Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: cwe-625 Clear
ID Title
CVE-2026-44587 Cross-Site Scripting (XSS) in carrierwave (CVE-2026-44587)
cross-site scripting in carrierwave (CVE-2026-44587). Risk of unauthorized operations or information disclosure. Exploitable via ``Regexp.quote``. Mitigation: upgrade to `2.2.7` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →