GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
956 advisories
Regular expression denial of service vulnerability (ReDoS) in date
High
CVE-2021-41817
was published
for
date
(RubyGems)
Nov 16, 2021
Publify `guest` role users can self-register even when the admin does not allow it
Moderate
CVE-2021-25973
was published
for
publify_core
(RubyGems)
Nov 3, 2021
ReDoS vulnerability in parser_apache2
Moderate
CVE-2021-41186
was published
for
fluentd
(RubyGems)
Nov 1, 2021
XSS in `*Text` options of the Datepicker widget in jquery-ui
Moderate
CVE-2021-41183
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 26, 2021
XSS in the `of` option of the `.position()` util in jquery-ui
Moderate
CVE-2021-41184
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 26, 2021
XSS in the `altField` option of the Datepicker widget in jquery-ui
Moderate
CVE-2021-41182
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 26, 2021
Puma with proxy which forwards LF characters as line endings could allow HTTP request smuggling
Low
CVE-2021-41136
was published
for
puma
(RubyGems)
Oct 12, 2021
Older releases of better_errors open to Cross-Site Request Forgery attack
Moderate
CVE-2021-39197
was published
for
better_errors
(RubyGems)
Sep 7, 2021
qiita-markdown Cross-site Scripting vulnerability
Moderate
CVE-2021-28833
was published
for
qiita-markdown
(RubyGems)
Aug 2, 2021
ProTip!
Advisories are also available from the
GraphQL API