Homepage About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

PACKAGE MANAGER

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • M
Cross-site Scripting (XSS) 		publify_core Open this link in a new tab <9.2.5 RubyGems 10 Nov 2021
  • M
Access Restriction Bypass 		publify_core Open this link in a new tab >=9.0.0.pre1, <9.2.5 RubyGems 2 Nov 2021
  • M
Regular Expression Denial of Service (ReDoS) 		fluentd Open this link in a new tab >=0.14.14, <1.14.2. RubyGems 31 Oct 2021
  • M
Cross-site Scripting (XSS) 		rails Open this link in a new tab <3.0.6 RubyGems 20 Oct 2021
  • H
Always-Incorrect Control Flow Implementation 		evm Open this link in a new tab <0.31.0 RubyGems 20 Oct 2021
  • M
Cross-site Scripting (XSS) 		camaleon_cms Open this link in a new tab <2.6.0.1 RubyGems 20 Oct 2021
  • M
Denial of Service (DoS) 		camaleon_cms Open this link in a new tab >=2.0.1, <2.6.0.1 RubyGems 20 Oct 2021
  • H
Insufficient Session Expiration 		camaleon_cms Open this link in a new tab >=0.1.7, <2.6.0.1 RubyGems 20 Oct 2021
  • M
Server-Side Request Forgery (SSRF) 		camaleon_cms Open this link in a new tab >=2.1.2.0, <2.6.0.1 RubyGems 20 Oct 2021
  • L
HTTP Request Smuggling 		puma Open this link in a new tab <4.3.9 >=5.0.0, <5.5.1 RubyGems 13 Oct 2021
  • M
HTTP Request Smuggling 		llhttp Open this link in a new tab >=0.0.0 RubyGems 13 Oct 2021
  • M
HTTP Request Smuggling 		llhttp Open this link in a new tab >=0.0.0 RubyGems 13 Oct 2021
  • M
Cross-site Scripting (XSS) 		sidekiq Open this link in a new tab <5.2.0 >=6.0.0, <6.2.1 RubyGems 8 Oct 2021
  • H
Arbitrary Code Execution 		ruby-jss Open this link in a new tab <1.6.0 RubyGems 8 Oct 2021
  • H
XML External Entity (XXE) Injection 		nokogiri Open this link in a new tab <1.12.5 RubyGems 28 Sep 2021
  • M
Denial of Service (DoS) 		nokogiri Open this link in a new tab <1.8.2 RubyGems 8 Sep 2021
  • M
Cross-site Request Forgery (CSRF) 		better_errors Open this link in a new tab <2.8.0 RubyGems 8 Sep 2021
  • H
Open Redirect 		clearance Open this link in a new tab <2.5.0 RubyGems 31 Aug 2021
  • H
Open Redirect 		rails Open this link in a new tab >=6.1.0, <6.1.4.1 >=6.0.0, <6.0.4.1 RubyGems 20 Aug 2021
  • H
Command Injection 		rdoc Open this link in a new tab <6.3.1 RubyGems 8 Jul 2021
  • H
Regular Expression Denial of Service (ReDoS) 		addressable Open this link in a new tab >=2.3.0, <2.8.0 RubyGems 7 Jul 2021
  • M
Cross-site Scripting (XSS) 		smashing Open this link in a new tab <1.3.5 RubyGems 7 Jul 2021
  • C
SQL Injection 		activerecord-jdbc-adapter Open this link in a new tab >=1.2.6, <1.2.8 RubyGems 2 Jul 2021
  • M
Directory Traversal 		webrick Open this link in a new tab <1.4.0.beta1 RubyGems 1 Jul 2021
  • C
Improper Input Validation 		webrick Open this link in a new tab <1.4.0.beta1 RubyGems 1 Jul 2021
  • H
Arbitrary Code Injection 		narou Open this link in a new tab <3.8.0 RubyGems 28 Jun 2021
  • H
Data Injection 		activerecord Open this link in a new tab >=2.3.2, <4.0.0.beta1 RubyGems 25 Jun 2021
  • L
Denial of Service (DoS) 		bindata Open this link in a new tab <2.4.10 RubyGems 24 Jun 2021
  • M
Cross-site Scripting (XSS) 		qiita-markdown Open this link in a new tab <0.34.0 RubyGems 21 Jun 2021
  • M
Improper Authorization 		foreman_ansible Open this link in a new tab <2.0.0 RubyGems 10 Jun 2021