Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/activerecord@3.1.9
Typegem
Namespace
Nameactiverecord
Version3.1.9
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version7.1.5.2
Latest_non_vulnerable_version8.0.2.1
Affected_by_vulnerabilities
0
url VCID-1ua6-6a16-9fde
vulnerability_id VCID-1ua6-6a16-9fde
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55193.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55193.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-55193
reference_id
reference_type
scores
0
value 0.01019
scoring_system epss
scoring_elements 0.77644
published_at 2026-06-11T12:55:00Z
1
value 0.01019
scoring_system epss
scoring_elements 0.77718
published_at 2026-06-14T12:55:00Z
2
value 0.01019
scoring_system epss
scoring_elements 0.77726
published_at 2026-06-13T12:55:00Z
3
value 0.01019
scoring_system epss
scoring_elements 0.77712
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-55193
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55193
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55193
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2025-55193.yml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2025-55193.yml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-55193
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-55193
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111106
reference_id 1111106
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111106
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2388446
reference_id 2388446
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2388446
9
reference_url https://github.com/rails/rails/commit/3beef20013736fd52c5dcfdf061f7999ba318290
reference_id 3beef20013736fd52c5dcfdf061f7999ba318290
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-14T13:42:07Z/
url https://github.com/rails/rails/commit/3beef20013736fd52c5dcfdf061f7999ba318290
10
reference_url https://github.com/rails/rails/commit/568c0bc2f1e74c65d150a84b89a080949bf9eb9b
reference_id 568c0bc2f1e74c65d150a84b89a080949bf9eb9b
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-14T13:42:07Z/
url https://github.com/rails/rails/commit/568c0bc2f1e74c65d150a84b89a080949bf9eb9b
11
reference_url https://github.com/rails/rails/commit/6a944ca4805e72050a0fbb1a461534eb760d3202
reference_id 6a944ca4805e72050a0fbb1a461534eb760d3202
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-14T13:42:07Z/
url https://github.com/rails/rails/commit/6a944ca4805e72050a0fbb1a461534eb760d3202
12
reference_url https://github.com/advisories/GHSA-76r7-hhxj-r776
reference_id GHSA-76r7-hhxj-r776
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-76r7-hhxj-r776
13
reference_url https://github.com/rails/rails/security/advisories/GHSA-76r7-hhxj-r776
reference_id GHSA-76r7-hhxj-r776
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-14T13:42:07Z/
url https://github.com/rails/rails/security/advisories/GHSA-76r7-hhxj-r776
fixed_packages
0
url pkg:gem/activerecord@7.1.5.2
purl pkg:gem/activerecord@7.1.5.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@7.1.5.2
1
url pkg:gem/activerecord@7.2.0.beta1
purl pkg:gem/activerecord@7.2.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@7.2.0.beta1
2
url pkg:gem/activerecord@7.2.2.2
purl pkg:gem/activerecord@7.2.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@7.2.2.2
3
url pkg:gem/activerecord@8.0.0.beta1
purl pkg:gem/activerecord@8.0.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@8.0.0.beta1
4
url pkg:gem/activerecord@8.0.2.1
purl pkg:gem/activerecord@8.0.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@8.0.2.1
aliases CVE-2025-55193, GHSA-76r7-hhxj-r776
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ua6-6a16-9fde
1
url VCID-2b1z-1k24-kfb8
vulnerability_id VCID-2b1z-1k24-kfb8
summary The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attacks against Ruby on Rails applications via a crafted value, as demonstrated by unintended interaction between the "typed XML" feature and a MySQL database.
references
0
reference_url http://openwall.com/lists/oss-security/2013/02/06/7
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2013/02/06/7
1
reference_url http://openwall.com/lists/oss-security/2013/04/24/7
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2013/04/24/7
2
reference_url http://pl.reddit.com/r/netsec/comments/17yajp/mysql_madness_and_rails
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://pl.reddit.com/r/netsec/comments/17yajp/mysql_madness_and_rails
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3221.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3221.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-3221
reference_id
reference_type
scores
0
value 0.00483
scoring_system epss
scoring_elements 0.65651
published_at 2026-06-11T12:55:00Z
1
value 0.00483
scoring_system epss
scoring_elements 0.65749
published_at 2026-06-12T12:55:00Z
2
value 0.00483
scoring_system epss
scoring_elements 0.65763
published_at 2026-06-13T12:55:00Z
3
value 0.00483
scoring_system epss
scoring_elements 0.65759
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-3221
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3221
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3221
6
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
7
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-3221.yml
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-3221.yml
8
reference_url https://groups.google.com/group/rubyonrails-security/msg/1f3bc0b88a60c1ce?dmode=source&output=gplain
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/1f3bc0b88a60c1ce?dmode=source&output=gplain
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-3221
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-3221
10
reference_url https://web.archive.org/web/20130825191249/http://www.phenoelit.org/blog/archives/2013/02/index.html
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130825191249/http://www.phenoelit.org/blog/archives/2013/02/index.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=954365
reference_id 954365
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=954365
12
reference_url https://github.com/advisories/GHSA-f57c-hx33-hvh8
reference_id GHSA-f57c-hx33-hvh8
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f57c-hx33-hvh8
fixed_packages
0
url pkg:gem/activerecord@4.2.0
purl pkg:gem/activerecord@4.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-3qsf-qm7w-y7be
2
vulnerability VCID-8ajf-ebxr-7bgf
3
vulnerability VCID-a78m-qhav-13dm
4
vulnerability VCID-c7qj-hcu8-p7hc
5
vulnerability VCID-cgfh-yfn7-7ke9
6
vulnerability VCID-cvs8-ejdv-uqhy
7
vulnerability VCID-fbrw-bbm6-fbhp
8
vulnerability VCID-nex8-cvgj-f7bc
9
vulnerability VCID-rd4z-yncp-qkfu
10
vulnerability VCID-runz-vm7e-a3fs
11
vulnerability VCID-sfaa-e8am-x7gn
12
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.0
aliases CVE-2013-3221, GHSA-f57c-hx33-hvh8
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2b1z-1k24-kfb8
2
url VCID-34kh-7cbr-s7b9
vulnerability_id VCID-34kh-7cbr-s7b9
summary security update
references
0
reference_url http://openwall.com/lists/oss-security/2014/07/02/5
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/07/02/5
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0877.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0877.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3483.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3483.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3483
reference_id
reference_type
scores
0
value 0.00924
scoring_system epss
scoring_elements 0.7646
published_at 2026-06-11T12:55:00Z
1
value 0.00924
scoring_system epss
scoring_elements 0.7654
published_at 2026-06-14T12:55:00Z
2
value 0.00924
scoring_system epss
scoring_elements 0.76545
published_at 2026-06-13T12:55:00Z
3
value 0.00924
scoring_system epss
scoring_elements 0.7653
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3483
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3483
6
reference_url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J
7
reference_url https://groups.google.com/forum/#!msg/rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J
reference_id
reference_type
scores
url https://groups.google.com/forum/#!msg/rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J
8
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/8GtfeYd6qI4
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/rubyonrails-security/8GtfeYd6qI4
9
reference_url https://web.archive.org/web/20200228150648/http://www.securityfocus.com/bid/68341
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228150648/http://www.securityfocus.com/bid/68341
10
reference_url http://www.debian.org/security/2014/dsa-2982
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2982
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1114427
reference_id 1114427
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1114427
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3483
reference_id CVE-2014-3483
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3483
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-3483.yml
reference_id CVE-2014-3483.YML
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-3483.yml
14
reference_url https://github.com/advisories/GHSA-r8fh-hq2p-7qhq
reference_id GHSA-r8fh-hq2p-7qhq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r8fh-hq2p-7qhq
15
reference_url https://access.redhat.com/errata/RHSA-2014:0877
reference_id RHSA-2014:0877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0877
fixed_packages
0
url pkg:gem/activerecord@4.0.7
purl pkg:gem/activerecord@4.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-3qsf-qm7w-y7be
3
vulnerability VCID-c7qj-hcu8-p7hc
4
vulnerability VCID-cgfh-yfn7-7ke9
5
vulnerability VCID-cvs8-ejdv-uqhy
6
vulnerability VCID-fbrw-bbm6-fbhp
7
vulnerability VCID-rd4z-yncp-qkfu
8
vulnerability VCID-runz-vm7e-a3fs
9
vulnerability VCID-sfaa-e8am-x7gn
10
vulnerability VCID-sth3-da79-67bt
11
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.0.7
1
url pkg:gem/activerecord@4.1.0.beta1
purl pkg:gem/activerecord@4.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-3qsf-qm7w-y7be
4
vulnerability VCID-74g9-svkp-h3f1
5
vulnerability VCID-c7qj-hcu8-p7hc
6
vulnerability VCID-cgfh-yfn7-7ke9
7
vulnerability VCID-cvs8-ejdv-uqhy
8
vulnerability VCID-fbrw-bbm6-fbhp
9
vulnerability VCID-mxkb-wz2d-1kb5
10
vulnerability VCID-rd4z-yncp-qkfu
11
vulnerability VCID-runz-vm7e-a3fs
12
vulnerability VCID-sfaa-e8am-x7gn
13
vulnerability VCID-sth3-da79-67bt
14
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.0.beta1
2
url pkg:gem/activerecord@4.1.3
purl pkg:gem/activerecord@4.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-3qsf-qm7w-y7be
3
vulnerability VCID-c7qj-hcu8-p7hc
4
vulnerability VCID-cgfh-yfn7-7ke9
5
vulnerability VCID-cvs8-ejdv-uqhy
6
vulnerability VCID-fbrw-bbm6-fbhp
7
vulnerability VCID-rd4z-yncp-qkfu
8
vulnerability VCID-runz-vm7e-a3fs
9
vulnerability VCID-sfaa-e8am-x7gn
10
vulnerability VCID-sth3-da79-67bt
11
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.3
aliases CVE-2014-3483, GHSA-r8fh-hq2p-7qhq, OSV-108665
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-34kh-7cbr-s7b9
3
url VCID-39m4-12ms-skh2
vulnerability_id VCID-39m4-12ms-skh2
summary 
Multiple vulnerabilities were found in Ruby on Rails, the worst of
    which allowing for execution of arbitrary code.
