Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Directory Traversal
sprockets <2.12.5,>=3.0.0, <3.7.2,>=4.0.0, <4.0.0.beta8 RubyGems 20 Jun, 2018
  • M
Privilege Escalation
passenger <5.3.2 RubyGems 20 Jun, 2018
  • M
Improper Access Control
passenger <5.3.2 RubyGems 20 Jun, 2018
  • M
Insecure Permissions
passenger <5.3.2 RubyGems 20 Jun, 2018
  • H
Arbitrary File Write
passenger <5.3.2 RubyGems 20 Jun, 2018
  • H
Arbitrary Code Loading
puppet <5.3.7,>=5.4.0, <5.5.2 RubyGems 17 Jun, 2018
  • H
Privilege Escalation
puppet <5.3.7,>=5.4.0, <5.5.2 RubyGems 17 Jun, 2018
  • H
Privilege Escalation
puppet <5.3.7,>=5.4.0, <5.5.2 RubyGems 17 Jun, 2018
  • M
Time of Check Time of Use (TOCTOU)
private_address_check <0.5.0 RubyGems 10 Jun, 2018
  • M
Cross-site Scripting (XSS)
sinatra <2.0.2 RubyGems 04 Jun, 2018
  • H
Information Exposure
sensu <1.2.1 RubyGems 08 Apr, 2018
  • M
Cross-site Scripting (XSS)
rails-html-sanitizer <1.0.4 RubyGems 27 Mar, 2018
  • M
HTML Injection
sanitize <4.6.3 RubyGems 21 Mar, 2018
  • M
Cross-site Scripting (XSS)
loofah <2.2.1 RubyGems 21 Mar, 2018
  • L
Information Exposure
logstash-core <5.6.6,>=6.0.0, <6.1.2 RubyGems 21 Mar, 2018
  • M
Timing Attack
rack-protection <0.0.0 RubyGems 12 Mar, 2018
  • M
Directory Traversal
rack-protection <1.5.4,>=2.0.0.beta1, <2.0.1 RubyGems 01 Mar, 2018
  • H
Denial of Service (DoS)
ox <2.8.2 RubyGems 01 Mar, 2018
  • M
Authentication Bypass
omniauth-saml <1.9.0 RubyGems 28 Feb, 2018
  • M
Authentication Bypass
ruby-saml <1.7.0 RubyGems 28 Feb, 2018
  • M
Directory Traversal
sinatra >=2.0,<2.0.1 RubyGems 22 Feb, 2018
  • M
Cross-site Scripting (XSS)
doorkeeper <4.2.6 RubyGems 21 Feb, 2018
  • M
Information Exposure
puppet <5.3.4 RubyGems 12 Feb, 2018
  • L
Insecure Permissions
puppet <5.3.4 RubyGems 12 Feb, 2018
  • H
Denial of Service (DoS)
nokogiri < 1.8.2 RubyGems 11 Feb, 2018
  • H
Denial of Service (DoS)
nokogiri < 1.8.1 RubyGems 11 Feb, 2018
  • M
Information Exposure
omniauth < 1.3.2 RubyGems 06 Feb, 2018
  • H
Access Restriction Bypass
safemode < 1.3.3 RubyGems 31 Jan, 2018
  • M
Man-in-the-Middle (MitM)
net-ldap <0.16.0 RubyGems 31 Jan, 2018
  • M
Cross-site Scripting (XSS)
rails_admin <1.3.0 RubyGems 23 Jan, 2018