Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Access Restriction Bypass
activejob >=4.2.0, <4.2.11,>=5.0.0, <5.0.7.1,>=5.1.1, <5.1.6.1,>=5.2.0, <5.2.1.1 RubyGems 28 Nov, 2018
  • M
Access Restriction Bypass
activestorage <5.2.1.1 RubyGems 28 Nov, 2018
  • M
Improper Access Control
showdoc/showdoc <2.4.2 RubyGems 28 Nov, 2018
  • M
Denial of Service (DoS)
i18n < 0.8.0 RubyGems 12 Nov, 2018
  • M
Denial of Service (DoS)
rack >=2.0.4, <2.0.6 RubyGems 06 Nov, 2018
  • M
Cross-site Scripting (XSS)
rack <1.6.11,>=2.0.0, <2.0.6 RubyGems 06 Nov, 2018
  • M
SQL Injection
mysql-binuuid-rails <1.1.1 RubyGems 31 Oct, 2018
  • M
Cross-site Scripting (XSS)
loofah <2.2.3 RubyGems 31 Oct, 2018
  • M
Denial of Service (DoS)
asciidoctor <1.5.8 RubyGems 28 Oct, 2018
  • H
Denial of Service (DoS)
nokogiri <1.8.5 RubyGems 10 Oct, 2018
  • H
Arbitrary File Read
jekyll >=3.6.0, <3.6.2,>=3.7.0, <3.7.4,>=3.8.0, <3.8.4 RubyGems 03 Oct, 2018
  • H
Authentication Bypass
smart_proxy_dynflow >=0.1.8, <0.1.11,>=0.2.0, <0.2.1 RubyGems 26 Sep, 2018
  • H
Malicious Package
active-support >=0.0.0 RubyGems 09 Aug, 2018
  • H
Arbitrary Code Injection
restforce <3.0.0 RubyGems 05 Aug, 2018
  • H
Insufficient Token Expiration
doorkeeper >=4.2.0, <4.4.0,=5.0.0.rc1 RubyGems 19 Jul, 2018
  • M
Cross-site Request Forgery (CSRF)
rails_admin < 1.1.1 RubyGems 19 Jul, 2018
  • H
Regular Expression Denial of Service (ReDoS)
rack-cors <0.4.1 RubyGems 19 Jul, 2018
  • M
Cross-site Scripting (XSS)
grape <1.1.0 RubyGems 19 Jul, 2018
  • H
Arbitrary File Write via Archive Extraction (Zip Slip)
rubyzip <1.2.2 RubyGems 28 Jun, 2018
  • H
Signature Validation Bypass
json-jwt <1.9.4 RubyGems 28 Jun, 2018
  • H
DLL Loading Issue
ffi <1.9.24 RubyGems 28 Jun, 2018
  • M
Directory Traversal
sprockets <2.12.5,>=3.0.0, <3.7.2,>=4.0.0, <4.0.0.beta8 RubyGems 20 Jun, 2018
  • M
Privilege Escalation
passenger <5.3.2 RubyGems 20 Jun, 2018
  • M
Improper Access Control
passenger <5.3.2 RubyGems 20 Jun, 2018
  • M
Insecure Permissions
passenger <5.3.2 RubyGems 20 Jun, 2018
  • H
Arbitrary File Write
passenger <5.3.2 RubyGems 20 Jun, 2018
  • H
Arbitrary Code Loading
puppet <5.3.7,>=5.4.0, <5.5.2 RubyGems 17 Jun, 2018
  • H
Privilege Escalation
puppet <5.3.7,>=5.4.0, <5.5.2 RubyGems 17 Jun, 2018
  • H
Privilege Escalation
puppet <5.3.7,>=5.4.0, <5.5.2 RubyGems 17 Jun, 2018
  • M
Time of Check Time of Use (TOCTOU)
private_address_check <0.5.0 RubyGems 10 Jun, 2018