Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-9qj7-jvg4-qr2x
  • RubyGems/passenger
  • RubyGems/passenger
Denial of service in passenger
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.0.4
  • 1.0.5
  • 2.0.1
  • 2.0.2
  • ...
2023-02-03T20:51:13.141187Z Fix available
GHSA-r5hc-9xx5-97rw
  • RubyGems/i18n
Cross-site Scripting in i18n
  • 0.1.0
  • 0.2.0
  • 0.2.1
  • 0.3.0
  • 0.3.1
  • 0.3.2
  • 0.3.3
  • ...
2023-02-03T20:51:09.011256Z Fix available
GHSA-65cv-r6x7-79hv
  • RubyGems/actionview
  • RubyGems/actionview
Cross site scripting vulnerability in ActionView
  • 4.1.0
  • 4.1.0.beta1
  • 4.1.0.beta2
  • 4.1.0.rc1
  • 4.1.0.rc2
  • 4.1.1
  • 4.1.10
  • ...
2023-02-03T20:50:50.030181Z Fix available
GHSA-3pxh-h8hw-mj8w
  • RubyGems/rack
  • RubyGems/rack
Moderate severity vulnerability that affects rack
  • 1.3.0
  • 1.3.1
  • 1.3.2
  • 1.3.3
  • 1.3.4
  • 1.3.5
  • 1.3.6
  • ...
2023-02-03T20:43:06.801288Z Fix available
GHSA-gx5g-xcxj-cx2w
  • RubyGems/smart_proxy_dynflow
  • RubyGems/smart_proxy_dynflow
Improper Authentication in smart_proxy_dynflow
  • 0.2.0
  • 0.0.1
  • 0.0.2
  • 0.0.3
  • 0.0.4
  • 0.0.5
  • 0.0.6
  • ...
2023-02-03T20:42:52.373077Z Fix available
GHSA-h77x-m5q8-c29h
  • RubyGems/rack
  • RubyGems/rack
  • RubyGems/rack
  • RubyGems/rack
Infinite loop in rack rack
  • 0.1.0
  • 0.2.0
  • 0.3.0
  • 0.4.0
  • 0.9.0
  • 0.9.1
  • 1.0.0
  • ...
2023-02-03T20:42:17.282507Z Fix available
GHSA-3crr-9vmg-864v
  • RubyGems/activerecord
  • RubyGems/activerecord
  • RubyGems/activerecord
Moderate severity vulnerability that affects activerecord
  • 2.3.10
  • 2.3.11
  • 2.3.12
  • 2.3.14
  • 2.3.15
  • 2.3.16
  • 2.3.17
  • ...
2023-02-03T20:41:18.449492Z Fix available
GHSA-8xm3-gm7c-5fjx
  • RubyGems/ember-source
  • RubyGems/ember-source
  • RubyGems/ember-source
  • RubyGems/ember-source
  • RubyGems/ember-source
Ember.js Cross-site Scripting vulnerability
  • 1.0.0
  • 1.0.0.pre4.0
  • 1.0.0.pre4.1
  • 1.0.0.pre4.2
  • 1.0.0.rc1.0.0
  • 1.0.0.rc1.1
  • 1.0.0.rc1.2
  • ...
2023-02-03T06:01:34.867267Z Fix available
GHSA-46f2-3v63-3xrp
  • RubyGems/tmpdir
Tempfile on Windows path traversal vulnerability
  • 0.1.0
  • 0.1.1
2023-02-03T06:01:27.048964Z Fix available
GHSA-fq42-c5rg-92c2
  • RubyGems/nokogiri
Vulnerable dependencies in Nokogiri
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.0.4
  • 1.0.5
  • 1.0.6
  • ...
2023-02-03T06:01:27.026078Z Fix available
GHSA-vx9g-377x-xwxq
  • RubyGems/gibbon
Server side request forgery in gibbon
  • 0.1.0
  • 0.1.1
  • 0.1.2
  • 0.1.3
  • 0.1.4
  • 0.1.5
  • 0.1.6
  • ...
2023-02-03T05:58:12.942089Z Fix available
GHSA-hpcf-8vf9-q4gj
  • npm/jquery-ui
  • RubyGems/jquery-ui-rails
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText
  • 0.0.1
  • 0.0.2
  • 0.1.0
  • 0.2.0
  • 0.2.1
  • 0.2.2
  • 0.3.0
  • ...
2023-02-03T05:58:12.045081Z Fix available
GHSA-g266-3crh-h7gj
  • RubyGems/ldoce
ldoce Improper Input Validation vulnerability
  • 0.0.1
  • 0.0.2
2023-02-03T05:58:10.630636Z No fix available
GHSA-mvw8-v767-qhjm
  • RubyGems/radiant
Radiant CMS vulnerable to Cross-site Scripting
  • 0.5.0
  • 0.5.1
  • 0.5.2
  • 0.6.0
  • 0.6.1
  • 0.6.2
  • 0.6.3
  • ...
2023-02-03T05:58:10.144662Z No fix available
GHSA-5vx5-9q73-wgp4
  • RubyGems/safemode
safemode has Incomplete List of Disallowed Inputs
  • 0.0.2
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.1.0
  • 1.2.0
  • 1.2.1
  • ...
2023-02-03T05:58:09.636046Z Fix available
GHSA-39v7-xpq4-8884
  • RubyGems/pdfkit
PDFKit Improper Input Validation vulnerability
  • 0.1.0
  • 0.1.1
  • 0.2.0
  • 0.2.1
  • 0.2.2
  • 0.2.3
  • 0.3.0
  • ...
2023-02-03T05:58:07.985500Z Fix available