GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
13 advisories
ReDoS based DoS vulnerability in Action Dispatch
Low
CVE-2023-22795
was published
for
actionpack
(RubyGems)
Jan 18, 2023
Cross site scripting in actionpack Rubygem
Moderate
CVE-2011-1497
was published
for
actionpack
(RubyGems)
Apr 22, 2022
Information disclosure issue in Active Resource
High
CVE-2020-8151
was published
for
activeresource
(RubyGems)
May 21, 2020
activerecord vulnerable to SQL Injection
High
CVE-2012-2695
was published
for
activerecord
(RubyGems)
Oct 24, 2017
actionpack Improper Authentication vulnerability
Moderate
CVE-2012-3424
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack allows remote attackers to bypass database-query restrictions, perform NULL checks via crafted request
Moderate
CVE-2012-2694
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Action Pack contains database-query restrictions bypass
Moderate
CVE-2012-2660
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Active Record contains SQL Injection
High
CVE-2012-6496
was published
for
activerecord
(RubyGems)
Oct 24, 2017
activesupport Cross-site Scripting vulnerability
Moderate
CVE-2012-3464
was published
for
activesupport
(RubyGems)
Oct 24, 2017
actionpack Cross-site Scripting vulnerability
Moderate
CVE-2012-3465
was published
for
actionpack
(RubyGems)
Oct 24, 2017
activesupport vulnerable to Denial of Service via large XML document depth
Moderate
CVE-2015-3227
was published
for
activesupport
(RubyGems)
Oct 24, 2017
SQL Injection in Active Record
High
CVE-2014-3482
was published
for
activerecord
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API