Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
rubygems Security Advisories
Loading...
High
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: about 2 years ago
GSA_kwCzR0hTQS1wbTl4LTQzOTItMmMycM4AARmv
RubyGems may allow a maliciously crafted gem to overwrite filesEcosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1oMzctOGMzZy0zZmdj
RubyGems Escape sequence injection vulnerability in gem ownerEcosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
High
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3bTgtZmp2Ny1qNzc0
RubyGems Escape sequence injection in errorsEcosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
High
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNoNHItcGp2Ni1jcGg5
RubyGems Escape sequence injection vulnerability in api response handlingEcosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
High
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyMzItZ3I1Yy14cTVj
RubyGems Escape sequence injection vulnerability in verboseEcosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: almost 5 years ago
High
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: about 2 years ago
GSA_kwCzR0hTQS1wN2YyLXJyNDItbTl4bc4AATe8
RubyGems Improper Input Validation vulnerabilityEcosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: about 2 years ago
Critical
Ecosystems: rubygems
Packages: safemode
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2eDUtOXE3My13Z3A0
Safemode Gem Has Incomplete List of Disallowed InputsEcosystems: rubygems
Packages: safemode
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: elastic-apm
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: almost 2 years ago
GSA_kwCzR0hTQS0zNWoyLXA4ZmgteDk2Ns4AAhfV
Elastic APM agent for Ruby vulnerable to Improper Certificate ValidationEcosystems: rubygems
Packages: elastic-apm
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: oxidized-web
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: over 1 year ago
GSA_kwCzR0hTQS04cXdoLXJtNmMtanY5Ns4AAwnZ
Oxidized Web vulnerable to Cross-site ScriptingEcosystems: rubygems
Packages: oxidized-web
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV4MzItYzltZi00OWNj
RubyGems Delete directory using symlink when decompressing tarEcosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: almost 5 years ago
Moderate
Ecosystems: rubygems
Packages: decidim-core, decidim
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: 10 months ago
GSA_kwCzR0hTQS00NjloLW1xZzgtNTM1cs4AA0m3
Decidim Cross-site Scripting vulnerability in the external link redirectionsEcosystems: rubygems
Packages: decidim-core, decidim
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: 10 months ago
Low
Ecosystems: rubygems
Packages: dalli
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zeGc4LWNjOGYtOXd2Ms4AAv9V
Unsanitized input leading to code injection in DalliEcosystems: rubygems
Packages: dalli
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: aescrypt
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRjNHctM3E0NS1ocDlq
Aescrypt does not sufficiently use random valuesEcosystems: rubygems
Packages: aescrypt
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 6 years ago
Moderate
Ecosystems: rubygems
Packages: geminabox
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY1M20tcjMzeC0zOWZm
Geminabox contains Cross-site ScriptingEcosystems: rubygems
Packages: geminabox
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: opensearch-ruby
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: almost 2 years ago
GSA_kwCzR0hTQS05NzdjLTYzeHEtY2d3M84AAtG0
opensearch-ruby 2.x before 2.0.2 vulnerable to unsafe YAML deserializationEcosystems: rubygems
Packages: opensearch-ruby
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: consul
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqaHgtOWdmNC1oaGY1
Consul gem insufficient authentication check - Multiple powers in one controller are not always checked correctlyEcosystems: rubygems
Packages: consul
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: over 4 years ago
High
Ecosystems: rubygems
Packages: pay
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: about 1 year ago
GSA_kwCzR0hTQS1jcWYzLXZweDctcnhod84AAy5d
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in PayEcosystems: rubygems
Packages: pay
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: solidus_api, solidus_frontend
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNtdmctcnJydy1tN3Bo
Ability to change order address without triggering address validations in solidusEcosystems: rubygems
Packages: solidus_api, solidus_frontend
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: almost 4 years ago
Moderate
