Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

7 advisories

Loading
Local Code Execution through Argument Injection via dash leading git url parameter in Gemfile. Moderate
CVE-2021-43809 was published for bundler (RubyGems) Dec 8, 2021
paul-gerste-sonarsource
RubyGems Escape sequence injection vulnerability in verbose High
CVE-2019-8321 was published for rubygems-update (RubyGems) Jun 20, 2019
Dragonfly contains remote code execution vulnerability Critical
CVE-2021-33564 was published for dragonfly (RubyGems) Jun 2, 2021
Command injection in ruby-git Critical
CVE-2022-25648 was published for git (RubyGems) Apr 20, 2022
Command injection in cocoapods-downloader High
CVE-2022-24440 was published for cocoapods-downloader (RubyGems) Apr 2, 2022
tdunlap607
Command injection in cocoapods-downloader High
CVE-2022-21223 was published for cocoapods-downloader (RubyGems) Apr 2, 2022
Arbitrary file write in dragonfly Critical
CVE-2021-33473 was published for dragonfly (RubyGems) Jun 3, 2022
ProTip! Advisories are also available from the GraphQL API