Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
rubygems Security Advisories
Loading...
High
Ecosystems: rubygems
Packages: rdoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS01OTJqLTk5NWgtcDIzas4AA6RV
RDoc RCE vulnerability with .rdoc_optionsEcosystems: rubygems
Packages: rdoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
High
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY3cDUtdzJjci03Y3A3
Puppet Improper Input Validation vulnerabilityEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: stringio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS12NWg2LWMyaHYtaHYzcs4AA6RU
StringIO buffer overread vulnerabilityEcosystems: rubygems
Packages: stringio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
High
Ecosystems: rubygems
Packages: omniauth-facebook
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: about 2 years ago
GSA_kwCzR0hTQS0zM3ZnLWhweDUtcGZ4Z83gdw
omniauth-facebook Improper Authentication vulnerabilityEcosystems: rubygems
Packages: omniauth-facebook
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: tmpdir
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ2ZjItM3Y2My0zeHJw
Tempfile on Windows path traversal vulnerabilityEcosystems: rubygems
Packages: tmpdir
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: about 3 years ago
High
Ecosystems: rubygems
Packages: json
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpwaGctcXdydy03dzln
Unsafe object creation in json RubyGemEcosystems: rubygems
Packages: json
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: almost 4 years ago
High
Ecosystems: rubygems
Packages: pgsync
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcycmotMzZxYy00N2c3
Pgsync Contains Cleartext Transmission of Sensitive InformationEcosystems: rubygems
Packages: pgsync
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 3 years ago
High
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS13cDNqLXJ2ZnAtNjI0aM4AATla
RubyGems vulnerable to DNS hijack attackEcosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 2 years ago
GSA_kwCzR0hTQS14M3JxLXIzY20tNXZjNM0psw
Publify Business Logic ErrorsEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 2 years ago
High
Ecosystems: pypi, rubygems
Packages: grpcio, grpc
Source: GitHub Advisory Database
Blast Radius: 61.2
Published: 8 months ago
GSA_kwCzR0hTQS1wMjVtLWpwajQtcWNycs4AA127
Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms)Ecosystems: pypi, rubygems
Packages: grpcio, grpc
Source: GitHub Advisory Database
Blast Radius: 61.2
Published: 8 months ago
High
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhqcWctOWp2Zy1mZ3gy
Nokogiri subject to DoS via libxml2 vulnerabilityEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
Ecosystems: rubygems
Packages: mini_magick
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc3NTQtZ3E4ci1wZjVm
MiniMagick Gem for Ruby URI Handling Arbitrary Command InjectionEcosystems: rubygems
Packages: mini_magick
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: npm, rubygems
Packages: @turbo-boost/commands, turbo_boost-commands
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: 2 months ago
GSA_kwCzR0hTQS1tcDc2LTd3NXYtcHI3Nc4AA6CN
TurboBoost Commands vulnerable to arbitrary method invocationEcosystems: npm, rubygems
Packages: @turbo-boost/commands, turbo_boost-commands
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: 2 months ago
High
Ecosystems: rubygems
Packages: httparty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1neDMtMjdoci1tZmdw
HTTParty does not restrict casts of string valuesEcosystems: rubygems
Packages: httparty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: date
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: over 2 years ago
GSA_kwCzR0hTQS1xZzU0LTY5NHAtd2dwcM0XPQ
Regular expression denial of service vulnerability (ReDoS) in dateEcosystems: rubygems
Packages: date
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: over 2 years ago
High
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI4ZmgtaHEycC03cWhx
Active Record contains SQL Injection via improper range quotingEcosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: npm, rubygems
Packages: stimulus_reflex
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: 2 months ago
GSA_kwCzR0hTQS1mNzhqLTR3M2ctNHE2Nc4AA56t
StimulusReflex arbitrary method callEcosystems: npm, rubygems
Packages: stimulus_reflex
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: 2 months ago
High
Ecosystems: rubygems
Packages: lean-ruport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS01ZzdmLXA3amctdjZtds4AAXfa
