GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License

Language support

About GitHub Advisory Database

123 advisories

Critical

CVE-2012-3503 was published for katello (RubyGems) May 17, 2022

Critical

CVE-2013-3221 was published for activerecord (RubyGems) May 14, 2022

Critical

CVE-2025-24293 was published for activestorage (RubyGems) Aug 14, 2025

Critical

CVE-2025-68271 was published for openc3 (RubyGems) Jan 13, 2026

Critical

CVE-2011-10019 was published for spree (RubyGems) Aug 13, 2025

Critical

CVE-2025-66568 was published for ruby-saml (RubyGems) Dec 8, 2025

Critical

CVE-2025-66567 was published for ruby-saml (RubyGems) Dec 8, 2025

Critical

CVE-2011-10026 was published for rd_searchlogic (RubyGems) Aug 20, 2025

Critical

CVE-2024-27280 was published for stringio (RubyGems) Mar 25, 2024

Critical

CVE-2025-25292 was published for ruby-saml (RubyGems) Mar 12, 2025

Critical

CVE-2025-27407 was published for graphql (RubyGems) Mar 12, 2025

Critical

CVE-2025-25291 was published for ruby-saml (RubyGems) Mar 12, 2025

Critical

CVE-2025-28384 was published for openc3-cosmos-tool-iframe (RubyGems) Jun 13, 2025

Critical

CVE-2025-53623 was published for job-iteration (RubyGems) Jul 14, 2025

Critical

CVE-2019-10744 was published for lodash (RubyGems) Jul 10, 2019

Critical

CVE-2025-54887 was published for jwe (RubyGems) Aug 7, 2025

Critical

GHSA-353f-x4gh-cqq8 was published for nokogiri (RubyGems) Jul 21, 2025

Critical

GHSA-gpqc-4pp7-5954 was published for spree_auth_devise (RubyGems) Nov 18, 2021 • withdrawn

Critical

GHSA-6mqr-q86q-6gwr was published for spree_auth_devise (RubyGems) Nov 18, 2021 • withdrawn

Critical

GHSA-8xfw-5q82-3652 was published for spree_auth_devise (RubyGems) Nov 18, 2021 • withdrawn

Critical

CVE-2021-41275 was published for spree_auth_devise (RubyGems) Nov 18, 2021

Critical

GHSA-hw46-3hmr-x9xv was published for omniauth-saml (RubyGems) Mar 12, 2025

Critical

CVE-2016-7954 was published for bundler (RubyGems) May 14, 2022

Critical

CVE-2025-2304 was published for camaleon_cms (RubyGems) Mar 14, 2025

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

123 advisories

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

123 advisories

Uh oh!