VulnerableCode Package Details - pkg:gem/safemode@1.2.3

Search for packages

Vulnerability	Summary	Fixed by
VCID-6hub-g2ja-afaw Aliases: CVE-2016-3693 GHSA-c92m-rrrc-q5wf	Information disclosure vulnerability safemode for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method.	1.2.4 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-6sgh-v5u7-w3h9 Aliases: CVE-2017-7540 GHSA-5vx5-9q73-wgp4	Safe mode bypassing Safemode is vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete-permissions or possibly to privilege escalation.	1.3.2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.3.4 Affected by 0 other vulnerabilities.
VCID-96hp-qxsu-rqa2 Aliases: GHSA-8474-rc7c-wrhp	High severity vulnerability that affects safemode Withdrawn, accidental duplicate publish. The safemode rubygem, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation.	1.3.3 Affected by 0 other vulnerabilities.
VCID-ty6t-p6kh-z7ap Aliases: GHSA-44vc-fpcg-5cc5	Moderate severity vulnerability that affects safemode Withdrawn, accidental duplicate publish. The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method.	1.2.4 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-6hub-g2ja-afaw
Aliases:
CVE-2016-3693
GHSA-c92m-rrrc-q5wf

Information disclosure vulnerability safemode for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method.

1.2.4
Affected by 2 other vulnerabilities.

VCID-6sgh-v5u7-w3h9
Aliases:
CVE-2017-7540
GHSA-5vx5-9q73-wgp4

Safe mode bypassing Safemode is vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete-permissions or possibly to privilege escalation.

1.3.2
Affected by 2 other vulnerabilities.

1.3.4
Affected by 0 other vulnerabilities.

VCID-96hp-qxsu-rqa2
Aliases:
GHSA-8474-rc7c-wrhp

High severity vulnerability that affects safemode Withdrawn, accidental duplicate publish. The safemode rubygem, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation.

1.3.3
Affected by 0 other vulnerabilities.

VCID-ty6t-p6kh-z7ap
Aliases:
GHSA-44vc-fpcg-5cc5

Moderate severity vulnerability that affects safemode Withdrawn, accidental duplicate publish. The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method.

1.2.4
Affected by 2 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T01:22:15.049061+00:00	GHSA Importer	Affected by	VCID-ty6t-p6kh-z7ap	https://github.com/advisories/GHSA-44vc-fpcg-5cc5	38.4.0
2026-04-16T01:22:14.951656+00:00	GHSA Importer	Affected by	VCID-96hp-qxsu-rqa2	https://github.com/advisories/GHSA-8474-rc7c-wrhp	38.4.0
2026-04-11T21:48:05.670377+00:00	GitLab Importer	Affected by	VCID-6sgh-v5u7-w3h9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/safemode/CVE-2017-7540.yml	38.3.0
2026-04-11T21:44:28.367808+00:00	GitLab Importer	Affected by	VCID-6hub-g2ja-afaw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/safemode/CVE-2016-3693.yml	38.3.0
2026-04-11T12:51:20.498701+00:00	GHSA Importer	Affected by	VCID-ty6t-p6kh-z7ap	https://github.com/advisories/GHSA-44vc-fpcg-5cc5	38.3.0
2026-04-11T12:51:20.399787+00:00	GHSA Importer	Affected by	VCID-96hp-qxsu-rqa2	https://github.com/advisories/GHSA-8474-rc7c-wrhp	38.3.0
2026-04-02T22:01:59.610885+00:00	GitLab Importer	Affected by	VCID-6sgh-v5u7-w3h9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/safemode/CVE-2017-7540.yml	38.1.0
2026-04-02T21:58:33.733501+00:00	GitLab Importer	Affected by	VCID-6hub-g2ja-afaw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/safemode/CVE-2016-3693.yml	38.1.0
2026-04-02T13:44:41.855929+00:00	GHSA Importer	Affected by	VCID-ty6t-p6kh-z7ap	https://github.com/advisories/GHSA-44vc-fpcg-5cc5	38.1.0
2026-04-02T13:44:41.801961+00:00	GHSA Importer	Affected by	VCID-96hp-qxsu-rqa2	https://github.com/advisories/GHSA-8474-rc7c-wrhp	38.1.0
2026-04-01T16:19:12.200612+00:00	GitLab Importer	Affected by	VCID-6sgh-v5u7-w3h9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/safemode/CVE-2017-7540.yml	38.0.0
2026-04-01T12:47:03.348986+00:00	GitLab Importer	Affected by	VCID-6hub-g2ja-afaw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/safemode/CVE-2016-3693.yml	38.0.0