Vulnerability Directory

If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.

Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.

Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.
Talk to Our Experts
Get Pricing
Arrow down

Vulnerability Directory

If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.

Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.

Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.

Talk to Our Experts
Get Pricing
Codey gradient
Search here
Clear
Filter by Severity
Clear
Filter by Technology
Sign up for the latest vulnerability alerts
Rss feed icon
Subscribe via RSS
or
Thanks for signing up for our Newsletter! We look forward to connecting with you.
Oops! Something went wrong while submitting the form.
Severity
ID
Technology
Libraries Affected
Category
Version(s) Affected
Published Date
Critical
Open in new tab icon
CVE-2022-21831
Rails
Ruby on Rails Framework
Remote Code Execution
7.0.0.0 - <= 7.0.2.2 6.1.0.0 - <= 6.1.4.6 6.0.0.0 - <= 6.0.4.6 5.2.0.0 - <= 5.2.6.2
May 26, 2022
Medium
Open in new tab icon
CVE-2021-4231
Angular
Angular
Cross-Site Scripting
<=11.1.0
May 26, 2022
Medium
Open in new tab icon
CVE-2022-22976
Spring
Spring Security
Authorization Bypass
<5.5.7, >=5.6.0 <5.6.4
May 17, 2022
High
Open in new tab icon
CVE-2022-22978
Spring
Spring Security
Authorization Bypass
<5.4.11, >=5.5.0 <5.5.7, >=5.6.x <5.6.4
May 16, 2022
Medium
Open in new tab icon
CVE-2022-22970
Spring
Spring Framework
Denial of Service
<5.2.22, >=5.3.0 <5.3.20
May 11, 2022
Medium
Open in new tab icon
CVE-2022-22971
Spring
Spring Framework
Denial of Service
<5.2.22, >=5.3.0 <5.3.20
May 11, 2022
Medium
Open in new tab icon
CVE-2022-25844
AngularJS
AngularJS
ReDoS Vulnerability
>=1.7.0
May 1, 2022
Medium
Open in new tab icon
CVE-2022-22968
Spring
Spring Framework
Authorization Bypass
<5.2.21, >=5.3.0 <5.3.19
Apr 14, 2022
Critical
Open in new tab icon
CVE-2022-22965
Spring
Spring Framework
Remote Code Execution
<5.2.20, >=5.3.0 <5.3.18
Apr 1, 2022
Medium
Open in new tab icon
CVE-2022-22950
Spring
Spring Framework
Denial of Service
<5.2.20, >=5.3.0 <5.3.17
Apr 1, 2022
Low
Open in new tab icon
CVE-2021-22112
Spring
Spring Security
Denial of Service
<5.2.9.RELEASE, >=5.3.0 <5.3.9.RELEASE, >=5.4.0 <5.4.4
Feb 19, 2021
High
Open in new tab icon
CVE-2020-8161
Rails
Ruby on Rails Framework
Remote Code Execution
< 2.1.3 < 2.2.0 Applications that do not use Rack::Directory
Jul 20, 2020
High
Open in new tab icon
CVE-2020-8163
Rails
Ruby on Rails Framework
Remote Code Execution
<= 5.0.0 Not affected: Applications that do not allow users to control the names of locals. <= 4.2.11.1
Jul 2, 2020
High
Open in new tab icon
CVE-2020-8162
Rails
Ruby on Rails Framework
Authorization Bypass
<= 5.2.4.1 <= 6.0.3.0 Not affected: Applications that do not use the direct upload functionality of the ActiveStorage S3 adapter.
Jun 19, 2020
Critical
Open in new tab icon
CVE-2020-8165
Rails
Ruby on Rails Framework
Remote Code Execution
6.0.0 - <= 6.0.3.0 5.0.0 - <= 5.2.4.2
Jun 19, 2020
Exclamation icon
No results found

Please enter a valid Vulnerability ID number or Technology name.

By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

PreferencesRejectAccept
Manage Consent Preferences by Category
Essentials
Always active

Necessary for the site to function. Always On.

Used for targeted advertising.

Remembers your preferences and provides enhanced features.

Measures usage and improves your experience.

Reject AllAccept All
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.