Ecosystems: rubygems
Packages: solidus_frontend
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: over 2 years ago
GSA_kwCzR0hTQS1oM2ZnLWg1djMtdmY4bc0gsw
CSRF forgery protection bypass in solidus_frontendEcosystems: rubygems
Packages: solidus_frontend
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: over 2 years ago
Low
Ecosystems: rubygems
Packages: octokit
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1nMjh4LXBncjMtcXF4Ns4AArmr
Octokit gem published with world-writable filesEcosystems: rubygems
Packages: octokit
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: awesome_spawn
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1xcHF3LW1jODUtcXZtOc4AAtDn
OS Command Injection in awesome spawnEcosystems: rubygems
Packages: awesome_spawn
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: almost 2 years ago
High
Ecosystems: rubygems
Packages: lynx
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk0Y3EtN2NjcS1jbWNt
lynx doesn't properly sanitize user input and exposes database password to unauthorized usersEcosystems: rubygems
Packages: lynx
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 6 years ago
Moderate
Ecosystems: rubygems
Packages: geminabox
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 2 years ago
GSA_kwCzR0hTQS05OGhxLTNxdmctcGc3OM4AAQ3l
Gem in a Box vulnerable to Cross-site ScriptingEcosystems: rubygems
Packages: geminabox
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 2 years ago
Low
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4d3YtOTUzcC03cXBm
Phusion Passenger allows remote attackers to spoof headersEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 5 years ago
Low
Ecosystems: rubygems
Packages: bindata
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhqNTYtODRqdy02N2g2
Potential Denial-of-Service in bindataEcosystems: rubygems
Packages: bindata
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: almost 3 years ago
Moderate
Ecosystems: rubygems
Packages: secure_headers
Source: GitHub Advisory Database
Blast Radius: 12.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5Nzgtcm1wZi1xbXdn
Limited header injection when using dynamic overrides with user input in RubyGems secure_headersEcosystems: rubygems
Packages: secure_headers
Source: GitHub Advisory Database
Blast Radius: 12.8
Published: over 4 years ago
Moderate
Ecosystems: rubygems
Packages: secure_headers
Source: GitHub Advisory Database
Blast Radius: 12.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhxNTItcnY2dy0zOTdj
Directive injection when using dynamic overrides with user inputEcosystems: rubygems
Packages: secure_headers
Source: GitHub Advisory Database
Blast Radius: 12.8
Published: over 4 years ago
High
Ecosystems: rubygems
Packages: safemode
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5Mm0tcnJyYy1xNXdm
safemode gem allows context-dependent attackers to obtain sensitive information via the inspect methodEcosystems: rubygems
Packages: safemode
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: over 6 years ago
Moderate
Ecosystems: rubygems
Packages: smashing
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: almost 2 years ago
GSA_kwCzR0hTQS0yNTRqLW1tYzUtcWhweM4AApCM
Smashing Cross-site Scripting vulnerabilityEcosystems: rubygems
Packages: smashing
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 12 months ago
GSA_kwCzR0hTQS14NDg3LTg2Nm0tcDhocs4AAze4
Server-Side Template Injection in Camaleon CMSEcosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 12 months ago
High
Ecosystems: rubygems
Packages: exiftool_vendored
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: over 1 year ago
GSA_kwCzR0hTQS1xOTVoLWNxcnYtOGp2Nc4AAxGB
ExifTool vulnerable to arbitrary code executionEcosystems: rubygems
Packages: exiftool_vendored
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: over 1 year ago
Moderate
Ecosystems: rubygems
Packages: message_bus
Source: GitHub Advisory Database
Blast Radius: 12.4
Published: over 2 years ago
GSA_kwCzR0hTQS14bWdqLTVmaDMteGptbc0c1A
Path traversal when MessageBus::Diagnostics is enabledEcosystems: rubygems
Packages: message_bus
Source: GitHub Advisory Database
Blast Radius: 12.4
Published: over 2 years ago
High
Ecosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: 11 months ago
GSA_kwCzR0hTQS04NmgyLTJnNGctMjlxeM4AAzr6
avo possible unsafe reflection / partial DoS vulnerabilityEcosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: 11 months ago
Critical
Ecosystems: rubygems
Packages: ftpd
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: over 2 years ago
GSA_kwCzR0hTQS03dnhyLTZjeGctajN4OM0WRw
OS Command Injection in ftpdEcosystems: rubygems
Packages: ftpd
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: colorscore
