Vulnerability Database
Blog
FAQ
Vulnerability Library
search
All ecosystems
43993
Alpine
3151
Android
582
crates.io
1104
Debian
9120
GitHub Actions
8
Go
1323
Hex
21
Linux
13573
Maven
3332
npm
2869
NuGet
262
OSS-Fuzz
2742
Packagist
1434
Pub
4
PyPI
3840
RubyGems
628
ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-hv5j-3h9f-99c2
RubyGems/uri
RubyGems/uri
RubyGems/uri
RubyGems/uri
Ruby URI component ReDoS issue
0.12.0
0.11.0
0.10.1
0.10.0
2023-03-31T23:06:14.852709Z
Fix available
GHSA-fg7x-g82r-94qc
RubyGems/time
RubyGems/time
Ruby Time component ReDos issue
0.2.0
0.2.1
0.1.0
2023-03-31T23:05:59.026018Z
Fix available
GHSA-c3gv-9cxf-6f57
RubyGems/loofah
Cross-site Scripting in Loofah
0.2.0
0.2.1
0.2.2
0.3.0
0.3.1
0.4.0
0.4.1
...
2023-03-31T16:16:17.756080Z
Fix available
GHSA-9p29-94hp-8rvc
RubyGems/qiita-markdown
qiita-markdown Cross-site Scripting vulnerability
0.0.1
0.0.2
0.0.3
0.0.4
0.0.5
0.0.6
0.0.7
...
2023-03-31T16:01:57.426088Z
Fix available
GHSA-977c-63xq-cgw3
RubyGems/opensearch-ruby
opensearch-ruby 2.x before 2.0.2 vulnerable to unsafe YAML deserialization
2.0.0
2.0.1
2023-03-31T15:48:29.816421Z
Fix available
GHSA-579w-22j4-4749
RubyGems/activerecord
RubyGems/activerecord
RubyGems/activerecord
Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter
6.0.0
6.0.1
6.0.1.rc1
6.0.2
6.0.2.1
6.0.2.2
6.0.2.rc1
...
2023-03-31T14:01:31.617843Z
Fix available
GHSA-7627-mp87-jf6q
RubyGems/cocoapods-downloader
RubyGems/cocoapods-downloader
Command injection in cocoapods-downloader
0.1.0
0.1.1
0.1.2
0.2.0
0.3.0
0.4.0
0.4.1
...
2023-03-30T23:48:21.603642Z
Fix available
GHSA-7322-9mx6-5j2m
RubyGems/redcarpet
redcarpet Buffer Overflow vulnerability
3.3.0
3.3.1
2023-03-30T23:33:08.267759Z
Fix available
GHSA-m875-3xf6-mf78
RubyGems/unpoly-rails
unpoly-rails Denial of Service vulnerability
0.20.0
0.21.0
0.22.0
0.22.1
0.23.0
0.24.0
0.24.1
...
2023-03-30T23:03:57.669112Z
Fix available
GHSA-8qwh-rm6c-jv96
RubyGems/oxidized-web
Oxidized Web vulnerable to Cross-site Scripting
0.0.1
0.0.2
0.0.3
0.1.0
0.1.1
0.1.2
0.10.0
...
2023-03-30T05:35:51.678429Z
No fix available
GHSA-mc8m-x6hf-cw2g
RubyGems/point-cli
point-cli allows local users to obtain sensitive information by listing the process
0.0.1
2023-03-30T05:34:11.322513Z
No fix available
GHSA-42gq-h7xj-33r4
RubyGems/features
Features file injection vulnerability
0.1.0
0.1.2
0.1.3
0.1.4
0.2.0
0.2.1
0.3.0
2023-03-30T05:30:56.825044Z
No fix available
GHSA-mvw8-v767-qhjm
RubyGems/radiant
Radiant CMS vulnerable to Cross-site Scripting
0.5.0
0.5.1
0.5.2
0.6.0
0.6.1
0.6.2
0.6.3
...
2023-03-30T05:30:51.912125Z
No fix available
GHSA-hgmw-x865-hf9x
RubyGems/Arabic-Prawn
Arabic Prawn allows remote attackers to execute arbitrary commands via shell metacharacters
0.0.1
2023-03-30T05:30:08.121478Z
No fix available
GHSA-5g7f-p7jg-v6mv
RubyGems/lean-ruport
lean-ruport allows local users to obtain sensitive information by listing the process
0.3.8
2023-03-30T05:29:53.257092Z
No fix available
GHSA-86cf-g34f-7462
RubyGems/VladTheEnterprising
VladTheEnterprising allows local users to obtain sensitive information by reading MySQL root password from temporary file
0.1.4
0.1.5
0.1.6
0.1.7
0.1.8
0.2
2023-03-30T05:29:48.298262Z
No fix available
Load more...
RubyGems - OSV