pkg:RubyGems/secure_headers
3 total CVEsMEDIUM3
✅ Check your installed version
All known vulnerabilities
MEDIUM4.7CVE-2026-54163Secure Headers: CSP directive injection via sandbox, plugin_types, and report_to when given untrusted input from 0, < 7.3.0
MEDIUM4.4CVE-2020-5217Directive injection when using dynamic overrides with user input >= 6.0.0, < 6.2.0
MEDIUM4.4CVE-2020-5216Limited header injection when using dynamic overrides with user input in RubyGems secure_headers >= 6.0.0, < 6.3.0