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczcXctd3c2Mi1tNTR4
colorscore Command Injection vulnerabilityEcosystems: rubygems
Packages: colorscore
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: hammer_cli_foreman
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: about 2 years ago
GSA_kwCzR0hTQS03N2g4LXhyODUtM3g1cc4AARcM
hammer_cli_foreman Improper Certificate Validation vulnerabilityEcosystems: rubygems
Packages: hammer_cli_foreman
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: about 2 years ago
Moderate
Ecosystems: rubygems
Packages: alchemy_cms
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: about 2 years ago
GSA_kwCzR0hTQS03bWo0LTI5ODQtOTU1Zs4AAUyG
AlchemyCMS is vulnerable to stored XSS via the /admin/pictures image fieldEcosystems: rubygems
Packages: alchemy_cms
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: about 2 years ago
Moderate
Ecosystems: rubygems
Packages: field_test
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdnOW0tZ3czaC1oZzgz
field_test gem contains injection vulnerabilityEcosystems: rubygems
Packages: field_test
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: almost 5 years ago
High
Ecosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: almost 2 years ago
GSA_kwCzR0hTQS00Mzh4LTJwOXYtZzhoOc4AArCm
Camaleon CMS Insufficient Session Expiration vulnerabilityEcosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: openshift-origin-controller
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 2 years ago
GSA_kwCzR0hTQS03N3hxLTdjNnAtNnhwNs3gbA
RubyGem openshift-origin-controller is vulnerable to command injectionEcosystems: rubygems
Packages: openshift-origin-controller
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 2 years ago
Low
Ecosystems: rubygems
Packages: fluentd
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: over 1 year ago
GSA_kwCzR0hTQS1mcHBxLW1qNzYtZnBqMs4AAvrA
fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)Ecosystems: rubygems
Packages: fluentd
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: 11 months ago
GSA_kwCzR0hTQS01Y3I5LTVqeDMtMmczOc4AAzrM
avo vulnerable to Stored XSS (Cross Site Scripting) in html content based fieldsEcosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: 11 months ago
High
Ecosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: 4 months ago
GSA_kwCzR0hTQS1naGp2LW1oNngtN3E2aM4AA4eR
avo vulnerable to stored cross-site scripting (XSS) in key_value fieldEcosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: 4 months ago
Critical
Ecosystems: rubygems
Packages: pdf_info
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 1 year ago
GSA_kwCzR0hTQS05ZmgzLWo5OW0tZjR2N84AAxys
Code injection in pdf_infoEcosystems: rubygems
Packages: pdf_info
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 1 year ago
Critical
Ecosystems: rubygems
Packages: festivaltts4r
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY3ZjQtNXc5ai0yM3Ay
festivaltts4r allows arbitrary command executionEcosystems: rubygems
Packages: festivaltts4r
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: over 6 years ago
Moderate
Ecosystems: rubygems
Packages: fat_free_crm
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: over 1 year ago
GSA_kwCzR0hTQS1wNzVjLTV4M2gtY3hjZ84AAvNV
Fat Free CRM vulnerable to Remote Denial of Service via Tasks endpointEcosystems: rubygems
Packages: fat_free_crm
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: over 1 year ago
Moderate
Ecosystems: rubygems
Packages: decidim-templates
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 3 months ago
GSA_kwCzR0hTQS1mM3FtLXZmYzMtamc2ds4AA5ZJ
Possible CSRF attack at questionnaire templates previewEcosystems: rubygems
Packages: decidim-templates
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 3 months ago
Critical
Ecosystems: rubygems
Packages: slanger
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJnMzItbTNoZi03NzJ2
Slanger Arbitrary command executionEcosystems: rubygems
Packages: slanger
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: almost 5 years ago
Critical
Ecosystems: rubygems
Packages: katello
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: almost 2 years ago
GSA_kwCzR0hTQS01eHYyLXE0NzUtcndyaM4AAfRW
Katello uses hard coded credentialEcosystems: rubygems
Packages: katello
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: fat_free_crm
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRwOGYtbW1mai1yNDVn
Cross-site scripting in fat_free_crmEcosystems: rubygems
Packages: fat_free_crm
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 4 years ago
Moderate
Ecosystems: rubygems
Packages: fat_free_crm
