GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
450 advisories
view_component Cross-site Scripting vulnerability
Moderate
CVE-2024-21636
was published
for
view_component
(RubyGems)
Jan 4, 2024
Resque vulnerable to Reflected Cross Site Scripting through pathnames
Moderate
CVE-2023-50724
was published
for
resque
(RubyGems)
Dec 18, 2023
Resque vulnerable to reflected XSS in resque-web failed and queues lists
Moderate
CVE-2023-50725
was published
for
resque
(RubyGems)
Dec 18, 2023
Resque vulnerable to reflected XSS in Queue Endpoint
Moderate
CVE-2023-50727
was published
for
resque
(RubyGems)
Dec 18, 2023
Resque Scheduler Reflected XSS In Delayed Jobs View
Moderate
CVE-2022-44303
was published
for
resque-scheduler
(RubyGems)
Dec 18, 2023
CarrierWave Content-Type allowlist bypass vulnerability, possibly leading to XSS
Moderate
CVE-2023-49090
was published
for
carrierwave
(RubyGems)
Nov 29, 2023
sidekiq Denial of Service vulnerability
Moderate
CVE-2023-26141
was published
for
sidekiq
(RubyGems)
Sep 14, 2023
protocol-http1 HTTP Request/Response Smuggling vulnerability
Moderate
CVE-2023-38697
was published
for
protocol-http1
(RubyGems)
Aug 3, 2023
Decidim Cross-site Scripting vulnerability in the external link redirections
Moderate
CVE-2023-32693
was published
for
decidim
(RubyGems)
Jul 11, 2023
gRPC connection termination issue
Moderate
CVE-2023-32732
was published
for
grpc
(RubyGems)
Jul 6, 2023
URI gem has ReDoS vulnerability
Moderate
CVE-2023-36617
was published
for
uri
(RubyGems)
Jun 29, 2023
Duplicate Advisory: jQuery Cross Site Scripting vulnerability
Moderate
CVE-2020-23064
was published
for
jQuery
(RubyGems)
Jun 26, 2023
•
withdrawn
Doorkeeper Improper Authentication vulnerability
Moderate
CVE-2023-34246
was published
for
doorkeeper
(RubyGems)
Jun 12, 2023
ProTip!
Advisories are also available from the
GraphQL API