Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Advisories
Loading...
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 18 days ago
GSA_kwCzR0hTQS05M3BtLTVwNWYtM2doeM4AAxD0
Denial of Service Vulnerability in Rack Content-Disposition parsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 18 days ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 18 days ago
GSA_kwCzR0hTQS02NWY1LW1mcGYtdmZoas4AAxDt
Denial of service via header parsing in RackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 18 days ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 18 days ago
GSA_kwCzR0hTQS1ycXYyLTI3NXgtMmpxNc4AAxDs
Denial of service via multipart parsing in RackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 18 days ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 8 months ago
GSA_kwCzR0hTQS1oeHF4LXh3dmgtNDRtMs4AArQW
Denial of Service Vulnerability in Rack Multipart ParsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 8 months ago
Critical
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 8 months ago
GSA_kwCzR0hTQS13cTRoLTdyNDItNWhycs4AArQV
Possible shell escape sequence injection vulnerability in RackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 8 months ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS14Yzg1LTMybWYteHB2OM3iYQ
Rack arbitrary code execution via timing attackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: 9 months ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmOWgtOXBqdi12Nmo3
Directory traversal in Rack::Directory app bundled with RackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 2 years ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2dzktZnY2cS0zcTUy
Percent-encoded cookies can be used to overwrite existing prefixed cookie namesEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhycXItaHhwcC1jaHIz
Possible Information Leak / Session Hijack Vulnerability in RackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: about 3 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVyMnAtajQ3aC1taHBn
Moderate severity vulnerability that affects rackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: about 4 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnNzgtNGY2eC05OXdx
Moderate severity vulnerability that affects rackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: about 4 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2YzItcDM0eC1qaHho
Moderate severity vulnerability that affects rackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1cjctdzVtdi1jODQ5
Moderate severity vulnerability that affects rackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNweGgtaDhody1tajh3
Moderate severity vulnerability that affects rackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3N3gtbTVxOC1jMjlo
Infinite loop in rack rackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJncjQtOWpoNS1qNGo2
Moderate severity vulnerability that affects rackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Published: over 5 years ago
Filter by Severity
Filter by Ecosystem
Filter by Package
actionpack
51
nokogiri
24
activerecord
22
rails
20
rack
16
puppet
13
publify_core
13
rails-html-sanitizer
12
actionview
12
fat_free_crm
11
activesupport
10
puma
9
passenger
8
doorkeeper
6
loofah
6
ember-source
6
rubygems-update
6
spree
5
camaleon_cms
5
spree_auth_devise
5
mail
4
safemode
4
dragonfly
4
devise
4
rubyzip
4
katello
4
sinatra
4
activestorage
3
bundler
3
cgi
3
private_address_check
3
rails_admin
3
gollum
3
rest-client
3
sanitize
3
paperclip
3
sprockets
3
chartkick
3
fluentd
3
commonmarker
3
git
3
