Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Advisories

Loading...
Low
GSA_kwCzR0hTQS1wODR2LTQ1eGotd3dxas4AAxDz
ReDoS based DoS vulnerability in Action Dispatch
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: 18 days ago
Moderate
GSA_kwCzR0hTQS05NDQ1LTRjcjYtMzM2cs4AAxDx
Open Redirect Vulnerability in Action Pack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: 18 days ago
Low
GSA_kwCzR0hTQS04eHd3LXgzZzMtNmpjds4AAxDv
ReDoS based DoS vulnerability in Action Dispatch
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: 18 days ago
Low
GSA_kwCzR0hTQS05Y2hyLTRmamgtNXJnd84AAvjh
Cross-site Scripting in actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1tbTMzLTV2ZnEtM21tM81BUA
Cross-site Scripting Vulnerability in Action Pack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: 9 months ago
High
GSA_kwCzR0hTQS13aDk4LXAyOHItdnJjOc0rDg
Exposure of information in Action Pack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: 12 months ago
Moderate
GSA_kwCzR0hTQS1xcGhjLWhmNXEtdjhmY80bRw
Open Redirect in actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJycXctdjI2NS1qZjhj
Open Redirect in ActionPack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd3angtM2c3ai04NTg0
Denial of Service in Action Controller Token Authentication
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhqZzQtOHE1Zi14NmZt
Information Disclosure / Unintended Method Execution in Action Pack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVocTIteGY4OS05anhx
Open Redirect in Action Pack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc4d3ctNDZ4Mi0ycDY1
Denial of Service in Action Dispatch
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM1bW0tY2M2ci04Zmpw
Cross-site scripting in actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4NzctcHJxNC05eGZ3
Open Redirect in actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM2cXItaDV2cS01OWpj
Untrusted users can run pending migrations in production in Rails
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpwNXYtNWd4NC1qbWo5
Ability to forge per-form CSRF tokens in Rails
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3MjctbTZnai1tYzM3
Possible Strong Parameters Bypass in ActionPack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ3ZmctcWozci02djNy
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01M2YtcmhxOC1xNmhm
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV4bWotd205Ni1mbXc4
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzdjMtcWZyai13bWdo
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFmNXgtcWd4Ny00Mzdo
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0NGotNzd4OS1oOTM4
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4NDYtdndteC13eDk1
High severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZjcWYtaDRoNC02OTVt
actionpack CRLF injection vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN2ZnctN3JjcC0zeGdt
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhncHAtcHA4OS00Zmdm
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3dzMtM3J4ai04djZx
High severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY1amctNTU4ai1xNjdj
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEzNGMtNDhnYy1tOWc4
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkydzktMnBxdy1yaGpq
actionpack Improper Authentication vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI3cTItNWdxZy02Yzdx
Moderate severity vulnerability that affects actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4amotNXg2aC04dm1m
Cross-site Scripting in actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4MzgtdmZwcS1mbWYy
actionpack Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWptZ3ctNnZqZy1qandn
actionpack Improper Input Validation vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1weGYtZ2N3Mi1wdzVx
actionpack Improper Input Validation vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE3NTktaHd2Yy1tM2pn
actionpack Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY5OW0tbWNqbS05Y3c4
actionpack vulnerable to Cross-site Scripting
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk4bWYtOGY1Ny02NHFm
actionpack Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdnNjUtZ2hyZy1ocGY1
actionpack Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXczN2MtcTY1My1xZzk1
actionpack Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTloNmctZ3A5NS14M3E1
actionpack is vulnerable to denial of service because of a wildcard controller route
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1Nm0tdnd4Yy0zcXB3
Directory traversal vulnerability in actionpack
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdwdzctd3hqbS1jdzhy
actionpack allows bypass of database-query restrictions
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2OTItN21tMy0zZnhn
actionpack is vulnerable to remote bypass authentication
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjZ3AtYzNnNy1xdnJ3