references
0
reference_url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0277.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0277.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0277
reference_id
reference_type
scores
0
value 0.06742
scoring_system epss
scoring_elements 0.91527
published_at 2026-06-14T12:55:00Z
1
value 0.06742
scoring_system epss
scoring_elements 0.91491
published_at 2026-06-11T12:55:00Z
2
value 0.06742
scoring_system epss
scoring_elements 0.91522
published_at 2026-06-12T12:55:00Z
3
value 0.06742
scoring_system epss
scoring_elements 0.91529
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0277
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277
5
reference_url http://securitytracker.com/id?1028109
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://securitytracker.com/id?1028109
6
reference_url https://github.com/rails/rails/tree/v6.1.4.1/activerecord
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/tree/v6.1.4.1/activerecord
7
reference_url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/KtmwSbEpzrU
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/KtmwSbEpzrU
8
reference_url https://groups.google.com/group/rubyonrails-security/msg/302ec7ce90f13837?dmode=source&output=gplain
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/302ec7ce90f13837?dmode=source&output=gplain
9
reference_url http://support.apple.com/kb/HT5784
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT5784
10
reference_url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released
11
reference_url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released/
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released/
12
reference_url http://www.debian.org/security/2013/dsa-2620
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2620
13
reference_url http://www.openwall.com/lists/oss-security/2013/02/11/6
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/11/6
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=909633
reference_id 909633
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=909633
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0277
reference_id CVE-2013-0277
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0277
16
reference_url https://puppet.com/security/cve/cve-2013-0277
reference_id CVE-2013-0277
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2013-0277
17
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0277.yml
reference_id CVE-2013-0277.YML
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0277.yml
18
reference_url https://github.com/advisories/GHSA-fhj9-cjjh-27vm
reference_id GHSA-fhj9-cjjh-27vm
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fhj9-cjjh-27vm
19
reference_url https://security.gentoo.org/glsa/201412-28
reference_id GLSA-201412-28
reference_type
scores
url https://security.gentoo.org/glsa/201412-28
fixed_packages
aliases CVE-2013-0277, GHSA-fhj9-cjjh-27vm, OSV-90073
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-39m4-12ms-skh2
4
url VCID-3qsf-qm7w-y7be
vulnerability_id VCID-3qsf-qm7w-y7be
summary
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178041.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178041.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178065.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178065.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7577.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7577.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7577
reference_id
reference_type
scores
0
value 0.01209
scoring_system epss
scoring_elements 0.79457
published_at 2026-06-14T12:55:00Z
1
value 0.01209
scoring_system epss
scoring_elements 0.7938
published_at 2026-06-11T12:55:00Z
2
value 0.01209
scoring_system epss
scoring_elements 0.79447
published_at 2026-06-12T12:55:00Z
3
value 0.01209
scoring_system epss
scoring_elements 0.79462
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7577
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3227
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3227
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7576
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7576
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7577
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7577
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7581
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7581
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0751
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0751
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0752
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0753
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/cawsWcQ6c8g
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rubyonrails-security/cawsWcQ6c8g
14
reference_url http://www.openwall.com/lists/oss-security/2016/01/25/10
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/01/25/10
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1301957
reference_id 1301957
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1301957
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7577
reference_id CVE-2015-7577
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7577
17
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2015-7577.yml
reference_id CVE-2015-7577.YML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2015-7577.yml
18
reference_url https://github.com/advisories/GHSA-xrr6-3pc4-m447
reference_id GHSA-xrr6-3pc4-m447
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xrr6-3pc4-m447
19
reference_url https://access.redhat.com/errata/RHSA-2016:0296
reference_id RHSA-2016:0296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0296
20
reference_url https://access.redhat.com/errata/RHSA-2016:0454
reference_id RHSA-2016:0454
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0454
21
reference_url https://access.redhat.com/errata/RHSA-2016:0455
reference_id RHSA-2016:0455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0455
fixed_packages
0
url pkg:gem/activerecord@3.2.22.1
purl pkg:gem/activerecord@3.2.22.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-c7qj-hcu8-p7hc
3
vulnerability VCID-cgfh-yfn7-7ke9
4
vulnerability VCID-cvs8-ejdv-uqhy
5
vulnerability VCID-fbrw-bbm6-fbhp
6
vulnerability VCID-rd4z-yncp-qkfu
7
vulnerability VCID-sfaa-e8am-x7gn
8
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.22.1
1
url pkg:gem/activerecord@4.1.14.1
purl pkg:gem/activerecord@4.1.14.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-c7qj-hcu8-p7hc
3
vulnerability VCID-cgfh-yfn7-7ke9
4
vulnerability VCID-cvs8-ejdv-uqhy
5
vulnerability VCID-fbrw-bbm6-fbhp
6
vulnerability VCID-rd4z-yncp-qkfu
7
vulnerability VCID-runz-vm7e-a3fs
8
vulnerability VCID-sfaa-e8am-x7gn
9
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.14.1
2
url pkg:gem/activerecord@4.2.5.1
purl pkg:gem/activerecord@4.2.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-8ajf-ebxr-7bgf
2
vulnerability VCID-c7qj-hcu8-p7hc
3
vulnerability VCID-cgfh-yfn7-7ke9
4
vulnerability VCID-cvs8-ejdv-uqhy
5
vulnerability VCID-fbrw-bbm6-fbhp
6
vulnerability VCID-rd4z-yncp-qkfu
7
vulnerability VCID-runz-vm7e-a3fs
8
vulnerability VCID-sfaa-e8am-x7gn
9
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.1
3
url pkg:gem/activerecord@5.0.0.beta1.1
purl pkg:gem/activerecord@5.0.0.beta1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-8ajf-ebxr-7bgf
2
vulnerability VCID-c7qj-hcu8-p7hc
3
vulnerability VCID-cgfh-yfn7-7ke9
4
vulnerability VCID-cvs8-ejdv-uqhy
5
vulnerability VCID-fbrw-bbm6-fbhp
6
vulnerability VCID-rd4z-yncp-qkfu
7
vulnerability VCID-sfaa-e8am-x7gn
8
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@5.0.0.beta1.1
aliases CVE-2015-7577, GHSA-xrr6-3pc4-m447
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3qsf-qm7w-y7be
5
url VCID-3ser-nhqn-mbar
vulnerability_id VCID-3ser-nhqn-mbar
summary 
Multiple vulnerabilities were found in Ruby on Rails, the worst of
    which allowing for execution of arbitrary code.