lean-ruport allows local users to obtain sensitive information by listing the processEcosystems: rubygems
Packages: lean-ruport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 2 months ago
GSA_kwCzR0hTQS0yNDJwLTR2MzktMnY4Z84AA56s
Cross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in PhlexEcosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 2 months ago
High
Ecosystems: rubygems
Packages: spina
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJoeHYtbXg4eC1tY2o5
Spina gem vulnerable to Cross-site request forgery (CSRF) vulnerabilityEcosystems: rubygems
Packages: spina
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 5 years ago
High
Ecosystems: rubygems
Packages: nori
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ5MzYtcmoyNS02d202
nori contains Improper Input ValidationEcosystems: rubygems
Packages: nori
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: point-cli
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1tYzhtLXg2aGYtY3cyZ84AAXfc
point-cli allows local users to obtain sensitive information by listing the processEcosystems: rubygems
Packages: point-cli
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnNzgtNGY2eC05OXdx
Rack vulnerable to Denial of ServiceEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: over 5 years ago
High
Ecosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 44.9
Published: over 2 years ago
GSA_kwCzR0hTQS1ybWo4LThoaGgtZ3Y1aM0rDw
Puma used with Rails may lead to Information ExposureEcosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 44.9
Published: over 2 years ago
High
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTloNmctZ3A5NS14M3E1
actionpack is vulnerable to denial of service because of a wildcard controller routeEcosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: carrierwave
Source: GitHub Advisory Database
Blast Radius: 35.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmM3ctZzg2aC0zNXg0
Code Injection vulnerability in CarrierWave::RMagickEcosystems: rubygems
Packages: carrierwave
Source: GitHub Advisory Database
Blast Radius: 35.7
Published: over 3 years ago
High
Ecosystems: rubygems
Packages: yard
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqNHAtM3doMy0ycm1m
Arbitrary file read vulnerability in yard serverEcosystems: rubygems
Packages: yard
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: trestle-auth
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg4aHgtMmM1ci0zMmNm
Cross-Site Request Forgery (CSRF) in trestle-authEcosystems: rubygems
Packages: trestle-auth
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: about 3 years ago
High
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 53.1
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBmNm0tZnhwcS1mZzh2
Nokogiri implementation of libxslt lacks integer overflow checksEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 53.1
Published: almost 6 years ago
High
Ecosystems: rubygems
Packages: sounder
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmbWYtcng4dy05MzV3
Sounder Contains Arbitrary Command Execution VulnerabilityEcosystems: rubygems
Packages: sounder
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNoNHItcGp2Ni1jcGg5
RubyGems Escape sequence injection vulnerability in api response handlingEcosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
High
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3bTgtZmp2Ny1qNzc0
RubyGems Escape sequence injection in errorsEcosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
High
Ecosystems: rubygems
Packages: oauth
Source: GitHub Advisory Database
Blast Radius: 33.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczNTktM2M2ci1oZmMy
Improper Certificate Validation in oauth ruby gemEcosystems: rubygems
Packages: oauth
Source: GitHub Advisory Database
Blast Radius: 33.5
Published: about 3 years ago
High
Ecosystems: rubygems
Packages: logstash-core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: about 2 years ago
GSA_kwCzR0hTQS12Y21tLXBwcXgtOTVjaM4AATXo
Logstash Logs Sensitive InformationEcosystems: rubygems
Packages: logstash-core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: thumbshooter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmcWotY2c3OS1mMnB2
Thumbshooter vulnerable to Code InjectionEcosystems: rubygems
Packages: thumbshooter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: asciidoctor
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: about 2 years ago
GSA_kwCzR0hTQS1xYzlwLW1qeG0tajJ3as4AASwT
Asciidoctor Infinite Loop vulnerabilityEcosystems: rubygems
Packages: asciidoctor
