Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
rubygems spree Security Advisories
Browse all Security Advisories for rubygems spree
Loading...
Moderate
Ecosystems: rubygems
Packages: spree
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS03aDQ4LW0zcnctdnIyN84AAft6
Spree does not properly restrict the use of a hash to provide values for a model's attributesEcosystems: rubygems
Packages: spree
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: spree
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1nNDY2LTU3Z2gtY3Fmd84AAfty
Spree uses a hardcoded hash valueEcosystems: rubygems
Packages: spree
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: spree
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1od3J4LXdjNzUtbWdoN84AAV4o
Spree allows remote attackers to obtain sensitive informationEcosystems: rubygems
Packages: spree
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
Ecosystems: rubygems
Packages: spree
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY4Y20tMzY0Zi1xOXFo
Ensure that doorkeeper_token is valid when authenticating requests in API v2 callsEcosystems: rubygems
Packages: spree
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 4 years ago
Moderate
Ecosystems: rubygems
Packages: spree
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp4eDgtdjgzdi1yaHcz
Spree Improper Input Validation vulnerabilityEcosystems: rubygems
Packages: spree
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Statistics
Advisories: 20,408
Packages: 8,948
Repositories: 3
Ecosystems: 12
Packages: 8,948
Repositories: 3
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
actionpack
60
nokogiri
43
rubygems-update
25
rack
23
puppet
23
activerecord
21
camaleon_cms
14
publify_core
14
activesupport
14
passenger
13
actionview
12
puma
12
decidim
11
rails
11
fat_free_crm
10
org.webjars:bootstrap
9
bootstrap
9
bootstrap
9
bootstrap
9
twbs/bootstrap
9
rails-html-sanitizer
9
jquery-rails
9
org.webjars.npm:jquery
8
bootstrap-sass
8
jquery
8
org.jruby:jruby-stdlib
7
jQuery
7
jQuery.UI.Combined
7
org.webjars.npm:jquery-ui
7
jquery-ui-rails
7
jquery-ui
7
bootstrap.sass
7
doorkeeper
6
loofah
6
rexml
6
ember-source
6
katello
6
spree
5
spree_auth_devise
5
bootstrap-sass
5
commonmarker
5
grpcio
5
grpc
5
bundler
5
sidekiq
5
webrick
5
sinatra
4
carrierwave
4
fluentd
4
mail
4
ruby-saml
4
rails_admin
4
sanitize
4
avo
4
devise
4
dragonfly
4
activestorage
4
geminabox
3
actiontext
3
rest-client
3
chartkick
3
openc3
3
json-jwt
3
openssl
3
git
3
rubyzip
3
yard
3
devise-two-factor
3
rdoc
3
decidim-core
3
gollum
3
resque
3
omniauth
3
phlex
3
private_address_check
3
cgi
3
google-protobuf
3
decidim-admin
3
rack-cors
3
spina
3
io.grpc:grpc-protobuf
3
activeadmin
3
com.google.protobuf:protobuf-java
3
com.google.protobuf:protobuf-kotlin
3
decidim-templates
2
@openc3/tool-common
2
pageflow
2
VladTheEnterprising
2
sup
2
kramdown
2
twitter-bootstrap-rails
2
ox
2
json
2
kaminari
2
pdfkit
2
faye
2
mechanize
2
solidus_frontend
2
user_agent_parser
2
field_test
2
ruby-openid
2
cocoapods-downloader
2
sprockets
2
mapbox-rails
2
mapbox.js
2
com.google.protobuf:protobuf-javalite
2
com.google.protobuf:protobuf-kotlin-lite
2
red-arrow
2
pyarrow
2
view_component
2
facter
2
i18n
2
omniauth-facebook
2
sidekiq-unique-jobs
2
administrate
2
omniauth-saml
2
yajl-ruby
2
radiant
2
safemode
2
qiita-markdown
2
echor
2
uri
2
paperclip
2
logstash-core
2
solidus_core
2
actionmailer
2
openc3
2
git-fastclone
2
net-ldap
2
httparty
2
redcarpet
2
org.webjars.npm:bootstrap
2
secure_headers
2
mini_magick
2
pghero
2
bson
2
active-support
1
bindata
1
redcloth
1
ffi
1
jekyll
1
jruby-openssl
1
metasploit-framework
1
hammer_cli_foreman
1
kafo
1
features
1
doorkeeper-openid_connect
1
dalli
1
delayed_job_web
1
lynx
1
omniauth-microsoft_graph
1
gyazo
1
bolt
1
padrino-contrib
1
request_store
1
org.jruby:jruby-parent
1
fluentd-ui
1
gon
1
backup_checksum
1
kcapifony
1
cocaine
1
samlr
1
xaviershay-dm-rails
1
karteek-docsplit
1
protocol-http1
1
backup-agoddard
1
personnummer
1
karo
1
brbackup
1
codders-dataset
1
octokit
1
rgpg
1
rmagick
1
activejob
1
cremefraiche
1
kajam
1
chloride
1
solidus_backend
1
fileutils
1
command_wrap
1
pay
1
em-http-request
1
cron_parser
1
aescrypt
1
rexical
1
crack
1
thumbshooter
1
smart_proxy_dynflow
1
airbrake-ruby
1
excon
1
redis-store
1
espeak-ruby
1
pgsync
1
nori
1
jquery-ujs
1
sorcery
1
actionpack-page_caching
1
bio-basespace-sdk
1
festivaltts4r
1
web-console
1
Filter by Repository