Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

rubygems rubygems-update Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS0yMjhmLWczaDctM2ZqM84AAe0N
RubyGems HTTPS to HTTP redirect
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01bWdqLW12djgtNDZtd84AAe0M
RubyGems does not verify SSL certificate
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05cXZtLTJ2aGYtcTY0Oc4AAYC6
RubyGems Regular Expression Denial of Service
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xdjYyLXhmajYtMzJ4bc4AAYCz
RubyGems Improper Input Validation vulnerability
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04cXhnLW1mZjUtajN3Y84AAUt2
RubyGems Path Traversal vulnerability
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13cDNqLXJ2ZnAtNjI0aM4AATla
RubyGems vulnerable to DNS hijack attack
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05ajdtLXJqcXgtNDh2aM4AATk3
RubyGems Regular Expression Denial of Service vulnerability
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wN2YyLXJyNDItbTl4bc4AATe8
RubyGems Improper Input Validation vulnerability
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xajJ3LW13MnItcHYzOc4AATbJ
RubyGems Deserialization of Untrusted Data vulnerability
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1tYzZqLWg5NDgtdjJwNs4AATbI
RubyGems Improper Verification of Cryptographic Signature vulnerability
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ndjg2LTQzcnYtNzltMs4AATay
RubyGems Improper Input Validation vulnerability
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04N3F4LWc1d2ctbXdtas4AATa0
RubyGems Cross-site Scripting vulnerability
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03NHB2LXY5Z2gtaDI1cM4AASkU
RubyGems Infinite Loop vulnerability
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1tcXdyLTRxZjItMmhjds4AARmu
RubyGems vulnerable to Deserialization of Untrusted Data
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wbTl4LTQzOTItMmMycM4AARmv
RubyGems may allow a maliciously crafted gem to overwrite files
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS03Z2NwLTJnbXEtdzN4aM4AARmK
RubyGems Code Injection vulnerability
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03M3c3LTZ3OWctZ2M4d84AARms
RubyGems has Origin Validation Error vulnerability
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1neDY5LTZjcDQtaHhyas38Wg
RubyGems Link Following vulnerability
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05NXZ4LXE0YzItNjRncs2XWw
RubyGems file overwrite vulnerability
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3bTgtZmp2Ny1qNzc0
RubyGems Escape sequence injection in errors
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV4MzItYzltZi00OWNj
RubyGems Delete directory using symlink when decompressing tar
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2d20tNDIycS05Mm1x
Code injection in RubyGems
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyMzItZ3I1Yy14cTVj
RubyGems Escape sequence injection vulnerability in verbose
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1oMzctOGMzZy0zZmdj
RubyGems Escape sequence injection vulnerability in gem owner
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNoNHItcGp2Ni1jcGg5
RubyGems Escape sequence injection vulnerability in api response handling
Ecosystems: rubygems
Packages: rubygems-update
Source: GitHub Advisory Database
Published: almost 5 years ago
Statistics
Advisories: 17,222
Packages: 7,996
Repositories: 2
Ecosystems: 12
Filter by Package
actionpack 57 nokogiri 42 rubygems-update 25 puppet 23 rack 22 activerecord 21 activesupport 14 publify_core 14 passenger 13 actionview 12 rails 11 puma 11 fat_free_crm 10 jquery-rails 10 jquery 9 rails-html-sanitizer 9 org.webjars.npm:jquery 9 jQuery 8 jquery-ui 7 jQuery.UI.Combined 7 jquery-ui-rails 7 decidim 7 org.webjars.npm:jquery-ui 7 org.jruby:jruby-stdlib 7 camaleon_cms 6 loofah 6 doorkeeper 6 ember-source 6 spree 5 katello 5 bundler 5 commonmarker 5 spree_auth_devise 5 sidekiq 4 carrierwave 4 grpc 4 grpcio 4 webrick 4 sinatra 4 avo 4 sanitize 4 activestorage 4 devise 4 dragonfly 4 fluentd 4 mail 4 rest-client 3 bootstrap 3 bootstrap 3 gollum 3 omniauth 3 cgi 3 ruby-saml 3 resque 3 geminabox 3 yard 3 json-jwt 3 rubyzip 3 openssl 3 chartkick 3 decidim-core 3 rdoc 3 rack-cors 3 io.grpc:grpc-protobuf 3 private_address_check 3 git 3 rails_admin 3 paperclip 2 devise-two-factor 2 pdfkit 2 i18n 2 solidus_frontend 2 cocoapods-downloader 2 pghero 2 user_agent_parser 2 faye 2 field_test 2 mechanize 2 redcarpet 2 decidim-templates 2 httparty 2 VladTheEnterprising 2 omniauth-facebook 2 twitter-bootstrap-rails 2 mini_magick 2 sprockets 2 qiita-markdown 2 bootstrap-sass 2 solidus_core 2 ruby-openid 2 spina 2 view_component 2 mapbox-rails 2 uri 2 echor 2 secure_headers 2 yajl-ruby 2 mapbox.js 2 activeadmin 2 radiant 2 safemode 2 logstash-core 2 facter 2 git-fastclone 2 json 2 kramdown 2 bson 2 net-ldap 2 administrate 2 ox 2 google-protobuf 2 pageflow 2 sup 2 com.google.protobuf:protobuf-kotlin 2 com.google.protobuf:protobuf-java 2 red-arrow 2 pyarrow 2 twitter-stream 1 discordrb 1 pysha3 1 sha3 1 github.com/pubnub/go/v7 1 cap-strap 1 keynote 1 mongrel 1 com.pubnub:pubnub 1 ruby-jss 1 com.pubnub:pubnub-kotlin 1 rack-mini-profiler 1 pubnub 1 unpoly-rails 1 smalruby 1 hiera 1 mcollective-client 1 wicked 1 actionmailer 1 kelredd-pruview 1 smalruby-editor 1 diffy 1 awesome_spawn 1 pubnub/pubnub 1 pubnub 1 pubnub 1 active-support 1 solidus_backend 1 rubocop 1 ruby-mysql 1 gtk2 1 rotp 1 ruby_parser 1 stringio 1 github.com/github/hub 1 Pubnub 1 github.com/pubnub/go/v5 1 better_errors 1 hub 1 @turbo-boost/commands 1 github.com/pubnub/go/v6 1 websocket-extensions 1 turbo_boost-commands 1 github.com/pubnub/go 1 railties 1 foreman_ansible 1 gitlab-grit 1 geokit-rails 1 multi_xml 1 bindata 1 oxidized-web 1 message_bus 1 shrine 1 omniauth-auth0 1 papercrop 1 spree_api 1 omniauth-apple 1 date 1 audited 1 govuk_tech_docs 1 cremefraiche 1 rgpg 1 asciidoctor 1 oauth 1 point-cli 1 openshift-origin-node 1 clockwork_web 1 lean-ruport 1 flash_tool 1 tweetstream 1 ftpd 1 trestle-auth 1 decidim-system 1 sounder 1 decidim-admin 1 devise_invitable 1 sqlite3-ruby 1 curupira 1 thin 1 pubnub 1 trilogy 1 jmespath 1 recurly 1