Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Cross-site Request Forgery (CSRF)CVE-2021-29435
Affects trestle-auth | Versions >=0.4.0, <0.4.2
Has fix
RubyGemsPublished 15 Apr 2021
  • M
Improper Input ValidationCVE-2020-7942
Affects puppet | Versions <6.13.0
Has fix
RubyGemsPublished 14 Apr 2021
  • M
Cross-site Request Forgery (CSRF)CVE-2021-29435
Affects trestle-auth | Versions >=0.4.0, <0.4.2
Has fix
RubyGemsPublished 14 Apr 2021
  • M
Improper Certificate ValidationCVE-2020-24393
Affects tweetstream | Versions >=0.0.0
Has fix
RubyGemsPublished 14 Apr 2021
  • H
Information ExposureCVE-2021-3413
Affects foreman_azure_rm | Versions <2.2.0
Has fix
RubyGemsPublished 9 Apr 2021
  • L
Improper Input ValidationCVE-2021-28965
Affects rexml | Versions <3.2.5
Has fix
RubyGemsPublished 9 Apr 2021
  • M
Cross-site Scripting (XSS)CVE-2021-30151
Affects sidekiq | Versions <6.2.1
Has fix
RubyGemsPublished 6 Apr 2021
  • M
Cross-site Scripting (XSS)CVE-2021-28796
Affects qiita-markdown | Versions <0.33.0
Has fix
RubyGemsPublished 19 Mar 2021
  • M
Deserialization of Untrusted DataCVE-2021-28834
Affects kramdown | Versions >=1.16.0, <2.3.1
Has fix
RubyGemsPublished 19 Mar 2021
  • H
Denial of Service (DoS)
Affects spree | Versions <4.2.0
Has fix
RubyGemsPublished 8 Mar 2021
  • M
Timing AttackCVE-2019-25025
Affects activerecord-session_store | Versions <2.0.0
Has fix
RubyGemsPublished 5 Mar 2021
  • M
Open RedirectCVE-2021-22881
Affects actionpack | Versions >=6.0.0, <6.0.3.5>=6.1.0.rc1, <6.1.2.1
Has fix
RubyGemsPublished 2 Mar 2021
  • H
Regular Expression Denial of Service (ReDoS)CVE-2021-22880
Affects activerecord | Versions >=6.1.0, <6.1.2.1>=6.0.0, <6.0.3.5>=4.2.0, <5.2.4.5
Has fix
RubyGemsPublished 2 Mar 2021
  • H
Unsafe Dependency ResolutionCVE-2020-36327
Affects bundler | Versions >=1.16.0, <2.2.10>=2.2.11, <2.2.16
Has fix
RubyGemsPublished 22 Feb 2021
  • M
Man-in-the-Middle (MitM)CVE-2020-24392
Affects tweetstream | Versions >=0.0.0
Has fix
RubyGemsPublished 21 Feb 2021
  • M
Man-in-the-Middle (MitM)CVE-2020-24392
Affects twitter-stream | Versions >=0.0.0
Has fix
RubyGemsPublished 21 Feb 2021
  • H
Code InjectionCVE-2021-23337
Affects lodash-rails | Versions <4.17.21
Has fix
RubyGemsPublished 15 Feb 2021
  • H
Denial of Service (DoS)CVE-2021-22880
Affects rails | Versions >=4.2.0, <5.2.4.5>=6.0.0.beta1, <6.0.3.5>=6.1.0.rc1, <6.1.2.1
Has fix
RubyGemsPublished 11 Feb 2021
  • M
Server-Side Request Forgery (SSRF)CVE-2021-21288
Affects carrierwave | Versions >=2.0.0.rc, <2.1.1<1.3.2
Has fix
RubyGemsPublished 9 Feb 2021
  • M
Remote Code Execution (RCE)CVE-2021-21305
Affects carrierwave | Versions >=2.0.0.rc, <2.1.1<1.3.2
Has fix
RubyGemsPublished 9 Feb 2021
  • H
Command InjectionCVE-2021-21289
Affects mechanize | Versions >=2.0.0, <2.7.7
Has fix
RubyGemsPublished 3 Feb 2021
  • M
Cross-site Scripting (XSS)CVE-2020-36190
Affects rails_admin | Versions <1.4.3>=2.0.0, <2.0.2
Has fix
RubyGemsPublished 13 Jan 2021
  • H
Cross-site Scripting (XSS)CVE-2020-26298
Affects redcarpet | Versions <3.5.1
Has fix
RubyGemsPublished 12 Jan 2021
  • H
Authentication BypassCVE-2020-26254
Affects omniauth-apple | Versions >=1.0.0, <1.0.1
Has fix
RubyGemsPublished 5 Jan 2021
  • L
XML External Entity (XXE) InjectionCVE-2020-26247
Affects nokogiri | Versions <1.11.0.rc4
Has fix
RubyGemsPublished 31 Dec 2020
  • C
Malicious Package
Affects pretty_color | Versions >=0.0.0
Has fix
RubyGemsPublished 17 Dec 2020
  • C
Malicious Package
Affects ruby-bitcoin | Versions >=0.0.0
Has fix
RubyGemsPublished 17 Dec 2020
  • M
Information ExposureCVE-2020-13353
Affects gitaly | Versions >=1.79.0, <13.3.9>=13.4, <13.4.5>=13.5, <13.5.2
Has fix
RubyGemsPublished 17 Nov 2020
  • H
Information ExposureCVE-2020-26223
Affects spree_api | Versions >=3.7.0, <3.7.13>=4.0.0, <4.0.5>=4.1.0, <4.1.12
Has fix
RubyGemsPublished 15 Nov 2020
  • L
Remote Code Execution (RCE)CVE-2020-26222
Affects dependabot-omnibus | Versions >=0.119.0.beta1, <0.125.1
Has fix
RubyGemsPublished 15 Nov 2020