Vulnerability Reportmetasploitframework/metasploit-framework:6.2.33

metasploitframework/metasploit-framework:6.2.33
DIGESTsha256:735549af874c7525cdcbe16ea2e1f8c3695d463dcd3ace4dd657dc14abeb3175

Executive Summary

Threat Score
100/100DANGEROUS
Reputation
UNVERIFIED

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could exploit CVE-2023-44487 to cause denial of service or CVE-2023-22794 for SQL injection leading to full database compromise. The image contains 206 known vulnerabilities, 53 of which are high severity, and is an unverified community image, further increasing risk.

Vulnerabilities

Vulnerability Log

364 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2023-44487CRITICAL9.75
nghttp2-libs
1.46.0-r0
fixed in 1.46.0-r2
100.0%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2023-22794HIGH8.8
activerecord
6.1.7
fixed in ~> 6.0.6, >= 6.0.6.1, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1
2.2%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2022-4450HIGH8.62
libcrypto1.1
1.1.1s-r1
fixed in 1.1.1t-r0
20.4%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2022-4450HIGH8.62
libssl1.1
1.1.1s-r1
fixed in 1.1.1t-r0
20.4%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2022-4450HIGH8.62
openssl-dev
1.1.1s-r1
fixed in 1.1.1t-r0
20.4%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2024-25126HIGH8.62
rack
2.2.4
fixed in ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1
35.4%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2023-37920HIGH8.33
certifi
2021.10.8
fixed in 2023.7.22
0.5%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2024-28103HIGH8.33
actionpack
6.1.7
fixed in ~> 6.1.7, >= 6.1.7.8, ~> 7.0.8, >= 7.0.8.4, ~> 7.1.3, >= 7.1.3.4, >= 7.2.0.beta2
0.7%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-42257HIGH8.33
net-imap
0.1.1
fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42258HIGH8.33
net-imap
0.1.1
fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2023-40175HIGH8.33
puma
6.0.0
fixed in ~> 5.6.7, >= 6.3.1
0.7%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-27820HIGH8.33
zlib
2.0.0
fixed in ~> 3.0.1, ~> 3.1.2, >= 3.2.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-58266HIGH8.33
shlex
1.1.0
fixed in 1.3.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-43804HIGH8.1
py3-urllib3
1.26.7-r0
fixed in 1.26.17-r0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-43804HIGH8.1
urllib3
1.26.13
fixed in 2.0.6, 1.26.17
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-0286HIGH7.7
libcrypto1.1
1.1.1s-r1
fixed in 1.1.1t-r0
62.0%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2023-0286HIGH7.7
libssl1.1
1.1.1s-r1
fixed in 1.1.1t-r0
62.0%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2023-0286HIGH7.7
openssl-dev
1.1.1s-r1
fixed in 1.1.1t-r0
62.0%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2023-0286HIGH7.7
cryptography
3.3.2
fixed in 39.0.1
62.0%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2023-0215HIGH7.5
libcrypto1.1
1.1.1s-r1
fixed in 1.1.1t-r0
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-0464HIGH7.5
libcrypto1.1
1.1.1s-r1
fixed in 1.1.1t-r2
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-0215HIGH7.5
libssl1.1
1.1.1s-r1
fixed in 1.1.1t-r0
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-0464HIGH7.5
libssl1.1
1.1.1s-r1
fixed in 1.1.1t-r2
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-35945HIGH7.5
nghttp2-libs
1.46.0-r0
fixed in 1.46.0-r1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-0215HIGH7.5
openssl-dev
1.1.1s-r1
fixed in 1.1.1t-r0
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-0464HIGH7.5
openssl-dev
1.1.1s-r1
fixed in 1.1.1t-r2
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-30861HIGH7.5
Flask
1.1.4
fixed in 2.3.2, 2.2.5
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-25577HIGH7.5
Werkzeug
1.0.1
fixed in 2.2.3
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2024-34069HIGH7.5
Werkzeug
1.0.1
fixed in 3.0.3
3.4%
Low-Moderate Risk
Directly Exposed
CVE-2024-39689HIGH7.5
certifi
2021.10.8
fixed in 2024.7.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-50782HIGH7.5
cryptography
3.3.2
fixed in 42.0.0
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-40899HIGH7.5
future
0.18.2
fixed in 0.18.3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2024-3651HIGH7.5
idna
2.10
fixed in 3.7
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-22792HIGH7.5
actionpack
6.1.7
fixed in ~> 5.2.8, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-22795HIGH7.5
actionpack
6.1.7
fixed in ~> 5.2.8, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2022-44566HIGH7.5
activerecord
6.1.7
fixed in ~> 5.2.8, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-22796HIGH7.5
activesupport
6.1.7