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: private_address_check
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN2M2MtcjV2Mi02OHBo
private_address_check contains Incomplete List of Disallowed InputsEcosystems: rubygems
Packages: private_address_check
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: crack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03ZnEtY2Y4cS0zNXE3
crack does not properly restrict casts of string valuesEcosystems: rubygems
Packages: crack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: about 2 years ago
GSA_kwCzR0hTQS1qYzM2LTQyY2YtdnF3as018g
Nokogiri affected by zlib's Out-of-bounds Write vulnerabilityEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2d3EteHc0aC1mOHdq
activerecord vulnerable to SQL InjectionEcosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1oeHF4LXh3dmgtNDRtMs4AArQW
Denial of Service Vulnerability in Rack Multipart ParsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: almost 2 years ago
High
Ecosystems: rubygems
Packages: curl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4eDYtcDI0di13Zzhj
Curl Gem insufficient URL escaping command injectionEcosystems: rubygems
Packages: curl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2dzYteG1xdi03cTc4
activerecord vulnerable to SQL InjectionEcosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: mixlib-archive
Source: GitHub Advisory Database
Blast Radius: 23.1
Published: about 2 years ago
GSA_kwCzR0hTQS05OHd4LWN3ODYtYzk3eM3xGg
mixlib-archive Path Traversal vulnerabilityEcosystems: rubygems
Packages: mixlib-archive
Source: GitHub Advisory Database
Blast Radius: 23.1
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: aescrypt
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRjNHctM3E0NS1ocDlq
Aescrypt does not sufficiently use random valuesEcosystems: rubygems
Packages: aescrypt
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: about 2 years ago
GSA_kwCzR0hTQS12NnJwLTNyM3YtaGY0cM4AAU7l
Ruby OpenSSL DoS VulnerabilityEcosystems: rubygems
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: about 2 years ago
GSA_kwCzR0hTQS02d2o5LTc3d3EtanE3cM1Auw
Nokogiri is vulnerable to XML External Entity (XXE) attackEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: cgi
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: over 2 years ago
GSA_kwCzR0hTQS00dmY0LXFtdmctbWg3aM0gHQ
Cookie Prefix Spoofing in CGI::Cookie.parseEcosystems: rubygems
Packages: cgi
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: over 2 years ago
High
Ecosystems: rubygems
Packages: private_address_check
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4dmotajNxaC14OGMz
private_address_check contains race conditionEcosystems: rubygems
Packages: private_address_check
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
Ecosystems: rubygems
Packages: yajl-ruby
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd3aDctNGp3OS0zM3g2
yajl-ruby gem Denial of Service vulnerabilityEcosystems: rubygems
Packages: yajl-ruby
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: devise
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: over 1 year ago
GSA_kwCzR0hTQS03NDZnLTNnZnAtaGZod84AAxNH
Devise Gem for Ruby Unauthorized Access Using "Remember Me" CookieEcosystems: rubygems
Packages: devise
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: echor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS04OTM2LWNnajQtcGhyMs4AAXa1
Echor contains Command InjectionEcosystems: rubygems
Packages: echor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: lynx
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk0Y3EtN2NjcS1jbWNt
lynx doesn't properly sanitize user input and exposes database password to unauthorized usersEcosystems: rubygems
Packages: lynx
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: sanitize
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: 11 months ago
GSA_kwCzR0hTQS1mNXd3LWNxM20tcTNnN84AA0Xi
Sanitize vulnerable to Cross-site Scripting via insufficient neutralization of `style` element contentEcosystems: rubygems
Packages: sanitize
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: 11 months ago
High
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 52.4
Published: over 1 year ago
GSA_kwCzR0hTQS1ocTdwLWozNzctNnY2M84AAxDu
SQL Injection Vulnerability via ActiveRecord commentsEcosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 52.4
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: reel
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgzdjQtcHh2bS02M2o4
HTTP Request Smuggling in reelEcosystems: rubygems
