Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Cross-site Scripting (XSS)
actionview <5.2.4.4,>=6.0.0.0, <6.0.3.3 RubyGems 10 Sep, 2020
  • M
Improper Input Validation
personnummer <3.0.1 RubyGems 10 Sep, 2020
  • H
Directory Traversal
rubygems-update >=2.7.6, <2.7.9,>=3.0.0, <3.0.3 RubyGems 19 Aug, 2020
  • H
Arbitrary Code Injection
rubygems-update >=2.6.0, <2.7.9,>=3.0.0, <3.0.2 RubyGems 19 Aug, 2020
  • H
Arbitrary Code Injection
rubygems-update >=2.6.0, <2.7.9,>=3.0.0, <3.0.2 RubyGems 19 Aug, 2020
  • H
Arbitrary Code Injection
rubygems-update >=2.6.0, <2.7.9,>=3.0.0, <3.0.2 RubyGems 18 Aug, 2020
  • H
CSS Injection
chartkick <3.4.0 RubyGems 06 Aug, 2020
  • H
Cross-site Request Forgery (CSRF)
field_test <0.4.0 RubyGems 05 Aug, 2020
  • H
Cross-site Request Forgery (CSRF)
pghero <2.7.0 RubyGems 05 Aug, 2020
  • H
Improper Input Validation
solidus_frontend >=2.8.0, <2.8.6,>=2.9.0, <2.9.6,>=2.10.0, <2.10.2 RubyGems 05 Aug, 2020
  • H
Improper Input Validation
solidus_api >=2.8.0, <2.8.6,>=2.9.0, <2.9.6,>=2.10.0, <2.10.2 RubyGems 05 Aug, 2020
  • H
Improper Certificate Validation
faye-websocket <0.11.0 RubyGems 02 Aug, 2020
  • H
Remote Code Execution
kramdown <2.3.0 RubyGems 19 Jul, 2020
  • H
Improper Authorization
actionpack >=6.0.0, <6.0.3.2 RubyGems 17 Jun, 2020
  • H
Cross-site Scripting (XSS)
sanitize >=3.0.0, <5.2.1 RubyGems 17 Jun, 2020
  • M
Cross-site Request Forgery (CSRF)
rack <2.1.4,>=2.2.0, <2.2.3 RubyGems 16 Jun, 2020
  • M
HTTP Request Smuggling
iodine <0.7.39 RubyGems 08 Jun, 2020
  • M
Cross-site Scripting (XSS)
elastic-app-search <7.7.0 RubyGems 04 Jun, 2020
  • M
HTTP Request Smuggling
agoo >=0.0.0 RubyGems 03 Jun, 2020
  • M
HTTP Request Smuggling
goliath >=0.0.0 RubyGems 03 Jun, 2020
  • H
Regular Expression Denial of Service (ReDoS)
websocket-extensions <0.1.5 RubyGems 02 Jun, 2020
  • M
Cross-site Scripting (XSS)
kaminari <1.2.1 RubyGems 29 May, 2020
  • H
HTTP Request Smuggling
reel >=0.0.0 RubyGems 29 May, 2020
  • H
Man-in-the-Middle (MitM)
em-http-request <1.1.6 RubyGems 26 May, 2020
  • M
HTTP Request Smuggling
puma <3.12.5,>=4.0.0, <4.3.4 RubyGems 22 May, 2020
  • M
HTTP Request Smuggling
puma <3.12.6,>=4.0.0, <4.3.5 RubyGems 22 May, 2020
  • H
Man-in-the-Middle (MitM)
em-imap >=0.0.0 RubyGems 20 May, 2020
  • M
Cross-site Request Forgery (CSRF)
actionview <5.2.4.3,>=6.0.0, <6.0.3.1 RubyGems 19 May, 2020
  • H
Deserialization of Untrusted Data
activesupport <5.2.4.3,>=6.0.0, <6.0.3.1 RubyGems 19 May, 2020
  • M
Cross-site Request Forgery (CSRF)
actionpack <5.2.4.3,>=6.0.0, <6.0.3.1 RubyGems 19 May, 2020