Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-6c3j-c64m-qhgq
  • npm/jquery
  • RubyGems/jquery-rails
  • NuGet/jQuery
XSS in jQuery as used in Drupal, Backdrop CMS, and other products
  • 0.1.1
  • 0.1.2
  • 0.1.3
  • 0.2
  • 0.2.1
  • 0.2.2
  • 0.2.3
  • ...
2023-05-30T18:34:13.860966Z Fix available
GHSA-x487-866m-p8hr
  • RubyGems/camaleon_cms
Server-Side Template Injection in Camaleon CMS
  • 0.0.1
  • 0.0.2
  • 0.1.2
  • 0.1.3
  • 0.1.4
  • 0.1.5
  • 0.1.6
  • ...
2023-05-30T07:04:02.146041Z Fix available
GHSA-fg7x-g82r-94qc
  • RubyGems/time
  • RubyGems/time
Ruby Time component ReDos issue
  • 0.2.0
  • 0.2.1
  • 0.1.0
2023-05-26T22:04:48.900595Z Fix available
GHSA-hv5j-3h9f-99c2
  • RubyGems/uri
  • RubyGems/uri
  • RubyGems/uri
  • RubyGems/uri
Ruby URI component ReDoS issue
  • 0.12.0
  • 0.11.0
  • 0.10.1
  • 0.10.0
2023-05-26T22:04:25.415936Z Fix available
GHSA-xxr8-833v-c7wc
  • RubyGems/actionpack
  • RubyGems/actionpack
Cross-site Scripting vulnerability in i18n translations helper method
  • 3.0.0
  • 3.0.1
  • 3.0.10
  • 3.0.10.rc1
  • 3.0.2
  • 3.0.3
  • 3.0.4
  • ...
2023-05-26T21:19:32.782602Z Fix available
GHSA-q58j-fmvf-9rq6
  • RubyGems/actionpack
Cross site scripting in actionpack Rubygem
  • 0.9.0
  • 0.9.5
  • 1.0.0
  • 1.0.1
  • 1.1.0
  • 1.10.1
  • 1.10.2
  • ...
2023-05-26T21:19:13.909521Z Fix available
GHSA-24fg-p96v-hxh8
  • RubyGems/actionpack
  • RubyGems/actionpack
actionpack Cross-Site Request Forgery vulnerability
  • 2.1.0
  • 2.1.1
  • 2.1.2
  • 2.2.2
  • 2.2.3
  • 2.3.10
  • 2.3.2
  • ...
2023-05-26T17:49:21.764143Z Fix available
GHSA-fg9w-g6m4-557j
  • RubyGems/actionpack
  • RubyGems/activesupport
actionpack and activesupport vulnerable to information leaks
  • 2.1.0
  • 2.1.1
  • 2.1.2
  • 2.2.2
  • 2.3.2
  • 2.3.3
2023-05-26T17:19:17.034168Z Fix available
GHSA-gjxw-5w2q-7grf
  • RubyGems/activerecord
  • RubyGems/activerecord
Rails activerecord gem has Improper Input Validation vulnerability
  • 2.3.9
  • 3.0.0
2023-05-26T17:10:51.648397Z Fix available
GHSA-8fqx-7pv4-3jwm
  • RubyGems/actionpack
  • RubyGems/actionpack
Improper Input Validation in actionpack
  • 2.1.0
  • 2.1.1
  • 2.1.2
2023-05-26T17:04:08.477291Z Fix available
GHSA-xf96-32q2-9rw2
  • RubyGems/activerecord
Rails ActiveRecord gem vulnerable to SQL injection
  • 1.0.0
  • 1.1.0
  • 1.10.0
  • 1.10.1
  • 1.11.0
  • 1.11.1
  • 1.12.1
  • ...
2023-05-26T16:49:12.263118Z Fix available
GHSA-75w6-p6mg-vh8j
  • RubyGems/actionpack
  • RubyGems/actionpack
Rails actionpack gem vulnerable to Cross-site Scripting
  • 0.9.0
  • 0.9.5
  • 1.0.0
  • 1.0.1
  • 1.1.0
  • 1.10.1
  • 1.10.2
  • ...
2023-05-26T16:17:10.941278Z Fix available
GHSA-gpqc-4pp7-5954
  • RubyGems/spree_auth_devise
Authentication Bypass by CSRF Weakness
  • 1.0.0
  • 1.0.1
  • 1.2.0
  • 1.3.1
  • 3.0.5
  • 3.0.6
  • 3.1.0
  • ...
2023-05-26T15:25:52.544534Z Fix available
GHSA-6mqr-q86q-6gwr
  • RubyGems/spree_auth_devise
Authentication Bypass by CSRF Weakness
  • 4.2.0
2023-05-26T15:07:57Z Fix available
GHSA-8xfw-5q82-3652
  • RubyGems/spree_auth_devise
Authentication Bypass by CSRF Weakness
  • 4.1.0
2023-05-26T15:07:05Z Fix available
GHSA-3jqw-vv45-mjhh
  • RubyGems/matestack-ui-core
XSS/Script injection vulnerability in matestack
  • 0.6.0
  • 0.7.0
  • 0.7.1
  • 0.7.2
  • 0.7.2.1
  • 0.7.3
2023-05-22T18:34:13.081171Z Fix available