Packages: reel
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: almost 3 years ago
High
Ecosystems: rubygems
Packages: omniauth-saml
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk0aG0tOHE2NS1ybXht
OmniAuth-SAML authentication bypass via incorrect XML canonicalization and DOM traversalEcosystems: rubygems
Packages: omniauth-saml
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: almost 5 years ago
High
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 2 years ago
GSA_kwCzR0hTQS0ycnI1LThxMzctMnc3aM0V_Q
Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRubyEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 2 years ago
High
Ecosystems: rubygems
Packages: em-http-request
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEyN2YtdjNyNi05djc3
Improper Certificate Validation in EM-HTTP-RequestEcosystems: rubygems
Packages: em-http-request
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: almost 3 years ago
High
Ecosystems: rubygems
Packages: jruby-openssl
Source: GitHub Advisory Database
Blast Radius: 30.3
Published: over 1 year ago
GSA_kwCzR0hTQS14Z3Y3LXBxcWgtaDJ3Oc4AAxEu
jruby-openssl gem for JRuby fails to do proper certificate validationEcosystems: rubygems
Packages: jruby-openssl
Source: GitHub Advisory Database
Blast Radius: 30.3
Published: over 1 year ago
High
Ecosystems: rubygems, pypi, maven
Packages: grpc, grpcio, io.grpc:grpc-protobuf
Source: GitHub Advisory Database
Blast Radius: 89.7
Published: 11 months ago
GSA_kwCzR0hTQS02NjI4LXE2ajktdzh2Z84AA0dX
gRPC Reachable Assertion issueEcosystems: rubygems, pypi, maven
Packages: grpc, grpcio, io.grpc:grpc-protobuf
Source: GitHub Advisory Database
Blast Radius: 89.7
Published: 11 months ago
High
Ecosystems: rubygems
Packages: tzinfo
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01Y20yLTloOGMtcnZmeM4AAtkK
TZInfo relative path traversal vulnerability allows loading of arbitrary filesEcosystems: rubygems
Packages: tzinfo
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: almost 2 years ago
High
Ecosystems: rubygems
Packages: decidim-core, decidim
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: 10 months ago
GSA_kwCzR0hTQS01NjUyLTkycjktM2Z4Oc4AA0m4
Decidim Cross-site Scripting vulnerability in the processes filterEcosystems: rubygems
Packages: decidim-core, decidim
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: 10 months ago
High
Ecosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 18 days ago
GSA_kwCzR0hTQS05cDU3LWg5ODctNHZneM4AA7eG
Phlex vulnerable to Cross-site Scripting (XSS) via maliciously formed HTML attribute names and valuesEcosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 18 days ago
High
Ecosystems: rubygems
Packages: actionview
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyM3gtN20zOS1jNmpx
Remote code execution via user-provided local names in ActionViewEcosystems: rubygems
Packages: actionview
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: almost 4 years ago
High
Ecosystems: rubygems
Packages: i18n
Source: GitHub Advisory Database
Blast Radius: 46.1
Published: about 2 years ago
GSA_kwCzR0hTQS0zNGhmLWc3NDQtanc2NM4AAUk-
i18n Vulnerable to Denial of Service AttackEcosystems: rubygems
Packages: i18n
Source: GitHub Advisory Database
Blast Radius: 46.1
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: solidus_core
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 2 years ago
GSA_kwCzR0hTQS1xeG1yLXF4aDYtMmNjOc0ZdQ
ReDos vulnerability on guest checkout email validationEcosystems: rubygems
Packages: solidus_core
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 2 years ago
High
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: over 1 year ago
GSA_kwCzR0hTQS01eDc5LXc4MmYtZ3c4d84AAwSf
Inefficient Regular Expression Complexity in rails-html-sanitizerEcosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: loofah
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: over 1 year ago
GSA_kwCzR0hTQS00ODZmLWhqajktOXZoaM4AAwSc
Inefficient Regular Expression Complexity in LoofahEcosystems: rubygems
Packages: loofah
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: activejob
Source: GitHub Advisory Database
Blast Radius: 42.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEycXctcm1yaC12djQy
Improper Access Control in activejobEcosystems: rubygems
Packages: activejob
Source: GitHub Advisory Database
Blast Radius: 42.8
Published: over 5 years ago
High
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3dzMtM3J4ai04djZx
actionpack allows remote attackers to bypass intended access restrictionsEcosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: safemode
