Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-j945-c44v-97g6
  • Maven/net.sf.mpxj:mpxj
  • RubyGems/mpxj
  • PyPI/mpxj
  • NuGet/net.sf.mpxj
  • NuGet/net.sf.mpxj-for-csharp
  • NuGet/net.sf.mpxj-for-vb
  • NuGet/MPXJ.Net
MPXJ has a Potential Path Traversal Vulnerability 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-2rxp-v6pw-ch6m
  • RubyGems/rexml
REXML ReDoS vulnerability 2 days ago
  • Fix available
  • Severity - 6.6 (Medium)
GHSA-v46j-h43h-rwrm
  • RubyGems/Autolab
Autolab Misconfigured Reset Password Permissions 5 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-hhxg-rvc9-8726
  • RubyGems/camaleon_cms
camaleon_cms affected by cross site scripting 23 Oct
  • No fix available
  • Severity - 4.8 (Medium)
MAL-2024-10224
  • Not specified
Malicious code in znowflake_client (RubyGems) 16 Oct
  • No fix available
MAL-2024-10223
  • Not specified
Malicious code in zen-ruby-linter (RubyGems) 16 Oct
  • No fix available
MAL-2024-10222
  • Not specified
Malicious code in zbt_element_definer (RubyGems) 16 Oct
  • No fix available
MAL-2024-10221
  • Not specified
Malicious code in johnny_five (RubyGems) 16 Oct
  • No fix available
GHSA-h47h-mwp9-c6q6
  • RubyGems/actionmailer
Possible ReDoS vulnerability in block_format in Action Mailer 15 Oct
  • Fix available
GHSA-wwhv-wxv9-rpgw
  • RubyGems/actiontext
Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text 15 Oct
  • Fix available
GHSA-vfg9-r3fq-jvx4
  • RubyGems/actionpack
Possible ReDoS vulnerability in HTTP Token authentication in Action Controller 15 Oct
  • Fix available
GHSA-x76w-6vjr-8xgj
  • RubyGems/actionpack
Possible ReDoS vulnerability in query parameter filtering in Action Dispatch 15 Oct
  • Fix available
  • Severity - 6.6 (Medium)
GHSA-4xqv-47rm-37mm
  • RubyGems/openc3
  • npm/@openc3/tool-common
OpenC3 stores passwords in clear text (`GHSL-2024-129`) 02 Oct
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-8jxr-mccc-mwg8
  • RubyGems/openc3
  • PyPI/openc3
OpenC3 Path Traversal via screen controller (`GHSL-2024-127`) 02 Oct
  • Fix available
  • Severity - 7.1 (High)
GHSA-vfj8-5pj7-2f9g
  • RubyGems/openc3
  • npm/@openc3/tool-common
  • PyPI/openc3
OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`) 02 Oct
  • Fix available
  • Severity - 5.1 (Medium)
GHSA-cc4g-m3g7-xmw8
  • RubyGems/decidim
Decidim has a cross-site scripting vulnerability in the version control page 01 Oct
  • Fix available
  • Severity - 7.1 (High)