Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-rxv5-gxqc-xx8g
  • RubyGems/rails-html-sanitizer
rails-html-sanitizer has XSS vulnerability with certain configurations 5 days ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-2x5m-9ch4-qgrr
  • RubyGems/rails-html-sanitizer
rails-html-sanitizer has XSS vulnerability with certain configurations 5 days ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-cfjx-w229-hgx5
  • RubyGems/rails-html-sanitizer
rails-html-sanitizer has XSS vulnerability with certain configurations 5 days ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-638j-pmjw-jq48
  • RubyGems/rails-html-sanitizer
rails-html-sanitizer has XSS vulnerability with certain configurations 5 days ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-w8gc-x259-rc7x
  • RubyGems/rails-html-sanitizer
rails-html-sanitize has XSS vulnerability with certain configurations 5 days ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-ffp2-8p2h-4m5j
  • RubyGems/pwpush
Password Pusher rate limiter can be bypassed by forging proxy headers 20 Nov
  • Fix available
  • Severity - 2.7 (Low)
GHSA-j4h6-gcj7-7v9v
  • RubyGems/decidim-meetings
decidim-meetings Cross-site scripting vulnerability in the online or hybrid meeting embeds 13 Nov
  • Fix available
  • Severity - 5.1 (Medium)
GHSA-cxwf-qc32-375f
  • RubyGems/decidim-decidim_awesome
Decidim-Awesome has SQL injection in AdminAccountability 12 Nov
  • Fix available
  • Severity - 8.5 (High)
GHSA-hxx2-7vcw-mqr3
  • RubyGems/sinatra
Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision 01 Nov
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-j945-c44v-97g6
  • Maven/net.sf.mpxj:mpxj
  • RubyGems/mpxj
  • PyPI/mpxj
  • NuGet/net.sf.mpxj
  • NuGet/net.sf.mpxj-for-csharp
  • NuGet/net.sf.mpxj-for-vb
  • NuGet/MPXJ.Net
MPXJ has a Potential Path Traversal Vulnerability 28 Oct
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-2rxp-v6pw-ch6m
  • RubyGems/rexml
REXML ReDoS vulnerability 28 Oct
  • Fix available
  • Severity - 6.6 (Medium)
GHSA-v46j-h43h-rwrm
  • RubyGems/Autolab
Autolab Misconfigured Reset Password Permissions 25 Oct
  • Fix available
  • Severity - 7.1 (High)
GHSA-hhxg-rvc9-8726
  • RubyGems/camaleon_cms
camaleon_cms affected by cross site scripting 23 Oct
  • No fix available
  • Severity - 4.8 (Medium)
MAL-2024-10224
  • Not specified
Malicious code in znowflake_client (RubyGems) 16 Oct
  • No fix available
MAL-2024-10223
  • Not specified
Malicious code in zen-ruby-linter (RubyGems) 16 Oct
  • No fix available
MAL-2024-10222
  • Not specified
Malicious code in zbt_element_definer (RubyGems) 16 Oct
  • No fix available