references
0
reference_url http://ics-cert.us-cert.gov/advisories/ICSA-13-036-01A
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ics-cert.us-cert.gov/advisories/ICSA-13-036-01A
1
reference_url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html
5
reference_url http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0155.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0155.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0155
reference_id
reference_type
scores
0
value 0.18174
scoring_system epss
scoring_elements 0.95362
published_at 2026-06-14T12:55:00Z
1
value 0.18174
scoring_system epss
scoring_elements 0.95341
published_at 2026-06-11T12:55:00Z
2
value 0.18174
scoring_system epss
scoring_elements 0.95355
published_at 2026-06-12T12:55:00Z
3
value 0.18174
scoring_system epss
scoring_elements 0.9536
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0155
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
10
reference_url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/t1WFuuQyavI
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/t1WFuuQyavI
11
reference_url https://groups.google.com/group/rubyonrails-security/msg/bc6f13dafe130ee9?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/bc6f13dafe130ee9?dmode=source&output=gplain
12
reference_url http://support.apple.com/kb/HT5784
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT5784
13
reference_url http://www.debian.org/security/2013/dsa-2609
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2609
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=892866
reference_id 892866
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=892866
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0155
reference_id CVE-2013-0155
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0155
16
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0155.yml
reference_id CVE-2013-0155.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0155.yml
17
reference_url https://github.com/advisories/GHSA-gppp-5xc5-wfpx
reference_id GHSA-gppp-5xc5-wfpx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gppp-5xc5-wfpx
18
reference_url https://security.gentoo.org/glsa/201412-28
reference_id GLSA-201412-28
reference_type
scores
url https://security.gentoo.org/glsa/201412-28
19
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
20
reference_url https://access.redhat.com/errata/RHSA-2013:0155
reference_id RHSA-2013:0155
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0155
fixed_packages
0
url pkg:gem/activerecord@3.1.10
purl pkg:gem/activerecord@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-39m4-12ms-skh2
4
vulnerability VCID-3qsf-qm7w-y7be
5
vulnerability VCID-74g9-svkp-h3f1
6
vulnerability VCID-c7qj-hcu8-p7hc
7
vulnerability VCID-cgfh-yfn7-7ke9
8
vulnerability VCID-cvs8-ejdv-uqhy
9
vulnerability VCID-fbrw-bbm6-fbhp
10
vulnerability VCID-hh3w-dxkg-8ygx
11
vulnerability VCID-mxkb-wz2d-1kb5
12
vulnerability VCID-rd4z-yncp-qkfu
13
vulnerability VCID-rhyd-xbpb-wufa
14
vulnerability VCID-sfaa-e8am-x7gn
15
vulnerability VCID-sth3-da79-67bt
16
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.10
1
url pkg:gem/activerecord@3.2.0.rc1
purl pkg:gem/activerecord@3.2.0.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18n5-8cur-m7ae
1
vulnerability VCID-1ua6-6a16-9fde
2
vulnerability VCID-2b1z-1k24-kfb8
3
vulnerability VCID-34kh-7cbr-s7b9
4
vulnerability VCID-39m4-12ms-skh2
5
vulnerability VCID-3qsf-qm7w-y7be
6
vulnerability VCID-3ser-nhqn-mbar
7
vulnerability VCID-72jm-58dq-mub5
8
vulnerability VCID-74g9-svkp-h3f1
9
vulnerability VCID-c7qj-hcu8-p7hc
10
vulnerability VCID-cgfh-yfn7-7ke9
11
vulnerability VCID-cvs8-ejdv-uqhy
12
vulnerability VCID-fbrw-bbm6-fbhp
13
vulnerability VCID-hh3w-dxkg-8ygx
14
vulnerability VCID-mxkb-wz2d-1kb5
15
vulnerability VCID-pbgu-3zaj-ukay
16
vulnerability VCID-rd4z-yncp-qkfu
17
vulnerability VCID-rhyd-xbpb-wufa
18
vulnerability VCID-sfaa-e8am-x7gn
19
vulnerability VCID-sth3-da79-67bt
20
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.0.rc1
2
url pkg:gem/activerecord@3.2.11
purl pkg:gem/activerecord@3.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-39m4-12ms-skh2
4
vulnerability VCID-3qsf-qm7w-y7be
5
vulnerability VCID-74g9-svkp-h3f1
6
vulnerability VCID-c7qj-hcu8-p7hc
7
vulnerability VCID-cgfh-yfn7-7ke9
8
vulnerability VCID-cvs8-ejdv-uqhy
9
vulnerability VCID-fbrw-bbm6-fbhp
10
vulnerability VCID-hh3w-dxkg-8ygx
11
vulnerability VCID-mxkb-wz2d-1kb5
12
vulnerability VCID-rd4z-yncp-qkfu
13
vulnerability VCID-rhyd-xbpb-wufa
14
vulnerability VCID-sfaa-e8am-x7gn
15
vulnerability VCID-sth3-da79-67bt
16
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.11
aliases CVE-2013-0155, GHSA-gppp-5xc5-wfpx, OSV-89025
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ser-nhqn-mbar
6
url VCID-74g9-svkp-h3f1
vulnerability_id VCID-74g9-svkp-h3f1
summary security update
references
0
reference_url http://openwall.com/lists/oss-security/2014/07/02/5
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/07/02/5
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0876.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0876.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3482.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3482.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3482
reference_id
reference_type
scores
0
value 0.01531
scoring_system epss
scoring_elements 0.81783
published_at 2026-06-14T12:55:00Z
1
value 0.01531
scoring_system epss
scoring_elements 0.8172
published_at 2026-06-11T12:55:00Z
2
value 0.01531
scoring_system epss
scoring_elements 0.81782
published_at 2026-06-12T12:55:00Z
3
value 0.01531
scoring_system epss
scoring_elements 0.81791
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3482
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3483
6
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
7
reference_url https://github.com/rails/rails/commit/1f2192e46d78ee0ba2b06373f2c24caf8440ff5b
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/1f2192e46d78ee0ba2b06373f2c24caf8440ff5b
8
reference_url https://groups.google.com/g/rubyonrails-security/c/wDxePLJGZdI
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/rubyonrails-security/c/wDxePLJGZdI
9
reference_url http://www.debian.org/security/2014/dsa-2982
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2982
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1114425
reference_id 1114425
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1114425
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3482
reference_id CVE-2014-3482
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3482
12
reference_url https://github.com/advisories/GHSA-mhwp-qhpc-h3jm
reference_id GHSA-mhwp-qhpc-h3jm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mhwp-qhpc-h3jm
13
reference_url https://access.redhat.com/errata/RHSA-2014:0876
reference_id RHSA-2014:0876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0876
fixed_packages
0
url pkg:gem/activerecord@3.2.19
purl pkg:gem/activerecord@3.2.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-3qsf-qm7w-y7be
3
vulnerability VCID-c7qj-hcu8-p7hc
4
vulnerability VCID-cgfh-yfn7-7ke9
5
vulnerability VCID-cvs8-ejdv-uqhy
6
vulnerability VCID-fbrw-bbm6-fbhp
7
vulnerability VCID-rd4z-yncp-qkfu
8
vulnerability VCID-sfaa-e8am-x7gn
9
vulnerability VCID-sth3-da79-67bt
10
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.19
1
url pkg:gem/activerecord@4.0.0
purl pkg:gem/activerecord@4.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-3qsf-qm7w-y7be
4
vulnerability VCID-74g9-svkp-h3f1
5
vulnerability VCID-a78m-qhav-13dm
6
vulnerability VCID-c7qj-hcu8-p7hc
7
vulnerability VCID-cgfh-yfn7-7ke9
8
vulnerability VCID-cvs8-ejdv-uqhy
9
vulnerability VCID-fbrw-bbm6-fbhp
10
vulnerability VCID-mxkb-wz2d-1kb5
11
vulnerability VCID-rd4z-yncp-qkfu
12
vulnerability VCID-runz-vm7e-a3fs
13
vulnerability VCID-sfaa-e8am-x7gn
14
vulnerability VCID-sth3-da79-67bt
15
vulnerability VCID-u2gv-wvdc-tfbs
16
vulnerability VCID-xa3t-2av7-zqe4
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.0.0
aliases CVE-2014-3482, GHSA-mhwp-qhpc-h3jm, OSV-108664
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-74g9-svkp-h3f1
7
url VCID-c7qj-hcu8-p7hc
vulnerability_id VCID-c7qj-hcu8-p7hc
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32224.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32224.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32224
reference_id
reference_type
scores
0
value 0.01944
scoring_system epss
scoring_elements 0.83831
published_at 2026-06-11T12:55:00Z
1
value 0.01944
scoring_system epss
scoring_elements 0.83892
published_at 2026-06-14T12:55:00Z
2
value 0.01944
scoring_system epss
scoring_elements 0.83896
published_at 2026-06-13T12:55:00Z
3
value 0.01944
scoring_system epss
scoring_elements 0.83887
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32224
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32224
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32224
3
reference_url https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/rails/rails/commit/611990f1a6c137c2d56b1ba06b27e5d2434dcd6a
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/611990f1a6c137c2d56b1ba06b27e5d2434dcd6a
6
reference_url https://github.com/rails/rails/commits/main/activerecord
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commits/main/activerecord
7
reference_url https://lists.debian.org/debian-lts-announce/2026/05/msg00022.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2026/05/msg00022.html
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016140
reference_id 1016140
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016140
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2108997
reference_id 2108997
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2108997
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-32224
reference_id CVE-2022-32224
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-32224
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2022-32224.yml
reference_id CVE-2022-32224.YML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2022-32224.yml
12
reference_url https://github.com/advisories/GHSA-3hhc-qp5v-9p2j
reference_id GHSA-3hhc-qp5v-9p2j
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-24T15:17:17Z/
url https://github.com/advisories/GHSA-3hhc-qp5v-9p2j
13
reference_url https://security.gentoo.org/glsa/202408-24
reference_id GLSA-202408-24
reference_type
scores
url https://security.gentoo.org/glsa/202408-24
14
reference_url https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U
reference_id MmFO3LYQE8U
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-24T15:17:17Z/
url https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U
15
reference_url https://access.redhat.com/errata/RHSA-2023:0261
reference_id RHSA-2023:0261
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0261
16
reference_url https://access.redhat.com/errata/RHSA-2023:1151
reference_id RHSA-2023:1151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1151
17
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
fixed_packages
0
url pkg:gem/activerecord@5.2.8.1
purl pkg:gem/activerecord@5.2.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-cvs8-ejdv-uqhy
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@5.2.8.1
1
url pkg:gem/activerecord@6.0.0.beta1
purl pkg:gem/activerecord@6.0.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-c7qj-hcu8-p7hc
2
vulnerability VCID-cvs8-ejdv-uqhy
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@6.0.0.beta1
2
url pkg:gem/activerecord@6.0.5.1
purl pkg:gem/activerecord@6.0.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-cvs8-ejdv-uqhy
2
vulnerability VCID-ez3g-ygna-jkb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@6.0.5.1
3
url pkg:gem/activerecord@6.1.0.rc1
purl pkg:gem/activerecord@6.1.0.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-c7qj-hcu8-p7hc
2
vulnerability VCID-cvs8-ejdv-uqhy
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@6.1.0.rc1
4
url pkg:gem/activerecord@6.1.6.1
purl pkg:gem/activerecord@6.1.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-cvs8-ejdv-uqhy
2
vulnerability VCID-ez3g-ygna-jkb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@6.1.6.1
5
url pkg:gem/activerecord@7.0.0.alpha1
purl pkg:gem/activerecord@7.0.0.alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-c7qj-hcu8-p7hc
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@7.0.0.alpha1
6
url pkg:gem/activerecord@7.0.3.1
purl pkg:gem/activerecord@7.0.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-cvs8-ejdv-uqhy
2
vulnerability VCID-ez3g-ygna-jkb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@7.0.3.1
aliases CVE-2022-32224, GHSA-3hhc-qp5v-9p2j, GMS-2022-3029
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c7qj-hcu8-p7hc
8
url VCID-cgfh-yfn7-7ke9
vulnerability_id VCID-cgfh-yfn7-7ke9
summary 
Multiple vulnerabilities have been discovered in Rails, the worst of which
    leading to the execution of arbitrary SQL statements.
