GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
25 advisories
Rails activerecord gem has Improper Input Validation vulnerability
Moderate
CVE-2010-3933
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Improper Input Validation in actionpack
Moderate
CVE-2008-7248
was published
for
actionpack
(RubyGems)
Oct 24, 2017
WEBrick Improper Input Validation vulnerability
Moderate
CVE-2009-4492
was published
for
webrick
(RubyGems)
Oct 24, 2017
Denial of Service in uap-core when processing crafted User-Agent strings
Moderate
CVE-2020-5243
was published
for
uap-core
(RubyGems)
Feb 20, 2020
Ability to change order address without triggering address validations in solidus
Moderate
CVE-2020-15109
was published
for
solidus_api
(RubyGems)
Aug 4, 2020
Bundler may install gems from a different source than expected
Moderate
CVE-2013-0334
was published
for
bundler
(RubyGems)
May 5, 2022
RubyGems Improper Input Validation vulnerability
Moderate
CVE-2015-4020
was published
for
rubygems-update
(RubyGems)
May 17, 2022
GitLab Grit Gem for Ruby contains a flaw allowing arbitrary commands to be executed
Moderate
CVE-2013-4489
was published
for
gitlab-grit
(RubyGems)
May 17, 2022
Fat Free CRM vulnerable to Remote Denial of Service via Tasks endpoint
Moderate
CVE-2022-39281
was published
for
fat_free_crm
(RubyGems)
Oct 7, 2022
Missing security headers in Action Pack on non-HTML responses
Moderate
CVE-2024-28103
was published
for
actionpack
(RubyGems)
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API