fixed in ~> 5.2.8, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-23514HIGH7.5
loofah
2.19.0
fixed in >= 2.19.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-23516HIGH7.5
loofah
2.19.0
fixed in >= 2.19.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-44570HIGH7.5
rack
2.2.4
fixed in ~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= 2.2.6.2, >= 3.0.4.1
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-44571HIGH7.5
rack
2.2.4
fixed in ~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= 2.2.6.1, >= 3.0.4.1
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-44572HIGH7.5
rack
2.2.4
fixed in ~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= 2.2.6.1, >= 3.0.4.1
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-27530HIGH7.5
rack
2.2.4
fixed in ~> 2.0.9, >= 2.0.9.3, ~> 2.1.4, >= 2.1.4.3, ~> 2.2.6, >= 2.2.6.3, >= 3.0.4.2
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2024-26141HIGH7.5
rack
2.2.4
fixed in ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2024-26146HIGH7.5
rack
2.2.4
fixed in ~> 2.0.9, >= 2.0.9.4, ~> 2.1.4, >= 2.1.4.4, ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-27610HIGH7.5
rack
2.2.4
fixed in ~> 2.2.13, ~> 3.0.14, >= 3.1.12
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-23517HIGH7.5
rails-html-sanitizer
1.4.3
fixed in >= 1.4.4
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-49761HIGH7.5
rexml
3.2.5
fixed in >= 3.3.9
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2024-41123HIGH7.5
rexml
3.2.5
fixed in >= 3.3.3
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-41946HIGH7.5
rexml
3.2.5
fixed in >= 3.3.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-27516HIGH7.48
Jinja2
2.11.3
fixed in 3.1.6
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-2454HIGH7.2
libecpg
14.5-r0
fixed in 14.8-r0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-2454HIGH7.2
libpq
14.5-r0
fixed in 14.8-r0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-41316MEDIUM6.88
erb
2.2.0
fixed in ~> 4.0.3.1, ~> 4.0.4.1, ~> 6.0.1.1, >= 6.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-4304MEDIUM6.79
libcrypto1.1
1.1.1s-r1
fixed in 1.1.1t-r0
16.2%
High Exploitation Risk
Directly Exposed
CVE-2022-4304MEDIUM6.79
libssl1.1
1.1.1s-r1
fixed in 1.1.1t-r0
16.2%
High Exploitation Risk
Directly Exposed
CVE-2022-4304MEDIUM6.79
openssl-dev
1.1.1s-r1
fixed in 1.1.1t-r0
16.2%
High Exploitation Risk
Directly Exposed
CVE-2023-2603MEDIUM6.63
libcap
2.61-r0
fixed in 2.61-r1
0.6%
Theoretical Threat
Directly Exposed
CVE-2023-29491MEDIUM6.63
ncurses
6.3_p20211120-r1
fixed in 6.3_p20211120-r2
0.9%
Theoretical Threat
Directly Exposed
CVE-2023-29491MEDIUM6.63
ncurses-libs
6.3_p20211120-r1
fixed in 6.3_p20211120-r2
0.9%
Theoretical Threat
Directly Exposed
CVE-2023-29491MEDIUM6.63
ncurses-terminfo-base
6.3_p20211120-r1
fixed in 6.3_p20211120-r2
0.9%
Theoretical Threat
Directly Exposed
CVE-2023-23931MEDIUM6.5
cryptography
3.3.2
fixed in 39.0.1
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2025-25184MEDIUM6.5
rack
2.2.4
fixed in ~> 2.2.11, ~> 3.0.12, >= 3.1.10
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-41409MEDIUM6.38
pcre2
10.40-r0
fixed in 10.42-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2022-23491MEDIUM6.38
certifi
2021.10.8
fixed in 2022.12.07
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-49083MEDIUM6.38
cryptography
3.3.2
fixed in 41.0.6
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-30922MEDIUM6.38
pyasn1
0.4.8
fixed in 0.6.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-66418MEDIUM6.38
urllib3
1.26.13
fixed in 2.6.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-66471MEDIUM6.38
urllib3
1.26.13
fixed in 2.6.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-21441MEDIUM6.38
urllib3
1.26.13
fixed in 2.6.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-23913MEDIUM6.38
actionview
6.1.7
fixed in ~> 6.1.7.3, >= 7.0.4.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33176MEDIUM6.38
activesupport
6.1.7
fixed in ~> 7.2.3, >= 7.2.3.1, ~> 8.0.4, >= 8.0.4.1, >= 8.1.2.1
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33306MEDIUM6.38
bcrypt
3.1.18
fixed in >= 3.1.22
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-27219MEDIUM6.38
cgi
0.2.2
fixed in ~> 0.3.5.1, ~> 0.3.7, >= 0.4.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-27220MEDIUM6.38
cgi
0.2.2
fixed in ~> 0.3.5.1, ~> 0.3.7, >= 0.4.2
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-42245MEDIUM6.38
net-imap
0.1.1
fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-21647MEDIUM6.38
puma
6.0.0
fixed in ~> 5.6.8, >= 6.4.2
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-27111MEDIUM6.38
rack
2.2.4
fixed in ~> 2.2.12, ~> 3.0.13, >= 3.1.11
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-46727MEDIUM6.38
rack
2.2.4
