OSV - Open Source Vulnerabilities

GHSA-cvp8-5r8g-fhvq

RubyGems/omniauth-saml

omniauth-saml vulnerable to Improper Verification of Cryptographic Signature

19 hours ago

Fix available
Severity - 9.9 (Critical)

GHSA-jw9c-mfg7-9rx2

RubyGems/ruby-saml

SAML authentication bypass via Incorrect XPath selector

yesterday

Fix available
Severity - 9.9 (Critical)

GHSA-frp2-5qfc-7r8m

RubyGems/request_store

request_store has Incorrect Default Permissions

23 Aug

Fix available
Severity - 5.9 (Medium)

GHSA-vmwr-mc7x-5vc3

RubyGems/rexml

REXML denial of service vulnerability

22 Aug

Fix available
Severity - 8.2 (High)

GHSA-2m96-52r3-2f3g

RubyGems/fugit

fugit parse and parse_nat stall on lengthy input

19 Aug

Fix available
Severity - 5.3 (Medium)

GHSA-qv32-5wm2-p32h

RubyGems/sequenceserver

Command Injection in sequenceserver

13 Aug

Fix available
Severity - 9.3 (Critical)

GHSA-5866-49gr-22v4

RubyGems/rexml

REXML DoS vulnerability

02 Aug

Fix available
Severity - 6.9 (Medium)

GHSA-r55c-59qm-vjw6

RubyGems/rexml

REXML DoS vulnerability

01 Aug

Fix available
Severity - 6.9 (Medium)

MAL-2024-7834

Not specified

Malicious code in melio-platform-api-client (RubyGems)

28 Jul

No fix available

MAL-2024-7824

Not specified

Malicious code in prnigtest (RubyGems)

27 Jul

No fix available

GHSA-wqw3-p83g-r24v

RubyGems/spina

Cross-Site Request Forgery in Spina

25 Jul

No fix available
Severity - 6.9 (Medium)

GHSA-4xqq-m2hx-25v8

RubyGems/rexml

REXML denial of service vulnerability

16 Jul

Fix available
Severity - 6.9 (Medium)

GHSA-9mvj-f7w8-pvh2

npm/bootstrap
RubyGems/bootstrap
NuGet/bootstrap
RubyGems/bootstrap-sass
NuGet/bootstrap.sass
Packagist/twbs/bootstrap
Maven/org.webjars:bootstrap
Maven/org.webjars.npm:bootstrap

Bootstrap Cross-Site Scripting (XSS) vulnerability

11 Jul

No fix available
Severity - 5.3 (Medium)

GHSA-vc8w-jr9v-vj7f

npm/bootstrap
RubyGems/bootstrap
NuGet/bootstrap
NuGet/bootstrap.sass
Packagist/twbs/bootstrap
Maven/org.webjars:bootstrap
Maven/org.webjars.npm:bootstrap

Bootstrap Cross-Site Scripting (XSS) vulnerability

11 Jul

Fix available
Severity - 5.3 (Medium)

GHSA-529p-jj47-w3m3

RubyGems/decidim-admin

Decidim cross-site scripting (XSS) in the admin panel

10 Jul

Fix available
Severity - 6.8 (Medium)

GHSA-7cx8-44pc-xv3q

RubyGems/decidim

Decidim cross-site scripting (XSS) in the pagination

10 Jul

Fix available
Severity - 6.3 (Medium)