Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Denial of Sevice (DoS)
puma <3.12.2,>=4.0.0, <4.3.1 RubyGems 06 Dec, 2019
  • M
Access Restriction Bypass
puppet >=2.7.0, <2.7.13 RubyGems 29 Nov, 2019
  • M
XML External Entity (XXE) Injection
ruby-openid <2.2.2 RubyGems 29 Nov, 2019
  • M
Cross-site Scripting (XSS)
rails >=2.0.0, <2.3.12,>=3.0.0, <3.0.8,>=3.1.0.rc1, <3.1.0.rc2 RubyGems 28 Nov, 2019
  • M
Improper Input Validation
rails >=2.3.9, <2.3.10,>=3.0.0, <3.0.1 RubyGems 28 Nov, 2019
  • M
Access Restriction Bypass
sqlite3-ruby <1.2.4 RubyGems 28 Nov, 2019
  • H
SQL Injection
activerecord >=2.0.0, <2.3.13,>=3.0.0, <3.0.10,>=3.1.0, <3.1.0.rc6 RubyGems 26 Nov, 2019
  • M
Cross-site Scripting (XSS)
activesupport >=2.0.0, <2.3.13,>=3.0.0, <3.0.10,>=3.1.0, <3.1.0.rc5 RubyGems 26 Nov, 2019
  • M
Insufficiently Protected Credentials
katello <3.13.0.rc1 RubyGems 25 Nov, 2019
  • H
Uncontrolled Memory Allocation
nokogiri <1.10.5 RubyGems 19 Nov, 2019
  • M
NULL Pointer Dereference
cairo >=0.0.0 RubyGems 17 Nov, 2019
  • H
XML External Entity (XXE) Injection
samlr <2.6.2 RubyGems 17 Nov, 2019
  • H
Directory Traversal
rack-cors <1.0.4 RubyGems 14 Nov, 2019
  • M
Man-in-the-Middle (MitM)
rubygems-update <1.8.23 RubyGems 14 Nov, 2019
  • M
Timing Attack
ecdsa >=0.0.0 RubyGems 13 Nov, 2019
  • M
DNS Hijack Attack
rubygems-update >=2.0.0, <2.0.17,>=2.2.0, <2.2.5,>=2.4.0, <2.4.8 RubyGems 13 Nov, 2019
  • H
Denial of Service (DoS)
rubygems-update <2.6.13 RubyGems 13 Nov, 2019
  • H
Arbitrary Code Execution
rubygems-update <2.6.13 RubyGems 13 Nov, 2019
  • H
Improper Verification of Cryptographic Signature
rubygems-update <2.7.6 RubyGems 13 Nov, 2019
  • H
Directory Traversal
rubygems-update <2.7.6 RubyGems 13 Nov, 2019
  • H
Arbitrary Code Execution
rubygems-update <2.7.8,>=3.0.0, <3.0.3 RubyGems 13 Nov, 2019
  • M
Improper Input Validation
rubygems-update <2.7.6 RubyGems 13 Nov, 2019
  • H
Deserialization of Untrusted Data
rubygems-update <2.7.6 RubyGems 13 Nov, 2019
  • M
Cross-site Scripting (XSS)
rubygems-update <2.7.6 RubyGems 13 Nov, 2019
  • M
Directory Traversal
rubygems-update <2.7.6 RubyGems 13 Nov, 2019
  • H
Man-in-the-Middle (MitM)
rubygems-update <2.6.13 RubyGems 13 Nov, 2019
  • H
Out-of-Bounds
rubygems-update <2.7.8,>=3.0.0, <3.0.3 RubyGems 13 Nov, 2019
  • M
Man-in-the-Middle (MitM)
rubygems-update <1.8.23 RubyGems 13 Nov, 2019
  • H
Infinite Loop
rubygems-update <2.7.6 RubyGems 13 Nov, 2019
  • H
Arbitrary Code Injection
rubygems-update <2.6.13 RubyGems 13 Nov, 2019