fixed in ~> 2.2.14, ~> 3.0.16, >= 3.1.14
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-59830MEDIUM6.38
rack
2.2.4
fixed in >= 2.2.18
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-61770MEDIUM6.38
rack
2.2.4
fixed in ~> 2.2.19, ~> 3.1.17, >= 3.2.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-61771MEDIUM6.38
rack
2.2.4
fixed in ~> 2.2.19, ~> 3.1.17, >= 3.2.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-61919MEDIUM6.38
rack
2.2.4
fixed in ~> 2.2.20, ~> 3.1.18, >= 3.2.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-22860MEDIUM6.38
rack
2.2.4
fixed in ~> 2.2.22, ~> 3.1.20, >= 3.2.5
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-34785MEDIUM6.38
rack
2.2.4
fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34829MEDIUM6.38
rack
2.2.4
fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34230MEDIUM6.38
rack
2.2.4
fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34826MEDIUM6.38
rack
2.2.4
fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34830MEDIUM6.38
rack
2.2.4
fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-61921MEDIUM6.38
sinatra
3.0.4
fixed in >= 4.2.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-61594MEDIUM6.38
uri
0.10.1
fixed in ~> 0.12.5, ~> 0.13.3, >= 1.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-47220MEDIUM6.38
webrick
1.7.0
fixed in >= 1.8.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-12790MEDIUM6.29
mqtt
0.5.0
fixed in >= 0.7.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42246MEDIUM6.29
net-imap
0.1.1
fixed in ~> 0.3.10, ~> 0.4.24, ~> 0.5.14, >= 0.6.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-32681MEDIUM6.1
requests
2.27.1
fixed in 2.31.0
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-23520MEDIUM6.1
rails-html-sanitizer
1.4.3
fixed in >= 1.4.4
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-29483MEDIUM5.9
dnspython
1.16.0
fixed in 2.6.1
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-43398MEDIUM5.9
rexml
3.2.5
fixed in >= 3.3.6
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-26007MEDIUM5.52
cryptography
3.3.2
fixed in 46.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-37891MEDIUM5.52
urllib3
1.26.13
fixed in 1.26.19, 2.2.2
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-35611MEDIUM5.52
addressable
2.8.1
fixed in >= 2.9.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-33637MEDIUM5.52
faraday
2.7.1
fixed in >= 2.14.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-43857MEDIUM5.52
net-imap
0.1.1
fixed in ~> 0.2.5, ~> 0.3.9, ~> 0.4.20, >= 0.5.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34786MEDIUM5.52
rack
2.2.4
fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-34831MEDIUM5.52
rack
2.2.4
fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6
0.1%
Theoretical Threat
Directly Exposed
CVE-2024-0727MEDIUM5.5
cryptography
3.3.2
fixed in 42.0.2
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-56326MEDIUM5.35
Jinja2
2.11.3
fixed in 3.1.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-0465MEDIUM5.3
libcrypto1.1
1.1.1s-r1
fixed in 1.1.1t-r2
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-3446MEDIUM5.3
libcrypto1.1
1.1.1s-r1
fixed in 1.1.1u-r2
5.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-3817MEDIUM5.3
libcrypto1.1
1.1.1s-r1
fixed in 1.1.1v-r0
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-5678MEDIUM5.3
libcrypto1.1
1.1.1s-r1
fixed in 1.1.1w-r1
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-0465MEDIUM5.3
libssl1.1
1.1.1s-r1
fixed in 1.1.1t-r2
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-3446MEDIUM5.3
libssl1.1
1.1.1s-r1
fixed in 1.1.1u-r2
5.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-3817MEDIUM5.3
libssl1.1
1.1.1s-r1
fixed in 1.1.1v-r0
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-5678MEDIUM5.3
libssl1.1
1.1.1s-r1
fixed in 1.1.1w-r1
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-0465MEDIUM5.3
openssl-dev
1.1.1s-r1
fixed in 1.1.1t-r2
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-3446MEDIUM5.3
openssl-dev
1.1.1s-r1
fixed in 1.1.1u-r2
5.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-3817MEDIUM5.3
openssl-dev
1.1.1s-r1
fixed in 1.1.1v-r0
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-5678MEDIUM5.3
openssl-dev
1.1.1s-r1
fixed in 1.1.1w-r1
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-27539MEDIUM5.3
rack
2.2.4
fixed in ~> 2.0, >= 2.2.6.4, >= 3.0.6.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-35176MEDIUM5.3
rexml
3.2.5
fixed in >= 3.2.7
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-28756MEDIUM5.3
time
0.1.0
fixed in ~> 0.1.1, >= 0.2.2
2.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-28755MEDIUM5.3
uri
0.10.1
fixed in ~> 0.10.0.1, ~> 0.10.2, ~> 0.11.1, >= 0.12.1
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-36617MEDIUM5.3