references
0
reference_url http://blog.innerewut.de/2008/6/16/why-you-should-upgrade-to-rails-2-1
reference_id
reference_type
scores
url http://blog.innerewut.de/2008/6/16/why-you-should-upgrade-to-rails-2-1
1
reference_url http://gist.github.com/8946
reference_id
reference_type
scores
url http://gist.github.com/8946
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
3
reference_url http://rails.lighthouseapp.com/projects/8994/tickets/288
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rails.lighthouseapp.com/projects/8994/tickets/288
4
reference_url http://rails.lighthouseapp.com/projects/8994/tickets/964
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rails.lighthouseapp.com/projects/8994/tickets/964
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-4094
reference_id
reference_type
scores
0
value 0.03119
scoring_system epss
scoring_elements 0.8718
published_at 2026-06-14T12:55:00Z
1
value 0.03119
scoring_system epss
scoring_elements 0.87183
published_at 2026-06-13T12:55:00Z
2
value 0.03119
scoring_system epss
scoring_elements 0.87177
published_at 2026-06-12T12:55:00Z
3
value 0.03119
scoring_system epss
scoring_elements 0.87131
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-4094
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4094
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4094
7
reference_url http://secunia.com/advisories/31875
reference_id
reference_type
scores
url http://secunia.com/advisories/31875
8
reference_url http://secunia.com/advisories/31909
reference_id
reference_type
scores
url http://secunia.com/advisories/31909
9
reference_url http://secunia.com/advisories/31910
reference_id
reference_type
scores
url http://secunia.com/advisories/31910
10
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/45109
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/45109
11
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
12
reference_url https://github.com/rails/rails/commit/ef0ea782b1f5cf7b08e74ea3002a16c708f66645
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/ef0ea782b1f5cf7b08e74ea3002a16c708f66645
13
reference_url https://web.archive.org/web/20080620000955/http://blog.innerewut.de/2008/6/16/why-you-should-upgrade-to-rails-2-1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080620000955/http://blog.innerewut.de/2008/6/16/why-you-should-upgrade-to-rails-2-1
14
reference_url https://web.archive.org/web/20080620201733/http://blog.innerewut.de/files/rails/activerecord-1.15.3.patch
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080620201733/http://blog.innerewut.de/files/rails/activerecord-1.15.3.patch
15
reference_url https://web.archive.org/web/20080620201744/http://blog.innerewut.de/files/rails/activerecord-2.0.2.patch
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080620201744/http://blog.innerewut.de/files/rails/activerecord-2.0.2.patch
16
reference_url https://web.archive.org/web/20081104151751/http://gist.github.com/8946
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20081104151751/http://gist.github.com/8946
17
reference_url https://web.archive.org/web/20081113122736/http://secunia.com/advisories/31875
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20081113122736/http://secunia.com/advisories/31875
18
reference_url https://web.archive.org/web/20081113122736/http://secunia.com/advisories/31875/
reference_id
reference_type
scores
url https://web.archive.org/web/20081113122736/http://secunia.com/advisories/31875/
19
reference_url https://web.archive.org/web/20081207211431/http://secunia.com/advisories/31909
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20081207211431/http://secunia.com/advisories/31909
20
reference_url https://web.archive.org/web/20081207211436/http://secunia.com/advisories/31910
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20081207211436/http://secunia.com/advisories/31910
21
reference_url https://web.archive.org/web/20091101000000*/http://www.vupen.com/english/advisories/2008/2562
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20091101000000*/http://www.vupen.com/english/advisories/2008/2562
22
reference_url https://web.archive.org/web/20120120194518/http://www.securityfocus.com/bid/31176
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120120194518/http://www.securityfocus.com/bid/31176
23
reference_url https://web.archive.org/web/20201207112829/http://www.securitytracker.com/id?1020871
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201207112829/http://www.securitytracker.com/id?1020871
24
reference_url http://www.openwall.com/lists/oss-security/2008/09/13/2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2008/09/13/2
25
reference_url http://www.openwall.com/lists/oss-security/2008/09/16/1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2008/09/16/1
26
reference_url http://www.rorsecurity.info/2008/09/08/sql-injection-issue-in-limit-and-offset-parameter
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.rorsecurity.info/2008/09/08/sql-injection-issue-in-limit-and-offset-parameter
27
reference_url http://www.rorsecurity.info/2008/09/08/sql-injection-issue-in-limit-and-offset-parameter/
reference_id
reference_type
scores
url http://www.rorsecurity.info/2008/09/08/sql-injection-issue-in-limit-and-offset-parameter/
28
reference_url http://www.securityfocus.com/bid/31176
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/31176
29
reference_url http://www.securitytracker.com/id?1020871
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1020871
30
reference_url http://www.vupen.com/english/advisories/2008/2562
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/2562
31
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500791
reference_id 500791
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500791
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-4094
reference_id CVE-2008-4094
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-4094
33
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2008-4094.yml
reference_id CVE-2008-4094.YML
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2008-4094.yml
34
reference_url https://github.com/advisories/GHSA-xf96-32q2-9rw2
reference_id GHSA-xf96-32q2-9rw2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xf96-32q2-9rw2
35
reference_url https://security.gentoo.org/glsa/200912-02
reference_id GLSA-200912-02
reference_type
scores
url https://security.gentoo.org/glsa/200912-02
fixed_packages
aliases CVE-2008-4094, GHSA-xf96-32q2-9rw2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cgfh-yfn7-7ke9
9
url VCID-cvs8-ejdv-uqhy
vulnerability_id VCID-cvs8-ejdv-uqhy
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44566.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44566.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-44566
reference_id
reference_type
scores
0
value 0.01543
scoring_system epss
scoring_elements 0.81854
published_at 2026-06-13T12:55:00Z
1
value 0.01543
scoring_system epss
scoring_elements 0.81846
published_at 2026-06-12T12:55:00Z
2
value 0.01543
scoring_system epss
scoring_elements 0.81847
published_at 2026-06-14T12:55:00Z
3
value 0.01543
scoring_system epss
scoring_elements 0.81785
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-44566
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44566
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44566
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
5
reference_url https://github.com/rails/rails/commit/4f44aa9d514e701ada92b5cf08beccf566eeaebf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/4f44aa9d514e701ada92b5cf08beccf566eeaebf
6
reference_url https://github.com/rails/rails/commit/82bcdc011e2ff674e7dd8fd8cee3a831c908d29b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/82bcdc011e2ff674e7dd8fd8cee3a831c908d29b
7
reference_url https://github.com/rails/rails/releases/tag/v6.1.7.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/releases/tag/v6.1.7.1
8
reference_url https://github.com/rails/rails/releases/tag/v7.0.4.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/releases/tag/v7.0.4.1
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2022-44566.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2022-44566.yml
10
reference_url https://mailchi.mp/railslts/rails-lts-multiple-dos-vulnerabilities-in-rails-rack-and-globalid
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://mailchi.mp/railslts/rails-lts-multiple-dos-vulnerabilities-in-rails-rack-and-globalid
11
reference_url https://makandracards.com/railslts/508019-rails-5-2-lts-changelog#section-jan-20th-2023-rails-version-5-2-8-15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://makandracards.com/railslts/508019-rails-5-2-lts-changelog#section-jan-20th-2023-rails-version-5-2-8-15
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-44566
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-44566
13
reference_url https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030050
reference_id 1030050
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030050
15
reference_url https://code.jeremyevans.net/2022-11-01-forcing-sequential-scans-on-postgresql.html
reference_id 2022-11-01-forcing-sequential-scans-on-postgresql.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T13:43:31Z/
url https://code.jeremyevans.net/2022-11-01-forcing-sequential-scans-on-postgresql.html
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2164789
reference_id 2164789
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2164789
17
reference_url https://discuss.rubyonrails.org/t/cve-2022-44566-possible-denial-of-service-vulnerability-in-activerecords-postgresql-adapter/82119
reference_id 82119
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T13:43:31Z/
url https://discuss.rubyonrails.org/t/cve-2022-44566-possible-denial-of-service-vulnerability-in-activerecords-postgresql-adapter/82119
18
reference_url https://github.com/advisories/GHSA-579w-22j4-4749
reference_id GHSA-579w-22j4-4749
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-579w-22j4-4749
19
reference_url https://access.redhat.com/errata/RHSA-2023:6818
reference_id RHSA-2023:6818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6818
fixed_packages
0
url pkg:gem/activerecord@6.1.7.1
purl pkg:gem/activerecord@6.1.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@6.1.7.1
1
url pkg:gem/activerecord@7.0.4.1
purl pkg:gem/activerecord@7.0.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@7.0.4.1
aliases CVE-2022-44566, GHSA-579w-22j4-4749, GMS-2023-59
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cvs8-ejdv-uqhy
10
url VCID-fbrw-bbm6-fbhp
vulnerability_id VCID-fbrw-bbm6-fbhp
summary 
Multiple vulnerabilities were found in Ruby on Rails, the worst of
    which allowing for execution of arbitrary code.
references
0
reference_url http://groups.google.com/group/rubyonrails-security/msg/4e19864cf6ad40ad?dmode=source&output=gplain
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/rubyonrails-security/msg/4e19864cf6ad40ad?dmode=source&output=gplain
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0448
reference_id
reference_type
scores
0
value 0.00689
scoring_system epss
scoring_elements 0.72247
published_at 2026-06-11T12:55:00Z
1
value 0.00689
scoring_system epss
scoring_elements 0.72337
published_at 2026-06-14T12:55:00Z
2
value 0.00689
scoring_system epss
scoring_elements 0.72343
published_at 2026-06-13T12:55:00Z
3
value 0.00689
scoring_system epss
scoring_elements 0.7233
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0448
3
reference_url http://secunia.com/advisories/43278
reference_id
reference_type
scores
url http://secunia.com/advisories/43278
4
reference_url http://securitytracker.com/id?1025063
reference_id
reference_type
scores
url http://securitytracker.com/id?1025063
5
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
6
reference_url https://github.com/rails/rails/commit/354da43ab0a10b3b7b3f9cb0619aa562c3be8474
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/354da43ab0a10b3b7b3f9cb0619aa562c3be8474
7
reference_url https://web.archive.org/web/20201220214809/http://securitytracker.com/id?1025063
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201220214809/http://securitytracker.com/id?1025063
8
reference_url http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4
9
reference_url http://www.vupen.com/english/advisories/2011/0877
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0877
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-0448
reference_id CVE-2011-0448
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-0448
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-0448.yml
reference_id CVE-2011-0448.YML
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-0448.yml
12
reference_url https://github.com/advisories/GHSA-jmm9-2p29-vh2w
reference_id GHSA-jmm9-2p29-vh2w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jmm9-2p29-vh2w
13
reference_url https://security.gentoo.org/glsa/201412-28
reference_id GLSA-201412-28
reference_type
scores
url https://security.gentoo.org/glsa/201412-28
fixed_packages
aliases CVE-2011-0448, GHSA-jmm9-2p29-vh2w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fbrw-bbm6-fbhp
11
url VCID-hh3w-dxkg-8ygx
vulnerability_id VCID-hh3w-dxkg-8ygx
summary 
Multiple vulnerabilities were found in Ruby on Rails, the worst of
    which allowing for execution of arbitrary code.
references
0
reference_url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0686.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0686.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0276.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0276.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0276
reference_id
reference_type
scores
0
value 0.00606
scoring_system epss
scoring_elements 0.70224
published_at 2026-06-12T12:55:00Z
1
value 0.00606
scoring_system epss
scoring_elements 0.70236
published_at 2026-06-14T12:55:00Z
2
value 0.00606
scoring_system epss
scoring_elements 0.70134
published_at 2026-06-11T12:55:00Z
3
value 0.00606
scoring_system epss
scoring_elements 0.70238
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0276
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276
6
reference_url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/AFBKNY7VSH8
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/AFBKNY7VSH8
7
reference_url https://groups.google.com/group/rubyonrails-security/msg/bb44b98a73ef1a06?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/bb44b98a73ef1a06?dmode=source&output=gplain
8
reference_url http://support.apple.com/kb/HT5784
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT5784
9
reference_url https://web.archive.org/web/20130217055442/http://www.securityfocus.com/bid/57896
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130217055442/http://www.securityfocus.com/bid/57896
10
reference_url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released
11
reference_url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released/
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released/
12
reference_url http://www.debian.org/security/2013/dsa-2620
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2620
13
reference_url http://www.openwall.com/lists/oss-security/2013/02/11/5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/11/5
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=909528
reference_id 909528
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=909528
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0276
reference_id CVE-2013-0276
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0276
16
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0276.yml
reference_id CVE-2013-0276.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0276.yml
17
reference_url https://github.com/advisories/GHSA-gr44-7grc-37vq
reference_id GHSA-gr44-7grc-37vq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gr44-7grc-37vq
18
reference_url https://security.gentoo.org/glsa/201412-28
reference_id GLSA-201412-28
reference_type
scores
url https://security.gentoo.org/glsa/201412-28
19
reference_url https://access.redhat.com/errata/RHSA-2013:0686
reference_id RHSA-2013:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0686
fixed_packages
0
url pkg:gem/activerecord@3.1.11
purl pkg:gem/activerecord@3.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-3qsf-qm7w-y7be
4
vulnerability VCID-74g9-svkp-h3f1
5
vulnerability VCID-c7qj-hcu8-p7hc
6
vulnerability VCID-cgfh-yfn7-7ke9
7
vulnerability VCID-cvs8-ejdv-uqhy
8
vulnerability VCID-fbrw-bbm6-fbhp
9
vulnerability VCID-mxkb-wz2d-1kb5
10
vulnerability VCID-rd4z-yncp-qkfu
11
vulnerability VCID-rhyd-xbpb-wufa
12
vulnerability VCID-sfaa-e8am-x7gn
13
vulnerability VCID-sth3-da79-67bt
14
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.11
1
url pkg:gem/activerecord@3.2.0.rc1
purl pkg:gem/activerecord@3.2.0.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18n5-8cur-m7ae
1
vulnerability VCID-1ua6-6a16-9fde
2
vulnerability VCID-2b1z-1k24-kfb8
3
vulnerability VCID-34kh-7cbr-s7b9
4
vulnerability VCID-39m4-12ms-skh2
5
vulnerability VCID-3qsf-qm7w-y7be
6
vulnerability VCID-3ser-nhqn-mbar
7
vulnerability VCID-72jm-58dq-mub5
8
vulnerability VCID-74g9-svkp-h3f1
9
vulnerability VCID-c7qj-hcu8-p7hc
10
vulnerability VCID-cgfh-yfn7-7ke9
11
vulnerability VCID-cvs8-ejdv-uqhy
12
vulnerability VCID-fbrw-bbm6-fbhp
13
vulnerability VCID-hh3w-dxkg-8ygx
14
vulnerability VCID-mxkb-wz2d-1kb5
15
vulnerability VCID-pbgu-3zaj-ukay
16
vulnerability VCID-rd4z-yncp-qkfu
17
vulnerability VCID-rhyd-xbpb-wufa
18
vulnerability VCID-sfaa-e8am-x7gn
19
vulnerability VCID-sth3-da79-67bt
20
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.0.rc1
2
url pkg:gem/activerecord@3.2.12
purl pkg:gem/activerecord@3.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-3qsf-qm7w-y7be
4
vulnerability VCID-74g9-svkp-h3f1
5
vulnerability VCID-c7qj-hcu8-p7hc
6
vulnerability VCID-cgfh-yfn7-7ke9
7
vulnerability VCID-cvs8-ejdv-uqhy
8
vulnerability VCID-fbrw-bbm6-fbhp
9
vulnerability VCID-mxkb-wz2d-1kb5
10
vulnerability VCID-rd4z-yncp-qkfu
11
vulnerability VCID-rhyd-xbpb-wufa
12
vulnerability VCID-sfaa-e8am-x7gn
13
vulnerability VCID-sth3-da79-67bt
14
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.12
aliases CVE-2013-0276, GHSA-gr44-7grc-37vq, OSV-90072
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hh3w-dxkg-8ygx
12
url VCID-mxkb-wz2d-1kb5
vulnerability_id VCID-mxkb-wz2d-1kb5
summary Array data injection vulnerability in activerecord
references
