Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

47 advisories

Loading
Rack has possible DoS Vulnerability in Multipart MIME parsing High
CVE-2023-27530 was published for rack (RubyGems) Mar 8, 2023
REXML DoS vulnerability Moderate
CVE-2024-41946 was published for rexml (RubyGems) Aug 2, 2024
naitoh
REXML DoS vulnerability Moderate
CVE-2024-41123 was published for rexml (RubyGems) Aug 1, 2024
Potential Denial-of-Service in bindata Low
CVE-2021-32823 was published for bindata (RubyGems) Jun 23, 2021
fugit parse and parse_nat stall on lengthy input Moderate
CVE-2024-43380 was published for fugit (RubyGems) Aug 19, 2024
personnumber3377 bensheldon
REXML denial of service vulnerability Moderate
CVE-2024-39908 was published for rexml (RubyGems) Jul 16, 2024
REXML contains a denial of service vulnerability Moderate
CVE-2024-35176 was published for rexml (RubyGems) May 16, 2024
Rack has possible DoS Vulnerability with Range Header Low
CVE-2024-26141 was published for rack (RubyGems) Feb 28, 2024
ooooooo-q
XSS sidekiq-unique-jobs UI server vulnerability High
CVE-2024-25122 was published for sidekiq-unique-jobs (RubyGems) Feb 13, 2024
pboling Earlopain
Denial of Service in jquery High
CVE-2016-10707 was published for jQuery (RubyGems) Jan 22, 2018
WEBrick Denial of Service Vulnerability High
CVE-2008-4310 was published for webrick (RubyGems) May 2, 2022
ReDoS based DoS vulnerability in Action Dispatch Low
CVE-2023-22792 was published for actionpack (RubyGems) Jan 18, 2023
robertoz-01 postmodern
Puppet Denial of Service and Arbitrary File Write Low
CVE-2012-1987 was published for puppet (RubyGems) May 14, 2022
encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs High
CVE-2024-0241 was published for encoded_id-rails (RubyGems) Oct 24, 2023
Duplicate Advisory: encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs High
GHSA-4553-hq82-8654 was published for encoded_id-rails (RubyGems) Jan 4, 2024 withdrawn
Denial of service via header parsing in Rack High
CVE-2022-44570 was published for rack (RubyGems) Jan 18, 2023
Denial of Service Vulnerability in Rack Multipart Parsing High
CVE-2022-30122 was published for rack (RubyGems) May 27, 2022
Rubyzip denial of service Moderate
CVE-2019-16892 was published for rubyzip (RubyGems) Sep 30, 2019
tdunlap607
memory leak flaw was found in ruby-magick Moderate
CVE-2023-5349 was published for rmagick (RubyGems) Oct 30, 2023
Denial of Service Vulnerability in Action View High
CVE-2019-5419 was published for actionview (RubyGems) Mar 13, 2019
sidekiq Denial of Service vulnerability Moderate
CVE-2023-26141 was published for sidekiq (RubyGems) Sep 14, 2023
wwahammy kflavin
martingregoire
sentry-raven allows remote attackers to cause a denial of service via a large exponent value in a scientific number Moderate
CVE-2014-9490 was published for sentry-raven (RubyGems) Oct 24, 2017
Rack vulnerable to Denial of Service High
CVE-2018-16470 was published for rack (RubyGems) Nov 15, 2018
Denial of Service Vulnerability in Rack Content-Disposition parsing Low
CVE-2022-44571 was published for rack (RubyGems) Jan 18, 2023
Denial of service via multipart parsing in Rack Low
CVE-2022-44572 was published for rack (RubyGems) Jan 18, 2023
ProTip! Advisories are also available from the GraphQL API