Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-h4h5-3hr4-j3g2
  • Maven/com.google.protobuf:protobuf-java
  • Maven/com.google.protobuf:protobuf-kotlin
  • RubyGems/google-protobuf
  • Maven/com.google.protobuf:protobuf-javalite
  • Maven/com.google.protobuf:protobuf-kotlin-lite
  • Maven/com.google.protobuf:protobuf-java
  • Maven/com.google.protobuf:protobuf-java
  • Maven/com.google.protobuf:protobuf-java
  • Maven/com.google.protobuf:protobuf-kotlin
  • Maven/com.google.protobuf:protobuf-kotlin
  • Maven/com.google.protobuf:protobuf-kotlin
  • RubyGems/google-protobuf
  • RubyGems/google-protobuf
  • RubyGems/google-protobuf
  • Maven/com.google.protobuf:protobuf-javalite
  • Maven/com.google.protobuf:protobuf-javalite
  • Maven/com.google.protobuf:protobuf-javalite
  • Maven/com.google.protobuf:protobuf-kotlin-lite
  • Maven/com.google.protobuf:protobuf-kotlin-lite
  • Maven/com.google.protobuf:protobuf-kotlin-lite
protobuf-java has a potential Denial of Service issue
  • 3.21.0
  • 3.21.0-rc-1
  • 3.21.0-rc-2
  • 3.21.1
  • 3.21.2
  • 3.21.3
  • 3.21.4
  • ...
2022-10-04T22:45:14.968173Z Fix available
GHSA-cj43-9h3w-v976
  • RubyGems/puppet
  • RubyGems/puppet
Puppet allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service
  • 2.7.1
  • 2.7.11
  • 2.7.12
  • 2.7.13
  • 2.7.14
  • 2.7.16
  • 2.7.17
  • ...
2022-10-04T21:56:08.056433Z Fix available
GHSA-rhwx-hjx2-x4qr
  • RubyGems/pdfkit
PDFKit vulnerable to Command Injection
  • 0.1.0
  • 0.1.1
  • 0.2.0
  • 0.2.1
  • 0.2.2
  • 0.2.3
  • 0.3.0
  • ...
2022-10-04T21:36:34.642563Z Fix available
GHSA-7f42-p84j-f58p
  • RubyGems/sanitize
Sanitize vulnerable to Improper Input Validation and Cross-site Scripting
  • 3.0.0
  • 3.0.1
  • 3.0.2
  • 3.0.3
  • 3.0.4
  • 3.1.0
  • 3.1.1
  • ...
2022-10-04T20:16:13.634460Z Fix available
GHSA-3fhf-6939-qg8p
  • RubyGems/rest-client
rest-client vulnerable to Session Fixation
  • 1.6.1
  • 1.6.1.a
  • 1.6.14
  • 1.6.2.a
  • 1.6.3
  • 1.6.5
  • 1.6.6
  • ...
2022-10-04T19:55:59.336203Z Fix available
GHSA-mgvv-5mxp-xq67
  • RubyGems/sqlite3
SQLite3 addresses vulnerability in packaged version of libsqlite
  • 1.5.0
2022-10-03T22:12:28Z Fix available
GHSA-78j3-7wpm-qhvp
  • RubyGems/kelredd-pruview
Critical severity vulnerability that affects kelredd-pruview
  • 0.1.1
  • 0.1.10
  • 0.1.11
  • 0.1.2
  • 0.1.3
  • 0.1.4
  • 0.1.5
  • ...
2022-09-25T03:31:59.328480Z No fix available
GHSA-229r-pqp6-8w6g
  • RubyGems/sprout
High severity vulnerability that affects sprout
  • 0.3.35
  • 0.3.36
  • 0.5.0
  • 0.5.10
  • 0.5.11
  • 0.5.13
  • 0.5.15
  • ...
2022-09-25T03:31:55.014891Z No fix available
GHSA-3892-2r52-p65m
  • RubyGems/goliath
HTTP Request Smuggling in goliath
  • 0.9.0
  • 0.9.1
  • 0.9.2
  • 0.9.4
  • 1.0.0
  • 1.0.0.beta.1
  • 1.0.1
  • ...
2022-09-25T03:31:41.459833Z No fix available
GHSA-x3v4-pxvm-63j8
  • RubyGems/reel
HTTP Request Smuggling in reel
  • 0.0.0
  • 0.0.1
  • 0.0.2
  • 0.1.0
  • 0.2.0
  • 0.2.0.pre
  • 0.3.0
  • ...
2022-09-25T03:31:34.410674Z No fix available
GHSA-f7f4-5w9j-23p2
  • RubyGems/festivaltts4r
festivaltts4r allows arbitrary command execution
  • 0.1.0
  • 0.1.1
  • 0.2.0
2022-09-25T03:31:08.341698Z No fix available
GHSA-959j-5g9v-3fpq
  • RubyGems/paratrooper-newrelic
Low severity vulnerability that affects paratrooper-newrelic
  • 1.0.1
2022-09-25T03:31:06.569150Z No fix available
GHSA-4f68-49qq-h392
  • RubyGems/em-imap
Improper certificate validation in em-map
  • 0.1
  • 0.1.1
  • 0.2
  • 0.2.1
  • 0.2.2
  • 0.3.0
  • 0.4.0
  • ...
2022-09-25T03:30:40.020946Z No fix available
GHSA-mvw8-v767-qhjm
  • RubyGems/radiant
Moderate severity vulnerability that affects radiant
  • 0.5.0
  • 0.5.1
  • 0.5.2
  • 0.6.0
  • 0.6.1
  • 0.6.2
  • 0.6.3
  • ...
2022-09-25T03:30:39.352411Z No fix available
GHSA-94cq-7ccq-cmcm
  • RubyGems/lynx
lynx doesn't properly sanitize user input and exposes database password to unauthorized users
  • 0.0.1
  • 0.0.2
  • 0.1.0
  • 0.2.0
  • 0.2.1
  • 0.3.0
  • 0.4.0
2022-09-25T03:30:28.446651Z No fix available
GHSA-xwr3-fmgj-mmfr
  • RubyGems/bio-basespace-sdk
Moderate severity vulnerability that affects bio-basespace-sdk
  • 0.1.2
  • 0.1.3
  • 0.1.5
  • 0.1.6
  • 0.1.7
2022-09-25T03:29:51.892970Z No fix available