Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Advisories

Loading...
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2cmotOHIzYy05Z3Bq
bson is vulnerable to denial of service due to incorrect regex validation
Ecosystems: rubygems
Packages: bson
Source: GitHub Advisory Database
Published: almost 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB4cjgtdzNqcS1yY3dq
Moderate severity vulnerability that affects rails_admin
Ecosystems: rubygems
Packages: rails_admin
Source: GitHub Advisory Database
Published: almost 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThwMnAtcDhtZy14M2N3
Insight API transaction broadcast endpoint can result in Full Path Disclosure
Ecosystems: npm
Packages: insight-api
Source: GitHub Advisory Database
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxY20tN2Y3Zi1yNTM5
brbackup exposes database password to unauthorized users
Ecosystems: rubygems
Packages: brbackup
Source: GitHub Advisory Database
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZqcXAtajY5cS1wbTYy
AWS Lambda parser is vulnerable to Regular Expression Denial of Service
Ecosystems: npm
Packages: aws-lambda-multipart-parser
Source: GitHub Advisory Database
Published: almost 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc3cTkteHIyeC13aDd4
delayed_job_web Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: delayed_job_web
Source: GitHub Advisory Database
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4NzctcnBxZi1qNm13
High severity vulnerability that affects ejs
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0Nm0tbXY4Zi1xMzQ4
Regular Expression Denial of Service in moment
Ecosystems: npm
Packages: moment
Source: GitHub Advisory Database
Published: almost 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdmd20tY2hqNy13NTly
ox Out-of-bounds Read vulnerability
Ecosystems: rubygems
Packages: ox
Source: GitHub Advisory Database
Published: almost 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgyOWYtN2Y1Ni1qOHdo
Sinatra Path Traversal vulnerability
Ecosystems: rubygems
Packages: sinatra
Source: GitHub Advisory Database
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgzMmgteGc3Ni00Z3Y2
ReDoS in brace-expansion
Ecosystems: npm
Packages: brace-expansion
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlwcjYtZ3JmNC14MmZy
Omniauth allows POST parameters to be stored in session
Ecosystems: rubygems
Packages: omniauth
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zNHgtd2dyaC1nODk3
Directory traversal vulnerability in Next.js
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk0Y3EtN2NjcS1jbWNt
lynx doesn't properly sanitize user input and exposes database password to unauthorized users
Ecosystems: rubygems
Packages: lynx
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXcyMjItNTNjNi1jODZw
Remote Code Execution in electron
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJoZ3EtdnY5eC1qNHA1
lawn-login exposes database password to unauthorized users
Ecosystems: rubygems
Packages: lawn-login
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4NDUtODZxNi1yY21y
Gyazo allows local users to write arbitrary files
Ecosystems: rubygems
Packages: gyazo
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1ocHAtODc1dy05Y3B2
Denial of Service in jquery
Ecosystems: nuget, npm
Packages: jQuery, jquery
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJteGctNzNnZy00cDk4
Cross-Site Scripting (XSS) in jquery
Ecosystems: npm
Packages: jquery
Source: GitHub Advisory Database
Published: about 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVqY2YtYzVyZy1ybW04
paperclip Server-Side Request Forgery vulnerability
Ecosystems: rubygems
Packages: paperclip
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW12dzgtdjc2Ny1xaGpt
Radiant CMS vulnerable to Cross-site Scripting
Ecosystems: rubygems
Packages: radiant
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03cDgtOXc2Ni05ZnJt
net-ldap Improper Certificate Validation vulnerability
Ecosystems: rubygems
Packages: net-ldap
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdweDctN3hqeC1oeG04
Moderate severity vulnerability that affects marked
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNybXgtdjgzNS1oY3A0
Moderate severity vulnerability that affects marked
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqamYtdzdqNi0zMjNj
Samlify vulnerable to Authentication Bypass by allowing tokens to be reused with different usernames
Ecosystems: npm
Packages: samlify
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBtOXAtOTkyNi13Njht
Denial of Service in ecstatic
Ecosystems: npm
Packages: ecstatic
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5bWotZmdoYy02NjR3
Denial of Service in mqtt
Ecosystems: npm
Packages: mqtt
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmcHctY2ZjNC0zcDJj
High severity vulnerability that affects passport-wsfed-saml2
Ecosystems: npm
Packages: passport-wsfed-saml2
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqNHAtM3doMy0ycm1m
High severity vulnerability that affects yard
Ecosystems: rubygems
Packages: yard
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNycHItbWc0My14aHE0
High severity vulnerability that affects auth0-js
Ecosystems: npm
Packages: auth0-js
Source: GitHub Advisory Database
Published: about 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2OHgtcDlocS1qMzI4
Arbitrary Code Execution in mathjs
Ecosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Published: about 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4NWMtODdxeC1jdjZj
Arbitrary Code Execution in mathjs
Ecosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjNTYtY3Btdy04OXg3
Out-of-bounds read in nokogiri
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Published: about 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgyN3YteDIyNS1ncThn
Server-Side Request Forgery in Recurly