uri
0.10.1
fixed in ~> 0.10.0.3, ~> 0.10.3, ~> 0.11.2, >= 0.12.2
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-27534MEDIUM5.28
curl
7.80.0-r5
fixed in 8.0.1-r0
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-27533MEDIUM5.28
libcurl
7.80.0-r5
fixed in 8.0.1-r0
2.0%
Low-Moderate Risk
Post-Exploit
CVE-2023-27534MEDIUM5.28
libcurl
7.80.0-r5
fixed in 8.0.1-r0
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-6345MEDIUM5.28
setuptools
44.1.1
fixed in 70.0.0
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2025-47273MEDIUM5.28
setuptools
44.1.1
fixed in 78.1.1
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-22195MEDIUM5.18
Jinja2
2.11.3
fixed in 3.1.3
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-50181MEDIUM5.18
urllib3
1.26.13
fixed in 2.5.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-28120MEDIUM5.18
activesupport
6.1.7
fixed in ~> 6.1.7, >= 6.1.7.3, >= 7.0.4.3
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-33170MEDIUM5.18
activesupport
6.1.7
fixed in ~> 7.2.3, >= 7.2.3.1, ~> 8.0.4, >= 8.0.4.1, >= 8.1.2.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2022-23515MEDIUM5.18
loofah
2.19.0
fixed in >= 2.19.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2022-23518MEDIUM5.18
rails-html-sanitizer
1.4.3
fixed in >= 1.4.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-23519MEDIUM5.18
rails-html-sanitizer
1.4.3
fixed in >= 1.4.4
1.0%
Theoretical Threat
Directly Exposed
CVE-2022-4450MEDIUM5.17
openssl
1.1.1s-r1
fixed in 1.1.1t-r0
20.4%
High Exploitation Risk
Post-Exploit
CVE-2023-2650MEDIUM5.07
libcrypto1.1
1.1.1s-r1
fixed in 1.1.1u-r0
77.9%
Actively Exploited
Directly Exposed
CVE-2023-2650MEDIUM5.07
libssl1.1
1.1.1s-r1
fixed in 1.1.1u-r0
77.9%
Actively Exploited
Directly Exposed
CVE-2023-2650MEDIUM5.07
openssl
1.1.1s-r1
fixed in 1.1.1u-r0
77.9%
Actively Exploited
Post-Exploit
CVE-2023-2650MEDIUM5.07
openssl-dev
1.1.1s-r1
fixed in 1.1.1u-r0
77.9%
Actively Exploited
Directly Exposed
CVE-2023-52323MEDIUM5.02
pycryptodomex
3.16.0
fixed in 3.19.1
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-6442MEDIUM5.02
webrick
1.7.0
fixed in >= 1.8.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-25765MEDIUM4.93
faraday
2.7.1
fixed in ~> 1.10.5, >= 2.14.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-35195MEDIUM4.76
requests
2.27.1
fixed in 2.32.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-29007MEDIUM4.68
git
2.34.5-r0
fixed in 2.34.8-r0
6.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-25645MEDIUM4.67
requests
2.27.1
fixed in 2.33.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-23914MEDIUM4.64
curl
7.80.0-r5
fixed in 7.80.0-r6
0.9%
Theoretical Threat
Post-Exploit
CVE-2023-23914MEDIUM4.64
libcurl
7.80.0-r5
fixed in 7.80.0-r6
0.9%
Theoretical Threat
Post-Exploit
CVE-2023-2455MEDIUM4.59
libecpg
14.5-r0
fixed in 14.8-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2023-2455MEDIUM4.59
libpq
14.5-r0
fixed in 14.8-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-34064MEDIUM4.59
Jinja2
2.11.3
fixed in 3.1.4
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-33168MEDIUM4.59
actionview
6.1.7
fixed in ~> 7.2.3, >= 7.2.3.1, ~> 8.0.4, >= 8.0.4.1, >= 8.1.2.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-45614MEDIUM4.59
puma
6.0.0
fixed in ~> 5.6.9, >= 6.4.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-25500MEDIUM4.59
rack
2.2.4
fixed in ~> 2.2.22, ~> 3.1.20, >= 3.2.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-21510MEDIUM4.59
sinatra
3.0.4
fixed in >= 4.1.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-38545MEDIUM4.58
curl
7.80.0-r5
fixed in 8.4.0-r0
78.5%
Actively Exploited
Post-Exploit
CVE-2022-23521MEDIUM4.58
git
2.34.5-r0
fixed in 2.34.6-r0
56.3%
Actively Exploited
Post-Exploit
CVE-2023-38545MEDIUM4.58
libcurl
7.80.0-r5
fixed in 8.4.0-r0
78.5%
Actively Exploited
Post-Exploit
CVE-2023-28319MEDIUM4.5
curl
7.80.0-r5
fixed in 8.1.0-r0
2.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-23946MEDIUM4.5
git
2.34.5-r0
fixed in 2.34.7-r0
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2023-28319MEDIUM4.5
libcurl
7.80.0-r5
fixed in 8.1.0-r0
2.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-0215MEDIUM4.5
openssl
1.1.1s-r1
fixed in 1.1.1t-r0
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-0464MEDIUM4.5
openssl
1.1.1s-r1
fixed in 1.1.1t-r2
3.7%
Low-Moderate Risk
Post-Exploit
CVE-2022-40898MEDIUM4.5
wheel
0.37.1
fixed in 0.38.1
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2024-49766MEDIUM4.5
Werkzeug
1.0.1
fixed in 3.0.6
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-66221MEDIUM4.5
Werkzeug
1.0.1
fixed in 3.1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-21860MEDIUM4.5
Werkzeug
1.0.1
fixed in 3.1.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-27199MEDIUM4.5
