GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
317 advisories
HTTP Smuggling via Transfer-Encoding Header in Puma
High
CVE-2020-11076
was published
for
puma
(RubyGems)
May 22, 2020
Information disclosure issue in Active Resource
High
CVE-2020-8151
was published
for
activeresource
(RubyGems)
May 21, 2020
Improper Restriction of Excessive Authentication Attempts in Sorcery
High
CVE-2020-11052
was published
for
sorcery
(RubyGems)
May 7, 2020
Exposure of Sensitive Information to an Unauthorized Actor in Doorkeeper
High
CVE-2020-10187
was published
for
doorkeeper
(RubyGems)
May 7, 2020
Sort order SQL injection in Administrate
High
CVE-2020-5257
was published
for
administrate
(RubyGems)
Mar 13, 2020
Denial of Service in uap-core when processing crafted User-Agent strings
High
GHSA-pcqq-5962-hvcw
was published
for
user_agent_parser
(RubyGems)
Mar 10, 2020
XSS/Script injection vulnerability in matestack
High
CVE-2020-5241
was published
for
matestack-ui-core
(RubyGems)
Feb 12, 2020
OmniAuth Ruby gem Cross-site Request Forgery in request phase
High
CVE-2015-9284
was published
for
omniauth
(RubyGems)
May 29, 2019
ProTip!
Advisories are also available from the
GraphQL API