CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-6596

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.00617EPSS

Exploits0References6

OSV•added 2022/08/19 12:0 a.m.•17 views

GHSA-PM55-QFXR-H247 OmniAuth's `lib/omniauth/failure_endpoint.rb` does not escape `message_key` value

lib/omniauth/failureendpoint.rb in OmniAuth before 1.9.2 and before 2.0 does not escape the messagekey value...

9.8CVSS9.4AI score0.00617EPSS

Exploits0References5

UbuntuCve•added 2022/08/18 11:15 p.m.•17 views

CVE-2020-36599

lib/omniauth/failureendpoint.rb in OmniAuth before 1.9.2 and before 2.0 does not escape the messagekey value...

9.8CVSS7.2AI score0.00617EPSS

Exploits0References3

Debian CVE•added 2022/08/18 10:48 p.m.•57 views

CVE-2020-36599

lib/omniauth/failureendpoint.rb in OmniAuth before 1.9.2 and before 2.0 does not escape the messagekey value...

9.8CVSS9.5AI score0.00617EPSS

Exploits0

CVE•added 2022/08/18 10:48 p.m.•77 views

CVE-2020-36599

Summary: CVE-2020-36599 affects the Ruby library OmniAuth, specifically lib/omniauth/failure_endpoint.rb. The issue occurs in OmniAuth before 1.9.2 and before 2.0 where the message_key value is not escaped, as described in the initial description and corroborated by references pointing to 1.9.2 r...

9.8CVSS9.3AI score0.00617EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by