Ecosystems: rubygems
Packages: recurly
Source: GitHub Advisory Database
Published: about 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ3NjctNTI2cC1nbTcz
redis-store deserializes untrusted data the affected version range and description should be adjust to match as well
Ecosystems: rubygems
Packages: redis-store
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmNWMtNHF4ai12bXBm
High severity vulnerability that affects next
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Published: about 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN3NXYtcDU0Yy1mNzR4
ejs is vulnerable to remote code execution due to weak input validation
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3Y2YtcHA4Ny03eDZw
Moderate severity vulnerability that affects ejs
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN2M2MtcjV2Mi02OHBo
private_address_check contains Incomplete List of Disallowed Inputs
Ecosystems: rubygems
Packages: private_address_check
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0M2MtZzJnNy02Z3hq
Cross-Site Request Forgery (CSRF) in keystone
Ecosystems: npm
Packages: keystone
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4aGotaHA5bS1xd2M0
private_address_check vulnerable to bypass of Resolv.getaddresses method
Ecosystems: rubygems
Packages: private_address_check
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY1M20tcjMzeC0zOWZm
Moderate severity vulnerability that affects geminabox
Ecosystems: rubygems
Packages: geminabox
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg3cDIteDJqNi1td2hy
Gemirro Stored Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: gemirro
Source: GitHub Advisory Database
Published: about 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVjOGoteHIyNC0yNjY1
Potential Command Injection in printer
Ecosystems: npm
Packages: printer
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd3aDctNGp3OS0zM3g2
yajl-ruby vulnerable to Use of Externally-Controlled Format String
Ecosystems: rubygems
Packages: yajl-ruby
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJwaDctajlxci1oOHE4
Potential Command Injection in codem-transcode
Ecosystems: npm
Packages: codem-transcode
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqajQtdzM5Zy1wdzU0
Ox gem crashes due to a crafted input
Ecosystems: rubygems
Packages: ox
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE5N3YtNzY0Zy1yMnJw
gollum and gollum-lib allow remote authenticated users to execute arbitrary code
Ecosystems: rubygems
Packages: gollum-lib, gollum
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjdjYtZ3Z4My1tNTRt
Cross-Site Scripting in keystone
Ecosystems: npm
Packages: keystone
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY0OTQtdjlmcS1mZ3Ey
Keystone is vulnerable to CSV injection
Ecosystems: npm
Packages: keystone
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW13MzUtMjRnaC1mODJ3
High severity vulnerability that affects keycloak-connect and keycloak-js
Ecosystems: npm
Packages: keycloak-js, keycloak-connect
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2M2YtNzNndi14N3g1
cairo is vulnerable to denial of service due to a null pointer dereference
Ecosystems: rubygems
Packages: cairo
Source: GitHub Advisory Database
Published: about 5 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdtamYtanBqai05ZjNq
Low severity vulnerability that affects rubocop
Ecosystems: rubygems
Packages: rubocop
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxY3gtam1yYy1oMnJy
Cross-Site Scripting in keystone
Ecosystems: npm
Packages: keystone
Source: GitHub Advisory Database
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWptbTktMnAyOS12aDJ3
High severity vulnerability that affects activerecord
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2dzYteG1xdi03cTc4
High severity vulnerability that affects activerecord
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd3bWYtNnA1OC02dmoy
High severity vulnerability that affects rwiki
Ecosystems: rubygems
Packages: rwiki
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlmaDMtdmgzaC1xNGcz
Moderate severity vulnerability that affects activesupport
Ecosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2cHEtNXhxeC1wZnBw
High severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlwM3Ytd2Yydy12Mjlj
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWoyNHAtcjZ3eC1yNzl3
High severity vulnerability that affects thin
Ecosystems: rubygems
Packages: thin
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdtMjUtZnBtci00M2Zq
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZtcTItMzdqNS13NnI2
Moderate severity vulnerability that affects webrick
Ecosystems: rubygems
Packages: webrick
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkydzktMnBxdy1yaGpq
actionpack Improper Authentication vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY1amctNTU4ai1xNjdj
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4NDYtN3Jydi1tNGg4
Low severity vulnerability that affects sqlite3-ruby
Ecosystems: rubygems
Packages: sqlite3-ruby
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEzNGMtNDhnYy1tOWc4
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0ZmctcDk2di1oeGg4
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmOTYtMzJxMi05cncy
High severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmcXgtN3B2NC0zandt
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI3cTItNWdxZy02Yzdx
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhnajYtcGdybS14NHIy
gtk2 vulnerable to Use of Externally-Controlled Format String
Ecosystems: rubygems
Packages: gtk2
Source: GitHub Advisory Database
Published: over 5 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4ZjYtdzltcC05NWht
Low severity vulnerability that affects puppet
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl3cnEteHZtcC14amM4
High severity vulnerability that affects rails.