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo1cmotZzY5NS0zNDJy
Fat Free CRM vulnerable to Cross-site ScriptingEcosystems: rubygems
Packages: fat_free_crm
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 5 years ago
Moderate
Ecosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: 4 months ago
GSA_kwCzR0hTQS1nOHZwLTJ2NXAtOXFmaM4AA4ir
Cross-site scripting (XSS) in Action messages on AvoEcosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: 4 months ago
Critical
Ecosystems: rubygems
Packages: smart_proxy_dynflow
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd4NWcteGN4ai1jeDJ3
smart_proxy_dynflow gem authentication bypass in Foreman remote execution featureEcosystems: rubygems
Packages: smart_proxy_dynflow
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: over 5 years ago
Moderate
Ecosystems: rubygems
Packages: padrino-contrib
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ3cHItODNnMy05Nmc3
Cross-site scripting in padrino-contribEcosystems: rubygems
Packages: padrino-contrib
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: over 4 years ago
Moderate
Ecosystems: rubygems
Packages: field_test
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1NDItY3BwOS1yM2c3
Field Test CSRF vulnerabilityEcosystems: rubygems
Packages: field_test
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 4 years ago
Low
Ecosystems: rubygems
Packages: gitaly
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1tbW1tLWNoamYtam12d84AAmp5
Gitaly Insufficient Session Expiration vulnerabilityEcosystems: rubygems
Packages: gitaly
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: qiita-markdown
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlwMjktOTRocC04cnZj
qiita-markdown Cross-site Scripting vulnerabilityEcosystems: rubygems
Packages: qiita-markdown
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 3 years ago
Moderate
Ecosystems: rubygems
Packages: qiita-markdown
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYyYzktNWpxdy0zeGgz
Cross-Site Scripting in Qiita-MarkdownEcosystems: rubygems
Packages: qiita-markdown
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 3 years ago
Moderate
Ecosystems: rubygems
Packages: radiant
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdwODIteHI3Ny04OGY0
radiant vulnerable to Cross-site ScriptingEcosystems: rubygems
Packages: radiant
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 6 years ago
Moderate
Ecosystems: rubygems
Packages: radiant
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW12dzgtdjc2Ny1xaGpt
Radiant CMS vulnerable to Cross-site ScriptingEcosystems: rubygems
Packages: radiant
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: over 6 years ago
High
Ecosystems: rubygems
Packages: tmpdir
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ2ZjItM3Y2My0zeHJw
Tempfile on Windows path traversal vulnerabilityEcosystems: rubygems
Packages: tmpdir
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: about 3 years ago
High
Ecosystems: rubygems
Packages: omniauth-microsoft_graph
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 4 months ago
GSA_kwCzR0hTQS01ZzY2LTYyOGYtN2N2as4AA4Lx
Omniauth::MicrosoftGraph Account takeover (nOAuth)Ecosystems: rubygems
Packages: omniauth-microsoft_graph
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 4 months ago
Critical
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
GSA_kwCzR0hTQS1xM3JtLWY1MjctZ2h4as4AAw-1
Publify Improper Input Validation vulnerabilityEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
Critical
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
GSA_kwCzR0hTQS1yYzQyLWpnaGYtdnI4Zs4AAw-0
Integer overflow in publify_coreEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: katello
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: about 2 years ago
GSA_kwCzR0hTQS01MjdyLW1mbWotcHJxZs4AATl1
Katello SQL Injection vulnerabilitiesEcosystems: rubygems
Packages: katello
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 14 days ago
GSA_kwCzR0hTQS05cDU3LWg5ODctNHZneM4AA7eG
Phlex vulnerable to Cross-site Scripting (XSS) via maliciously formed HTML attribute names and valuesEcosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 14 days ago
High
Ecosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 2 months ago
GSA_kwCzR0hTQS0yNDJwLTR2MzktMnY4Z84AA56s
Cross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in PhlexEcosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 2 months ago
High
Ecosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 29 days ago
GSA_kwCzR0hTQS1nN3hxLXh2OGMtaDk4Y84AA7Da
Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tagsEcosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 29 days ago
Low
Ecosystems: rubygems