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5Mm0tcnJyYy1xNXdm
safemode gem allows context-dependent attackers to obtain sensitive information via the inspect methodEcosystems: rubygems
Packages: safemode
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: cocoapods-downloader
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: about 2 years ago
GSA_kwCzR0hTQS1nMzk3LXY0dzUtNG03Oc03tg
Command injection in cocoapods-downloaderEcosystems: rubygems
Packages: cocoapods-downloader
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdocDIteHdwai05NWpx
Denial of service or RCE from libxml2 and libxsltEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 5 years ago
High
Ecosystems: rubygems
Packages: command_wrap
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2NzMtaGpmMi1wd2Zy
Shell command injection in command_wrapEcosystems: rubygems
Packages: command_wrap
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxeHctM3A3di1wOWdy
Phusion Passenger uses a known /tmp filenameEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 5 years ago
High
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhqZzQtOHE1Zi14NmZt
Action Pack contains Information Disclosure / Unintended Method Execution vulnerabilityEcosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: about 3 years ago
High
Ecosystems: rubygems
Packages: blazer
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: about 2 years ago
GSA_kwCzR0hTQS1xZjlxLXE0aGgtcXBoM80-qA
SQL injection in blazerEcosystems: rubygems
Packages: blazer
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: matestack-ui-core
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNqcXctdnY0NS1tamho
XSS/Script injection vulnerability in matestackEcosystems: rubygems
Packages: matestack-ui-core
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 4 years ago
High
Ecosystems: rubygems
Packages: yard
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmaGgtcng1Ni1yeGNy
Path Traversal vulnerability that affects yardEcosystems: rubygems
Packages: yard
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: almost 5 years ago
High
Ecosystems: rubygems
Packages: hammer_cli_foreman
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: about 2 years ago
GSA_kwCzR0hTQS03N2g4LXhyODUtM3g1cc4AARcM
hammer_cli_foreman Improper Certificate Validation vulnerabilityEcosystems: rubygems
Packages: hammer_cli_foreman
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2cHEtNXhxeC1wZnBw
Ruby on Rails vulnerable to code injectionEcosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl3cnEteHZtcC14amM4
High severity vulnerability that affects rails.Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: bundler
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5OG0tOTZnOS13Zmpx
Insecure path handling in BundlerEcosystems: rubygems
Packages: bundler
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: about 3 years ago
High
Ecosystems: rubygems
Packages: view_component
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: about 2 years ago
GSA_kwCzR0hTQS1jbTl3LWM0cmotcjJjZs0vug
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in view_componentEcosystems: rubygems
Packages: view_component
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: rack-cors
Source: GitHub Advisory Database
Blast Radius: 40.9
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJqOWMtOXZtdi03bTM5
Missing Regex anchor in Rack-Cors allows malicious third party site to perform CORS requestEcosystems: rubygems
Packages: rack-cors
Source: GitHub Advisory Database
Blast Radius: 40.9
Published: almost 6 years ago
High
Ecosystems: rubygems
Packages: omniauth-microsoft_graph
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 5 months ago
GSA_kwCzR0hTQS01ZzY2LTYyOGYtN2N2as4AA4Lx
Omniauth::MicrosoftGraph Account takeover (nOAuth)Ecosystems: rubygems
Packages: omniauth-microsoft_graph
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 5 months ago
High
Ecosystems: rubygems
Packages: thin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWoyNHAtcjZ3eC1yNzl3
High severity vulnerability that affects thinEcosystems: rubygems
Packages: thin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: uri
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 1 year ago
GSA_kwCzR0hTQS1odjVqLTNoOWYtOTljMs4AAyes
Ruby URI component ReDoS issueEcosystems: rubygems
Packages: uri
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 1 year ago
High
Ecosystems: rubygems
Packages: rexml
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjcjgtNHZmdy1tcjdo
