pkg:RubyGems/carrierwave

All known vulnerabilities

• HIGH7.4CVE-2021-21305Code Injection vulnerability in CarrierWave::RMagick
  from 0, < 1.3.2
• MEDIUM6.8CVE-2024-29034CarrierWave content-Type allowlist bypass vulnerability which possibly leads to XSS remained
  >= 3.0.0, < 3.0.7
• MEDIUM6.8CVE-2023-49090CarrierWave Content-Type allowlist bypass vulnerability, possibly leading to XSS
  >= 3.0.0, < 3.0.5
• MEDIUM4.7CVE-2026-44587CarrierWave has a denylisted_content_type bypass via Unescaped Regex Metacharacters
  >= 3.0.0.beta, < 3.1.3
• MEDIUM4.3CVE-2021-21288Server-side request forgery in CarrierWave
  from 0, < 1.3.2