activeadmin (RubyGems) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the RubyGems package activeadmin, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2023-50448 — CVSS 6.5 (medium): In ActiveAdmin (aka Active Admin) before 2.12.0, a concurrency issue allows a malicious actor to access potentially private data (that…
CVE-2024-37031 — CVSS 6.1 (medium): The Active Admin (aka activeadmin) framework before 3.2.2 for Ruby on Rails allows stored XSS in certain situations where users can create…