Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Improper Authorization
actionpack >=6.0.0, <6.0.3.2 RubyGems 17 Jun, 2020
  • H
Cross-site Scripting (XSS)
sanitize >=3.0.0, <5.2.1 RubyGems 17 Jun, 2020
  • M
Cross-site Request Forgery (CSRF)
rack <2.1.4,>=2.2.0, <2.2.3 RubyGems 16 Jun, 2020
  • M
HTTP Request Smuggling
iodine <0.7.39 RubyGems 08 Jun, 2020
  • M
Cross-site Scripting (XSS)
elastic-app-search <7.7.0 RubyGems 04 Jun, 2020
  • M
HTTP Request Smuggling
agoo >=0.0.0 RubyGems 03 Jun, 2020
  • M
HTTP Request Smuggling
goliath >=0.0.0 RubyGems 03 Jun, 2020
  • H
Regular Expression Denial of Service (ReDoS)
websocket-extensions <0.1.5 RubyGems 02 Jun, 2020
  • M
Cross-site Scripting (XSS)
kaminari <1.2.1 RubyGems 29 May, 2020
  • H
HTTP Request Smuggling
reel >=0.0.0 RubyGems 29 May, 2020
  • H
Man-in-the-Middle (MitM)
em-http-request <1.1.6 RubyGems 26 May, 2020
  • M
HTTP Request Smuggling
puma <3.12.5,>=4.0.0, <4.3.4 RubyGems 22 May, 2020
  • M
HTTP Request Smuggling
puma <3.12.6,>=4.0.0, <4.3.5 RubyGems 22 May, 2020
  • H
Man-in-the-Middle (MitM)
em-imap >=0.0.0 RubyGems 20 May, 2020
  • M
Cross-site Request Forgery (CSRF)
actionview <5.2.4.3,>=6.0.0, <6.0.3.1 RubyGems 19 May, 2020
  • H
Deserialization of Untrusted Data
activesupport <5.2.4.3,>=6.0.0, <6.0.3.1 RubyGems 19 May, 2020
  • M
Cross-site Request Forgery (CSRF)
actionpack <5.2.4.3,>=6.0.0, <6.0.3.1 RubyGems 19 May, 2020
  • M
Information Exposure
actionpack <5.2.4.3,>=6.0.0, <6.0.3.1 RubyGems 19 May, 2020
  • M
Improper Validation
activestorage <5.2.4.3,>=6.0.0, <6.0.3.1 RubyGems 19 May, 2020
  • H
Remote Code Execution (RCE)
actionview <4.2.11.3,>=5.0.0, <5.0.1 RubyGems 17 May, 2020
  • H
Directory Traversal
rack <2.1.3 RubyGems 13 May, 2020
  • H
Authentication Bypass
sorcery <0.15.0 RubyGems 08 May, 2020
  • H
Arbitrary File Write
actionpack_page-caching <1.2.1 RubyGems 06 May, 2020
  • M
Information Exposure
activeresource <5.1.1 RubyGems 06 May, 2020
  • M
Information Disclosure
doorkeeper >=5.0.0, <5.0.3,>=5.1.0, <5.1.1,>=5.2.0, <5.2.5,>=5.3.0, <5.3.2 RubyGems 04 May, 2020
  • H
Denial of Service (DoS)
bson <3.0.4 RubyGems 30 Apr, 2020
  • L
Man-in-the-Middle (MitM)
slyphon-log4j >=0.0.0 RubyGems 28 Apr, 2020
  • L
Man-in-the-Middle (MitM)
log4j-jars >=0.0.0 RubyGems 28 Apr, 2020
  • M
Prototype Pollution
lodash-rails >=0.0.0 RubyGems 28 Apr, 2020
  • H
Improper Access Control
faye <1.0.4,>=1.1.0, <1.1.3,>=1.2.0, <1.2.5 RubyGems 28 Apr, 2020