0
reference_url http://openwall.com/lists/oss-security/2014/02/18/9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/02/18/9
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0080.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0080.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0080
reference_id
reference_type
scores
0
value 0.00248
scoring_system epss
scoring_elements 0.48338
published_at 2026-06-11T12:55:00Z
1
value 0.00248
scoring_system epss
scoring_elements 0.48479
published_at 2026-06-14T12:55:00Z
2
value 0.00248
scoring_system epss
scoring_elements 0.48494
published_at 2026-06-13T12:55:00Z
3
value 0.00248
scoring_system epss
scoring_elements 0.48475
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0080
3
reference_url https://github.com/rails/rails/tree/main/activerecord
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/tree/main/activerecord
4
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/Wu96YkTUR6s
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/rubyonrails-security/Wu96YkTUR6s
5
reference_url https://web.archive.org/web/20210301004521/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/Wu96YkTUR6s/pPLBMZrlwvYJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210301004521/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/Wu96YkTUR6s/pPLBMZrlwvYJ
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1065517
reference_id 1065517
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1065517
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0080
reference_id CVE-2014-0080
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0080
8
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-0080.yml
reference_id CVE-2014-0080.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-0080.yml
9
reference_url https://github.com/advisories/GHSA-hqf9-rc9j-5fmj
reference_id GHSA-hqf9-rc9j-5fmj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hqf9-rc9j-5fmj
fixed_packages
0
url pkg:gem/activerecord@3.2.0
purl pkg:gem/activerecord@3.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18n5-8cur-m7ae
1
vulnerability VCID-1ua6-6a16-9fde
2
vulnerability VCID-2b1z-1k24-kfb8
3
vulnerability VCID-34kh-7cbr-s7b9
4
vulnerability VCID-39m4-12ms-skh2
5
vulnerability VCID-3qsf-qm7w-y7be
6
vulnerability VCID-3ser-nhqn-mbar
7
vulnerability VCID-72jm-58dq-mub5
8
vulnerability VCID-74g9-svkp-h3f1
9
vulnerability VCID-c7qj-hcu8-p7hc
10
vulnerability VCID-cgfh-yfn7-7ke9
11
vulnerability VCID-cvs8-ejdv-uqhy
12
vulnerability VCID-fbrw-bbm6-fbhp
13
vulnerability VCID-hh3w-dxkg-8ygx
14
vulnerability VCID-mxkb-wz2d-1kb5
15
vulnerability VCID-pbgu-3zaj-ukay
16
vulnerability VCID-rd4z-yncp-qkfu
17
vulnerability VCID-rhyd-xbpb-wufa
18
vulnerability VCID-sfaa-e8am-x7gn
19
vulnerability VCID-sth3-da79-67bt
20
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.0
1
url pkg:gem/activerecord@4.0.3
purl pkg:gem/activerecord@4.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-3qsf-qm7w-y7be
4
vulnerability VCID-74g9-svkp-h3f1
5
vulnerability VCID-c7qj-hcu8-p7hc
6
vulnerability VCID-cgfh-yfn7-7ke9
7
vulnerability VCID-cvs8-ejdv-uqhy
8
vulnerability VCID-fbrw-bbm6-fbhp
9
vulnerability VCID-rd4z-yncp-qkfu
10
vulnerability VCID-runz-vm7e-a3fs
11
vulnerability VCID-sfaa-e8am-x7gn
12
vulnerability VCID-sth3-da79-67bt
13
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.0.3
2
url pkg:gem/activerecord@4.1.0.beta1
purl pkg:gem/activerecord@4.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-3qsf-qm7w-y7be
4
vulnerability VCID-74g9-svkp-h3f1
5
vulnerability VCID-c7qj-hcu8-p7hc
6
vulnerability VCID-cgfh-yfn7-7ke9
7
vulnerability VCID-cvs8-ejdv-uqhy
8
vulnerability VCID-fbrw-bbm6-fbhp
9
vulnerability VCID-mxkb-wz2d-1kb5
10
vulnerability VCID-rd4z-yncp-qkfu
11
vulnerability VCID-runz-vm7e-a3fs
12
vulnerability VCID-sfaa-e8am-x7gn
13
vulnerability VCID-sth3-da79-67bt
14
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.0.beta1
3
url pkg:gem/activerecord@4.1.0.beta2
purl pkg:gem/activerecord@4.1.0.beta2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-3qsf-qm7w-y7be
4
vulnerability VCID-74g9-svkp-h3f1
5
vulnerability VCID-c7qj-hcu8-p7hc
6
vulnerability VCID-cgfh-yfn7-7ke9
7
vulnerability VCID-cvs8-ejdv-uqhy
8
vulnerability VCID-fbrw-bbm6-fbhp
9
vulnerability VCID-rd4z-yncp-qkfu
10
vulnerability VCID-runz-vm7e-a3fs
11
vulnerability VCID-sfaa-e8am-x7gn
12
vulnerability VCID-sth3-da79-67bt
13
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.0.beta2
aliases CVE-2014-0080, GHSA-hqf9-rc9j-5fmj, OSV-103438
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mxkb-wz2d-1kb5
13
url VCID-rd4z-yncp-qkfu
vulnerability_id VCID-rd4z-yncp-qkfu
summary activerecord vulnerable to SQL Injection
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2695.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2695.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2695
reference_id
reference_type
scores
0
value 0.00637
scoring_system epss
scoring_elements 0.71068
published_at 2026-06-14T12:55:00Z
1
value 0.00637
scoring_system epss
scoring_elements 0.70968
published_at 2026-06-11T12:55:00Z
2
value 0.00637
scoring_system epss
scoring_elements 0.71058
published_at 2026-06-12T12:55:00Z
3
value 0.00637
scoring_system epss
scoring_elements 0.7107
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2695
7
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
8
reference_url https://github.com/rails/rails/commit/62f81f4d6b3ee40e9887ffd92ab14714bad93f18
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/62f81f4d6b3ee40e9887ffd92ab14714bad93f18
9
reference_url https://groups.google.com/group/rubyonrails-security/msg/aee3413fb038bf56?dmode=source&output=gplain
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/aee3413fb038bf56?dmode=source&output=gplain
10
reference_url https://groups.google.com/g/rubyonrails-security/c/l4L0TEVAz1k/m/Vr84sD9B464J
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/rubyonrails-security/c/l4L0TEVAz1k/m/Vr84sD9B464J
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=831573
reference_id 831573
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=831573
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2695
reference_id CVE-2012-2695
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2695
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2695.yml
reference_id CVE-2012-2695.YML
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2695.yml
14
reference_url https://github.com/advisories/GHSA-76wq-xw4h-f8wj
reference_id GHSA-76wq-xw4h-f8wj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-76wq-xw4h-f8wj
15
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
16
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
fixed_packages
0
url pkg:gem/activerecord@3.2.6
purl pkg:gem/activerecord@3.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-39m4-12ms-skh2
4
vulnerability VCID-3qsf-qm7w-y7be
5
vulnerability VCID-3ser-nhqn-mbar
6
vulnerability VCID-74g9-svkp-h3f1
7
vulnerability VCID-c7qj-hcu8-p7hc
8
vulnerability VCID-cgfh-yfn7-7ke9
9
vulnerability VCID-cvs8-ejdv-uqhy
10
vulnerability VCID-fbrw-bbm6-fbhp
11
vulnerability VCID-hh3w-dxkg-8ygx
12
vulnerability VCID-mxkb-wz2d-1kb5
13
vulnerability VCID-pbgu-3zaj-ukay
14
vulnerability VCID-rd4z-yncp-qkfu
15
vulnerability VCID-rhyd-xbpb-wufa
16
vulnerability VCID-sfaa-e8am-x7gn
17
vulnerability VCID-sth3-da79-67bt
18
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.6
aliases CVE-2012-2695, GHSA-76wq-xw4h-f8wj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rd4z-yncp-qkfu
14
url VCID-rhyd-xbpb-wufa
vulnerability_id VCID-rhyd-xbpb-wufa
summary 
Multiple vulnerabilities were found in Ruby on Rails, the worst of
    which allowing for execution of arbitrary code.
references
0
reference_url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
1
reference_url http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00070.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00070.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00071.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00071.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00075.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00075.html
5
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00078.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00078.html
6
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00079.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00079.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2013-0699.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0699.html
8
reference_url https://access.redhat.com/errata/RHSA-2013:0699
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0699
9
reference_url https://access.redhat.com/errata/RHSA-2014:1863
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1863
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1854.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1854.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1854
reference_id
reference_type
scores
0
value 0.01795
scoring_system epss
scoring_elements 0.83171
published_at 2026-06-11T12:55:00Z
1
value 0.01795
scoring_system epss
scoring_elements 0.83232
published_at 2026-06-12T12:55:00Z
2
value 0.01795
scoring_system epss
scoring_elements 0.83237
published_at 2026-06-14T12:55:00Z
3
value 0.01795
scoring_system epss
scoring_elements 0.83241
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1854
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=921329
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=921329
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1854
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1854
14
reference_url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/jgJ4cjjS8FE
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/jgJ4cjjS8FE
15
reference_url https://groups.google.com/group/ruby-security-ann/msg/34e0d780b04308de?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/ruby-security-ann/msg/34e0d780b04308de?dmode=source&output=gplain
16
reference_url http://support.apple.com/kb/HT5784
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT5784
17
reference_url http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released
18
reference_url http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released/
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released/
19
reference_url https://access.redhat.com/security/cve/CVE-2013-1854
reference_id CVE-2013-1854
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-1854
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1854
reference_id CVE-2013-1854
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1854
21
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-1854.yml
reference_id CVE-2013-1854.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-1854.yml
22
reference_url https://github.com/advisories/GHSA-3crr-9vmg-864v
reference_id GHSA-3crr-9vmg-864v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3crr-9vmg-864v
23
reference_url https://security.gentoo.org/glsa/201412-28
reference_id GLSA-201412-28
reference_type
scores
url https://security.gentoo.org/glsa/201412-28
fixed_packages
0
url pkg:gem/activerecord@3.1.12
purl pkg:gem/activerecord@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-3qsf-qm7w-y7be
4
vulnerability VCID-74g9-svkp-h3f1
5
vulnerability VCID-c7qj-hcu8-p7hc
6
vulnerability VCID-cgfh-yfn7-7ke9
7
vulnerability VCID-cvs8-ejdv-uqhy
8
vulnerability VCID-fbrw-bbm6-fbhp
9
vulnerability VCID-mxkb-wz2d-1kb5
10
vulnerability VCID-rd4z-yncp-qkfu
11
vulnerability VCID-rhyd-xbpb-wufa
12
vulnerability VCID-sfaa-e8am-x7gn
13
vulnerability VCID-sth3-da79-67bt
14
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.12
1
url pkg:gem/activerecord@3.2.13
purl pkg:gem/activerecord@3.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-3qsf-qm7w-y7be
4
vulnerability VCID-74g9-svkp-h3f1
5
vulnerability VCID-c7qj-hcu8-p7hc
6
vulnerability VCID-cgfh-yfn7-7ke9
7
vulnerability VCID-cvs8-ejdv-uqhy
8
vulnerability VCID-fbrw-bbm6-fbhp
9
vulnerability VCID-mxkb-wz2d-1kb5
10
vulnerability VCID-rd4z-yncp-qkfu
11
vulnerability VCID-rhyd-xbpb-wufa
12
vulnerability VCID-sfaa-e8am-x7gn
13
vulnerability VCID-sth3-da79-67bt
14
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.13
aliases CVE-2013-1854, GHSA-3crr-9vmg-864v, OSV-91453
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhyd-xbpb-wufa
15
url VCID-sfaa-e8am-x7gn
vulnerability_id VCID-sfaa-e8am-x7gn
summary 
Multiple vulnerabilities were found in Ruby on Rails, the worst of
    which allowing for execution of arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-3933
reference_id
reference_type
scores
0
value 0.00712
scoring_system epss
scoring_elements 0.72837
published_at 2026-06-12T12:55:00Z
1
value 0.00712
scoring_system epss
scoring_elements 0.72761
published_at 2026-06-11T12:55:00Z
2
value 0.00712
scoring_system epss
scoring_elements 0.72851
published_at 2026-06-14T12:55:00Z
3
value 0.00712
scoring_system epss
scoring_elements 0.72853
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-3933
1
reference_url http://secunia.com/advisories/41930
reference_id
reference_type
scores
url http://secunia.com/advisories/41930
2
reference_url http://securitytracker.com/id?1024624
reference_id
reference_type
scores
url http://securitytracker.com/id?1024624
3
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
4
reference_url https://github.com/rails/rails/commit/2d96bccb1e8b62e3e11ca0c5d38aaa8cece889ae
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/2d96bccb1e8b62e3e11ca0c5d38aaa8cece889ae
5
reference_url https://github.com/rails/rails/commit/96183e0f284bab27667e5a38fa6a1578eb029585
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/96183e0f284bab27667e5a38fa6a1578eb029585
6
reference_url https://web.archive.org/web/20101129225633/http://securitytracker.com/alerts/2010/Oct/1024624.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20101129225633/http://securitytracker.com/alerts/2010/Oct/1024624.html
7
reference_url https://web.archive.org/web/20111225083933/http://secunia.com/advisories/41930
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111225083933/http://secunia.com/advisories/41930
8
reference_url https://web.archive.org/web/20201208053819/http://securitytracker.com/id?1024624
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201208053819/http://securitytracker.com/id?1024624
9
reference_url http://weblog.rubyonrails.org/2010/10/15/security-vulnerability-in-nested-attributes-code-in-ruby-on-rails-2-3-9-and-3-0-0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2010/10/15/security-vulnerability-in-nested-attributes-code-in-ruby-on-rails-2-3-9-and-3-0-0
10
reference_url http://www.vupen.com/english/advisories/2010/2719
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/2719
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-3933
reference_id CVE-2010-3933
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-3933
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2010-3933.yml
reference_id CVE-2010-3933.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2010-3933.yml
13
reference_url https://github.com/advisories/GHSA-gjxw-5w2q-7grf
reference_id GHSA-gjxw-5w2q-7grf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gjxw-5w2q-7grf
14
reference_url https://security.gentoo.org/glsa/201412-28
reference_id GLSA-201412-28
reference_type
scores
url https://security.gentoo.org/glsa/201412-28
fixed_packages
aliases CVE-2010-3933, GHSA-gjxw-5w2q-7grf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sfaa-e8am-x7gn
16
url VCID-sth3-da79-67bt
vulnerability_id VCID-sth3-da79-67bt
summary Active Record subject to strong parameters protection bypass
references
0
reference_url http://openwall.com/lists/oss-security/2014/08/18/10
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/08/18/10
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-1102.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1102.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3514.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3514.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3514
reference_id
reference_type
scores
0
value 0.00331
scoring_system epss
scoring_elements 0.56418
published_at 2026-06-11T12:55:00Z
1
value 0.00331
scoring_system epss
scoring_elements 0.56541
published_at 2026-06-14T12:55:00Z
2
value 0.00331
scoring_system epss
scoring_elements 0.56551
published_at 2026-06-13T12:55:00Z
3
value 0.00331
scoring_system epss
scoring_elements 0.56537
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3514
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3514
5
reference_url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ
6
reference_url https://groups.google.com/forum/#!msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ
7
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/M4chq5Sb540
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/ruby-security-ann/M4chq5Sb540
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1131240
reference_id 1131240
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1131240
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3514
reference_id CVE-2014-3514
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3514
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-3514.yml
reference_id CVE-2014-3514.YML
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-3514.yml
11
reference_url https://github.com/advisories/GHSA-9rf5-jm6f-2fmm
reference_id GHSA-9rf5-jm6f-2fmm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9rf5-jm6f-2fmm
12
reference_url https://access.redhat.com/errata/RHSA-2014:1102
reference_id RHSA-2014:1102
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1102
fixed_packages
0
url pkg:gem/activerecord@4.0.9
purl pkg:gem/activerecord@4.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-3qsf-qm7w-y7be
3
vulnerability VCID-c7qj-hcu8-p7hc
4
vulnerability VCID-cgfh-yfn7-7ke9
5
vulnerability VCID-cvs8-ejdv-uqhy
6
vulnerability VCID-fbrw-bbm6-fbhp
7
vulnerability VCID-rd4z-yncp-qkfu
8
vulnerability VCID-runz-vm7e-a3fs
9
vulnerability VCID-sfaa-e8am-x7gn
10
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.0.9
1
url pkg:gem/activerecord@4.1.0.beta1
purl pkg:gem/activerecord@4.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-3qsf-qm7w-y7be
4
vulnerability VCID-74g9-svkp-h3f1
5
vulnerability VCID-c7qj-hcu8-p7hc
6
vulnerability VCID-cgfh-yfn7-7ke9
7
vulnerability VCID-cvs8-ejdv-uqhy
8
vulnerability VCID-fbrw-bbm6-fbhp
9
vulnerability VCID-mxkb-wz2d-1kb5
10
vulnerability VCID-rd4z-yncp-qkfu
11
vulnerability VCID-runz-vm7e-a3fs
12
vulnerability VCID-sfaa-e8am-x7gn
13
vulnerability VCID-sth3-da79-67bt
14
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.0.beta1
2
url pkg:gem/activerecord@4.1.5
purl pkg:gem/activerecord@4.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-3qsf-qm7w-y7be
3
vulnerability VCID-c7qj-hcu8-p7hc
4
vulnerability VCID-cgfh-yfn7-7ke9
5
vulnerability VCID-cvs8-ejdv-uqhy
6
vulnerability VCID-fbrw-bbm6-fbhp
7
vulnerability VCID-rd4z-yncp-qkfu
8
vulnerability VCID-runz-vm7e-a3fs
9
vulnerability VCID-sfaa-e8am-x7gn
10
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.5
aliases CVE-2014-3514, GHSA-9rf5-jm6f-2fmm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sth3-da79-67bt
17
url VCID-u2gv-wvdc-tfbs
vulnerability_id VCID-u2gv-wvdc-tfbs
summary 
Multiple vulnerabilities were found in Ruby on Rails, the worst of
    which allowing for execution of arbitrary code.
references
0
reference_url http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source&output=gplain
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source&output=gplain
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2930
reference_id
reference_type
scores
0
value 0.00955
scoring_system epss
scoring_elements 0.76938
published_at 2026-06-14T12:55:00Z
1
value 0.00955
scoring_system epss
scoring_elements 0.76929
published_at 2026-06-12T12:55:00Z
2
value 0.00955
scoring_system epss
scoring_elements 0.76944
published_at 2026-06-13T12:55:00Z
3
value 0.00955
scoring_system epss
scoring_elements 0.7686
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2930
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=731438
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=731438
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930
5
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
6
reference_url https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85
7
reference_url http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6
8
reference_url http://www.debian.org/security/2011/dsa-2301
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2301
9
reference_url http://www.openwall.com/lists/oss-security/2011/08/17/1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/08/17/1
10
reference_url http://www.openwall.com/lists/oss-security/2011/08/19/11
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/08/19/11
11
reference_url http://www.openwall.com/lists/oss-security/2011/08/20/1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/08/20/1
12
reference_url http://www.openwall.com/lists/oss-security/2011/08/22/13
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/08/22/13
13
reference_url http://www.openwall.com/lists/oss-security/2011/08/22/14
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/08/22/14
14
reference_url http://www.openwall.com/lists/oss-security/2011/08/22/5
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/08/22/5
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-2930
reference_id CVE-2011-2930
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-2930
16
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-2930.yml
reference_id CVE-2011-2930.YML
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-2930.yml
17
reference_url https://github.com/advisories/GHSA-h6w6-xmqv-7q78
reference_id GHSA-h6w6-xmqv-7q78
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h6w6-xmqv-7q78
18
reference_url https://security.gentoo.org/glsa/201412-28
reference_id GLSA-201412-28
reference_type
scores
url https://security.gentoo.org/glsa/201412-28
fixed_packages
aliases CVE-2011-2930, GHSA-h6w6-xmqv-7q78
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u2gv-wvdc-tfbs
Fixing_vulnerabilities
0
url VCID-pbgu-3zaj-ukay
vulnerability_id VCID-pbgu-3zaj-ukay
summary 
A vulnerability in Active Record could allow a remote attacker to
    inject SQL commands.