REXML round-trip instabilityEcosystems: rubygems
Packages: rexml
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: about 3 years ago
High
Ecosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEyOG0tOHhqdy04dnI1
Puma's Keepalive Connections Causing Denial Of ServiceEcosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: about 3 years ago
High
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 2 years ago
GSA_kwCzR0hTQS03NHB2LXY5Z2gtaDI1cM4AASkU
RubyGems Infinite Loop vulnerabilityEcosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: foreman_fog_proxmox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYycnAtNHJ2Ny1mYzk1
Exposure of Sensitive Information to an Unauthorized Actor in foreman_fog_proxmoxEcosystems: rubygems
Packages: foreman_fog_proxmox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
High
Ecosystems: rubygems
Packages: brbackup
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxY20tN2Y3Zi1yNTM5
brbackup exposes database password to unauthorized usersEcosystems: rubygems
Packages: brbackup
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
High
Ecosystems: rubygems
Packages: pghero
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: over 1 year ago
GSA_kwCzR0hTQS12Zjk5LXh3MjYtODZnNc4AAwwE
PgHero Allows Information Disclosure Through EXPLAIN FeatureEcosystems: rubygems
Packages: pghero
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: user_agent_parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBjcXEtNTk2Mi1odmN3
Denial of Service in uap-core when processing crafted User-Agent stringsEcosystems: rubygems
Packages: user_agent_parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
High
Ecosystems: rubygems
Packages: kcapifony
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZmY3EtM2NtMi1qM2o1
Kcapifony gem for Ruby places database user passwords on the command lineEcosystems: rubygems
Packages: kcapifony
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 6 years ago
High
Ecosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: 4 months ago
GSA_kwCzR0hTQS1naGp2LW1oNngtN3E2aM4AA4eR
avo vulnerable to stored cross-site scripting (XSS) in key_value fieldEcosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: 4 months ago
High
Ecosystems: rubygems
Packages: sidekiq
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qcmZqLTk4cWctcWpnds0lug
Denial of service in sidekiqEcosystems: rubygems
Packages: sidekiq
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: over 2 years ago
High
Ecosystems: rubygems
Packages: cgi
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: over 1 year ago
GSA_kwCzR0hTQS12YzQ3LTZycWctYzdmNc4AAv82
HTTP response splitting in CGIEcosystems: rubygems
Packages: cgi
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: over 1 year ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 285
Ecosystems: 12
Packages: 8,381
Repositories: 285
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
actionpack
57
nokogiri
43
rubygems-update
25
puppet
23
rack
22
activerecord
21
publify_core
14
activesupport
14
passenger
13
actionview
12
rails
11
puma
11
fat_free_crm
10
jquery-rails
9
rails-html-sanitizer
9
jquery
8
org.webjars.npm:jquery
8
decidim
7
jQuery.UI.Combined
7
org.webjars.npm:jquery-ui
7
jQuery
7
org.jruby:jruby-stdlib
7
jquery-ui-rails
7
jquery-ui
7
camaleon_cms
6
katello
6
loofah
6
doorkeeper
6
ember-source
6
commonmarker
5
bundler
5
spree_auth_devise
5
spree
5
sidekiq
5
sanitize
4
grpc
4
grpcio
4
carrierwave
4
webrick
4
activestorage
4
mail
4
sinatra
4
devise
4
dragonfly
4
avo
4
fluentd
4
gollum
3
decidim-core
3
chartkick
3
openssl
3
bootstrap
3
geminabox
3
rubyzip
3
resque
3
ruby-saml
3
bootstrap
3
yard
3
cgi
3
omniauth
3
rest-client
3
rdoc
3
json-jwt
3
private_address_check
3
rails_admin
3
rack-cors
3
git
3
io.grpc:grpc-protobuf
3
phlex
3
paperclip
2
omniauth-facebook
2
net-ldap
2
echor
2
mini_magick
2
twitter-bootstrap-rails
2
sup
2
sprockets
2
bson
2
json
2
rexml
2
safemode
2
ox
2
user_agent_parser
2
pghero
2
field_test
2
solidus_core
2
faye
2
view_component
2
spina
2
cocoapods-downloader
2
solidus_frontend
2
uri
2
devise-two-factor
2
redcarpet
2
pdfkit
2
kramdown
2
i18n
2
httparty
2
VladTheEnterprising
2
red-arrow
2
pyarrow
2
radiant
2
mechanize
2
activeadmin
2
logstash-core
2
google-protobuf
2
com.google.protobuf:protobuf-kotlin
2
administrate
2
pageflow
2
yajl-ruby
2
secure_headers
2
decidim-templates
2
qiita-markdown
2
mapbox.js
2
mapbox-rails
2
bootstrap-sass
2
facter
2
git-fastclone
2
ruby-openid
2
com.google.protobuf:protobuf-java
2
blazer
1
rmagick
1
geokit-rails
1
multi_xml
