GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
892 advisories
Phusion Passenger information disclosure
Moderate
CVE-2017-16355
was published
for
passenger
(RubyGems)
May 13, 2022
Phusion Passenger incorrect permission assignment
Moderate
CVE-2018-12615
was published
for
passenger
(RubyGems)
May 13, 2022
Tarball permission preservation in puppet
Moderate
CVE-2017-10689
was published
for
puppet
(RubyGems)
May 13, 2022
fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)
Low
CVE-2022-39379
was published
for
fluentd
(RubyGems)
Nov 2, 2022
OmniAuth's `lib/omniauth/failure_endpoint.rb` does not escape `message_key` value
Critical
CVE-2020-36599
was published
for
omniauth
(RubyGems)
Aug 19, 2022
arr-pm vulnerable to arbitrary shell execution when extracting or listing files contained in a malicious rpm.
High
CVE-2022-39224
was published
for
arr-pm
(RubyGems)
Sep 21, 2022
ProTip!
Advisories are also available from the
GraphQL API