Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
Improper Access Control in activejob High
CVE-2018-16476 was published for activejob (RubyGems) Dec 5, 2018
Possible Strong Parameters Bypass in ActionPack High
CVE-2020-8164 was published for actionpack (RubyGems) May 26, 2020
navhits
Metasploit Framework user exposes Metasploit to same deserialization issue that is exploited by that module High
CVE-2020-7385 was published for metasploit-framework (RubyGems) May 24, 2022
jasnow
opensearch-ruby 2.x before 2.0.2 vulnerable to unsafe YAML deserialization High
CVE-2022-31115 was published for opensearch-ruby (RubyGems) Jul 5, 2022
tdunlap607
RubyGems Deserialization of Untrusted Data vulnerability High
CVE-2018-1000074 was published for org.jruby:jruby-stdlib (RubyGems) May 14, 2022
Withdrawn: Fortra GoAnywhere MFT Deserialization of Untrusted Data vulnerability affects metasploit-framework High
CVE-2023-0669 was published for metasploit-framework (RubyGems) Feb 6, 2023 withdrawn
smcintyre-r7
ProTip! Advisories are also available from the GraphQL API