1
gitlab-grit
1
brbackup
1
foreman_ansible
1
solidus_auth_devise
1
keynote
1
railties
1
twitter-stream
1
hiera
1
mcollective-client
1
wicked
1
actionmailer
1
kelredd-pruview
1
hub
1
sqlite3-ruby
1
github.com/github/hub
1
websocket-extensions
1
thin
1
rack-mini-profiler
1
ruby-jss
1
cap-strap
1
matestack-ui-core
1
sha3
1
pysha3
1
restforce
1
solidus_backend
1
better_errors
1
mongrel
1
unpoly-rails
1
bindata
1
oxidized-web
1
github.com/pubnub/swift
1
pubnub
1
pubnub
1
pubnub/pubnub
1
pubnub
1
pubnub
1
Pubnub
1
github.com/pubnub/go/v5
1
github.com/pubnub/go/v6
1
github.com/pubnub/go
1
github.com/pubnub/go/v7
1
com.pubnub:pubnub
1
com.pubnub:pubnub-kotlin
1
rubocop
1
ruby-mysql
1
gtk2
1
rotp
1
@turbo-boost/commands
1
turbo_boost-commands
1
discordrb
1
diffy
1
recurly
1
md2pdf
1
sounder
1
date
1
octopoller
1
paratrooper-newrelic
1
jmespath
1
trilogy
1
sentry-raven
1
ruby_parser
1
ftpd
1
tweetstream
1
flash_tool
1
lean-ruport
1
openshift-origin-node
1
point-cli
1
govuk_tech_docs
1
audited
1
omniauth-apple
1
spree_api
1
omniauth-auth0
1
shrine
1
message_bus
1
inline_svg
1
pdf_info
1
rswag
1
Filter by Repository
https://github.com/rails/rails
53
https://github.com/sparklemotion/nokogiri
32
https://github.com/rubygems/rubygems
18
https://github.com/rack/rack
17
https://github.com/puppetlabs/puppet
15
https://github.com/publify/publify
13
https://github.com/puma/puma
11
https://github.com/phusion/passenger
10
https://github.com/jquery/jquery
9
https://github.com/rails/rails-html-sanitizer
9
https://github.com/fatfreecrm/fat_free_crm
9
https://github.com/decidim/decidim
8
https://github.com/doorkeeper-gem/doorkeeper
6
https://github.com/flavorjones/loofah
6
https://github.com/jquery/jquery-ui
6
https://github.com/solidusio/solidus
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/owen2345/camaleon-cms
4
https://github.com/mikel/mail
4
https://github.com/markevans/dragonfly
4
https://github.com/Katello/katello
4
https://github.com/ruby/openssl
4
https://github.com/avo-hq/avo
4
https://github.com/grpc/grpc
4
https://github.com/carrierwaveuploader/carrierwave
4
https://github.com/rgrove/sanitize
4
https://github.com/sinatra/sinatra
4
https://github.com/fluent/fluentd
4
https://github.com/sidekiq/sidekiq
3
https://github.com/rubygems/rubygems.org
3
https://github.com/ruby-git/ruby-git
3
https://github.com/rubyzip/rubyzip
3
https://github.com/resque/resque
3
https://github.com/spree/spree
3
https://github.com/phlex-ruby/phlex
3
https://github.com/rest-client/rest-client
3
https://github.com/cyu/rack-cors
3
https://github.com/geminabox/geminabox
3
https://github.com/twbs/bootstrap
3
https://github.com/lsegal/yard
3
https://github.com/gjtorikian/commonmarker
3
https://github.com/gollum/gollum
3
https://github.com/jtdowney/private_address_check
3
https://github.com/emberjs/ember.js
2
https://github.com/codevise/pageflow
2
https://github.com/CocoaPods/cocoapods-downloader
2
https://github.com/brianmario/yajl-ruby
2
https://github.com/ankane/pghero
2
https://github.com/ankane/field_test
2
https://github.com/ruby-ldap/ruby-net-ldap
2
https://github.com/ankane/chartkick
2
https://github.com/ruby/rdoc
2
https://github.com/ruby/rexml
2
https://github.com/ruby/uri
2
https://github.com/ruby/webrick
2
https://github.com/activeadmin/activeadmin
2
https://github.com/faye/faye
2
https://github.com/gettalong/kramdown
2
https://github.com/github/cmark-gfm
2
https://github.com/increments/qiita-markdown
2
https://github.com/jnunemaker/httparty
2
https://github.com/protocolbuffers/protobuf
2
https://github.com/plataformatec/devise
2
https://github.com/mongodb/bson-ruby
2
https://github.com/mperham/sidekiq
2
https://github.com/nov/json-jwt
2
https://github.com/openid/ruby-openid
2
https://github.com/omniauth/omniauth
2
https://github.com/ohler55/ox
2
https://github.com/vmg/redcarpet
2
https://github.com/sparklemotion/mechanize
2
https://github.com/square/git-fastclone
2
https://github.com/twitter/secure_headers
2
https://github.com/tinfoil/devise-two-factor
2
https://github.com/sup-heliotrope/sup
2
https://github.com/svenfuchs/i18n
2
https://github.com/svenfuchs/safemode
2
https://github.com/thoughtbot/paperclip
2
https://gitlab.com/gitlab-org/cves
2
https://github.com/github/view_component
1
https://github.com/github/trilogy
1
https://github.com/github/hub
1
https://github.com/twbs/bootstrap-sass
1
https://github.com/theforeman/smart_proxy_dynflow
1
https://github.com/kaminari/kaminari
1
https://github.com/getsentry/raven-ruby
1
https://github.com/geokit/geokit-rails
1
https://github.com/tzinfo/tzinfo
