Security Overview · carrierwaveuploader/carrierwave · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Content-Type allowlist bypass vulnerability which possibly leads to XSS remained
GHSA-vfmv-jfc5-pjjw published Mar 23, 2024 by mshibuya

Moderate
Content-Type allowlist bypass vulnerability, possibly leading to XSS
GHSA-gxhx-g4fq-49hj published Nov 29, 2023 by mshibuya

Moderate
Code Injection vulnerability in CarrierWave::RMagick
GHSA-cf3w-g86h-35x4 published Feb 8, 2021 by mshibuya

Low
SSRF vulnerability in CarrierWave remote file upload
GHSA-fwcm-636p-68r5 published Feb 8, 2021 by mshibuya

Moderate

Learn more about advisories related to carrierwaveuploader/carrierwave in the GitHub Advisory Database