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThxcmgtaDltMi01ZnZm
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ4cTMtZ200cC01Zmo0
High severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWptZ2YtcDQ2eC05ODJo
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZnOXctZzZtNC01NTdq
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJwNjMtamZtdy01MzJ3
Mail Improper Input Validation vulnerability
Ecosystems: rubygems
Packages: mail
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZqZmctcTY2Mi1nbTZq
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp3aHYtcmdxYy1mcWo1
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdjbTItOWM4OS13bWZt
Cross-site Scripting in jquery-ui
Ecosystems: npm
Packages: jquery-ui
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN2ZnctN3JjcC0zeGdt
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhncHAtcHA4OS00Zmdm
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNqOTItYzRmai13OWM1
Mail Path Traversal vulnerability
Ecosystems: rubygems
Packages: mail
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3dzMtM3J4ai04djZx
High severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2d3EteHc0aC1mOHdq
High severity vulnerability that affects activerecord
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA0YzYtNzdnYy02OTR4
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoMzktdjczMy1teGZy
Moderate severity vulnerability that affects activerecord
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 5 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1cXEtZzY3My01cDQ5
Low severity vulnerability that affects puppet
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF2OHAtdjlxdy13Yzdn
activesupport Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY5djQtN2pwNi04Yzcz
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1dzYtcDZtZy12aDhq
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqeHctNXcycS03Z3Jm
Moderate severity vulnerability that affects rails
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4cjgtODMzdi1jN3dj
Cross-site Scripting vulnerability in i18n translations helper method
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4amotNXg2aC04dm1m
Cross-site Scripting in actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNwamMtcDdmYy1qOXho
Mail Improper Input Validation vulnerability
Ecosystems: rubygems
Packages: mail
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZjcWYtaDRoNC02OTVt
actionpack CRLF injection vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE3NTktaHd2Yy1tM2pn
actionpack Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTljMmotNTkzcS0zZzgy
activesupport Improper Input Validation vulnerability
Ecosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Published: over 5 years ago
Filter by Package
tensorflow 403 tensorflow-cpu 366 tensorflow-gpu 366 org.jenkins-ci.main:jenkins-core 146 org.apache.tomcat:tomcat 73 microweber/microweber 68 com.fasterxml.jackson.core:jackson-databind 68 Microsoft.ChakraCore 67 github.com/usememos/memos 54 actionpack 51 pimcore/pimcore 44 apache-airflow 43 org.apache.struts:struts2-core 43 ansible 42 django 42 rdiffweb 40 shopware/platform 40 Pillow 39 typo3/cms-core 38 org.keycloak:keycloak-core 38 com.thoughtworks.xstream:xstream 37 showdoc/showdoc 36 shopware/core 31 librenms/librenms 30 opencv-contrib-python 30 opencv-python 30 snipe/snipe-it 28 org.apache.nifi:nifi 27 moodle/moodle 25 