Packages: audited
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 1 year ago
GSA_kwCzR0hTQS1oanAzLTVnMnEtN2p3d84AAzCk
Race Condition leading to logging errorsEcosystems: rubygems
Packages: audited
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 1 year ago
Critical
Ecosystems: rubygems
Packages: mysql-binuuid-rails
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZqNjMtMzVoai12bWNn
mysql-bunuuid-rails vulnerable to SQL injectionEcosystems: rubygems
Packages: mysql-binuuid-rails
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: almost 2 years ago
GSA_kwCzR0hTQS0zaHd4LWM2Y3AtcTk3Ms4AAgdi
Publify vulnerable to cross site scriptingEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: trilogy
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01ZzRyLTJxaHgtdnFmbc4AArZZ
Use of Uninitialized Variable in trilogyEcosystems: rubygems
Packages: trilogy
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: almost 2 years ago
High
Ecosystems: rubygems
Packages: random_password_generator
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1nZ2Z4LWg5eGotNXY5Y84AAgak
Insecure PRNG use in random_password_generatorEcosystems: rubygems
Packages: random_password_generator
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 2 years ago
GSA_kwCzR0hTQS14Nzh2LTRmdmotcmc5as4AArLe
Camaleon CMS Stored Cross-site Scripting vulnerabilityEcosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: about 2 years ago
GSA_kwCzR0hTQS03Zjg0LTljcWYtZzRqOc3r0A
Camaleon CMS vulnerable to Stored Cross-site ScriptingEcosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: about 2 years ago
Low
Ecosystems: rubygems
Packages: decidim
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 3 months ago
GSA_kwCzR0hTQS1yMjc1LWo1N2MtN21mMs4AA5ZI
Race condition in EndorsementsEcosystems: rubygems
Packages: decidim
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 3 months ago
Low
Ecosystems: rubygems
Packages: kitchen-terraform
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: about 1 year ago
GSA_kwCzR0hTQS02NWcyLXg1M3EtY21mNs4AAy9A
Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-TerraformEcosystems: rubygems
Packages: kitchen-terraform
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: about 1 year ago
High
Ecosystems: rubygems
Packages: matestack-ui-core
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNqcXctdnY0NS1tamho
XSS/Script injection vulnerability in matestackEcosystems: rubygems
Packages: matestack-ui-core
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 4 years ago
Moderate
Ecosystems: rubygems
Packages: easymon
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMyODktNDdxZi1ydnJy
Cross Site Scripting (XSS) vulnerability in easymonEcosystems: rubygems
Packages: easymon
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: over 5 years ago
High
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 2 years ago
GSA_kwCzR0hTQS12cTc0LTk1ODMtaHJtNM4AAgUu
Publify vulnerable to DoS attackEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 2 years ago
High
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 2 years ago
GSA_kwCzR0hTQS14M3JxLXIzY20tNXZjNM0psw
Publify Business Logic ErrorsEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: keynote
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 1 year ago
GSA_kwCzR0hTQS0zOTlwLXZxMjgtNWhnOM4AAwre
keynote Cross-site Scripting vulnerabilityEcosystems: rubygems
Packages: keynote
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 1 year ago
Low
Ecosystems: rubygems
Packages: spina
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 11 months ago
GSA_kwCzR0hTQS05N3doLTZobWotZzhqOc4AA0GL
Spina Cross-site Scripting vulnerabilityEcosystems: rubygems
Packages: spina
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 11 months ago
Moderate
Ecosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: almost 2 years ago
GSA_kwCzR0hTQS12eDZwLXE0Z2oteDZ4eM4AAqWr
Camaleon CMS vulnerable to Server-Side Request ForgeryEcosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: almost 2 years ago
Low
Ecosystems: rubygems
Packages: solidus_backend
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: almost 2 years ago
GSA_kwCzR0hTQS04NjM5LXF4NTYtcjQyOM4AArTb
CSRF allows attacker to finalize/unfinalize order adjustments in solidus_backendEcosystems: rubygems
Packages: solidus_backend
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: unpoly-rails
Source: GitHub Advisory Database
Blast Radius: 6.1
Published: about 1 year ago
GSA_kwCzR0hTQS1tODc1LTN4ZjYtbWY3OM4AAyeB
unpoly-rails Denial of Service vulnerabilityEcosystems: rubygems
Packages: unpoly-rails
Source: GitHub Advisory Database
Blast Radius: 6.1
