Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-fq42-c5rg-92c2
  • RubyGems/nokogiri
Vulnerable dependencies in Nokogiri
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.0.4
  • 1.0.5
  • 1.0.6
  • ...
2022-06-10T02:19:45.139144Z Fix available
GHSA-x7p2-x2j6-mwhr
  • RubyGems/gemirro
Moderate severity vulnerability that affects gemirro
  • 0.0.1
  • 0.0.2
  • 0.1.0
  • 0.10.0
  • 0.10.1
  • 0.10.2
  • 0.10.3
  • ...
2022-06-10T02:19:39.797595Z Fix available
GHSA-ch3h-j2vf-95pv
  • RubyGems/actionview
  • RubyGems/actionview
  • RubyGems/actionview
  • RubyGems/actionview
XSS Vulnerability in Action View tag helpers
  • 4.1.0
  • 4.1.0.beta1
  • 4.1.0.beta2
  • 4.1.0.rc1
  • 4.1.0.rc2
  • 4.1.1
  • 4.1.10
  • ...
2022-06-10T02:18:53.617136Z Fix available
GHSA-6fcq-3cm2-j3j5
  • RubyGems/kcapifony
Kcapifony gem for Ruby places database user passwords on the command line
  • 2.1.3
  • 2.1.4
  • 2.1.5
  • 2.1.6
2022-06-10T02:18:53.476316Z No fix available
GHSA-vr8q-g5c7-m54m
  • RubyGems/nokogiri
XXE in Nokogiri
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.0.4
  • 1.0.5
  • 1.0.6
  • ...
2022-06-10T02:18:47.766687Z Fix available
GHSA-q86f-fmqf-qrf6
  • RubyGems/mail
Moderate severity vulnerability that affects mail
  • 1.0.0
  • 1.1.0
  • 1.2.1
  • 1.2.5
  • 1.2.6
  • 1.2.8
  • 1.2.9
  • ...
2022-06-10T02:17:41.114255Z Fix available
GHSA-pxr8-w3jq-rcwj
  • RubyGems/rails_admin
Moderate severity vulnerability that affects rails_admin
  • 0.0.1
  • 0.0.2
  • 0.0.3
  • 0.0.4
  • 0.0.5
  • 0.1.0
  • 0.1.1
  • ...
2022-06-10T02:17:39.339186Z Fix available
GHSA-v6fx-752r-ccp2
  • RubyGems/pghero
CSRF on PgHero gem
  • 0.0.1
  • 0.0.2
  • 0.0.3
  • 0.1.0
  • 0.1.1
  • 0.1.10
  • 0.1.2
  • ...
2022-06-10T02:17:38.163880Z Fix available
GHSA-v3rr-cph9-2g2q
  • RubyGems/rack-ssl
Moderate severity vulnerability that affects rack-ssl
  • 1.0.0
  • 1.1.0
  • 1.2.0
  • 1.3.0
  • 1.3.1
  • 1.3.2
  • 1.3.3
  • ...
2022-06-10T02:17:37.663007Z Fix available
GHSA-7wjx-3g7j-8584
  • RubyGems/actionpack
  • RubyGems/actionpack
  • RubyGems/actionpack
  • RubyGems/actionpack
Denial of Service in Action Controller Token Authentication
  • 6.0.0
  • 6.0.1
  • 6.0.1.rc1
  • 6.0.2
  • 6.0.2.1
  • 6.0.2.2
  • 6.0.2.rc1
  • ...
2022-06-10T02:17:37.655649Z Fix available
GHSA-rxq3-gm4p-5fj4
  • RubyGems/rails
High severity vulnerability that affects rails
  • 0.10.0
  • 0.10.1
  • 0.11.0
  • 0.11.1
  • 0.12.0
  • 0.12.1
  • 0.13.0
  • ...
2022-06-10T02:17:37.376163Z Fix available
GHSA-fp4w-jxhp-m23p
  • RubyGems/bundler
  • RubyGems/bundler
Dependency Confusion in Bundler
  • 1.16.0
  • 1.16.1
  • 1.16.2
  • 1.16.3
  • 1.16.4
  • 1.16.5
  • 1.16.6
  • ...
2022-06-10T02:17:36.657392Z Fix available
GHSA-g266-3crh-h7gj
  • RubyGems/ldoce
Moderate severity vulnerability that affects ldoce
  • 0.0.1
  • 0.0.2
2022-06-10T02:17:36.265027Z No fix available
GHSA-7mvr-5x2g-wfc8
  • RubyGems/bootstrap
Moderate severity vulnerability that affects bootstrap
  • 4.0.0
  • 4.0.0.alpha1
  • 4.0.0.alpha2
  • 4.0.0.alpha3
  • 4.0.0.alpha3.1
  • 4.0.0.alpha4
  • 4.0.0.alpha5
  • ...
2022-06-10T02:17:34.086019Z Fix available
GHSA-w3j4-76qw-wwjm
  • RubyGems/better_errors
Older releases of better_errors open to Cross-Site Request Forgery attack
  • 0.0.1
  • 0.0.2
  • 0.0.3
  • 0.0.4
  • 0.0.5
  • 0.0.6
  • 0.0.7
  • ...
2022-06-10T02:17:33.691838Z Fix available
GHSA-p6p8-q4pj-f74m
  • RubyGems/twitter-stream
Improper Certificate Validation in twitter-stream
  • 0.1.0
  • 0.1.1
  • 0.1.10
  • 0.1.11
  • 0.1.12
  • 0.1.13
  • 0.1.14
  • ...
2022-06-10T02:17:33.263282Z No fix available