Werkzeug
1.0.1
fixed in 3.1.6
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-34073MEDIUM4.5
cryptography
3.3.2
fixed in 46.0.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45409MEDIUM4.5
idna
2.10
fixed in 3.15
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-27448MEDIUM4.5
pyOpenSSL
21.0.0
fixed in 26.0.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-47081MEDIUM4.5
requests
2.27.1
fixed in 2.32.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-44431MEDIUM4.5
urllib3
1.26.13
fixed in 2.7.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-33169MEDIUM4.5
activesupport
6.1.7
fixed in ~> 7.2.3, >= 7.2.3.1, ~> 8.0.4, >= 8.0.4.1, >= 8.1.2.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-14762MEDIUM4.5
aws-sdk-s3
1.117.2
fixed in >= 1.208.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-61772MEDIUM4.5
rack
2.2.4
fixed in ~> 2.2.19, ~> 3.1.17, >= 3.2.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-61780MEDIUM4.5
rack
2.2.4
fixed in ~> 2.2.20, ~> 3.1.18, >= 3.2.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34763MEDIUM4.5
rack
2.2.4
fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-26961MEDIUM4.5
rack
2.2.4
fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-24294MEDIUM4.5
resolv
0.2.1
fixed in ~> 0.2.2, ~> 0.3.0, >= 0.6.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-27221MEDIUM4.5
uri
0.10.1
fixed in ~> 0.11.3, ~> 0.12.4, ~> 0.13.2, >= 1.0.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-5870MEDIUM4.4
libecpg
14.5-r0
fixed in 14.10-r0
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-5870MEDIUM4.4
libpq
14.5-r0
fixed in 14.10-r0
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2021-43809MEDIUM4.38
bundler
2.1.4
fixed in >= 2.2.33
2.8%
Low-Moderate Risk
Post-Exploit
CVE-2023-5868MEDIUM4.3
libecpg
14.5-r0
fixed in 14.10-r0
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-5868MEDIUM4.3
libpq
14.5-r0
fixed in 14.10-r0
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2024-39908MEDIUM4.3
rexml
3.2.5
fixed in >= 3.3.2
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-4304MEDIUM4.07
openssl
1.1.1s-r1
fixed in 1.1.1t-r0
16.2%
High Exploitation Risk
Post-Exploit
CVE-2022-41903MEDIUM4.06
git
2.34.5-r0
fixed in 2.34.6-r0
44.0%
High Exploitation Risk
Post-Exploit
CVE-2023-28362MEDIUM4
actionpack
6.1.7
fixed in ~> 6.1.7.4, >= 7.0.5.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-23916LOW3.9
curl
7.80.0-r5
fixed in 7.80.0-r6
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-46218LOW3.9
curl
7.80.0-r5
fixed in 8.5.0-r0
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-23916LOW3.9
libcurl
7.80.0-r5
fixed in 7.80.0-r6
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-46218LOW3.9
libcurl
7.80.0-r5
fixed in 8.5.0-r0
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-41493LOW3.82
yard
0.9.28
fixed in >= 0.9.42
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-41128LOW3.7
actionpack
6.1.7
fixed in ~> 6.1.7.9, ~> 7.0.8, >= 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-47887LOW3.7
actionpack
6.1.7
fixed in ~> 6.1.7.9, ~> 7.0.8, >= 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-27285LOW3.66
yard
0.9.28
fixed in >= 0.9.36
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2023-39418LOW3.65
libecpg
14.5-r0
fixed in 14.9-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2023-39418LOW3.65
libpq
14.5-r0
fixed in 14.9-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-27205LOW3.65
Flask
1.1.4
fixed in 3.1.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-54133LOW3.65
actionpack
6.1.7
fixed in ~> 7.0.8, >= 7.0.8.7, ~> 7.1.5, >= 7.1.5.1, ~> 7.2.2, >= 7.2.2.1, >= 8.0.0.1
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-55193LOW3.65
activerecord
6.1.7
fixed in ~> 7.1.5, >= 7.1.5.2, ~> 7.2.2, >= 7.2.2.2, >= 8.0.2.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-45803LOW3.57
py3-urllib3
1.26.7-r0
fixed in 1.26.18-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-45803LOW3.57
urllib3
1.26.13
fixed in 2.0.7, 1.26.18
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-32441LOW3.57
rack
2.2.4
fixed in >= 2.2.14
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-27535LOW3.54
curl
7.80.0-r5
fixed in 8.0.1-r0
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-27536LOW3.54
curl
7.80.0-r5
fixed in 8.0.1-r0
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-27537LOW3.54
curl
7.80.0-r5
fixed in 8.0.1-r0
1.9%
Low-Moderate Risk
Post-Exploit
CVE-2023-28320LOW3.54
curl
7.80.0-r5
fixed in 8.1.0-r0
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-28321LOW3.54
curl
7.80.0-r5
fixed in 8.1.0-r0
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2023-27535LOW3.54
libcurl
7.80.0-r5
fixed in 8.0.1-r0
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-27536LOW3.54
