Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Rubygems
Passenger

rubygems passenger Vulnerabilities: CVEs, CISA KEV & Security Advisories

14 CVEs

rubygems

rubygems passenger Vulnerabilities

CVE security advisories and vulnerability history for passenger by rubygems.

14

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

0

Public exploits

With known exploit

5.3

Avg CVSS

2013–2025

Last updated February 24, 2025

Overview

rubygems passenger has 14 published CVE records since 2013, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 0 have a known public exploit. The average CVSS base score across scored CVEs is 5.3.

This page aggregates every publicly disclosed vulnerability (CVE) affecting rubygems passenger, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.

Severity and exploitation

How the CVSS severity of rubygems passenger's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical0

High0

Medium1

Low0

13 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

0

None of rubygems passenger's CVEs are currently listed in CISA's KEV catalog.

Public exploits

0

No rubygems passenger CVEs currently have a tracked public exploit.

Affected versions and CVEs

Browse every rubygems passenger version named in a CVE, then pick one to see only the CVEs that affect it.

Fixed in

5.3.25 CVEs
4.0.382 CVEs
3.0.211 CVE
4.0.0.rc41 CVE
4.0.51 CVE
4.0.61 CVE
4.0.601 CVE
5.0.221 CVE
5.1.01 CVE
5.1.111 CVE
6.0.261 CVE

Find a version

14 CVEs

Sort

Medium vulnerability · 2025-02-24
CVE-2025-26803
Patch
CWE-908
Medium · CVSS 5.3
EPSS 0.3% (51th pct)2025-02-24
Vulnerability · 2019-11-19
CVE-2012-6135
Patch
Unscored
EPSS 1.3% (80th pct)2019-11-19
Vulnerability · 2018-06-21
CVE-2018-12615
Patch
Unscored
EPSS 0.2% (42th pct)2018-06-21
Vulnerability · 2018-06-17
CVE-2018-12029
Patch
Unscored
EPSS 0.1% (27th pct)2018-06-17
Vulnerability · 2018-06-17
CVE-2018-12028
Patch
Unscored
EPSS 0.2% (39th pct)2018-06-17
Vulnerability · 2018-06-17
CVE-2018-12027
Patch
Unscored
EPSS 0.3% (51th pct)2018-06-17
Vulnerability · 2018-06-17
CVE-2018-12026
Patch
Unscored
EPSS 1.1% (79th pct)2018-06-17
Vulnerability · 2017-12-14
CVE-2017-16355
Patch
Unscored
EPSS 0.1% (33th pct)2017-12-14
Vulnerability · 2017-04-18
CVE-2016-10345
Patch
Unscored
EPSS 0.1% (20th pct)2017-04-18
Vulnerability · 2016-01-08
CVE-2015-7519
Patch
Unscored
EPSS 0.4% (59th pct)2016-01-08
Vulnerability · 2015-02-19
CVE-2014-1832
Patch
Unscored
EPSS 0.1% (21th pct)2015-02-19
Vulnerability · 2015-02-19
CVE-2014-1831
Patch
Unscored
EPSS 0.1% (21th pct)2015-02-19
Vulnerability · 2014-01-02
CVE-2013-2119
Patch
Unscored
EPSS 0.1% (18th pct)2014-01-02
Vulnerability · 2013-09-30
CVE-2013-4136
Patch
Unscored
EPSS 0.0% (14th pct)2013-09-30

Common weakness types

The CWE weakness categories most often found in rubygems passenger CVEs. Follow any weakness for its full explanation.

CWE-908Use of Uninitialized Resource1 CVE

Disclosure activity by year

How many rubygems passenger CVEs were published each year.

2013

1

2014

1

2015

2

2016

1

2017

2

2018

5

2019

1

2025

1

Other rubygems products

Browse vulnerabilities for other products by rubygems.

actionpack63 CVEs rack50 CVEs nokogiri34 CVEs rubygems27 CVEs rubygems-update25 CVEs activerecord23 CVEs puppet23 CVEs activesupport17 CVEs

All rubygems vulnerabilities

Frequently asked questions

Common questions about rubygems passenger vulnerabilities.

How many CVEs does rubygems passenger have?

rubygems passenger has 14 published CVE records since 2013.

How many rubygems passenger CVEs are in CISA KEV?

None of rubygems passenger's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for rubygems passenger vulnerabilities?

No rubygems passenger CVEs currently have a tracked public exploit in this dataset.

Which versions of rubygems passenger are affected?

11 distinct rubygems passenger versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in rubygems passenger CVEs?

rubygems passenger's CVEs most often map to these CWE weakness types: CWE-908 (Use of Uninitialized Resource).

What is the average severity of rubygems passenger CVEs?

The average CVSS base score across rubygems passenger's scored CVEs is 5.3.

References

All rubygems vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track rubygems passenger vulnerabilities

Monitor new rubygems passenger vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References