1
https://github.com/gazay/gon
1
https://github.com/fnando/svg_optimizer
1
https://github.com/ua-parser/uap-core
1
https://github.com/flori/json
1
https://github.com/ua-parser/uap-ruby
1
https://github.com/ffi/ffi
1
https://github.com/faye/websocket-extensions-ruby
1
https://github.com/faye/faye-websocket-ruby
1
https://github.com/unpoly/unpoly-rails
1
https://github.com/ViewComponent/view_component
1
https://github.com/theforeman/ldap_fluff
1
https://github.com/exiftool-rb/exiftool_vendored.rb
1
https://github.com/excon/excon
1
https://github.com/jnunemaker/crack
1
https://github.com/jmespath/jmespath.rb
1
https://github.com/jirutka/asciidoctor-include-ext
1
https://github.com/jgarber/redcloth
1
https://github.com/jekyll/jekyll
1
https://github.com/janko/image_processing
1
https://github.com/jamesmartin/inline_svg
1
https://github.com/inukshuk/bibtex-ruby
1
https://github.com/thoughtbot/cocaine
1
https://github.com/imsebao/404team
1
https://github.com/jordansissel/ruby-arr-pm
1
https://github.com/igrigorik/em-http-request
1
https://github.com/josh/rack-ssl
1
https://github.com/hopsoft/turbo_boost-commands
1
https://github.com/heartcombo/devise
1
https://github.com/haml/haml
1
https://github.com/thoughtbot/clearance
1
https://github.com/halostatue/minitar
1
https://github.com/Gurpartap/aescrypt
1
https://github.com/tigris/open-uri-cached
1
https://github.com/thoughtbot/administrate
1
https://github.com/GNOME/libxml2
1
https://github.com/TrestleAdmin/trestle-auth
1
https://github.com/evan/ccsv
1
https://github.com/binarylogic/authlogic
1
https://github.com/BetterErrors/better_errors
1
https://github.com/beenhero/omniauth-weibo-oauth2
1
https://github.com/bdmac/strong_password
1
https://github.com/bbatsov/rubocop
1
https://github.com/basecamp/marginalia
1
https://github.com/basecamp/easymon
1
https://github.com/aws/aws-sdk-ruby
1
https://github.com/zendesk/samlr
1
https://github.com/auth0/omniauth-auth0
1
https://github.com/asteinhauser/fat_free_crm
1
https://github.com/asciidoctor/asciidoctor
1
https://github.com/ankane/pgsync
1
https://github.com/zenspider/ruby_parser-legacy
1
https://github.com/zvory/csv-safe
1
https://github.com/ankane/clockwork_web
1
https://github.com/ankane/chartkick.js
1
https://gitlab.com/2013/11
1
https://github.com/ankane/blazer
1
https://github.com/amro/gibbon
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/alexreisner/geocoder
1
https://github.com/AlchemyCMS/alchemy_cms
1
https://github.com/airbrake/airbrake-ruby
1
https://github.com/ahorner/text-helpers
1
https://github.com/affix/CVE-2022-36231
1
https://github.com/adamzaninovich/sounder
1
https://github.com/elastic/logstash
1
https://github.com/elastic/apm-agent-ruby
1
https://github.com/ejschmitt/delayed_job_web
1
https://github.com/dspinhirne/netaddr-rb
1
https://github.com/doorkeeper-gem/doorkeeper-openid_connect
1
https://github.com/voloko/twitter-stream
1
https://github.com/dmendel/bindata
1
https://github.com/discourse/rails_multisite
1
https://github.com/discourse/message_bus
1
https://github.com/denkGroot/Spina
1
https://github.com/dejan/espeak-ruby
1
https://github.com/wconrad/ftpd
1
https://github.com/datamapper/extlib
1
https://github.com/webbynode/webbynode
1
https://github.com/ConradIrwin/em-imap
1
https://github.com/collectiveidea/audited
1
https://github.com/whiteleaf7/narou
1
https://github.com/codders/dataset
1
https://github.com/wycats/handlebars.js
1
https://github.com/chef/mixlib-archive
1
https://github.com/cgriego/active_attr
1
https://github.com/XKCP/XKCP
1
https://github.com/camilova/activerecord-update-by-case
1
https://github.com/bvsatyaram/random_password_generator
1
https://github.com/bundler/bundler
1
https://github.com/ytti/oxidized-web
1
https://github.com/boazsegev/iodine
1
https://github.com/rf-/keynote
1
https://github.com/restforce/restforce
1
https://github.com/sisimai/rb-sisimai
1
https://github.com/resque/resque-scheduler
1
https://github.com/Smashing/smashing
1
https://github.com/redis-store/redis-store
1
https://github.com/recurly/recurly-client-ruby
1
https://github.com/rdoc/rdoc
1
https://github.com/rcook/rgpg
1
https://github.com/rapid7/metasploit-framework
1
https://github.com/rails/web-console
1
https://github.com/rails/sprockets
1
https://github.com/Snorby/snorby
1
https://github.com/socketry/protocol-http1
1
https://github.com/rails/kredis
1
https://github.com/rails/jquery-rails
1
https://github.com/rails/globalid
1
https://github.com/railsdog/spree
1
https://github.com/railsadminteam/rails_admin
1
https://github.com/rails/activeresource
1