Know every threat before it ships
200K+ vulnerabilities, malicious packages, and supply chain threats enriched with Corgea's research.
LOW 3.7
CVE-2021-41136
Puma with proxy which forwards LF characters as line endings could allow HTTP request smuggling
LOW 3.1
CVE-2024-22047
Race Condition leading to logging errors
LOW 3.2
CVE-2025-27221
URI allows for userinfo Leakage in URI#join, URI#merge, and URI#+
LOW 3.3
GHSA-jc9r-qcgw-fxq9
sparklemotion nokogiri hashmap.c hashmap_get_with_hash heap-based overflow
LOW 3.3
GHSA-pf9w-gvcf-gv7m
sparklemotion nokogiri hashmap.c hashmap_set_with_hash heap-based overflow
LOW 3.1
CVE-2023-47634
Race condition in Endorsements
LOW 3.1
GHSA-v444-jggx-6v7f
Duplicate Advisory: Race Condition leading to logging errors
LOW 3.7
CVE-2015-7576
actionpack is vulnerable to remote bypass authentication
LOW 3.7
CVE-2021-32823
Potential Denial-of-Service in bindata
LOW 3.5
GHSA-9chr-4fjh-5rgw
Cross-site Scripting in actionpack
LOW 3.7
CVE-2015-7519
Phusion Passenger allows remote attackers to spoof headers
LOW 3.1
CVE-2022-39379
fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)
LOW 3.2
CVE-2023-30618
Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-Terraform
LOW 3.3
CVE-2017-8418
RuboCop gem Insecure use of /tmp
LOW 3.5
CVE-2023-3445
Spina Cross-site Scripting vulnerability
LOW 3.7
CVE-2022-4064
Unsanitized input leading to code injection in Dalli
LOW 2.5
CVE-2022-31072
Octokit gem published with world-writable files
LOW 2.5
CVE-2022-31071
Octopoller gem published with world-writable files
LOW 2.3
CVE-2022-31000
CSRF allows attacker to finalize/unfinalize order adjustments in solidus_backend
LOW 3.2
CVE-2020-13353
Gitaly Insufficient Session Expiration vulnerability
LOW 2.7
CVE-2019-14825
Katello cleartext password storage issue
Ready to move
Start Securing
Free, no credit card | First findings in minutes