Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

APPLICATION

Expand this section

OPERATING SYSTEM

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • M
Cross-site Scripting (XSS)
carrierwave <2.2.6 >=3.0.0, <3.0.7 RubyGems 25 Mar 2024
  • L
Buffer Over-read
stringio >=3.0.1, <3.0.1.1 RubyGems 22 Mar 2024
  • M
Code Injection
rdoc <6.3.4.1 >=6.4.0, <6.4.1.1 >=6.5.0, <6.5.1.1 RubyGems 22 Mar 2024
  • H
Incorrect Default Permissions
rotp <6.3.0 RubyGems 18 Mar 2024
  • H
Exposed Dangerous Method or Function
turbo_boost-commands <0.1.3 >=0.2.0, <0.2.2 RubyGems 17 Mar 2024
  • H
Cross-site Scripting (XSS)
phlex <1.0.1 >=1.1.0, <1.1.1 >=1.2.0, <1.2.2 >=1.3.0, <1.3.3 >=1.4.0, <1.4.1 >=1.5.0, <1.5.2 >=1.6.0, <1.6.2 >=1.7.0, <1.7.1 >=1.8.0, <1.8.2 >=1.9.0, <1.9.1 RubyGems 13 Mar 2024
  • H
Unsafe Reflection
stimulus_reflex <3.4.2 >=3.5.0-pre0, <3.5.0-rc4 RubyGems 13 Mar 2024
  • M
Cross-site Scripting (XSS)
yard <0.9.35 RubyGems 29 Feb 2024
  • H
Exposure of Data Element to Wrong Session
actionpack >=5.2.0, <6.1.7.7 >=7.0.0, <7.0.8.1 RubyGems 25 Feb 2024
  • M
Regular Expression Denial of Service (ReDoS)
actionpack >=7.1.0, <7.1.3.1 RubyGems 25 Feb 2024
  • M
Cross-site Scripting (XSS)
actionpack <7.0.8.1 >=7.1.0, <7.1.3.1 RubyGems 25 Feb 2024
  • H
Denial of Service (DoS)
rack >=1.3.0, <2.2.8.1 >=3.0.0, <3.0.9.1 RubyGems 25 Feb 2024
  • M
Regular Expression Denial of Service (ReDoS)
rack >=0.4.0, <2.2.8.1 >=3.0.0, <3.0.9.1 RubyGems 25 Feb 2024
  • M
Regular Expression Denial of Service (ReDoS)
rack <2.0.9.4 >=2.1.0, <2.1.4.4 >=2.2.0, <2.2.8.1 >=3.0.0, <3.0.9.1 RubyGems 25 Feb 2024
  • M
Cross-site Scripting (XSS)
decidim >=0.27.0, <0.27.5 RubyGems 22 Feb 2024
  • M
Cross-site Scripting (XSS)
decidim-core >=0.27.0, <0.27.5 RubyGems 22 Feb 2024
  • L
Race Condition
decidim >=0.10.0, <0.26.9 >=0.27.0, <0.27.5 RubyGems 21 Feb 2024
  • M
Server-Side Request Forgery (SSRF)
decidim-templates >=0.23.0, <0.27.5 RubyGems 21 Feb 2024
  • M
Operation on a Resource after Expiration or Release
decidim-system >=0.0.1, <0.26.9 >=0.27.0, <0.27.5 RubyGems 21 Feb 2024
  • M
Operation on a Resource after Expiration or Release
decidim-admin >=0.0.1, <0.26.9 >=0.27.0, <0.27.5 RubyGems 21 Feb 2024
  • M
Operation on a Resource after Expiration or Release
devise_invitable >=0.4.0, <2.0.9 RubyGems 21 Feb 2024
  • C
Cross-site Scripting (XSS)
sidekiq-unique-jobs <7.1.33 >=8.0.0, <8.0.7 RubyGems 14 Feb 2024
  • M
Use After Free
nokogiri <1.15.6 >=1.16.0, <1.16.2 RubyGems 5 Feb 2024
  • M
NULL Pointer Dereference
openssl >=0.0.0 RubyGems 31 Jan 2024
  • M
Cross-site Scripting (XSS)
avo <3.0.2 RubyGems 18 Jan 2024
  • M
Cross-site Scripting (XSS)
avo <3.3.0 RubyGems 18 Jan 2024
  • M
Resource Exhaustion
openssl >=3.0.0 RubyGems 16 Jan 2024
  • M
Improper Restriction of Excessive Authentication Attempts
devise-two-factor >=0.0.0 RubyGems 12 Jan 2024
  • M
Use of a Broken or Risky Cryptographic Algorithm
openssl >=3.0.0 RubyGems 10 Jan 2024
  • M
HTTP Request Smuggling
puma <5.6.8 >=6.0.0, <6.4.2 RubyGems 9 Jan 2024