Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-29g5-m8v7-v564
  • RubyGems/measured
 Measured is vulnerable to Path Traversal attacks during class initialization 4 days ago
  • Fix available
  • Severity - 4.9 (Medium)
GHSA-xh69-987w-hrp8
  • RubyGems/resolv
 resolv vulnerable to DoS via insufficient DNS domain name length validation 4 days ago
  • Fix available
  • Severity - 6.6 (Medium)
GHSA-6qjf-g333-pv38
  • RubyGems/job-iteration
 Job Iteration API is vulnerable to OS Command Injection attack through its CsvEnumerator class 5 days ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-hqp6-mjw3-f586
  • RubyGems/vagrant
 HashiCorp Vagrant has code injection vulnerability through default synced folders 02 Jul
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-r995-q44h-hr64
  • RubyGems/webrick
 Ruby WEBrick read_headers method can lead to HTTP Request/Response Smuggling 26 Jun
  • Fix available
  • Severity - 6.5 (Medium)
MAL-2025-5147
  • RubyGems/xxxxxxxx
 Malicious code in xxxxxxxx (RubyGems) 18 Jun
  • No fix available
MAL-2025-5146
  • RubyGems/teaspoon-devkit
 Malicious code in teaspoon-devkit (RubyGems) 18 Jun
  • No fix available
MAL-2025-5145
  • RubyGems/jdbc-zzz
 Malicious code in jdbc-zzz (RubyGems) 18 Jun
  • No fix available
GHSA-cf8v-5mrc-jv7f
  • RubyGems/openc3-cosmos-tool-iframe
 OpenC3 COSMOS Vulnerable to Directory Traversal via openc3-api/tables endpoint 13 Jun
  • No fix available
  • Severity - 7.5 (High)
GHSA-p67j-387g-75wc
  • RubyGems/openc3-cosmos-tool-iframe
 OpenC3 COSMOS Vulnerable to Directory Traversal via /script-api/scripts/ endpoint 13 Jun
  • No fix available
  • Severity - 9.1 (Critical)
GHSA-47m2-26rw-j2jw
  • RubyGems/rack
 ReDoS Vulnerability in Rack::Multipart handle_mime_head 05 Jun
  • Fix available
  • Severity - 6.6 (Medium)
GHSA-2c47-m757-32g6
  • Go/github.com/Shopify/ejson2env/v2
  • RubyGems/ejson2env
  • Go/github.com/Shopify/ejson2env
 Insufficient input sanitization in ejson2env 21 May
  • Fix available
  • Severity - 6.6 (Medium)
GHSA-gjh7-p2fx-99vx
  • RubyGems/rack
 Rack has an Unbounded-Parameter DoS in Rack::QueryParser 08 May
  • Fix available
  • Severity - 7.5 (High)
GHSA-9j94-67jr-4cqj
  • RubyGems/rack-session
 Rack session gets restored after deletion 08 May
  • Fix available
  • Severity - 4.2 (Medium)
GHSA-vpfw-47h7-xj4g
  • RubyGems/rack
 Rack session gets restored after deletion 08 May
  • Fix available
  • Severity - 4.2 (Medium)
GHSA-j3g3-5qv5-52mj
  • RubyGems/net-imap
 net-imap rubygem vulnerable to possible DoS by memory exhaustion 28 Apr
  • Fix available
  • Severity - 6.0 (Medium)
Load more...