Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

47 advisories

Loading
sentry-raven allows remote attackers to cause a denial of service via a large exponent value in a scientific number Moderate
CVE-2014-9490 was published for sentry-raven (RubyGems) Oct 24, 2017
Rack rubygems receiving excessively long lines triggers out-of-memory error Moderate
CVE-2013-0183 was published for rack (RubyGems) Oct 24, 2017
Denial of Service in jquery High
CVE-2016-10707 was published for jQuery (RubyGems) Jan 22, 2018
bson is vulnerable to denial of service due to incorrect regex validation Critical
CVE-2015-4412 was published for bson (RubyGems) Mar 5, 2018
Nokogiri subject to DoS via libxml2 vulnerability High
CVE-2015-5312 was published for nokogiri (RubyGems) Aug 21, 2018
Rack vulnerable to Denial of Service High
CVE-2018-16470 was published for rack (RubyGems) Nov 15, 2018
Denial of Service Vulnerability in Action View High
CVE-2019-5419 was published for actionview (RubyGems) Mar 13, 2019
Rubyzip denial of service Moderate
CVE-2019-16892 was published for rubyzip (RubyGems) Sep 30, 2019
tdunlap607
BSON rubygem contains potential denial of service High
CVE-2015-4411 was published for bson (RubyGems) Apr 29, 2020
Regular Expression Denial of Service in websocket-extensions (RubyGem) High
CVE-2020-7663 was published for websocket-extensions (RubyGems) Jun 5, 2020
Untrusted users can run pending migrations in production in Rails Moderate
CVE-2020-8185 was published for actionpack (RubyGems) Jun 24, 2020
Active Record subject to Regular Expression Denial-of-Service (ReDoS) High
CVE-2021-22880 was published for activerecord (RubyGems) Mar 2, 2021
Denial of Service in Action Dispatch High
CVE-2021-22902 was published for actionpack (RubyGems) May 5, 2021
Possible DoS Vulnerability in Action Controller Token Authentication High
CVE-2021-22904 was published for actionpack (RubyGems) May 5, 2021
Puma's Keepalive Connections Causing Denial Of Service High
CVE-2021-29509 was published for puma (RubyGems) May 18, 2021
MSP-Greg wjordan
ioquatix
Potential Denial-of-Service in bindata Low
CVE-2021-32823 was published for bindata (RubyGems) Jun 23, 2021
Regular Expression Denial of Service in Addressable templates High
CVE-2021-32740 was published for addressable (RubyGems) Jul 12, 2021
ReDoS vulnerability in parser_apache2 Moderate
CVE-2021-41186 was published for fluentd (RubyGems) Nov 1, 2021
tdunlap607
Denial of service in sidekiq High
CVE-2022-23837 was published for sidekiq (RubyGems) Jan 27, 2022
Nokogiri Inefficient Regular Expression Complexity High
CVE-2022-24836 was published for nokogiri (RubyGems) Apr 11, 2022
ooooooo-q
Denial of Service (DoS) in Nokogiri on JRuby High
GHSA-gx8x-g87m-h5q6 was published for nokogiri (RubyGems) Apr 11, 2022
WEBrick Denial of Service Vulnerability High
CVE-2008-4310 was published for webrick (RubyGems) May 2, 2022
Puppet Denial of Service and Arbitrary File Write Low
CVE-2012-1987 was published for puppet (RubyGems) May 14, 2022
RubyGems Regular Expression Denial of Service vulnerability Moderate
CVE-2013-4287 was published for rubygems-update (RubyGems) May 14, 2022
Rack Gem Subject to Denial of Service via Hash Collisions Moderate
CVE-2011-5036 was published for org.jruby:jruby-parent (RubyGems) May 17, 2022
ProTip! Advisories are also available from the GraphQL API