Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

168 advisories

Loading
Potential XSS vulnerability in jQuery Moderate
CVE-2020-11022 was published for jquery (RubyGems) Apr 29, 2020
masatokinugawa Churro
Rudloff
Loofah Allows Cross-site Scripting Moderate
CVE-2019-15587 was published for loofah (RubyGems) Nov 5, 2019
tdunlap607
Haml vulnerable to cross-site scripting Moderate
CVE-2017-1002201 was published for haml (RubyGems) Oct 21, 2019
Cross-site scripting in padrino-contrib Moderate
CVE-2019-16145 was published for padrino-contrib (RubyGems) Sep 23, 2019
Cross-site scripting in fat_free_crm Moderate
CVE-2018-20975 was published for fat_free_crm (RubyGems) Aug 21, 2019
Cross-site Scripting in Chartkick Moderate
CVE-2019-12732 was published for chartkick (RubyGems) Jun 7, 2019
XSS in jQuery as used in Drupal, Backdrop CMS, and other products Moderate
CVE-2019-11358 was published for django (RubyGems) Apr 26, 2019
klaudialax eoftedal
Rudloff
Bootstrap Vulnerable to Cross-Site Scripting Moderate
CVE-2019-8331 was published for Bootstrap.Less (RubyGems) Feb 22, 2019
bootstrap Cross-site Scripting vulnerability Moderate
CVE-2018-20677 was published for bootstrap (RubyGems) Jan 17, 2019
tdunlap607
XSS vulnerability that affects bootstrap Moderate
CVE-2018-20676 was published for bootstrap (RubyGems) Jan 17, 2019
tdunlap607
Bootstrap Cross-site Scripting vulnerability Moderate
CVE-2016-10735 was published for bootstrap (RubyGems) Jan 17, 2019
roka-actico
Cross Site Scripting (XSS) vulnerability in easymon Moderate
CVE-2018-1000855 was published for easymon (RubyGems) Dec 21, 2018
Fat Free CRM vulnerable to Cross-site Scripting Moderate
CVE-2018-1000842 was published for fat_free_crm (RubyGems) Dec 20, 2018
Rack vulnerable to Cross-site Scripting Moderate
CVE-2018-16471 was published for rack (RubyGems) Nov 15, 2018
Content Injection via TileJSON Name in mapbox.js Moderate
CVE-2017-1000043 was published for mapbox-rails (RubyGems) Nov 9, 2018
Content Injection via TileJSON attribute in mapbox.js Moderate
CVE-2017-1000042 was published for mapbox-rails (RubyGems) Nov 9, 2018
Loofah Cross-site Scripting vulnerability Moderate
CVE-2018-16468 was published for loofah (RubyGems) Nov 1, 2018
Bootstrap Cross-site Scripting vulnerability Moderate
CVE-2018-14042 was published for bootstrap (RubyGems) Sep 13, 2018
tdunlap607 1Jesper1
Bootstrap Cross-site Scripting vulnerability Moderate
CVE-2018-14041 was published for bootstrap (RubyGems) Sep 13, 2018
jenhae
ember-source vulnerable to Cross-site Scripting Moderate
CVE-2015-1866 was published for ember-source (RubyGems) Aug 28, 2018
ember-source Cross-site Scripting vulnerability Low
CVE-2014-0046 was published for ember-source (RubyGems) Aug 28, 2018
tdunlap607
ember-source Cross-site Scripting vulnerability Moderate
CVE-2015-7565 was published for ember-source (RubyGems) Aug 28, 2018
oliverchang
grape subject to Cross-site Scripting Moderate
CVE-2018-3769 was published for grape (RubyGems) Aug 13, 2018
radiant vulnerable to Cross-site Scripting Moderate
CVE-2018-7261 was published for radiant (RubyGems) Jul 27, 2018
Sinatra Cross-site Scripting vulnerability Moderate
CVE-2018-11627 was published for sinatra (RubyGems) Jun 5, 2018
ProTip! Advisories are also available from the GraphQL API