Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

rubygems rack-contrib Security Advisories

Browse all Security Advisories for rubygems rack-contrib

High

GSA_kwCzR0hTQS04YzhxLTJ4dzMtajg2Oc4AA8i6

rack-contrib vulnerable to Denial of Service due to the unconstrained value of the incoming "profiler_runs" parameter
Ecosystems: rubygems
Packages: rack-contrib
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: 5 months ago

Statistics

Advisories: 20,344
Packages: 8,928
Repositories: 1
Ecosystems: 12

Filter by Severity

Moderate 8,824 High 7,045 Critical 3,016 Low 1,123

Filter by Ecosystem

maven 5,801 packagist 4,525 pypi 4,289 npm 3,782 go 2,243 nuget 1,528 rubygems 872 cargo 862 swift 32 hex 30 actions 19 pub 9

Filter by Package

actionpack 60 nokogiri 43 rubygems-update 25 rack 23 puppet 23 activerecord 21 activesupport 14 publify_core 14 camaleon_cms 13 passenger 13 puma 12 actionview 12 decidim 11 rails 11 fat_free_crm 10 jquery-rails 9 rails-html-sanitizer 9 bootstrap 9 bootstrap 9 bootstrap 9 org.webjars:bootstrap 9 twbs/bootstrap 9 bootstrap-sass 8 org.webjars.npm:jquery 8 jquery 8 org.jruby:jruby-stdlib 7 jQuery 7 bootstrap.sass 7 jquery-ui 7 jQuery.UI.Combined 7 jquery-ui-rails 7 org.webjars.npm:jquery-ui 7 loofah 6 doorkeeper 6 rexml 6 katello 6 ember-source 6 grpc 5 grpcio 5 sidekiq 5 webrick 5 spree_auth_devise 5 bundler 5 spree 5 bootstrap-sass 5 commonmarker 5 ruby-saml 4 dragonfly 4 activestorage 4 mail 4 rails_admin 4 sinatra 4 avo 4 carrierwave 4 sanitize 4 fluentd 4 devise 4 spina 3 devise-two-factor 3 decidim-core 3 omniauth 3 io.grpc:grpc-protobuf 3 openssl 3 openc3 3 decidim-admin 3 chartkick 3 git 3 rest-client 3 rdoc 3 private_address_check 3 rack-cors 3 phlex 3 geminabox 3 com.google.protobuf:protobuf-java 3 com.google.protobuf:protobuf-kotlin 3 google-protobuf 3 cgi 3 yard 3 resque 3 activeadmin 3 json-jwt 3 actiontext 3 gollum 3 rubyzip 3 pdfkit 2 red-arrow 2 pyarrow 2 field_test 2 mechanize 2 view_component 2 solidus_core 2 qiita-markdown 2 bson 2 i18n 2 faye 2 omniauth-facebook 2 mapbox-rails 2 administrate 2 actionmailer 2 httparty 2 git-fastclone 2 com.google.protobuf:protobuf-kotlin-lite 2 com.google.protobuf:protobuf-javalite 2 redcarpet 2 openc3 2 logstash-core 2 mapbox.js 2 sidekiq-unique-jobs 2 decidim-templates 2 omniauth-saml 2 sprockets 2 twitter-bootstrap-rails 2 net-ldap 2 @openc3/tool-common 2 secure_headers 2 uri 2 sup 2 ruby-openid 2 echor 2 user_agent_parser 2 cocoapods-downloader 2 pageflow 2 kramdown 2 radiant 2 safemode 2 yajl-ruby 2 facter 2 org.webjars.npm:bootstrap 2 VladTheEnterprising 2 ox 2 solidus_frontend 2 json 2 mini_magick 2 paperclip 2 kaminari 2 pghero 2 ruby_parser-legacy 1 cocaine 1 haml 1 mysql-binuuid-rails 1 simple_form 1 simple_captcha2 1 marginalia 1 xaviershay-dm-rails 1 samlr 1 metasploit-framework 1 RedCloth 1 kitchen-terraform 1 jekyll 1 apollo_upload_server 1 ffi 1 sisimai 1 active-support 1 sqlite3 1 exiftool_vendored 1 globalid 1 pay 1 uglify-js 1 uglifier 1 paratrooper-pingdom 1 sfpagent 1 chloride 1 ldoce 1 cremefraiche 1 omniauth-oauth2 1 gollum-lib 1 rgpg 1 codders-dataset 1 karo 1 protocol-http1 1 sprout 1 encoded_id-rails 1 image_processing 1 rack-contrib 1 newrelic_rpm 1 elastic-apm 1 arr-pm 1 fog-dragonfly 1 active_attr 1 show_in_browser 1 rack-cache 1 cairo 1 rbovirt 1 extlib 1 authlogic 1 ccsv 1 omniauth-weibo-oauth2 1 smashing 1 kubeclient 1 openshift-origin-controller 1 gemirro 1 rack-protection 1 webbynode 1 devise_masquerade 1 rwiki 1 trix 1 archive-tar-minitar 1 minitar 1 decidim-meetings 1 csv-safe 1

Filter by Repository

https://github.com/rack/rack-contrib 1