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: gyazo
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4NDUtODZxNi1yY21y
Gyazo allows local users to write arbitrary filesEcosystems: rubygems
Packages: gyazo
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 6 years ago
Moderate
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 2 years ago
GSA_kwCzR0hTQS14MjRqLTg3eDktanZ2Nc0W1Q
Publify `guest` role users can self-register even when the admin does not allow itEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: almost 2 years ago
GSA_kwCzR0hTQS13NzhxLTR3MzQtanJqeM4AAX6n
Publify vulnerable to code injectionEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: almost 2 years ago
GSA_kwCzR0hTQS03OW0zLXEzd2gtYzNxbc4AAX6X
Publify Incorrect AuthorizationEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
GSA_kwCzR0hTQS1nN2dmLTJycXctNXJ3eM4AAxPk
Publify contains Weak Password RequirementsEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
Moderate
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
GSA_kwCzR0hTQS03OXdxLWc0djktZ2ZqNM4AAw-2
Publify Core does not strip metadata from imagesEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: em-imap
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRmNjgtNDlxcS1oMzky
Improper certificate validation in em-imapEcosystems: rubygems
Packages: em-imap
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 3 years ago
Moderate
Ecosystems: rubygems
Packages: openshift-origin-node
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: almost 2 years ago
GSA_kwCzR0hTQS03NTZtLTNxZjItaHA1OM4AAgTU
openshift-origin-node Improper Input Validation vulnerabilityEcosystems: rubygems
Packages: openshift-origin-node
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1yMncyLWg2cjgtM3I1M84AAqXz
Camaleon CMS vulnerable to Uncaught ExceptionEcosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: almost 2 years ago
High
Ecosystems: rubygems
Packages: ruby_parser-legacy
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhod2MtOGc0OS1qOGp4
Ruby_parser-legacy Incorrect Permission Assignment for Critical ResourceEcosystems: rubygems
Packages: ruby_parser-legacy
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: over 4 years ago
Moderate
Ecosystems: rubygems
Packages: katello
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: about 2 years ago
GSA_kwCzR0hTQS1taGhjLXI4OGgtMnFybc4AATeC
katello Cross-site Scripting vulnerabilityEcosystems: rubygems
Packages: katello
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: about 2 years ago
Moderate
Ecosystems: rubygems
Packages: ccsv
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01Z3hwLWMzNzktcGo0Ms4AAYUG
ccsv Double Free vulnerabilityEcosystems: rubygems
Packages: ccsv
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: almost 2 years ago
GSA_kwCzR0hTQS13bWg5LXgyOGotYzZncs4AArK6
Cross site scripting in publifyEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: almost 2 years ago
GSA_kwCzR0hTQS0zaDd2LXdxdzctZmYyOM4AArCV
Cross site scripting in publifyEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: almost 2 years ago
Statistics
Advisories: 18,592
Packages: 8,342
Repositories: 285
Ecosystems: 12
Packages: 8,342
Repositories: 285
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
actionpack
57
nokogiri
44
rubygems-update
25
puppet
23
rack
22
activerecord
21
activesupport
14
publify_core
14
passenger
13
actionview
12
puma
11
rails
11
fat_free_crm
10
jquery-rails
10
rails-html-sanitizer
9
jquery
9
org.webjars.npm:jquery
9
jQuery
8
decidim
7
jQuery.UI.Combined
7
org.webjars.npm:jquery-ui
7
jquery-ui-rails
7
jquery-ui
7
org.jruby:jruby-stdlib
7
doorkeeper
6
katello
6
loofah
6
ember-source
6
camaleon_cms
6
sidekiq
5
spree
5
bundler
5
spree_auth_devise
5
commonmarker
5
mail
4
sanitize
4
grpcio
4
grpc
4
activestorage
4
dragonfly
4
avo
4
carrierwave
4
fluentd
4
sinatra
4
webrick
4
devise
4
geminabox
3
decidim-core
3
chartkick
3
openssl
3
rubyzip
3
resque
3
ruby-saml
3
yard
3
cgi
3
json-jwt
3
bootstrap
3
rest-client
3
bootstrap
3
rdoc
3
omniauth
3
gollum
3
rails_admin
3
git
3
rack-cors
3
phlex
3
io.grpc:grpc-protobuf
3
private_address_check
3
bson
2
sprockets
2
json
2
safemode
2
mapbox.js
2
twitter-bootstrap-rails
2
mini_magick
2
ox
2
sup
2
net-ldap
2
echor
2
paperclip
2
omniauth-facebook
2
user_agent_parser
2
field_test
2
solidus_core
2
faye
2
view_component
2
pghero
2
uri
2
cocoapods-downloader
2
solidus_frontend
2
spina
2
devise-two-factor
2
redcarpet
2
kramdown
2
i18n
2
httparty
2
VladTheEnterprising
2
pdfkit
2
red-arrow
2
pyarrow
2
radiant
2
activeadmin
2
mechanize
2
logstash-core
2
google-protobuf
2
git-fastclone
2
administrate
2
pageflow
2
com.google.protobuf:protobuf-kotlin
2
yajl-ruby