libcurl
7.80.0-r5
fixed in 8.0.1-r0
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-27537LOW3.54
libcurl
7.80.0-r5
fixed in 8.0.1-r0
1.9%
Low-Moderate Risk
Post-Exploit
CVE-2023-28320LOW3.54
libcurl
7.80.0-r5
fixed in 8.1.0-r0
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-28321LOW3.54
libcurl
7.80.0-r5
fixed in 8.1.0-r0
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2022-40897LOW3.54
setuptools
44.1.1
fixed in 65.5.1
2.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-38039LOW3.51
curl
7.80.0-r5
fixed in 8.3.0-r0
63.8%
Actively Exploited
Post-Exploit
CVE-2023-25652LOW3.51
git
2.34.5-r0
fixed in 2.34.8-r0
52.2%
Actively Exploited
Post-Exploit
CVE-2023-38039LOW3.51
libcurl
7.80.0-r5
fixed in 8.3.0-r0
63.8%
Actively Exploited
Post-Exploit
CVE-2023-0286LOW3.46
openssl
1.1.1s-r1
fixed in 1.1.1t-r0
62.0%
Actively Exploited
Post-Exploit
CVE-2021-3572LOW3.42
pip
20.3.4
fixed in 21.1
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-23915LOW3.31
curl
7.80.0-r5
fixed in 7.80.0-r6
0.9%
Theoretical Threat
Post-Exploit
CVE-2023-23915LOW3.31
libcurl
7.80.0-r5
fixed in 7.80.0-r6
0.9%
Theoretical Threat
Post-Exploit
CVE-2023-27538LOW3.3
curl
7.80.0-r5
fixed in 8.0.1-r0
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-27538LOW3.3
libcurl
7.80.0-r5
fixed in 8.0.1-r0
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2022-48303LOW3.3
tar
1.34-r0
fixed in 1.34-r1
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-46219LOW3.18
curl
7.80.0-r5
fixed in 8.5.0-r0
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2023-46219LOW3.18
libcurl
7.80.0-r5
fixed in 8.5.0-r0
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2023-0465LOW3.18
openssl
1.1.1s-r1
fixed in 1.1.1t-r2
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-3446LOW3.18
openssl
1.1.1s-r1
fixed in 1.1.1u-r2
5.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-3817LOW3.18
openssl
1.1.1s-r1
fixed in 1.1.1v-r0
2.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-5678LOW3.18
openssl
1.1.1s-r1
fixed in 1.1.1w-r1
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-27533LOW3.17
curl
7.80.0-r5
fixed in 8.0.1-r0
2.0%
Low-Moderate Risk
Post-Exploit
CVE-2023-39417LOW3.17
libecpg
14.5-r0
fixed in 14.9-r0
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-5869LOW3.17
libecpg
14.5-r0
fixed in 14.10-r0
4.3%
Low-Moderate Risk
Post-Exploit
CVE-2023-39417LOW3.17
libpq
14.5-r0
fixed in 14.9-r0
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-5869LOW3.17
libpq
14.5-r0
fixed in 14.10-r0
4.3%
Low-Moderate Risk
Post-Exploit
CVE-2020-36327LOW3.17
bundler
2.1.4
fixed in = 2.2.10, >= 2.2.18
6.3%
Low-Moderate Risk
Post-Exploit
CVE-2022-41862LOW3.15
libecpg
14.5-r0
fixed in 14.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-41862LOW3.15
libpq
14.5-r0
fixed in 14.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-27280LOW3.1
stringio
3.0.1
fixed in >= 3.0.1.1
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-23934LOW2.98
Werkzeug
1.0.1
fixed in 2.2.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-6357LOW2.96
pip
20.3.4
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2023-22490LOW2.8
git
2.34.5-r0
fixed in 2.34.7-r0
0.7%
Theoretical Threat
Post-Exploit
CVE-2023-24056LOW2.8
pkgconf
1.8.0-r0
fixed in 1.8.1-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2023-2602LOW2.8
libcap
2.61-r0
fixed in 2.61-r1
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-4016LOW2.8
libproc
3.3.17-r0
fixed in 3.3.17-r1
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-38037LOW2.8
activesupport
6.1.7
fixed in ~> 6.1.7, >= 6.1.7.5, >= 7.0.7.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-40217LOW2.7
python3
3.9.16-r0
fixed in 3.9.18-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-8869LOW2.7
pip
20.3.4
fixed in 25.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-27281LOW2.7
rdoc
6.3.3
fixed in ~> 6.3.4, >= 6.3.4.1, ~> 6.4.1, >= 6.4.1.1, >= 6.5.1.1
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2026-3219LOW2.55
pip
20.3.4
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-54314LOW2.38
thor
1.2.1
fixed in >= 1.4.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2023-28322LOW2.22
curl
7.80.0-r5
fixed in 8.1.0-r0
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-38546LOW2.22
curl
7.80.0-r5
fixed in 8.4.0-r0
6.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-28322LOW2.22
libcurl
7.80.0-r5
fixed in 8.1.0-r0
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-38546LOW2.22
libcurl
7.80.0-r5
fixed in 8.4.0-r0
6.2%
Low-Moderate Risk
Post-Exploit
CVE-2026-1703LOW1.99
pip
20.3.4
fixed in 26.0
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-4016LOW1.68
procps
3.3.17-r0
fixed in 3.3.17-r1
0.2%
Theoretical Threat
Post-Exploit
CVE-2023-5752LOW1.68
