Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

APPLICATION

Expand this section

OPERATING SYSTEM

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • H
Remote Code Execution 		kramdown <2.3.0 RubyGems 19 Jul 2020
  • H
Improper Authorization 		actionpack >=6.0.0, <6.0.3.2 RubyGems 17 Jun 2020
  • C
Cross-site Scripting (XSS) 		sanitize >=3.0.0, <5.2.1 RubyGems 17 Jun 2020
  • M
Cross-site Request Forgery (CSRF) 		rack <2.1.4 >=2.2.0, <2.2.3 RubyGems 16 Jun 2020
  • M
HTTP Request Smuggling 		iodine <0.7.39 RubyGems 8 Jun 2020
  • M
Cross-site Scripting (XSS) 		elastic-app-search <7.7.0 RubyGems 4 Jun 2020
  • M
HTTP Request Smuggling 		agoo <2.14.0 RubyGems 3 Jun 2020
  • M
HTTP Request Smuggling 		goliath >=0.0.0 RubyGems 3 Jun 2020
  • H
Regular Expression Denial of Service (ReDoS) 		websocket-extensions <0.1.5 RubyGems 2 Jun 2020
  • M
Cross-site Scripting (XSS) 		kaminari <1.2.1 RubyGems 29 May 2020
  • H
HTTP Request Smuggling 		reel >=0.0.0 RubyGems 29 May 2020
  • H
Man-in-the-Middle (MitM) 		em-http-request <1.1.6 RubyGems 26 May 2020
  • M
HTTP Request Smuggling 		puma <3.12.5 >=4.0.0, <4.3.4 RubyGems 22 May 2020
  • M
HTTP Request Smuggling 		puma <3.12.6 >=4.0.0, <4.3.5 RubyGems 22 May 2020
  • H
Man-in-the-Middle (MitM) 		em-imap >=0.0.0 RubyGems 20 May 2020
  • M
Information Exposure 		actionpack <5.2.4.3 >=6.0.0, <6.0.3.1 RubyGems 19 May 2020
  • H
Deserialization of Untrusted Data 		activesupport <5.2.4.3 >=6.0.0, <6.0.3.1 RubyGems 19 May 2020
  • M
Cross-site Request Forgery (CSRF) 		actionpack <5.2.4.3 >=6.0.0, <6.0.3.1 RubyGems 19 May 2020
  • M
Cross-site Request Forgery (CSRF) 		actionview <5.2.4.3 >=6.0.0, <6.0.3.1 RubyGems 19 May 2020
  • M
Improper Validation 		activestorage <5.2.4.3 >=6.0.0, <6.0.3.1 RubyGems 19 May 2020
  • C
Remote Code Execution (RCE) 		actionview <4.2.11.3 >=5.0.0, <5.0.1 RubyGems 17 May 2020
  • H
Directory Traversal 		rack <2.1.3 RubyGems 13 May 2020
  • H
Authentication Bypass 		sorcery <0.15.0 RubyGems 8 May 2020
  • H
Arbitrary File Write 		actionpack-page_caching <1.2.1 RubyGems 6 May 2020
  • M
Information Exposure 		activeresource <5.1.1 RubyGems 6 May 2020
  • M
Information Disclosure 		doorkeeper >=5.0.0, <5.0.3 >=5.1.0, <5.1.1 >=5.2.0, <5.2.5 >=5.3.0, <5.3.2 RubyGems 4 May 2020
  • H
Denial of Service (DoS) 		bson <3.0.4 RubyGems 30 Apr 2020
  • L
Man-in-the-Middle (MitM) 		slyphon-log4j >=0.0.0 RubyGems 28 Apr 2020
  • L
Man-in-the-Middle (MitM) 		log4j-jars <2.15.0 RubyGems 28 Apr 2020
  • H
Prototype Pollution 		lodash-rails <4.17.21 RubyGems 28 Apr 2020