RubyGems Package Vulnerabilities
All 402 Ruby gems with known CVEs, ranked by live CVE volume — 1,003 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 1.actionpack61 CVEs
- 2.rack49 CVEs
- 3.nokogiri33 CVEs
- 4.rubygems-update25 CVEs
- 5.activerecord23 CVEs
- 6.puppet22 CVEs
- 7.publify_core15 CVEs
- 8.activesupport14 CVEs
- 9.passenger14 CVEs
- 10.puma14 CVEs
- 11.rails-html-sanitizer14 CVEs
- 12.actionview13 CVEs
- 13.decidim12 CVEs
- 14.camaleon_cms11 CVEs
- 15.oj11 CVEs
- 16.rails11 CVEs
- 17.fat_free_crm10 CVEs
- 18.net-imap10 CVEs
- 19.ruby-saml10 CVEs
- 20.jquery-rails9 CVEs
- 21.openc39 CVEs
- 22.katello8 CVEs
- 23.rexml8 CVEs
- 24.activestorage7 CVEs
- 25.bootstrap7 CVEs
- 26.bootstrap-sass7 CVEs
- 27.jquery-ui-rails7 CVEs
- 28.lodash-rails7 CVEs
- 29.spree7 CVEs
- 30.avo6 CVEs
- 31.decidim-core6 CVEs
- 32.doorkeeper6 CVEs
- 33.ember-source6 CVEs
- 34.loofah6 CVEs
- 35.sinatra6 CVEs
- 36.webrick6 CVEs
- 37.bundler5 CVEs
- 38.carrierwave5 CVEs
- 39.cgi5 CVEs
- 40.devise5 CVEs
- 41.grpc5 CVEs
- 42.sidekiq5 CVEs
- 43.dragonfly4 CVEs
- 44.json4 CVEs
- 45.mail4 CVEs
- 46.rails_admin4 CVEs
- 47.sanitize4 CVEs
- 48.uri4 CVEs
- 49.view_component4 CVEs
- 50.yard4 CVEs
Which RubyGems packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →