| Command Injection | Command injection occurs when shell commands unsafely include user-manipulatable values. | | Security | critical |
| Cross-Site Request Forgery | CSRF allows an attacker to perform actions on a website as if they are an authenticated user. | | Security | critical |
| Cross Site Scripting | XSS occurs when a user-manipulatable value is displayed on a web page without escaping it, allowing someone to inject Javascript or HTML into the page. | | Security | critical |
| Cross Site Scripting (Content Tag) | Content Tag is a view helper which generates an HTML tag with some content | | Security | critical |
| Cross Site Scripting (JSON) | XSS occurs when a user-manipulatable value is displayed on a web page without escaping it, allowing someone to inject Javascript or HTML into the page. | | Security | critical |
| Dangerous Evaluation | User input in an eval statement is VERY dangerous | | Security | critical |
| Dangerous Send | Using unfiltered user data to select a Class or Method to be dynamically sent is dangerous. | | Security | critical |
| Denial of Service | Denial of Service (DoS) is any attack which causes a service to become unavailable for legitimate clients. | | Security | critical |
| Divide By Zero | Finds potential division by zero with integers. Dividing a float by zero or 0.0 in Ruby results in Infinity, not an exception. | | Security | critical |
| Dynamic Render Paths | When a call to render uses a dynamically generated path, template name, file name, or action, there is the possibility that a user can access templates that should be restricted. The issue may be worse if those templates execute code or modify the database. | | Security | critical |
| File Access | Vulnerability can be used to access arbitrary files on a server (including /etc/passwd. | | Security | critical |
| Information Disclosure | Vulnerability refers to system or internal information (such as debugging output, stack traces, error messages, etc.) | | Security | critical |
| Remote Code Execution | Uses of send, constantize, and other methods which allow creation of arbitrary objects or calling of arbitrary methods. | | Security | critical |
| SQL Injection | SQL injection is when a user is able to manipulate a value which is used unsafely inside a SQL query. This can lead to data leaks, data loss, elevation of privilege, and other unpleasant outcomes. | | Security | critical |
| SSL Verification Bypass | These attacks rely on the client to establish a connection that doesn’t check the validity of the SSL certificate presented by the server. | | Security | critical |
| Unsafe Deserialization | The YAML, JSON, and CSV libraries also have methods for dumping Ruby objects into strings, and then creating objects from those strings. | | Security | critical |
| Unsafe Redirects | User-supplied values can be used to “spoof†websites or hide malicious links in otherwise harmless-looking URLs. They can also allow access to restricted areas of a site if the destination is not validated. | | Security | critical |
