Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

425 advisories

Loading
Moderate severity vulnerability that affects sprockets Moderate
GHSA-r4x3-g983-9g48 was published for sprockets (RubyGems) Oct 10, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-77pc-q5q7-qg9h was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-mrhj-2g4v-39qx was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects activerecord Moderate
GHSA-7phj-gmgx-2r66 was published for activerecord (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-qc8j-m8j3-rjq6 was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-vwfg-qj3r-6v3r was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Heap-based buffer overflow in nokogiri Moderate
CVE-2015-7499 was published for nokogiri (RubyGems) Sep 17, 2018
Moderate severity vulnerability that affects activesupport Moderate
GHSA-35c4-f3rq-f9g3 was published for activesupport (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects rack Moderate
GHSA-9vc2-p34x-jhxh was published for rack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionview Moderate
GHSA-6834-r92f-jj42 was published for actionview (RubyGems) Sep 17, 2018 withdrawn
Duplicate Advisory: Moderate severity vulnerability that affects activemodel Moderate
GHSA-v543-gqhh-6gww was published for activemodel (RubyGems) Sep 17, 2018 withdrawn
Doorkeeper contains Cross-site Request Forgery Moderate
CVE-2014-8144 was published for doorkeeper (RubyGems) Sep 17, 2018
Moderate severity vulnerability that affects actionpack Moderate
GHSA-m53f-rhq8-q6hf was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-5xmj-wm96-fmw8 was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-23v3-qfrj-wmgh was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-qf5x-qgx7-437h was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-544j-77x9-h938 was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Bootstrap Cross-site Scripting vulnerability Moderate
CVE-2018-14042 was published for bootstrap (RubyGems) Sep 13, 2018
tdunlap607 1Jesper1
Bootstrap Cross-site Scripting vulnerability Moderate
CVE-2018-14041 was published for bootstrap (RubyGems) Sep 13, 2018
jenhae
ember-source vulnerable to Cross-site Scripting Moderate
CVE-2015-1866 was published for ember-source (RubyGems) Aug 28, 2018
Tinfoil Devise-two-factor does not "burn" a successfully validated one-time password (OTP) Moderate
CVE-2015-7225 was published for devise-two-factor (RubyGems) Aug 28, 2018
Gollum Exposure of Sensitive Information Moderate
CVE-2015-7314 was published for gollum (RubyGems) Aug 28, 2018
ember-source Cross-site Scripting vulnerability Moderate
CVE-2015-7565 was published for ember-source (RubyGems) Aug 28, 2018
oliverchang
Moderate severity vulnerability that affects archive-tar-minitar and minitar Moderate
GHSA-cwp3-834g-x79g was published for archive-tar-minitar (RubyGems) Aug 21, 2018 withdrawn
Moderate severity vulnerability that affects doorkeeper Moderate
GHSA-5p9f-55j8-922m was published for doorkeeper (RubyGems) Aug 13, 2018 withdrawn
ProTip! Advisories are also available from the GraphQL API