io.undertow:undertow-core 25 org.springframework:spring-core 25 nokogiri 24 org.elasticsearch:elasticsearch 23 parse-server 23 net.mingsoft:ms-mcms 23 activerecord 22 org.apache.tomcat.embed:tomcat-embed-core 22 remdex/livehelperchat 22 org.jenkins-ci.plugins:script-security 21 org.apache.solr:solr-core 21 dolibarr/dolibarr 21 gogs.io/gogs 21 matrix-synapse 20 Plone 20 rails 20 apache-superset 20 org.springframework.security:spring-security-core 20 electron 19 org.eclipse.jetty:jetty-server 19 com.vaadin:vaadin-bom 19 typo3/cms 18 mautic/core 18 org.keycloak:keycloak-parent 17 concrete5/concrete5 17 org.apache.openmeetings:openmeetings-parent 17 org.bouncycastle:bcprov-jdk14 17 cakephp/cakephp 17 shopware/shopware 17 org.apache.activemq:activemq-client 17 openssl-src 17 marked 16 thorsten/phpmyfaq 16 org.bouncycastle:bcprov-jdk15 16 yetiforce/yetiforce-crm 16 rack 16 github.com/argoproj/argo-cd 16 silverstripe/framework 16 rusqlite 16 baserproject/basercms 15 org.apache.geode:geode-core 15 pocketmine/pocketmine-mp 15 craftcms/cms 14 org.apache.cxf:cxf 14 github.com/hashicorp/nomad 14 swagger-ui 14 org.xwiki.platform:xwiki-platform-oldcore 14 org.apache.jspwiki:jspwiki-main 14 github.com/ethereum/go-ethereum 14 symfony/symfony 14 strapi 14 puppet 13 grumpydictator/firefly-iii 13 handlebars 13 tribalsystems/zenario 13 notebook 13 froxlor/froxlor 13 Microsoft.AspNetCore.App.Runtime.osx-x64 13 Microsoft.AspNetCore.App.Runtime.win-x86 13 Microsoft.AspNetCore.App.Runtime.win-arm 13 Microsoft.AspNetCore.App.Runtime.win-x64 13 Microsoft.AspNetCore.App.Runtime.linux-arm 13 Microsoft.AspNetCore.App.Runtime.linux-x64 13 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 13 Microsoft.AspNetCore.App.Runtime.linux-arm64 13 @openzeppelin/contracts-upgradeable 13 publify_core 13 github.com/goharbor/harbor 13 pyftpdlib 13 org.apache.tika:tika-core 13 org.apache.dubbo:dubbo 13 helm.sh/helm/v3 12 rails-html-sanitizer 12 phpmailer/phpmailer 12 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 12 actionview 12 sequelize 12 getkirby/cms 12 @openzeppelin/contracts 12 github.com/rancher/rancher 12 forkcms/forkcms 12 openmage/magento-lts 12 next 12 onionshare-cli 11 org.jenkins-ci.plugins.workflow:workflow-cps 11 feehi/feehicms 11 org.jenkins-ci.plugins:git 11 org.apache.cxf:cxf-core 11 Django 11 org.apache.hadoop:hadoop-common 11 com.liferay.portal:release.portal.bom 11 org.apache.hadoop:hadoop-main 11 intelliants/subrion 11 fat_free_crm 11 getgrav/grav 11 francoisjacquet/rosariosis 11 drupal/core 11 DotNetNuke.Core 11 wasmtime 10 github.com/hashicorp/consul 10 com.vaadin:flow-server 10 Microsoft.AspNetCore.App.Runtime.win-arm64 10 ckb 10 Microsoft.NETCore.App 10 Microsoft.AspNetCore.All 10 twisted 10 github.com/hashicorp/vault 10 activesupport 10 github.com/argoproj/argo-cd/v2 10 contao/core-bundle 10 ckeditor4 10 org.apache.jspwiki:jspwiki-war 10 october/system 10 tinymce 10 vyper 10 org.apache.ranger:ranger 10 github.com/containerd/containerd 9 org.apache.camel:camel-core 9 io.jenkins:configuration-as-code 9 centreon/centreon 9 org.apache.xmlgraphics:batik 9 jquery 9 code.gitea.io/gitea 9 k8s.io/kubernetes 9 calibreweb 9 org.apache.hive:hive 9 puma 9 concrete5/core 9 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 9 waitress 9 kevinpapst/kimai2 9 opencv-python-headless 9 github.com/docker/docker 9 org.apache.kylin:kylin 9 validator 9 