Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Directory Traversal
sinatra >=2.0,<2.0.1 RubyGems 22 Feb, 2018
  • M
Cross-site Scripting (XSS)
doorkeeper <4.2.6 RubyGems 21 Feb, 2018
  • M
Information Exposure
puppet <5.3.4 RubyGems 12 Feb, 2018
  • L
Insecure Permissions
puppet <5.3.4 RubyGems 12 Feb, 2018
  • H
Denial of Service (DoS)
nokogiri < 1.8.2 RubyGems 11 Feb, 2018
  • H
Denial of Service (DoS)
nokogiri < 1.8.1 RubyGems 11 Feb, 2018
  • M
Information Exposure
omniauth < 1.3.2 RubyGems 06 Feb, 2018
  • H
Access Restriction Bypass
safemode < 1.3.3 RubyGems 31 Jan, 2018
  • M
Man-in-the-Middle (MitM)
net-ldap <0.16.0 RubyGems 31 Jan, 2018
  • M
Cross-site Scripting (XSS)
rails_admin >=0.0.0 RubyGems 23 Jan, 2018
  • M
Cross-site Scripting (XSS)
delayed_job_web >=0.0.0 RubyGems 23 Jan, 2018
  • M
Cross-site Scripting (XSS)
erubis >=0.0.0 RubyGems 22 Jan, 2018
  • M
Json Hijacking
spree_frontend <3.0.7, >=3.0.0.rc1 RubyGems 10 Jan, 2018
  • M
Cross-site Scripting (XSS)
spree_backend <1.0.5, >=1.0.0.pre,>=1.1.0.beta1,<1.1.3,>=1.2.0.beta1,<1.2.1 RubyGems 10 Jan, 2018
  • M
Json Hijacking
spree_backend <3.0.7 ,>=2.2.0 RubyGems 10 Jan, 2018
  • M
Privilege Escalation
solidus_core <1.1.0.pre2 RubyGems 10 Jan, 2018
  • M
Cross-site Scripting (XSS)
solidus_backend >=1.0.0.pre,1.0.5,>=1.1.0.beta1,<1.1.3,>=1.2.0.beta1,<1.2.1 RubyGems 10 Jan, 2018
  • M
Privilege Escalation
solidus_backend <1.1.0.pre2 RubyGems 10 Jan, 2018
  • M
Privilege Escalation
solidus_api <1.1.0.pre2 RubyGems 10 Jan, 2018
  • M
Timing Attack
sinatra <2.0.0.beta2 RubyGems 10 Jan, 2018
  • M
Cross-site Scripting (XSS)
sinatra <1.4.6, >=1.4.0.a RubyGems 10 Jan, 2018
  • M
Session Fixation
sinatra <1.2.1 RubyGems 10 Jan, 2018
  • M
Cross-site Request Forgery (CSRF)
shoppe <1.1.1 RubyGems 10 Jan, 2018
  • M
Denial of Service (DoS)
sequel <3.45.0 ,>=3.37.0 RubyGems 10 Jan, 2018
  • M
Cross-Site Request Forgery (CSRF)
upmin >=0.0.0 RubyGems 10 Jan, 2018
  • M
Cross-Site Request Forgery (CSRF)
upmin-admin >0.0.0 RubyGems 10 Jan, 2018
  • H
Directory Traversal
yard < 0.9.11 RubyGems 25 Dec, 2017
  • M
Timing Attack
ruby_rncryptor_secured >=0.0.0 RubyGems 25 Dec, 2017
  • M
Timing Attack
ruby_rncryptor <3.0.1 RubyGems 25 Dec, 2017
  • M
Symlink Attack
rubocop <0.36.0, >=0.34.0 RubyGems 25 Dec, 2017