions >=0.0.0
Has fix
RubyGemsPublished 18 May 2022
- M
Cross-site Scripting (XSS)CVE-2022-0578
Affects publify_core | Versions <9.2.8
Has fix
RubyGemsPublished 17 May 2022
- L
Information ExposureCVE-2022-1553
Affects publify_core | Versions <9.2.8
Has fix
RubyGemsPublished 17 May 2022
- L
Improper Access ControlCVE-2022-0574
Affects publify_core | Versions <9.2.8
Has fix
RubyGemsPublished 17 May 2022
- H
Improper Input ValidationCVE-2022-29970
Affects sinatra | Versions <2.2.0
Has fix
RubyGemsPublished 2 May 2022
- M
Cross-site Scripting (XSS)CVE-2022-27777
Affects actionview | Versions <5.2.7.1>=6.0.0.beta1, <6.0.4.8>=6.1.0.rc1, <6.1.5.1>=7.0.0.alpha1, <7.0.2.4
Has fix
RubyGemsPublished 27 Apr 2022
- M
Cross-site Scripting (XSS)CVE-2022-22577
Affects actionpack | Versions >=5.2.0, <5.2.7.1>=6.0.0.beta1, <6.0.4.8>=6.1.0.rc1, <6.1.5.1>=7.0.0.alpha1, <7.0.2.4
Has fix
RubyGemsPublished 27 Apr 2022
- M
Server-side Request Forgery (SSRF)CVE-2022-27311
Affects gibbon | Versions <3.4.4
Has fix
RubyGemsPublished 25 Apr 2022
- H
Command InjectionCVE-2022-25648
Affects git | Versions <1.11.0
Has fix
RubyGemsPublished 19 Apr 2022
- H
Out-of-bounds WriteCVE-2018-25032
Affects nokogiri | Versions <1.13.4
Has fix
RubyGemsPublished 12 Apr 2022
- H
Regular Expression Denial of Service (ReDoS)CVE-2022-24836
Affects nokogiri | Versions <1.13.4
Has fix
RubyGemsPublished 12 Apr 2022
- H
Denial of Service (DoS)CVE-2022-23437
Affects nokogiri | Versions <1.13.4
Has fix
RubyGemsPublished 12 Apr 2022
- M
Time-Based One-Time Password (TOTP) ReuseCVE-2021-43177
Affects devise-two-factor | Versions <4.0.2
Has fix
RubyGemsPublished 10 Apr 2022
- M
Denial of Service (DoS)CVE-2022-24795
Affects yajl-ruby | Versions <1.4.2
Has fix
RubyGemsPublished 6 Apr 2022
- H
Command InjectionCVE-2022-24440
Affects cocoapods-downloader | Versions <1.6.0>=1.6.2, <1.6.3
Has fix
RubyGemsPublished 1 Apr 2022
- H
Command InjectionCVE-2022-21223
Affects cocoapods-downloader | Versions <1.6.2
Has fix
RubyGemsPublished 1 Apr 2022
- C
Command InjectionCVE-2022-24803
Affects asciidoctor-include-ext | Versions <0.4.0
Has fix
RubyGemsPublished 1 Apr 2022
- M
Improper AuthorizationCVE-2021-3456
Affects smart_proxy_salt | Versions >=0.0.0
Has fix
RubyGemsPublished 31 Mar 2022
- C
HTTP Request SmugglingCVE-2022-24790
Affects puma | Versions <4.3.12>=5.0.0, <5.6.4
Has fix
RubyGemsPublished 31 Mar 2022
- H
Improper Certificate ValidationCVE-2022-0759
Affects kubeclient | Versions <4.9.3
Has fix
RubyGemsPublished 25 Mar 2022
- H
Arbitrary Code InjectionCVE-2022-21831
Affects activestorage | Versions >=5.2.0, <5.2.6.3>=6.0.0, <6.0.4.7>=6.1.0, <6.1.4.7>=7.0.0, <7.0.2.3
Has fix
RubyGemsPublished 9 Mar 2022
- H
Integer Overflow or WraparoundCVE-2022-24724
Affects commonmarker | Versions <0.23.4
Has fix
RubyGemsPublished 4 Mar 2022
- M
Cross-site Scripting (XSS)CVE-2022-24722
Affects view_component | Versions >=2.31.0, <2.31.2>=2.32.0, <2.49.1
Has fix
RubyGemsPublished 3 Mar 2022
- C
Arbitrary Code ExecutionCVE-2022-24720
Affects image_processing | Versions <1.12.2
Has fix
RubyGemsPublished 2 Mar 2022
- H
Use After FreeCVE-2022-23308
Affects nokogiri | Versions <1.13.2
Has fix
RubyGemsPublished 23 Feb 2022
- H
Information ExposureCVE-2022-23633
Affects actionpack | Versions <5.2.6.2>=6.0.0.0, <6.0.4.6>=6.1.0.0, <6.1.4.6>=7.0.0.0, <7.0.2.2
Has fix
RubyGemsPublished 13 Feb 2022
- H
Information ExposureCVE-2022-23634
Affects puma | Versions <4.3.11>=5.0.0, <5.6.2
Has fix
RubyGemsPublished 13 Feb 2022