Search for packages
| purl | pkg:gem/omniauth@1.3.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-gtk5-xfmf-97ag
Aliases: CVE-2020-36599 GHSA-pm55-qfxr-h247 |
lib/omniauth/failure_endpoint.rb in OmniAuth before 1.9.2 (and before 2.0) does not escape the message_key value. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-v81q-9689-5uea
Aliases: CVE-2015-9284 GHSA-ww4x-rwq6-qpgf |
OmniAuth Ruby gem Cross-site Request Forgery in request phase |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-xqas-uqre-buhk | security update |
CVE-2017-18076
GHSA-9pr6-grf4-x2fr |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-12T18:30:01.361175+00:00 | GitLab Importer | Affected by | VCID-gtk5-xfmf-97ag | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/omniauth/CVE-2020-36599.yml | 38.6.0 |
| 2026-06-12T17:10:38.194793+00:00 | GitLab Importer | Affected by | VCID-v81q-9689-5uea | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/omniauth/CVE-2015-9284.yml | 38.6.0 |
| 2026-06-12T15:40:19.974546+00:00 | GitLab Importer | Fixing | VCID-xqas-uqre-buhk | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/omniauth/CVE-2017-18076.yml | 38.6.0 |
| 2026-06-12T08:09:53.689194+00:00 | GithubOSV Importer | Fixing | VCID-xqas-uqre-buhk | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/01/GHSA-9pr6-grf4-x2fr/GHSA-9pr6-grf4-x2fr.json | 38.6.0 |
| 2026-06-11T20:23:59.054294+00:00 | GHSA Importer | Fixing | VCID-xqas-uqre-buhk | https://github.com/advisories/GHSA-9pr6-grf4-x2fr | 38.6.0 |