Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

APPLICATION

Expand this section

OPERATING SYSTEM

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • M
Remote Code Execution (RCE) 		carrierwave >=2.0.0.rc, <2.1.1 <1.3.2 RubyGems 9 Feb 2021
  • H
Command Injection 		mechanize >=2.0.0, <2.7.7 RubyGems 3 Feb 2021
  • M
Cross-site Scripting (XSS) 		rails_admin <1.4.3 >=2.0.0, <2.0.2 RubyGems 13 Jan 2021
  • H
Cross-site Scripting (XSS) 		redcarpet <3.5.1 RubyGems 12 Jan 2021
  • H
Authentication Bypass 		omniauth-apple >=1.0.0, <1.0.1 RubyGems 5 Jan 2021
  • L
XML External Entity (XXE) Injection 		nokogiri <1.11.0.rc4 RubyGems 31 Dec 2020
  • C
Malicious Package 		pretty_color >=0.0.0 RubyGems 17 Dec 2020
  • C
Malicious Package 		ruby-bitcoin >=0.0.0 RubyGems 17 Dec 2020
  • M
Information Exposure 		gitaly >=1.79.0, <13.3.9 >=13.4, <13.4.5 >=13.5, <13.5.2 RubyGems 17 Nov 2020
  • H
Information Exposure 		spree_api >=3.7.0, <3.7.13 >=4.0.0, <4.0.5 >=4.1.0, <4.1.12 RubyGems 15 Nov 2020
  • L
Remote Code Execution (RCE) 		dependabot-common >=0.119.0.beta1, <0.125.1 RubyGems 15 Nov 2020
  • L
Remote Code Execution (RCE) 		dependabot-omnibus >=0.119.0.beta1, <0.125.1 RubyGems 15 Nov 2020
  • H
Regression in JWT Signature Validation 		omniauth-auth0 >=2.3.0, <2.4.1 RubyGems 23 Oct 2020
  • H
Authentication Bypass 		spree >=3.7.0, <3.7.11 >=4.0.0, <4.0.4 >=4.1.0, <4.1.11 RubyGems 21 Oct 2020
  • H
Cross-site Scripting (XSS) 		actionpack >=6.0.0, <6.0.3.4 RubyGems 8 Oct 2020
  • M
Timing Attack 		shrine <3.3.0 RubyGems 6 Oct 2020
  • H
HTTP Request Smuggling 		webrick <1.5.1 >=1.6.0, <1.6.1 RubyGems 29 Sep 2020
  • H
Man-in-the-Middle (MitM) 		oauth <0.5.5 RubyGems 25 Sep 2020
  • H
Cross-site Scripting (XSS) 		gon <6.4.0 RubyGems 24 Sep 2020
  • M
Cross-site Scripting (XSS) 		actionview <5.2.4.4 >=6.0.0.0, <6.0.3.3 RubyGems 10 Sep 2020
  • M
Improper Input Validation 		personnummer <3.0.1 RubyGems 10 Sep 2020
  • H
Directory Traversal 		rubygems-update >=2.7.6, <2.7.9 >=3.0.0, <3.0.3 RubyGems 19 Aug 2020
  • H
Arbitrary Code Injection 		rubygems-update >=2.6.0, <2.7.9 >=3.0.0, <3.0.2 RubyGems 19 Aug 2020
  • H
Arbitrary Code Injection 		rubygems-update >=2.6.0, <2.7.9 >=3.0.0, <3.0.3 RubyGems 19 Aug 2020
  • H
Arbitrary Code Injection 		rubygems-update >=2.6.0, <2.7.9 >=3.0.0, <3.0.3 RubyGems 18 Aug 2020
  • H
CSS Injection 		chartkick <3.4.0 RubyGems 6 Aug 2020
  • H
Cross-site Request Forgery (CSRF) 		field_test <0.4.0 RubyGems 5 Aug 2020
  • H
Cross-site Request Forgery (CSRF) 		pghero <2.7.0 RubyGems 5 Aug 2020
  • H
Improper Input Validation 		solidus_frontend >=2.8.0, <2.8.6 >=2.9.0, <2.9.6 >=2.10.0, <2.10.2 RubyGems 5 Aug 2020
  • H
Improper Input Validation 		solidus_api >=2.8.0, <2.8.6 >=2.9.0, <2.9.6 >=2.10.0, <2.10.2 RubyGems 5 Aug 2020