Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-pxcc-8665-phx8
  • RubyGems/yard
 YARD static cache reads raw traversal paths before router sanitization yesterday
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-2jc5-xhx8-qj6h
  • RubyGems/fluent-plugin-opentelemetry
 fluent-plugin-opentelemetry Has Denial of Service (DoS) via Large Payloads and Decompression Bombs in `in_opentelemetry` yesterday
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-xv9w-7v6q-hpjh
  • RubyGems/fluent-plugin-s3
 fluent-plugin-s3 Vulnerable to Denial of Service (DoS) via Decompression Bomb in `in_s3` yesterday
  • Fix available
  • Severity - 2.7 (Low)
GHSA-72f5-rr8c-r6gr
  • RubyGems/fluentd
 Fluentd is Vulnerable to Server-Side Request Forgery (SSRF) via Placeholder Expansion in `out_http` yesterday
  • Fix available
  • Severity - 7.2 (High)
GHSA-j9cw-hwqf-85w7
  • RubyGems/fluentd
 Fluentd is Vulnerable to Denial of Service (DoS) via Gzip Decompression Bomb in `in_http` and `in_forward` yesterday
  • Fix available
  • Severity - 7.5 (High)
GHSA-pr7j-96cj-549h
  • RubyGems/fluentd
 Fluentd is Vulnerable to Exposure of Sensitive Information via Monitor Agent API yesterday
  • Fix available
  • Severity - 7.5 (High)
GHSA-44hj-4m45-frj3
  • RubyGems/fluentd
 Fluentd is Vulnerable to Remote Code Execution (RCE) via Arbitrary File Write in `${tag}` Placeholder yesterday
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-6wx8-w4f5-wwcr
  • RubyGems/concurrent-ruby
 Concurrent Ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption 19 Jun
  • Fix available
  • Severity - 2.1 (Low)
GHSA-wv3x-4vxv-whpp
  • RubyGems/concurrent-ruby
 Concurrent Ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity 19 Jun
  • Fix available
  • Severity - 2.0 (Low)
GHSA-h8w8-99g7-qmvj
  • RubyGems/concurrent-ruby
 Concurrent Ruby : `AtomicReference#update` livelocks when the stored value is `Float::NAN` 19 Jun
  • Fix available
  • Severity - 8.2 (High)
GHSA-475m-ph3x-64gp
  • RubyGems/oj
 Oj: Integer Overflow in Oj.load 2GB String Handling 19 Jun
  • Fix available
  • Severity - 8.7 (High)
GHSA-m578-w5vf-rfcm
  • RubyGems/oj
 Oj: Use-After-Free in Oj::Parser SAJ Long Key Callback 19 Jun
  • Fix available
  • Severity - 8.7 (High)
GHSA-vwm4-62gf-x745
  • RubyGems/oj
 Oj: Use-After-Free in Oj::Parser array_class/hash_class GC Marking 19 Jun
  • Fix available
  • Severity - 8.7 (High)
GHSA-9cv6-qcjw-4grx
  • RubyGems/oj
 Oj: Negative-Size memcpy in Oj::Parser create_id Attribute Handling 19 Jun
  • Fix available
  • Severity - 8.7 (High)
GHSA-q2gm-54r6-8fwm
  • RubyGems/oj
 Oj: Use-After-Free in Oj::Parser SAJ Callback via Input Mutation 19 Jun
  • Fix available
  • Severity - 8.7 (High)
GHSA-9ppp-w3g4-fh4q
  • RubyGems/oj
 Oj: Use-After-Free in Oj::Doc Iterators via Reentrant Close 19 Jun
  • Fix available
  • Severity - 8.7 (High)
Load more...