pip
20.3.4
fixed in 23.3
0.5%
Theoretical Threat
Post-Exploit
CVE-2023-25815LOW1.32
git
2.34.5-r0
fixed in 2.34.8-r0
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-68121NONE0
stdlib
v1.19.3
fixed in 1.24.13, 1.25.7, 1.26.0-rc.3
0.8%
Theoretical Threat
Not Applicable
CVE-2023-24538NONE0
stdlib
v1.19.3
fixed in 1.19.8, 1.20.3
2.3%
Low-Moderate Risk
Not Applicable
CVE-2023-24540NONE0
stdlib
v1.19.3
fixed in 1.19.9, 1.20.4
1.6%
Low-Moderate Risk
Not Applicable
CVE-2024-24790NONE0
stdlib
v1.19.3
fixed in 1.21.11, 1.22.4
2.0%
Low-Moderate Risk
Not Applicable
CVE-2023-29403NONE0
stdlib
v1.19.3
fixed in 1.19.10, 1.20.5
0.4%
Theoretical Threat
Not Applicable
CVE-2022-41720NONE0
stdlib
v1.19.3
fixed in 1.18.9, 1.19.4
1.2%
Low-Moderate Risk
Not Applicable
CVE-2022-41722NONE0
stdlib
v1.19.3
fixed in 1.19.6, 1.20.1
1.7%
Low-Moderate Risk
Not Applicable
CVE-2022-41723NONE0
stdlib
v1.19.3
fixed in 1.19.6, 1.20.1
4.6%
Low-Moderate Risk
Not Applicable
CVE-2022-41724NONE0
stdlib
v1.19.3
fixed in 1.19.6, 1.20.1
1.1%
Low-Moderate Risk
Not Applicable
CVE-2022-41725NONE0
stdlib
v1.19.3
fixed in 1.19.6, 1.20.1
1.2%
Low-Moderate Risk
Not Applicable
CVE-2023-24534NONE0
stdlib
v1.19.3
fixed in 1.19.8, 1.20.3
1.9%
Low-Moderate Risk
Not Applicable
CVE-2023-24536NONE0
stdlib
v1.19.3
fixed in 1.19.8, 1.20.3
1.5%
Low-Moderate Risk
Not Applicable
CVE-2023-24537NONE0
stdlib
v1.19.3
fixed in 1.19.8, 1.20.3
1.4%
Low-Moderate Risk
Not Applicable
CVE-2023-39325NONE0
stdlib
v1.19.3
fixed in 1.20.10, 1.21.3
3.8%
Low-Moderate Risk
Not Applicable
CVE-2023-45283NONE0
stdlib
v1.19.3
fixed in 1.20.11, 1.21.4, 1.20.12, 1.21.5
2.8%
Low-Moderate Risk
Not Applicable
CVE-2023-45287NONE0
stdlib
v1.19.3
fixed in 1.20.0
1.3%
Low-Moderate Risk
Not Applicable
CVE-2023-45288NONE0
stdlib
v1.19.3
fixed in 1.21.9, 1.22.2
92.0%
Actively Exploited
Not Applicable
CVE-2024-34156NONE0
stdlib
v1.19.3
fixed in 1.22.7, 1.23.1
1.1%
Low-Moderate Risk
Not Applicable
CVE-2025-61726NONE0
stdlib
v1.19.3
fixed in 1.24.12, 1.25.6
0.8%
Theoretical Threat
Not Applicable
CVE-2025-61729NONE0
stdlib
v1.19.3
fixed in 1.24.11, 1.25.5
0.5%
Theoretical Threat
Not Applicable
CVE-2026-25679NONE0
stdlib
v1.19.3
fixed in 1.25.8, 1.26.1
0.5%
Theoretical Threat
Not Applicable
CVE-2026-32280NONE0
stdlib
v1.19.3
fixed in 1.25.9, 1.26.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-32281NONE0
stdlib
v1.19.3
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32283NONE0
stdlib
v1.19.3
fixed in 1.25.9, 1.26.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-33811NONE0
stdlib
v1.19.3
fixed in 1.25.10, 1.26.3
0.5%
Theoretical Threat
Not Applicable
CVE-2026-33814NONE0
stdlib
v1.19.3
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2026-39820NONE0
stdlib
v1.19.3
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2026-39836NONE0
stdlib
v1.19.3
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2025-58183NONE0
stdlib
v1.19.3
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-61728NONE0
stdlib
v1.19.3
fixed in 1.24.12, 1.25.6
0.6%
Theoretical Threat
Not Applicable
CVE-2023-24539NONE0
stdlib
v1.19.3
fixed in 1.19.9, 1.20.4
1.0%
Low-Moderate Risk
Not Applicable
CVE-2023-29400NONE0
stdlib
v1.19.3
fixed in 1.19.9, 1.20.4
1.0%
Low-Moderate Risk
Not Applicable
CVE-2025-47907NONE0
stdlib
v1.19.3
fixed in 1.23.12, 1.24.6
0.3%
Theoretical Threat
Not Applicable
CVE-2025-4673NONE0
stdlib
v1.19.3
fixed in 1.23.10, 1.24.4
0.6%
Theoretical Threat
Not Applicable
CVE-2023-29406NONE0
stdlib
v1.19.3
fixed in 1.19.11, 1.20.6
1.3%
Low-Moderate Risk
Not Applicable
CVE-2024-24785NONE0
stdlib
v1.19.3
fixed in 1.21.8, 1.22.1
0.8%
Theoretical Threat
Not Applicable
CVE-2025-47906NONE0
stdlib
v1.19.3
fixed in 1.23.12, 1.24.6
0.5%
Theoretical Threat
Not Applicable
CVE-2025-61727NONE0
stdlib
v1.19.3
fixed in 1.24.11, 1.25.5
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32282NONE0
stdlib
v1.19.3
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2023-39318NONE0
stdlib
v1.19.3
fixed in 1.20.8, 1.21.1
0.8%
Theoretical Threat
Not Applicable
CVE-2023-39319NONE0
stdlib
v1.19.3
fixed in 1.20.8, 1.21.1
0.8%
Theoretical Threat
Not Applicable
CVE-2026-32289NONE0
stdlib
v1.19.3
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2024-24783NONE0
stdlib
v1.19.3
fixed in 1.21.8, 1.22.1
0.7%
Theoretical Threat
Not Applicable
CVE-2024-24791NONE0
stdlib
v1.19.3
fixed in 1.21.12, 1.22.5
1.4%
Low-Moderate Risk
Not Applicable
CVE-2024-34155NONE0
stdlib
v1.19.3
fixed in 1.22.7, 1.23.1
0.8%
Theoretical Threat
Not Applicable
CVE-2024-34158NONE0
stdlib
v1.19.3
fixed in 1.22.7, 1.23.1
1.0%
Low-Moderate Risk
Not Applicable
CVE-2024-45336NONE0
stdlib
v1.19.3
fixed in 1.22.11, 1.23.5, 1.24.0-rc.2
0.6%
Theoretical Threat
Not Applicable
CVE-2024-24789NONE0
stdlib
v1.19.3
fixed in 1.21.11, 1.22.4
