VulnerableCode Package Details - pkg:gem/ember-source@1.12

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:gem/ember-source@1.12

purl	pkg:gem/ember-source@1.12
Tags	Ghost

Next non-vulnerable version	1.12.2
Latest non-vulnerable version	2.2.1
Risk	3.1

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-j9hr-h13w-y3ek Aliases: CVE-2015-1866 GHSA-mp78-r56v-45qc	ember-source vulnerable to Cross-site Scripting	There are no reported fixed by versions.
VCID-mwk4-5dwe-m3hm Aliases: CVE-2015-7565 GHSA-m3q7-rj8g-m457	ember-source Cross-site Scripting vulnerability	1.12.2 Affected by 0 other vulnerabilities. 1.13.12 Affected by 0 other vulnerabilities. 2.0.3 Affected by 0 other vulnerabilities. 2.1.2 Affected by 0 other vulnerabilities. 2.2.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-j9hr-h13w-y3ek
Aliases:
CVE-2015-1866
GHSA-mp78-r56v-45qc

ember-source vulnerable to Cross-site Scripting

There are no reported fixed by versions.

VCID-mwk4-5dwe-m3hm
Aliases:
CVE-2015-7565
GHSA-m3q7-rj8g-m457

ember-source Cross-site Scripting vulnerability

1.12.2
Affected by 0 other vulnerabilities.

1.13.12
Affected by 0 other vulnerabilities.

2.0.3
Affected by 0 other vulnerabilities.

2.1.2
Affected by 0 other vulnerabilities.

2.2.1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T03:51:48.456188+00:00	Ruby Importer	Affected by	VCID-j9hr-h13w-y3ek	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ember-source/CVE-2015-1866.yml	38.6.0
2026-06-12T03:51:48.175130+00:00	Ruby Importer	Affected by	VCID-mwk4-5dwe-m3hm	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ember-source/CVE-2015-7565.yml	38.6.0