Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

APPLICATION

Expand this section

OPERATING SYSTEM

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • C
Remote Code Execution (RCE) 		flavour_saver <0.3.3 RubyGems 23 Apr 2023
  • L
Information Exposure 		kitchen-terraform >=7.0.0, <7.0.1 RubyGems 23 Apr 2023
  • M
Cross-site Scripting (XSS) 		pay <6.3.2 RubyGems 21 Apr 2023
  • M
Cross-site Scripting (XSS) 		govuk_tech_docs >=2.0.2, <3.3.1 RubyGems 12 Apr 2023
  • H
Cross-site Scripting (XSS) 		sidekiq >=7.0.4, <7.0.8 RubyGems 6 Apr 2023
  • M
Insecure Defaults 		fluentd-ui >=0.0.0 RubyGems 5 Apr 2023
  • M
Denial of Service (DoS) 		commonmarker <0.23.9 RubyGems 2 Apr 2023
  • M
Denial of Service (DoS) 		commonmarker <0.23.9 RubyGems 2 Apr 2023
  • M
Regular Expression Denial of Service (ReDoS) 		time <0.1.1 >=0.2.0, <0.2.2 RubyGems 31 Mar 2023
  • M
Denial of Service (DoS) 		unpoly-rails <2.7.2.2 RubyGems 31 Mar 2023
  • M
Cross-site Scripting (XSS) 		rails >=5.1.0, <6.1.7.3 >=7.0.0, <7.0.4.3 RubyGems 28 Mar 2023
  • H
Command Injection 		discordrb <3.5.0 RubyGems 28 Mar 2023
  • M
Regular Expression Denial of Service (ReDoS) 		uri <0.10.0.1 >=0.10.1, <0.10.2 >=0.11.0, <0.11.1 >=0.12.0, <0.12.1 RubyGems 28 Mar 2023
  • H
Arbitrary Command Injection 		karo >=2.3.8 RubyGems 27 Mar 2023
  • H
Denial of Service (DoS) 		apollo_upload_server <2.1.0 RubyGems 19 Mar 2023
  • M
Cross-site Scripting (XSS) 		activesupport <6.1.7.3 >=7.0.0.alpha1, <7.0.4.3 RubyGems 15 Mar 2023
  • M
Regular Expression Denial of Service (ReDoS) 		rack >=2.0.0.alpha, <2.2.6.4 >=3.0.0.beta1, <3.0.6.1 RubyGems 15 Mar 2023
  • C
Deserialization of Untrusted Data 		rubygems-update >=2.0.0, <2.6.14 RubyGems 9 Mar 2023
  • H
Denial of Service (DoS) 		rubygems-update <0.9.1 RubyGems 9 Mar 2023
  • M
Access Control Bypass 		nokogiri <1.10.3 RubyGems 9 Mar 2023
  • H
Denial of Service (DoS) 		rack <2.0.9.3 >=2.1.0, <2.1.4.3 >=2.2.0, <2.2.6.3 >=3.0.0.beta1, <3.0.4.2 RubyGems 8 Mar 2023
  • H
Improper Input Validation 		elastic-apm <2.9.0 RubyGems 5 Mar 2023
  • H
Arbitrary Code Injection 		pdf_info >=0.0.0 RubyGems 24 Feb 2023
  • H
SQL Injection 		katello <2.4.3 RubyGems 9 Feb 2023
  • M
Cross-site Request Forgery (CSRF) 		clockwork_web <0.1.2 RubyGems 2 Feb 2023
  • M
Information Exposure 		katello <3.1.0.rc1 RubyGems 31 Jan 2023
  • H
Weak Password Requirements 		publify_core <9.2.10 RubyGems 30 Jan 2023
  • M
Cross-site Scripting (XSS) 		sanitize >=5.0.0, <6.0.1 RubyGems 29 Jan 2023
  • M
Improper Privilege Management 		katello <3.17.0.rc1 RubyGems 27 Jan 2023
  • M
Cross-site Scripting (XSS) 		katello <3.9.0.rc1 RubyGems 27 Jan 2023