See the full list of npm packages compromised in the "Antv Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Denial of Service (DoS)CVE-2021-3541
Affects nokogiri | Versions <1.11.4
Has fix
RubyGemsPublished 18 May 2021
- H
Denial of Service (DoS)CVE-2021-3537
Affects nokogiri | Versions <1.11.4
Has fix
RubyGemsPublished 18 May 2021
- H
Denial of Service (DoS)CVE-2020-24977
Affects nokogiri | Versions <1.11.4
Has fix
RubyGemsPublished 18 May 2021
- H
Denial of Service (DoS)CVE-2021-3517
Affects nokogiri | Versions <1.11.4
Has fix
RubyGemsPublished 18 May 2021
- M
Improper AuthorizationCVE-2021-3457
Affects smart_proxy_shellhooks | Versions <0.9.2
Has fix
RubyGemsPublished 13 May 2021
- H
Denial of Service (DoS)CVE-2021-29509
Affects puma | Versions >=5.0.0.beta1, <5.3.1<4.3.8
Has fix
RubyGemsPublished 12 May 2021
- H
Arbitrary Code ExecutionCVE-2019-3881
Affects bundler | Versions >=1.14.0, <2.1.0
Has fix
RubyGemsPublished 11 May 2021
- H
Regular Expression Denial of Service (ReDoS)CVE-2021-22902
Affects actionpack | Versions >=6.1.0, <6.1.3.2>=6.0.0, <6.0.3.7
Has fix
RubyGemsPublished 6 May 2021
- M
Regular Expression Denial of Service (ReDoS)CVE-2021-22903
Affects actionpack | Versions >=6.1.0, <6.1.3.2
Has fix
RubyGemsPublished 6 May 2021
- H
Denial of Service (DoS)CVE-2021-22904
Affects actionpack | Versions >=2.0.0, <5.2.4.6>=5.2.5, <5.2.6>=6.0.0, <6.0.3.7>=6.1.0, <6.1.3.2
Has fix
RubyGemsPublished 6 May 2021
- M
Information ExposureCVE-2021-22885
Affects actionpack | Versions >=2.0.0, <5.2.4.6>=5.2.5, <5.2.6>=6.0.0, <6.0.3.7>=6.1.0, <6.1.3.2
Has fix
RubyGemsPublished 6 May 2021
- H
Directory TraversalCVE-2018-6914
Affects rubysl-tmpdir | Versions >=0.0.0
Has fix
RubyGemsPublished 6 May 2021
- H
Directory TraversalCVE-2021-28966
Affects tmpdir | Versions <0.1.2
Has fix
RubyGemsPublished 6 May 2021
- H
Command InjectionCVE-2021-31799
Affects rdoc | Versions >=3.11, <6.3.0
Has fix
RubyGemsPublished 5 May 2021
- H
Arbitrary Code ExecutionCVE-2021-22204
Affects exiftool_vendored | Versions <12.25.0
Has fix
RubyGemsPublished 4 May 2021
- M
Information ExposureCVE-2021-31671
Affects pgsync | Versions <0.6.7
Has fix
RubyGemsPublished 27 Apr 2021
- M
Cross-site Request Forgery (CSRF)CVE-2021-29435
Affects trestle-auth | Versions >=0.4.0, <0.4.2
Has fix
RubyGemsPublished 15 Apr 2021
- M
Improper Input ValidationCVE-2020-7942
Affects puppet | Versions <6.13.0
Has fix
RubyGemsPublished 14 Apr 2021
- M
Cross-site Request Forgery (CSRF)CVE-2021-29435
Affects trestle-auth | Versions >=0.4.0, <0.4.2
Has fix
RubyGemsPublished 14 Apr 2021
- M
Improper Certificate ValidationCVE-2020-24393
Affects tweetstream | Versions >=0.0.0
Has fix
RubyGemsPublished 14 Apr 2021
- H
Information ExposureCVE-2021-3413
Affects foreman_azure_rm | Versions <2.2.0
Has fix
RubyGemsPublished 9 Apr 2021
- L
Improper Input ValidationCVE-2021-28965
Affects rexml | Versions <3.2.5
Has fix
RubyGemsPublished 9 Apr 2021
- M
Cross-site Scripting (XSS)CVE-2021-30151
Affects sidekiq | Versions <6.2.1
Has fix
RubyGemsPublished 6 Apr 2021
- M
Cross-site Scripting (XSS)CVE-2021-28796
Affects qiita-markdown | Versions <0.33.0
Has fix
RubyGemsPublished 19 Mar 2021
- M
Deserialization of Untrusted DataCVE-2021-28834
Affects kramdown | Versions >=1.16.0, <2.3.1
Has fix
RubyGemsPublished 19 Mar 2021
- M
Timing AttackCVE-2019-25025
Affects activerecord-session_store | Versions <2.0.0
Has fix
RubyGemsPublished 5 Mar 2021
- M
Open RedirectCVE-2021-22881
Affects actionpack | Versions >=6.0.0, <6.0.3.5>=6.1.0.rc1, <6.1.2.1
Has fix
RubyGemsPublished 2 Mar 2021
- H
Regular Expression Denial of Service (ReDoS)CVE-2021-22880
Affects activerecord | Versions >=6.1.0, <6.1.2.1>=6.0.0, <6.0.3.5>=4.2.0, <5.2.4.5
Has fix
RubyGemsPublished 2 Mar 2021