Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
M Cross-site Scripting (XSS)	actiontext >=7.0.0.alpha1, <7.0.8.3 >=7.1.0.beta1, <7.1.3.3	RubyGems	12 Jun 2024
M Cross-site Scripting (XSS)	katello >=0.0.0	RubyGems	6 Jun 2024
M Improper Input Validation	actionpack >=6.1.0, <6.1.7.8 >=7.0.0, <7.0.8.4 >=7.1.0, <7.1.3.4 >=7.2.0.beta1, <7.2.0.beta2	RubyGems	5 Jun 2024
M Cross-site Scripting (XSS)	actiontext >=7.1.0, <7.1.3.4 >=7.2.0.beta1, <7.2.0.beta2	RubyGems	5 Jun 2024
C Cross-site Scripting	activeadmin <3.2.2 >=4.0.0.beta1, <4.0.0.beta7	RubyGems	3 Jun 2024
H Heap-based Buffer Overflow	nokogiri <1.16.5	RubyGems	30 May 2024
M Use After Free	openssl >=3.0.0	RubyGems	29 May 2024
H Allocation of Resources Without Limits or Throttling	rack-contrib <2.5.0	RubyGems	28 May 2024
M Improper Access Control	kaminari >=0.15.0, <0.16.2	RubyGems	28 May 2024
L Uncontrolled Resource Consumption	openssl >=0.0.0	RubyGems	19 May 2024
M Uncontrolled Resource Consumption	rexml <3.2.7	RubyGems	17 May 2024
M Cross-site Scripting (XSS)	solidus >=0.0.0	RubyGems	14 May 2024
H Cross-site Scripting (XSS)	phlex <1.9.3 >=1.10.0, <1.10.2	RubyGems	1 May 2024
M Cross-site Scripting (XSS)	sidekiq >=7.2.0, <7.2.4	RubyGems	28 Apr 2024
M Cross-site Scripting (XSS)	phlex <1.4.2 >=1.5.0, <1.5.3 >=1.6.0, <1.6.3 >=1.7.0, <1.7.2 >=1.8.0, <1.8.3 >=1.9.0, <1.9.2 >=1.10.0, <1.10.1	RubyGems	17 Apr 2024
L Uncontrolled Resource Consumption ('Resource Exhaustion')	openssl >=3.0.0	RubyGems	9 Apr 2024
M Cross-site Scripting (XSS)	carrierwave <2.2.6 >=3.0.0, <3.0.7	RubyGems	25 Mar 2024
L Buffer Over-read	stringio >=3.0.1, <3.0.1.1	RubyGems	22 Mar 2024
M Code Injection	rdoc <6.3.4.1 >=6.4.0, <6.4.1.1 >=6.5.0, <6.5.1.1	RubyGems	22 Mar 2024
H Incorrect Default Permissions	rotp <6.3.0	RubyGems	18 Mar 2024
H Exposed Dangerous Method or Function	turbo_boost-commands <0.1.3 >=0.2.0, <0.2.2	RubyGems	17 Mar 2024
H Cross-site Scripting (XSS)	phlex <1.0.1 >=1.1.0, <1.1.1 >=1.2.0, <1.2.2 >=1.3.0, <1.3.3 >=1.4.0, <1.4.1 >=1.5.0, <1.5.2 >=1.6.0, <1.6.2 >=1.7.0, <1.7.1 >=1.8.0, <1.8.2 >=1.9.0, <1.9.1	RubyGems	13 Mar 2024
H Unsafe Reflection	stimulus_reflex <3.4.2 >=3.5.0-pre0, <3.5.0-rc4	RubyGems	13 Mar 2024
M Cross-site Scripting (XSS)	yard <0.9.35	RubyGems	29 Feb 2024
H Exposure of Data Element to Wrong Session	actionpack >=5.2.0, <6.1.7.7 >=7.0.0, <7.0.8.1	RubyGems	25 Feb 2024
M Regular Expression Denial of Service (ReDoS)	actionpack >=7.1.0, <7.1.3.1	RubyGems	25 Feb 2024
M Cross-site Scripting (XSS)	actionpack >=7.0.0, <7.0.8.1 >=7.1.0, <7.1.3.1	RubyGems	25 Feb 2024
H Denial of Service (DoS)	rack >=1.3.0, <2.2.8.1 >=3.0.0, <3.0.9.1	RubyGems	25 Feb 2024
M Regular Expression Denial of Service (ReDoS)	rack >=0.4.0, <2.2.8.1 >=3.0.0, <3.0.9.1	RubyGems	25 Feb 2024
M Regular Expression Denial of Service (ReDoS)	rack <2.0.9.4 >=2.1.0, <2.1.4.4 >=2.2.0, <2.2.8.1 >=3.0.0, <3.0.9.1	RubyGems	25 Feb 2024

APPLICATION

OPERATING SYSTEM