references
0
reference_url http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0220.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0220.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6496.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6496.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6496
reference_id
reference_type
scores
0
value 0.01017
scoring_system epss
scoring_elements 0.7769
published_at 2026-06-13T12:55:00Z
1
value 0.01017
scoring_system epss
scoring_elements 0.77676
published_at 2026-06-12T12:55:00Z
2
value 0.01017
scoring_system epss
scoring_elements 0.77682
published_at 2026-06-14T12:55:00Z
3
value 0.01017
scoring_system epss
scoring_elements 0.77607
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6496
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=889649
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=889649
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6496
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6496
8
reference_url http://security.gentoo.org/glsa/glsa-201401-22.xml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://security.gentoo.org/glsa/glsa-201401-22.xml
9
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
10
reference_url https://github.com/rails/rails/commit/9de9b359d0d24f70f0f6c5c58a7ad8750684d456
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/9de9b359d0d24f70f0f6c5c58a7ad8750684d456
11
reference_url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM
12
reference_url https://groups.google.com/group/rubyonrails-security/msg/23daa048baf28b64?dmode=source&output=gplain
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/23daa048baf28b64?dmode=source&output=gplain
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-6496
reference_id CVE-2012-6496
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-6496
14
reference_url https://github.com/advisories/GHSA-gh2w-j7cx-2664
reference_id GHSA-gh2w-j7cx-2664
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gh2w-j7cx-2664
15
reference_url https://security.gentoo.org/glsa/201401-22
reference_id GLSA-201401-22
reference_type
scores
url https://security.gentoo.org/glsa/201401-22
16
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
17
reference_url https://access.redhat.com/errata/RHSA-2013:0155
reference_id RHSA-2013:0155
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0155
18
reference_url https://access.redhat.com/errata/RHSA-2013:0220
reference_id RHSA-2013:0220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0220
fixed_packages
0
url pkg:gem/activerecord@2.3.15
purl pkg:gem/activerecord@2.3.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-39m4-12ms-skh2
4
vulnerability VCID-3ser-nhqn-mbar
5
vulnerability VCID-74g9-svkp-h3f1
6
vulnerability VCID-c7qj-hcu8-p7hc
7
vulnerability VCID-cgfh-yfn7-7ke9
8
vulnerability VCID-cvs8-ejdv-uqhy
9
vulnerability VCID-fbrw-bbm6-fbhp
10
vulnerability VCID-hh3w-dxkg-8ygx
11
vulnerability VCID-mxkb-wz2d-1kb5
12
vulnerability VCID-rd4z-yncp-qkfu
13
vulnerability VCID-rhyd-xbpb-wufa
14
vulnerability VCID-sfaa-e8am-x7gn
15
vulnerability VCID-sth3-da79-67bt
16
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.15
1
url pkg:gem/activerecord@3.0.18
purl pkg:gem/activerecord@3.0.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-39m4-12ms-skh2
4
vulnerability VCID-3ser-nhqn-mbar
5
vulnerability VCID-74g9-svkp-h3f1
6
vulnerability VCID-c7qj-hcu8-p7hc
7
vulnerability VCID-cgfh-yfn7-7ke9
8
vulnerability VCID-cvs8-ejdv-uqhy
9
vulnerability VCID-fbrw-bbm6-fbhp
10
vulnerability VCID-hh3w-dxkg-8ygx
11
vulnerability VCID-mxkb-wz2d-1kb5
12
vulnerability VCID-rd4z-yncp-qkfu
13
vulnerability VCID-rhyd-xbpb-wufa
14
vulnerability VCID-sfaa-e8am-x7gn
15
vulnerability VCID-sth3-da79-67bt
16
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.18
2
url pkg:gem/activerecord@3.1.0.beta1
purl pkg:gem/activerecord@3.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18n5-8cur-m7ae
1
vulnerability VCID-1ua6-6a16-9fde
2
vulnerability VCID-2b1z-1k24-kfb8
3
vulnerability VCID-34kh-7cbr-s7b9
4
vulnerability VCID-39m4-12ms-skh2
5
vulnerability VCID-3qsf-qm7w-y7be
6
vulnerability VCID-3ser-nhqn-mbar
7
vulnerability VCID-72jm-58dq-mub5
8
vulnerability VCID-74g9-svkp-h3f1
9
vulnerability VCID-c7qj-hcu8-p7hc
10
vulnerability VCID-cgfh-yfn7-7ke9
11
vulnerability VCID-cvs8-ejdv-uqhy
12
vulnerability VCID-fbrw-bbm6-fbhp
13
vulnerability VCID-hh3w-dxkg-8ygx
14
vulnerability VCID-mxkb-wz2d-1kb5
15
vulnerability VCID-pbgu-3zaj-ukay
16
vulnerability VCID-rd4z-yncp-qkfu
17
vulnerability VCID-rhyd-xbpb-wufa
18
vulnerability VCID-sfaa-e8am-x7gn
19
vulnerability VCID-sth3-da79-67bt
20
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.0.beta1
3
url pkg:gem/activerecord@3.1.9
purl pkg:gem/activerecord@3.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-39m4-12ms-skh2
4
vulnerability VCID-3qsf-qm7w-y7be
5
vulnerability VCID-3ser-nhqn-mbar
6
vulnerability VCID-74g9-svkp-h3f1
7
vulnerability VCID-c7qj-hcu8-p7hc
8
vulnerability VCID-cgfh-yfn7-7ke9
9
vulnerability VCID-cvs8-ejdv-uqhy
10
vulnerability VCID-fbrw-bbm6-fbhp
11
vulnerability VCID-hh3w-dxkg-8ygx
12
vulnerability VCID-mxkb-wz2d-1kb5
13
vulnerability VCID-rd4z-yncp-qkfu
14
vulnerability VCID-rhyd-xbpb-wufa
15
vulnerability VCID-sfaa-e8am-x7gn
16
vulnerability VCID-sth3-da79-67bt
17
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.9
4
url pkg:gem/activerecord@3.2.0.rc1
purl pkg:gem/activerecord@3.2.0.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18n5-8cur-m7ae
1
vulnerability VCID-1ua6-6a16-9fde
2
vulnerability VCID-2b1z-1k24-kfb8
3
vulnerability VCID-34kh-7cbr-s7b9
4
vulnerability VCID-39m4-12ms-skh2
5
vulnerability VCID-3qsf-qm7w-y7be
6
vulnerability VCID-3ser-nhqn-mbar
7
vulnerability VCID-72jm-58dq-mub5
8
vulnerability VCID-74g9-svkp-h3f1
9
vulnerability VCID-c7qj-hcu8-p7hc
10
vulnerability VCID-cgfh-yfn7-7ke9
11
vulnerability VCID-cvs8-ejdv-uqhy
12
vulnerability VCID-fbrw-bbm6-fbhp
13
vulnerability VCID-hh3w-dxkg-8ygx
14
vulnerability VCID-mxkb-wz2d-1kb5
15
vulnerability VCID-pbgu-3zaj-ukay
16
vulnerability VCID-rd4z-yncp-qkfu
17
vulnerability VCID-rhyd-xbpb-wufa
18
vulnerability VCID-sfaa-e8am-x7gn
19
vulnerability VCID-sth3-da79-67bt
20
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.0.rc1
5
url pkg:gem/activerecord@3.2.10
purl pkg:gem/activerecord@3.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ua6-6a16-9fde
1
vulnerability VCID-2b1z-1k24-kfb8
2
vulnerability VCID-34kh-7cbr-s7b9
3
vulnerability VCID-39m4-12ms-skh2
4
vulnerability VCID-3qsf-qm7w-y7be
5
vulnerability VCID-3ser-nhqn-mbar
6
vulnerability VCID-74g9-svkp-h3f1
7
vulnerability VCID-c7qj-hcu8-p7hc
8
vulnerability VCID-cgfh-yfn7-7ke9
9
vulnerability VCID-cvs8-ejdv-uqhy
10
vulnerability VCID-fbrw-bbm6-fbhp
11
vulnerability VCID-hh3w-dxkg-8ygx
12
vulnerability VCID-mxkb-wz2d-1kb5
13
vulnerability VCID-rd4z-yncp-qkfu
14
vulnerability VCID-rhyd-xbpb-wufa
15
vulnerability VCID-sfaa-e8am-x7gn
16
vulnerability VCID-sth3-da79-67bt
17
vulnerability VCID-u2gv-wvdc-tfbs
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.10
aliases CVE-2012-6496, GHSA-gh2w-j7cx-2664, OSV-88661
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pbgu-3zaj-ukay
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.9