omniauth
3
colorscore
2
web-console
2
httparty
2
radiant
2
field_test
2
rdoc
2
faye
2
mechanize
2
redcarpet
2
yajl-ruby
2
bson
2
json-jwt
2
secure_headers
2
ruby-openid
2
espeak-ruby
2
solidus_core
2
kramdown
2
carrierwave
2
pageflow
2
activemodel
2
rack-cors
2
solidus_frontend
2
pyarrow
2
red-arrow
2
bootstrap
2
ruby-saml
2
archive-tar-minitar
2
rack-mini-profiler
2
minitar
2
net-ldap
2
sidekiq
2
qiita-markdown
2
yard
2
git-fastclone
2
pdfkit
2
mini_magick
2
json
2
VladTheEnterprising
2
omniauth-facebook
2
i18n
2
sup
2
administrate
2
bootstrap-sass
2
ox
2
cocoapods-downloader
2
devise-two-factor
2
festivaltts4r
2
pghero
2
google-protobuf
2
com.google.protobuf:protobuf-kotlin
2
com.google.protobuf:protobuf-java
2
personnummer
1
gibbon
1
solidus_backend
1
shrine
1
multi_xml
1
ldoce
1
active-support
1
dependabot-common
1
dependabot-omnibus
1
diffy
1
kubeclient
1
blazer
1
pgsync
1
cremefraiche
1
geocoder
1
goliath
1
newrelic_rpm
1
em-imap
1
trilogy
1
fog-dragonfly
1
railties
1
smart_proxy_dynflow
1
narou
1
kelredd-pruview
1
hiera
1
strong_password
1
netaddr
1
update_by_case
1
kcapifony
1
rexml
1
lynx
1
show_in_browser
1
ciborg
1
clearance
1
cap-strap
1
lawn-login
1
brbackup
1
ruby-jss
1
fastreader
1
curl
1
airbrake-ruby
1
activeresource
1
user_agent_parser
1
matestack-ui-core
1
slanger
1
bibtex-ruby
1
rack-ssl
1
webbynode
1
command_wrap
1
crack
1
spina
1
view_component
1
oxidized-web
1
inline_svg
1
foreman_ansible
1
asciidoctor-include-ext
1
message_bus
1
wicked
1
clockwork_web
1
active_attr
1
recurly
1
tmpdir
1
image_processing
1
csv-safe
1
random_password_generator
1
datagrid
1
padrino-contrib
1
marginalia
1
octopoller
1
jquery-ui
1
jquery-ui-rails
1
mixlib-archive
1
date
1
jmespath
1
smalruby
1
kafo
1
smalruby-editor
1
xapian-core
1
omniauth-weibo-oauth2
1
features
1
point-cli
1
samlr
1
paranoid2
1
rubocop
1
ccsv
1
smashing
1
many_versioned_gem
1
doorkeeper-openid_connect
1
hammer_cli_foreman
1
ldap_fluff
1
xaviershay-dm-rails
1
omniauth-saml
1
chloride
1
lean-ruport
1
kajam
1
flash_tool
1
karteek-docsplit
1
sprout
1
omniauth-oauth2
1
gtk2
1
tweetstream
1
delayed_job_web
1
ftpd
1
authlogic
1
rbovirt
1
gon
1
redis-store
1
gyazo
1
easymon
1
activejob
1
rack-protection
1
redcloth
1
consul
1
ruby_parser-legacy
1
openssl
1
thin
1
curupira
1
rake
1
sentry-raven
1
chartkick
1
asciidoctor
1
jruby-openssl
1
gitaly
1
mysql-binuuid-rails
1
ffi
1
gollum-lib
1
foreman_fog_proxmox
1
activerecord-session_store
1
gemirro
1
sfpagent
1
papercrop
1
devise_masquerade
1
bindata
1
cairo
1
rgpg
1
rwiki
1
bio-basespace-sdk
1
cocaine
1
aescrypt
1
text_helpers
1
sqlite3-ruby
1
facter
1
oauth
1
thumbshooter
1
extlib
1
sqlite3
1
will_paginate
1
jekyll
1
restforce
1
haml
1
sounder
1
paratrooper-newrelic
1
kaminari
1
tzinfo
1
actionpack-page_caching
1
reel
1
cron_parser
1
coin_base
1
blockchain_wallet
1
sensu
1
doge-coin
1
capistrano-colors
1
bitcoin_vanity
1
coming-soon
1
omniauth_amazon
1
com.google.protobuf:protobuf-javalite
1
awesome-bot
1
faye-websocket
1
solidus_api
1
sisimai
1
moped
1
md2pdf
1
backup_checksum
1
backup-agoddard
1
http
1
actionmailer
1
geminabox
1
nori
1
opensearch-ruby
1
exiftool_vendored
1
devise_invitable
1
com.google.protobuf:protobuf-kotlin-lite
1
iodine
1
omniauth-auth0
1
websocket-extensions
1
webrick
1
rails_multisite
1
simple_form
1
awesome_spawn
1
lita-coin
1
paratrooper-pingdom
1
keynote
1
sorcery
1
rexical
1
arabic-prawn
1
arr-pm
1
twitter-stream
1
octokit
1
addressable
1
globalid
1
mcollective-client
1
simple_captcha2
1
dalli
1
trestle-auth
1
agoo
1
spree_api
1
jquery-rails
1