serve 9 ssddanbrown/bookstack 8 ghost 8 org.apache.tapestry:tapestry-core 8 Microsoft.AspNetCore.App.Runtime.linux-musl-arm 8 Microsoft.AspNetCore.App 8 OctoPrint 8 url-parse 8 nodebb 8 urijs 8 steal 8 topthink/framework 8 org.yaml:snakeyaml 8 org.xwiki.platform:xwiki-platform-web 8 jquery-ui 8 sylius/sylius 8 org.apache.tika:tika 8 org.apache.shiro:shiro-core 8 org.apache.poi:poi 8 pyload-ng 8 org.apache.commons:commons-compress 8 github.com/kubeedge/kubeedge 8 npm 8 org.apache.karaf:apache-karaf 8 mysql:mysql-connector-java 8 org.jboss.resteasy:resteasy-client 8 org.apache.pdfbox:pdfbox 8 elefant/cms 8 facturascripts/facturascripts 8 passenger 8 impresscms/impresscms 8 org.apache.hive:hive-exec 8 node-forge 8 opencv-contrib-python-headless 8 github.com/nats-io/nats-server/v2 8 org.apache.ozone:ozone-main 8 org.apache.zeppelin:zeppelin 7 urllib3 7 org.springframework:spring-webmvc 7 github.com/opencontainers/runc 7 ezsystems/ezpublish-kernel 7 org.jenkins-ci.plugins:subversion 7 github.com/traefik/traefik/v2 7 tar 7 github.com/cri-o/cri-o 7 total.js 7 github.com/cloudflare/cfrpki/cmd/octorpki 7 org.igniterealtime.openfire:parent 7 pillow 7 systeminformation 7 october/cms 7 feehi/cms 7 org.apache.santuario:xmlsec 7 org.apache.atlas:atlas-common 7 jsrsasign 7 org.craftercms:crafter-studio 7 io.jenkins.blueocean:blueocean 7 Microsoft.NETCore.App.Runtime.win-x86 7 Microsoft.NETCore.App.Runtime.win-arm 7 Microsoft.NETCore.App.Runtime.win-x64 7 Microsoft.NETCore.App.Runtime.win-arm64 7 Microsoft.NETCore.App.Runtime.linux-musl-x64 7 Microsoft.NETCore.App.Runtime.osx-x64 7 Microsoft.NETCore.App.Runtime.linux-x64 7 Microsoft.NETCore.App.Runtime.linux-musl-arm64 7 Microsoft.NETCore.App.Runtime.linux-arm64 7 Microsoft.NETCore.App.Runtime.linux-arm 7 github.com/go-gitea/gitea 7 codeigniter4/framework 7 pysaml2 7 laravel/framework 7 october/backend 7 numpy 7 keystone 7 snyk-broker 7 next-auth 7 angular 7 hapi 7 org.apache.httpcomponents:httpclient 7 org.apache.druid:druid 7 hermes-engine 7 hyper 7 org.apache.spark:spark-core_2.11 7 github.com/pomerium/pomerium 7 org.apache.cxf:apache-cxf 7 lodash 7 org.apache.james:james-server 7 io.atomix:atomix 7 org.apache.hive:hive-service 7 tensorflow-lite 7 magento/community-edition 7 org.apache.syncope:syncope-core 6 Flask-AppBuilder 6 org.jenkins-ci.plugins:ec2 6 github.com/sylabs/singularity 6 io.jenkins.plugins:cavisson-ns-nd-integration 6 loofah 6 Simple-Wayland-HotKey-Daemon 6 org.apache.archiva:archiva 6 org.jenkins-ci.plugins:active-directory 6 Microsoft.AspNetCore.Mvc.Core 6 org.apache.solr:solr-parent 6 org.apache.dolphinscheduler:dolphinscheduler 6 org.apache.mesos:mesos 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 github.com/fluxcd/flux2 6 commons-jxpath:commons-jxpath 6 org.postgresql:postgresql 6 lief 6 express-cart 6 org.opencastproject:opencast-kernel 6 org.apache.logging.log4j:log4j-core 6 parse-url 6 OPCFoundation.NetStandard.Opc.Ua.Core 6 doorkeeper 6 github.com/beego/beego 6 ipython 6 bootstrap 6 simplesamlphp/simplesamlphp 6 org.springframework.amqp:spring-amqp 6 io.netty:netty-handler 6 guzzlehttp/guzzle 6 ember-source 6 inventree 6 libpulse-binding 6 org.apache.spark:spark-core_2.10 6 smarty/smarty 6 python-gnupg 6 org.owasp.antisamy:antisamy 6 cobbler 6 github.com/google/fscrypt 6 org.jeecgframework.boot:jeecg-boot-base 6 smallvec 6 pterodactyl/panel 6 aaptjs 6 wagtail 6