VulnerableCode Package Details - pkg:gem/safemode@1.3.2

Search for packages

Vulnerability	Summary	Fixed by
VCID-6sgh-v5u7-w3h9 Aliases: CVE-2017-7540 GHSA-5vx5-9q73-wgp4	Safe mode bypassing Safemode is vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete-permissions or possibly to privilege escalation.	1.3.4 Affected by 0 other vulnerabilities.
VCID-96hp-qxsu-rqa2 Aliases: GHSA-8474-rc7c-wrhp	High severity vulnerability that affects safemode Withdrawn, accidental duplicate publish. The safemode rubygem, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation.	1.3.3 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-6sgh-v5u7-w3h9
Aliases:
CVE-2017-7540
GHSA-5vx5-9q73-wgp4

Safe mode bypassing Safemode is vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete-permissions or possibly to privilege escalation.

1.3.4
Affected by 0 other vulnerabilities.

VCID-96hp-qxsu-rqa2
Aliases:
GHSA-8474-rc7c-wrhp

High severity vulnerability that affects safemode Withdrawn, accidental duplicate publish. The safemode rubygem, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation.

1.3.3
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6sgh-v5u7-w3h9	Safe mode bypassing Safemode is vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete-permissions or possibly to privilege escalation.	CVE-2017-7540 GHSA-5vx5-9q73-wgp4

Vulnerability

Summary

Aliases

VCID-6sgh-v5u7-w3h9

CVE-2017-7540
GHSA-5vx5-9q73-wgp4

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:37:28.701093+00:00	GitLab Importer	Affected by	VCID-6sgh-v5u7-w3h9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/safemode/CVE-2017-7540.yml	38.4.0
2026-04-16T01:22:14.968663+00:00	GHSA Importer	Affected by	VCID-96hp-qxsu-rqa2	https://github.com/advisories/GHSA-8474-rc7c-wrhp	38.4.0
2026-04-11T21:48:05.685118+00:00	GitLab Importer	Affected by	VCID-6sgh-v5u7-w3h9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/safemode/CVE-2017-7540.yml	38.3.0
2026-04-11T12:51:20.416523+00:00	GHSA Importer	Affected by	VCID-96hp-qxsu-rqa2	https://github.com/advisories/GHSA-8474-rc7c-wrhp	38.3.0
2026-04-02T22:01:59.624049+00:00	GitLab Importer	Affected by	VCID-6sgh-v5u7-w3h9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/safemode/CVE-2017-7540.yml	38.1.0
2026-04-02T13:44:41.807807+00:00	GHSA Importer	Affected by	VCID-96hp-qxsu-rqa2	https://github.com/advisories/GHSA-8474-rc7c-wrhp	38.1.0
2026-04-01T16:19:12.217548+00:00	GitLab Importer	Affected by	VCID-6sgh-v5u7-w3h9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/safemode/CVE-2017-7540.yml	38.0.0
2026-04-01T15:56:11.620931+00:00	GHSA Importer	Fixing	VCID-6sgh-v5u7-w3h9	https://github.com/advisories/GHSA-5vx5-9q73-wgp4	38.0.0
2026-04-01T12:54:14.528303+00:00	GithubOSV Importer	Fixing	VCID-6sgh-v5u7-w3h9	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2017/10/GHSA-5vx5-9q73-wgp4/GHSA-5vx5-9q73-wgp4.json	38.0.0