Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-92v7-pq4h-58j5
  • RubyGems/facter
  • RubyGems/facter
  • RubyGems/hiera
  • RubyGems/puppet
  • RubyGems/puppet
  • RubyGems/mcollective-client
Moderate severity vulnerability that affects facter, hiera, mcollective-client, and puppet
  • 1.0.1
  • 1.1.1
  • 1.3.3
  • 1.3.7
  • 1.3.8
  • 1.5
  • 1.5.2
  • ...
2022-08-15T09:12:56.928810Z Fix available
GHSA-2p5p-m353-833w
  • RubyGems/administrate
Sort order SQL injection in Administrate
  • 0.0.10
  • 0.0.11
  • 0.0.12
  • 0.0.2
  • 0.0.3
  • 0.0.4
  • 0.0.6
  • ...
2022-08-15T09:12:39.381201Z Fix available
GHSA-9c2j-593q-3g82
  • RubyGems/activesupport
  • RubyGems/activesupport
Moderate severity vulnerability that affects activesupport
  • 3.0.0
  • 3.0.1
  • 3.0.10
  • 3.0.10.rc1
  • 3.0.11
  • 3.0.12
  • 3.0.12.rc1
  • ...
2022-08-15T09:12:31.255297Z Fix available
GHSA-9p3v-wf2w-v29c
  • RubyGems/rails
  • RubyGems/rails
Moderate severity vulnerability that affects rails
  • 0.10.0
  • 0.10.1
  • 0.11.0
  • 0.11.1
  • 0.12.0
  • 0.12.1
  • 0.13.0
  • ...
2022-08-15T09:12:29.780253Z Fix available
GHSA-ggfx-h9xj-5v9c
  • RubyGems/random_password_generator
Insecure PRNG use in random_password_generator
  • 0.0.1
  • 0.0.2
  • 0.0.3
  • 0.0.4
  • 0.0.5
  • 1.0.0
2022-08-15T09:12:23.252377Z No fix available
GHSA-h8hx-2c5r-32cf
  • RubyGems/trestle-auth
Cross-Site Request Forgery (CSRF) in trestle-auth
  • 0.4.0
  • 0.4.1
2022-08-15T09:12:17.927113Z Fix available
GHSA-fjfg-q662-gm6j
  • RubyGems/rails
Moderate severity vulnerability that affects rails
  • 0.10.0
  • 0.10.1
  • 0.11.0
  • 0.11.1
  • 0.12.0
  • 0.12.1
  • 0.13.0
  • ...
2022-08-15T09:12:14.040377Z Fix available
GHSA-gwrj-88fp-5m36
  • RubyGems/narou
Code injection in Narou
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.1.0
  • 1.1.0.rc1
  • 1.1.0.rc2
  • 1.1.1
  • ...
2022-08-15T09:12:13.991606Z Fix available
GHSA-5629-8855-gf4g
  • RubyGems/solidus_core
  • RubyGems/solidus_core
  • RubyGems/solidus_core
Authentication Bypass by CSRF Weakness
  • 1.0.0
  • 1.0.0.pre
  • 1.0.0.pre2
  • 1.0.0.pre3
  • 1.0.0.rc1
  • 1.0.0.rc2
  • 1.0.1
  • ...
2022-08-15T09:12:12.184942Z Fix available
GHSA-fr32-gr5c-xq5c
  • RubyGems/rubygems-update
  • RubyGems/rubygems-update
Escape sequence injection in RubyGems
  • 2.6.0
  • 2.6.1
  • 2.6.10
  • 2.6.11
  • 2.6.12
  • 2.6.13
  • 2.6.14
  • ...
2022-08-15T09:12:09.801799Z Fix available
GHSA-rprj-g6xc-p5gq
  • RubyGems/wicked
Moderate severity vulnerability that affects wicked
  • 0.0.1
  • 0.0.2
  • 0.1.0
  • 0.1.1
  • 0.1.2
  • 0.1.3
  • 0.1.4
  • ...
2022-08-15T09:12:08.151966Z Fix available
GHSA-8qrh-h9m2-5fvf
  • RubyGems/rails
  • RubyGems/rails
Moderate severity vulnerability that affects rails
  • 2.0.0
  • 2.0.1
  • 2.0.2
  • 2.0.4
  • 2.0.5
  • 2.1.0
  • 2.1.1
  • ...
2022-08-15T09:12:05.129928Z Fix available
GHSA-75w6-p6mg-vh8j
  • RubyGems/rails
  • RubyGems/rails
Moderate severity vulnerability that affects rails
  • 0.10.0
  • 0.10.1
  • 0.11.0
  • 0.11.1
  • 0.12.0
  • 0.12.1
  • 0.13.0
  • ...
2022-08-15T09:12:01.076207Z Fix available
GHSA-5ww9-9qp2-x524
  • RubyGems/diffy
Improper handling of double quotes in file name in Diffy in Windows environment
  • 1.1.0
  • 2.0.0
  • 2.0.1
  • 2.0.10
  • 2.0.2
  • 2.0.3
  • 2.0.4
  • ...
2022-08-15T09:12:00.147284Z Fix available
GHSA-7g65-ghrg-hpf5
  • RubyGems/actionpack
  • RubyGems/actionpack
  • RubyGems/actionpack
Moderate severity vulnerability that affects actionpack
  • 0.9.0
  • 0.9.5
  • 1.0.0
  • 1.0.1
  • 1.1.0
  • 1.10.1
  • 1.10.2
  • ...
2022-08-15T09:11:57.929559Z Fix available
GHSA-86g5-2wh3-gc9j
  • RubyGems/actionview
  • RubyGems/actionview
  • RubyGems/actionview
  • RubyGems/actionview
Critical severity vulnerability that affects actionview
  • 5.2.0
  • 5.2.1
  • 5.2.1.1
  • 5.2.1.rc1
  • 5.2.2
  • 5.2.2.rc1
  • 4.1.0
  • ...
2022-08-15T09:11:52.607722Z Fix available