actionpack Improper Input Validation vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZoNXEtOTZocC05amdt
actionpack vulnerable to Cross-site Scripting
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4ODUtajVqMi0yN2p4
actionpack Path Traversal vulnerability
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI5Z3ItdzU3Zi1ycGZ3
actionpack vulnerable to Path Traversal
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZmcHYtYzRobS0zeDZ2
actionpack is vulnerable to denial of service via a crafted HTTP Accept header
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc4cmMtOGMyOS1wNDVn
actionpack allows remote code execution via application's unrestricted use of render method
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Published: over 5 years ago
Filter by Package
actionpack 51 nokogiri 24 activerecord 22 rails 20 rack 16 puppet 13 publify_core 13 rails-html-sanitizer 12 actionview 12 fat_free_crm 11 activesupport 10 puma 9 passenger 8 doorkeeper 6 loofah 6 ember-source 6 rubygems-update 6 spree 5 camaleon_cms 5 spree_auth_devise 5 mail 4 safemode 4 dragonfly 4 devise 4 rubyzip 4 katello 4 sinatra 4 activestorage 3 bundler 3 cgi 3 private_address_check 3 rails_admin 3 gollum 3 rest-client 3 sanitize 3 paperclip 3 sprockets 3 chartkick 3 fluentd 3 commonmarker 3 git 3 omniauth 3 colorscore 2 web-console 2 httparty 2 radiant 2 field_test 2 rdoc 2 faye 2 mechanize 2 redcarpet 2 yajl-ruby 2 bson 2 json-jwt 2 secure_headers 2 ruby-openid 2 espeak-ruby 2 solidus_core 2 kramdown 2 carrierwave 2 pageflow 2 activemodel 2 rack-cors 2 solidus_frontend 2 pyarrow 2 red-arrow 2 bootstrap 2 ruby-saml 2 archive-tar-minitar 2 rack-mini-profiler 2 minitar 2 net-ldap 2 sidekiq 2 qiita-markdown 2 yard 2 git-fastclone 2 pdfkit 2 mini_magick 2 json 2 VladTheEnterprising 2 omniauth-facebook 2 i18n 2 sup 2 administrate 2 bootstrap-sass 2 ox 2 cocoapods-downloader 2 devise-two-factor 2 festivaltts4r 2 pghero 2 google-protobuf 2 com.google.protobuf:protobuf-kotlin 2 com.google.protobuf:protobuf-java 2 personnummer 1 gibbon 1 solidus_backend 1 shrine 1 multi_xml 1 ldoce 1 active-support 1 dependabot-common 1 dependabot-omnibus 1 diffy 1 kubeclient 1 blazer 1 pgsync 1 cremefraiche 1 geocoder 1 goliath 1 newrelic_rpm 1 em-imap 1 trilogy 1 fog-dragonfly 1 railties 1 smart_proxy_dynflow 1 narou 1 kelredd-pruview 1 hiera 1 strong_password 1 netaddr 1 update_by_case 1 kcapifony 1 rexml 1 lynx 1 show_in_browser 1 ciborg 1 clearance 1 cap-strap 1 lawn-login 1 brbackup 1 ruby-jss 1 fastreader 1 curl 1 airbrake-ruby 1 activeresource 1 user_agent_parser 1 matestack-ui-core 1 slanger 1 bibtex-ruby 1 rack-ssl 1 webbynode 1 command_wrap 1 crack 1 spina 1 view_component 1 oxidized-web 1 inline_svg 1 foreman_ansible 1 asciidoctor-include-ext 1 message_bus 1 wicked 1 clockwork_web 1 active_attr 1 recurly 1 tmpdir 1 image_processing 1 csv-safe 1 random_password_generator 1 datagrid 1 padrino-contrib 1 marginalia 1 octopoller 1 jquery-ui 1 jquery-ui-rails 1 mixlib-archive 1 date 1 jmespath 1 smalruby 1 kafo 1 smalruby-editor 1 xapian-core 1 omniauth-weibo-oauth2 1 features 1 point-cli 1 samlr 1 paranoid2 1 rubocop 1 ccsv 1 smashing 1 many_versioned_gem 1 doorkeeper-openid_connect 1 hammer_cli_foreman 1 ldap_fluff 1 xaviershay-dm-rails 1 omniauth-saml 1 chloride 1 lean-ruport 1 kajam 1 flash_tool 1 karteek-docsplit 1 sprout 1 omniauth-oauth2 1 gtk2 1 tweetstream 1 delayed_job_web 1 ftpd 1 authlogic 1 rbovirt 1 gon 1 redis-store 1 gyazo 1 easymon 1 activejob 1 rack-protection 1 redcloth 1 consul 1 ruby_parser-legacy 1 openssl 1 thin 1 curupira 1 rake 1 sentry-raven 1 chartkick 1 asciidoctor 1 jruby-openssl 1 gitaly 1 mysql-binuuid-rails 1 ffi 1 gollum-lib 1 foreman_fog_proxmox 1 activerecord-session_store 1 gemirro 1 sfpagent 1 papercrop 1 devise_masquerade 1 bindata 1 cairo 1 rgpg 1 rwiki 1 bio-basespace-sdk 1 cocaine 1 aescrypt 1 text_helpers 1 sqlite3-ruby 1 facter 1 oauth 1 thumbshooter 1 extlib 1 sqlite3 1 will_paginate 1 jekyll 1 restforce 1 haml 1 sounder 1 paratrooper-newrelic 1 kaminari 1 tzinfo 1 actionpack-page_caching 1 reel 1 cron_parser 1 coin_base 1 blockchain_wallet 1 sensu 1 doge-coin 1 capistrano-colors 1 bitcoin_vanity 1 coming-soon 1 omniauth_amazon 1 com.google.protobuf:protobuf-javalite 1 awesome-bot 1 faye-websocket 1 solidus_api 1 sisimai 1 moped 1 md2pdf 1 backup_checksum 1 backup-agoddard 1 http 1 actionmailer 1 geminabox 1 nori 1 opensearch-ruby 1 exiftool_vendored 1 devise_invitable 1 com.google.protobuf:protobuf-kotlin-lite 1 iodine 1 omniauth-auth0 1 websocket-extensions 1 webrick 1 rails_multisite 1 simple_form 1 awesome_spawn 1 lita-coin 1 paratrooper-pingdom 1 keynote 1 sorcery 1 rexical 1 arabic-prawn 1 arr-pm 1 twitter-stream 1 octokit 1 addressable 1 globalid 1 mcollective-client 1 simple_captcha2 1 dalli 1 trestle-auth 1 agoo 1 spree_api 1 jquery-rails 1