2
decidim-templates
2
qiita-markdown
2
mapbox-rails
2
bootstrap-sass
2
ruby-openid
2
facter
2
secure_headers
2
com.google.protobuf:protobuf-java
2
foreman_ansible
1
geokit-rails
1
blazer
1
multi_xml
1
rmagick
1
keynote
1
twitter-stream
1
gitlab-grit
1
solidus_auth_devise
1
pysha3
1
brbackup
1
mcollective-client
1
wicked
1
actionmailer
1
kelredd-pruview
1
hiera
1
hub
1
sqlite3-ruby
1
thin
1
github.com/github/hub
1
websocket-extensions
1
rack-mini-profiler
1
ruby-jss
1
matestack-ui-core
1
cap-strap
1
railties
1
sha3
1
restforce
1
solidus_backend
1
better_errors
1
mongrel
1
unpoly-rails
1
bindata
1
oxidized-web
1
github.com/pubnub/swift
1
pubnub
1
pubnub
1
pubnub/pubnub
1
pubnub
1
pubnub
1
Pubnub
1
github.com/pubnub/go/v5
1
github.com/pubnub/go/v6
1
github.com/pubnub/go
1
github.com/pubnub/go/v7
1
com.pubnub:pubnub
1
com.pubnub:pubnub-kotlin
1
rubocop
1
ruby-mysql
1
gtk2
1
rotp
1
@turbo-boost/commands
1
turbo_boost-commands
1
discordrb
1
diffy
1
recurly
1
md2pdf
1
sounder
1
date
1
octopoller
1
paratrooper-newrelic
1
jmespath
1
trilogy
1
sentry-raven
1
ruby_parser
1
ftpd
1
tweetstream
1
flash_tool
1
lean-ruport
1
openshift-origin-node
1
point-cli
1
govuk_tech_docs
1
audited
1
omniauth-apple
1
spree_api
1
omniauth-auth0
1
shrine
1
message_bus
1
inline_svg
1
pdf_info
1
rswag
1
resque-scheduler
1
Filter by Repository
https://github.com/rails/rails
53
https://github.com/sparklemotion/nokogiri
33
https://github.com/rubygems/rubygems
18
https://github.com/rack/rack
17
https://github.com/puppetlabs/puppet
15
https://github.com/publify/publify
13
https://github.com/puma/puma
11
https://github.com/phusion/passenger
10
https://github.com/jquery/jquery
10
https://github.com/rails/rails-html-sanitizer
9
https://github.com/fatfreecrm/fat_free_crm
9
https://github.com/decidim/decidim
8
https://github.com/doorkeeper-gem/doorkeeper
6
https://github.com/flavorjones/loofah
6
https://github.com/jquery/jquery-ui
6
https://github.com/solidusio/solidus
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/owen2345/camaleon-cms
4
https://github.com/mikel/mail
4
https://github.com/markevans/dragonfly
4
https://github.com/Katello/katello
4
https://github.com/ruby/openssl
4
https://github.com/avo-hq/avo
4
https://github.com/grpc/grpc
4
https://github.com/carrierwaveuploader/carrierwave
4
https://github.com/rgrove/sanitize
4
https://github.com/sinatra/sinatra
4
https://github.com/fluent/fluentd
4
https://github.com/sidekiq/sidekiq
3
https://github.com/rubygems/rubygems.org
3
https://github.com/ruby-git/ruby-git
3
https://github.com/rubyzip/rubyzip
3
https://github.com/resque/resque
3
https://github.com/spree/spree
3
https://github.com/phlex-ruby/phlex
3
https://github.com/rest-client/rest-client
3
https://github.com/geminabox/geminabox
3
https://github.com/cyu/rack-cors
3
https://github.com/twbs/bootstrap
3
https://github.com/gjtorikian/commonmarker
3
https://github.com/lsegal/yard
3
https://github.com/gollum/gollum
3
https://github.com/jtdowney/private_address_check
3
https://github.com/emberjs/ember.js
2
https://github.com/codevise/pageflow
2
https://github.com/CocoaPods/cocoapods-downloader
2
https://github.com/brianmario/yajl-ruby
2
https://github.com/ankane/pghero
2
https://github.com/ankane/field_test
2
https://github.com/ruby-ldap/ruby-net-ldap
2
https://github.com/ankane/chartkick
2
https://github.com/ruby/rdoc
2
https://github.com/ruby/uri
2
https://github.com/ruby/webrick
2
https://github.com/activeadmin/activeadmin
2
https://github.com/faye/faye
2
https://github.com/gettalong/kramdown
2
https://github.com/github/cmark-gfm
2
https://github.com/increments/qiita-markdown
2
https://github.com/jnunemaker/httparty
2
https://github.com/protocolbuffers/protobuf
2
https://github.com/plataformatec/devise
2
https://github.com/mongodb/bson-ruby
2
https://github.com/mperham/sidekiq
2
https://github.com/nov/json-jwt
2
https://github.com/openid/ruby-openid
2
https://github.com/omniauth/omniauth
2
https://github.com/ohler55/ox
2
https://github.com/vmg/redcarpet
2
https://github.com/sparklemotion/mechanize
2
https://github.com/twitter/secure_headers
2
https://github.com/square/git-fastclone
2
https://github.com/tinfoil/devise-two-factor
2
https://github.com/sup-heliotrope/sup
2
https://github.com/svenfuchs/i18n
2
https://github.com/svenfuchs/safemode
2
https://github.com/thoughtbot/paperclip
2
https://gitlab.com/gitlab-org/cves
2
https://github.com/github/view_component
1
https://github.com/github/trilogy
1
https://github.com/github/hub
1
https://github.com/twbs/bootstrap-sass
1
https://github.com/kaminari/kaminari
1
https://github.com/theforeman/ldap_fluff
1
https://github.com/getsentry/raven-ruby
1
https://github.com/geokit/geokit-rails
