VulnerableCode Package Details - pkg:gem/secure

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:gem/secure_headers@3.6.4

purl	pkg:gem/secure_headers@3.6.4

Next non-vulnerable version	5.2.0
Latest non-vulnerable version	5.2.0
Risk	3.1

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-mdz1-2hsh-pqcf Aliases: CVE-2020-5216 GHSA-w978-rmpf-qmwg		3.9.0 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.2.0 Affected by 0 other vulnerabilities. 6.0.0.alpha01 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.3.0 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-q7nc-n2te-mbfz Aliases: CVE-2020-5217 GHSA-xq52-rv6w-397c		3.8.0 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.1.0 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.2.0 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-mdz1-2hsh-pqcf
Aliases:
CVE-2020-5216
GHSA-w978-rmpf-qmwg

3.9.0
Affected by 2 other vulnerabilities.

5.2.0
Affected by 0 other vulnerabilities.

6.0.0.alpha01
Affected by 2 other vulnerabilities.

6.3.0
Affected by 2 other vulnerabilities.

VCID-q7nc-n2te-mbfz
Aliases:
CVE-2020-5217
GHSA-xq52-rv6w-397c

3.8.0
Affected by 2 other vulnerabilities.

5.1.0
Affected by 2 other vulnerabilities.

6.2.0
Affected by 2 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T10:16:58.751745+00:00	Ruby Importer	Affected by	VCID-q7nc-n2te-mbfz	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/secure_headers/CVE-2020-5217.yml	38.6.0
2026-05-31T10:16:58.209681+00:00	Ruby Importer	Affected by	VCID-mdz1-2hsh-pqcf	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/secure_headers/CVE-2020-5216.yml	38.6.0
2026-05-31T10:02:05.426131+00:00	GitLab Importer	Affected by	VCID-mdz1-2hsh-pqcf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/secure_headers/CVE-2020-5216.yml	38.6.0
2026-05-31T10:01:56.874890+00:00	GitLab Importer	Affected by	VCID-q7nc-n2te-mbfz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/secure_headers/CVE-2020-5217.yml	38.6.0