0.4%
Theoretical Threat
Not Applicable
CVE-2026-32288NONE0
stdlib
v1.19.3
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2024-24784NONE0
stdlib
v1.19.3
fixed in 1.21.8, 1.22.1
1.0%
Low-Moderate Risk
Not Applicable
CVE-2025-22871NONE0
stdlib
v1.19.3
fixed in 1.23.8, 1.24.2
0.7%
Theoretical Threat
Not Applicable
CVE-2026-27142NONE0
stdlib
v1.19.3
fixed in 1.25.8, 1.26.1
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39826NONE0
stdlib
v1.19.3
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2022-41717NONE0
stdlib
v1.19.3
fixed in 1.18.9, 1.19.4
5.6%
Low-Moderate Risk
Not Applicable
CVE-2023-24532NONE0
stdlib
v1.19.3
fixed in 1.19.7, 1.20.2
0.8%
Theoretical Threat
Not Applicable
CVE-2023-29409NONE0
stdlib
v1.19.3
fixed in 1.19.12, 1.20.7, 1.21.0-rc.4
1.3%
Low-Moderate Risk
Not Applicable
CVE-2023-39326NONE0
stdlib
v1.19.3
fixed in 1.20.12, 1.21.5
1.2%
Low-Moderate Risk
Not Applicable
CVE-2023-45284NONE0
stdlib
v1.19.3
fixed in 1.20.11, 1.21.4
0.9%
Theoretical Threat
Not Applicable
CVE-2023-45289NONE0
stdlib
v1.19.3
fixed in 1.21.8, 1.22.1
1.1%
Low-Moderate Risk
Not Applicable
CVE-2023-45290NONE0
stdlib
v1.19.3
fixed in 1.21.8, 1.22.1
1.2%
Low-Moderate Risk
Not Applicable
CVE-2025-22866NONE0
stdlib
v1.19.3
fixed in 1.22.12, 1.23.6, 1.24.0-rc.3
0.3%
Theoretical Threat
Not Applicable
CVE-2025-22873NONE0
stdlib
v1.19.3
fixed in 1.23.9, 1.24.3
0.2%
Theoretical Threat
Not Applicable
CVE-2025-47912NONE0
stdlib
v1.19.3
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-58185NONE0
stdlib
v1.19.3
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2025-58187NONE0
stdlib
v1.19.3
fixed in 1.24.9, 1.25.3
0.4%
Theoretical Threat
Not Applicable
CVE-2025-58188NONE0
stdlib
v1.19.3
fixed in 1.24.8, 1.25.2
0.3%
Theoretical Threat
Not Applicable
CVE-2025-58189NONE0
stdlib
v1.19.3
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-61723NONE0
stdlib
v1.19.3
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Not Applicable
CVE-2025-61724NONE0
stdlib
v1.19.3
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2025-61725NONE0
stdlib
v1.19.3
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Not Applicable
CVE-2025-61730NONE0
stdlib
v1.19.3
fixed in 1.24.12, 1.25.6
0.3%
Theoretical Threat
Not Applicable
CVE-2025-58186NONE0
stdlib
v1.19.3
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2025-22870NONE0
stdlib
v1.19.3
fixed in 1.23.7, 1.24.1
0.4%
Theoretical Threat
Not Applicable
CVE-2024-45341NONE0
stdlib
v1.19.3
fixed in 1.22.11, 1.23.5, 1.24.0-rc.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-27139NONE0
stdlib
v1.19.3
fixed in 1.25.8, 1.26.1
0.2%
Theoretical Threat
Not Applicable
GHSA-537c-gmf6-5ccfNONE0
cryptography
3.3.2
fixed in 48.0.1
Not Applicable
GHSA-5cpq-8wj7-hf2vNONE0
cryptography
3.3.2
fixed in 41.0.0
Not Applicable
GHSA-jm77-qphf-c4w8NONE0
cryptography
3.3.2
fixed in 41.0.3
Not Applicable
GHSA-v8gr-m533-ghj9NONE0
cryptography
3.3.2
fixed in 41.0.4
Not Applicable
CVE-2026-47240NONE0
net-imap
0.1.1
fixed in ~> 0.5.15, >= 0.6.4.1
Not Applicable
CVE-2026-47242NONE0
net-imap
0.1.1
fixed in ~> 0.5.15, >= 0.6.4.1
Not Applicable
CVE-2026-47241NONE0
net-imap
0.1.1
fixed in ~> 0.5.15, >= 0.6.4.1
Not Applicable
GHSA-353f-x4gh-cqq8NONE0
nokogiri
1.13.10
fixed in >= 1.18.9
Not Applicable
GHSA-c4rq-3m3g-8wgxNONE0
nokogiri
1.13.10
fixed in >= 1.19.3
Not Applicable
GHSA-mrxw-mxhj-p664NONE0
nokogiri
1.13.10
fixed in >= 1.18.4
Not Applicable
GHSA-pxvg-2qj5-37jqNONE0
nokogiri
1.13.10
fixed in >= 1.14.3
Not Applicable
GHSA-v2fc-qm4h-8hqvNONE0
nokogiri
1.13.10
fixed in >= 1.19.3
Not Applicable
GHSA-wx95-c6cv-8532NONE0
nokogiri
1.13.10
fixed in >= 1.19.1
Not Applicable
GHSA-xc9x-jj77-9p9jNONE0
nokogiri
1.13.10
fixed in ~> 1.15.6, >= 1.16.2
Not Applicable
GHSA-5w6v-399v-w3ccNONE0
nokogiri
1.13.10
fixed in >= 1.18.8
Not Applicable
GHSA-r95h-9x8f-r3f7NONE0
nokogiri
1.13.10
fixed in >= 1.16.5
Not Applicable
GHSA-vvfq-8hwr-qm4mNONE0
nokogiri
1.13.10
fixed in >= 1.18.3
Not Applicable
CVE-2026-47736NONE0
puma
6.0.0
fixed in ~> 7.2.1, >= 8.0.2
Not Applicable
CVE-2026-47737NONE0
puma
6.0.0
fixed in ~> 7.2.1, >= 8.0.2
Not Applicable
CVE-2026-39823NONE0
stdlib
v1.19.3
fixed in 1.25.10, 1.26.3
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39825NONE0
stdlib
v1.19.3
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2026-42499NONE0
stdlib
v1.19.3
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2026-42504NONE0
stdlib
v1.19.3
fixed in 1.25.11, 1.26.4
0.4%
Theoretical Threat
Not Applicable
CVE-2025-0913NONE0
stdlib
v1.19.3
fixed in 1.23.10, 1.24.4
0.2%
Theoretical Threat
Not Applicable
CVE-2026-27145NONE0
stdlib
v1.19.3
fixed in 1.25.11, 1.26.4
0.3%
Theoretical Threat
Not Applicable
CVE-2026-42507NONE0
stdlib
v1.19.3
fixed in 1.25.11, 1.26.4
0.3%
Theoretical Threat
Not Applicable