risk 43/100 · moderate

RubyGems · actionpack

25 known advisories.

Risk score: 43/100

Transparent, additive — every input shown:

Worst severity: +30
Worst CVSS: +0
Exploited in the wild: +0
Exploit probability (EPSS): +13

Advisories

CVE-2022-23633 — high
CVE-2021-22904 — high
CVE-2021-22885 — high
CVE-2021-22902 — high
CVE-2020-8164 — high
CVE-2024-47887 — medium
CVE-2024-41128 — medium
CVE-2024-28103 — medium
CVE-2024-26143 — medium
CVE-2023-28362 — medium
CVE-2023-22797 — medium
CVE-2022-22577 — medium
CVE-2011-1497 — medium
CVE-2021-44528 — medium
CVE-2021-22942 — medium
CVE-2021-22903 — medium
CVE-2020-8264 — medium
CVE-2021-22881 — medium
CVE-2020-8185 — medium
CVE-2020-8166 — medium
CVE-2026-33167 — low
CVE-2024-54133 — low
CVE-2024-26142 — low
CVE-2023-22792 — low
CVE-2023-22795 — low

Stateward checks every dependency on every pull request and flags actionpack only if your code actually reaches the vulnerable path.

Scan my repo

Sources: CISA KEV (public domain), OSV.dev & GitHub Advisory Database (CC-BY-4.0), FIRST EPSS, NVD/CWE (public domain). Served live from the Stateward advisory database.