1
https://github.com/tzinfo/tzinfo
1
https://github.com/gazay/gon
1
https://github.com/fnando/svg_optimizer
1
https://github.com/ua-parser/uap-core
1
https://github.com/flori/json
1
https://github.com/ua-parser/uap-ruby
1
https://github.com/ffi/ffi
1
https://github.com/faye/websocket-extensions-ruby
1
https://github.com/faye/faye-websocket-ruby
1
https://github.com/unpoly/unpoly-rails
1
https://github.com/ViewComponent/view_component
1
https://github.com/theforeman/foreman_fog_proxmox
1
https://github.com/exiftool-rb/exiftool_vendored.rb
1
https://github.com/excon/excon
1
https://github.com/evan/ccsv
1
https://github.com/thoughtbot/cocaine
1
https://github.com/jnunemaker/crack
1
https://github.com/jmespath/jmespath.rb
1
https://github.com/jirutka/asciidoctor-include-ext
1
https://github.com/jgarber/redcloth
1
https://github.com/jekyll/jekyll
1
https://github.com/janko/image_processing
1
https://github.com/jamesmartin/inline_svg
1
https://github.com/inukshuk/bibtex-ruby
1
https://github.com/jordansissel/ruby-arr-pm
1
https://github.com/josh/rack-ssl
1
https://github.com/imsebao/404team
1
https://github.com/thoughtbot/clearance
1
https://github.com/igrigorik/em-http-request
1
https://github.com/hopsoft/turbo_boost-commands
1
https://github.com/heartcombo/devise
1
https://github.com/thoughtbot/administrate
1
https://github.com/haml/haml
1
https://github.com/halostatue/minitar
1
https://github.com/Gurpartap/aescrypt
1
https://github.com/tigris/open-uri-cached
1
https://github.com/theforeman/smart_proxy_dynflow
1
https://github.com/GNOME/libxml2
1
https://github.com/TrestleAdmin/trestle-auth
1
https://github.com/binarylogic/authlogic
1
https://github.com/BetterErrors/better_errors
1
https://github.com/beenhero/omniauth-weibo-oauth2
1
https://github.com/bdmac/strong_password
1
https://github.com/bbatsov/rubocop
1
https://github.com/basecamp/marginalia
1
https://github.com/basecamp/easymon
1
https://github.com/aws/aws-sdk-ruby
1
https://github.com/zendesk/samlr
1
https://github.com/auth0/omniauth-auth0
1
https://github.com/asteinhauser/fat_free_crm
1
https://github.com/asciidoctor/asciidoctor
1
https://github.com/ankane/pgsync
1
https://github.com/zenspider/ruby_parser-legacy
1
https://github.com/zvory/csv-safe
1
https://github.com/ankane/clockwork_web
1
https://github.com/ankane/chartkick.js
1
https://gitlab.com/2013/11
1
https://github.com/ankane/blazer
1
https://github.com/amro/gibbon
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/alexreisner/geocoder
1
https://github.com/AlchemyCMS/alchemy_cms
1
https://github.com/airbrake/airbrake-ruby
1
https://github.com/ahorner/text-helpers
1
https://github.com/affix/CVE-2022-36231
1
https://github.com/adamzaninovich/sounder
1
https://github.com/elastic/logstash
1
https://github.com/elastic/apm-agent-ruby
1
https://github.com/ejschmitt/delayed_job_web
1
https://github.com/dspinhirne/netaddr-rb
1
https://github.com/doorkeeper-gem/doorkeeper-openid_connect
1
https://github.com/voloko/twitter-stream
1
https://github.com/dmendel/bindata
1
https://github.com/discourse/rails_multisite
1
https://github.com/discourse/message_bus
1
https://github.com/denkGroot/Spina
1
https://github.com/dejan/espeak-ruby
1
https://github.com/wconrad/ftpd
1
https://github.com/datamapper/extlib
1
https://github.com/webbynode/webbynode
1
https://github.com/ConradIrwin/em-imap
1
https://github.com/collectiveidea/audited
1
https://github.com/whiteleaf7/narou
1
https://github.com/codders/dataset
1
https://github.com/wycats/handlebars.js
1
https://github.com/chef/mixlib-archive
1
https://github.com/cgriego/active_attr
1
https://github.com/XKCP/XKCP
1
https://github.com/camilova/activerecord-update-by-case
1
https://github.com/bvsatyaram/random_password_generator
1
https://github.com/bundler/bundler
1
https://github.com/ytti/oxidized-web
1
https://github.com/sinatra/rack-protection
1
https://github.com/rf-/keynote
1
https://github.com/restforce/restforce
1
https://github.com/sisimai/rb-sisimai
1
https://github.com/resque/resque-scheduler
1
https://github.com/Smashing/smashing
1
https://github.com/redis-store/redis-store
1
https://github.com/recurly/recurly-client-ruby
1
https://github.com/rdoc/rdoc
1
https://github.com/rcook/rgpg
1
https://github.com/rapid7/metasploit-framework
1
https://github.com/rails/web-console
1
https://github.com/rails/sprockets
1
https://github.com/Snorby/snorby
1
https://github.com/socketry/protocol-http1
1
https://github.com/rails/kredis
1
https://github.com/rails/jquery-rails
1
https://github.com/rails/globalid
1
https://github.com/railsdog/spree
1
https://github.com/railsadminteam/rails_admin
1
https://github.com/rails/activeresource
1