Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/actionpack@3.0
Typegem
Namespace
Nameactionpack
Version3.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version7.0.8.7
Latest_non_vulnerable_version8.1.2.1
Affected_by_vulnerabilities
0
url VCID-c1w4-z275-tqg7
vulnerability_id VCID-c1w4-z275-tqg7
summary 
Ruby on Rails Potential XSS Vulnerability in select_tag prompt
When a value for the `prompt` field is supplied to the `select_tag` helper, the value is not escaped. If untrusted data is not escaped, and is supplied as the prompt value, there is a potential for XSS attacks.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3463.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3463.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3463
reference_id
reference_type
scores
0
value 0.00333
scoring_system epss
scoring_elements 0.56143
published_at 2026-04-21T12:55:00Z
1
value 0.00333
scoring_system epss
scoring_elements 0.56166
published_at 2026-04-09T12:55:00Z
2
value 0.00333
scoring_system epss
scoring_elements 0.56177
published_at 2026-04-11T12:55:00Z
3
value 0.00333
scoring_system epss
scoring_elements 0.56153
published_at 2026-04-12T12:55:00Z
4
value 0.00333
scoring_system epss
scoring_elements 0.56137
published_at 2026-04-13T12:55:00Z
5
value 0.00333
scoring_system epss
scoring_elements 0.56171
published_at 2026-04-16T12:55:00Z
6
value 0.00333
scoring_system epss
scoring_elements 0.56174
published_at 2026-04-18T12:55:00Z
7
value 0.00333
scoring_system epss
scoring_elements 0.56001
published_at 2026-04-01T12:55:00Z
8
value 0.00333
scoring_system epss
scoring_elements 0.5611
published_at 2026-04-07T12:55:00Z
9
value 0.00333
scoring_system epss
scoring_elements 0.5613
published_at 2026-04-04T12:55:00Z
10
value 0.00333
scoring_system epss
scoring_elements 0.56161
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3463
3
reference_url https://github.com/rails/rails/commit/6d0526db91afb0675c2ad3d871529d1536303c64
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/6d0526db91afb0675c2ad3d871529d1536303c64
4
reference_url https://groups.google.com/forum/?fromgroups=#!searchin/rubyonrails-security/3463/rubyonrails-security/fV3QUToSMSw/eHBSFOUYHpYJ
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!searchin/rubyonrails-security/3463/rubyonrails-security/fV3QUToSMSw/eHBSFOUYHpYJ
5
reference_url https://groups.google.com/group/rubyonrails-security/msg/961e18e514527078?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/961e18e514527078?dmode=source&output=gplain
6
reference_url https://groups.google.com/g/rubyonrails-security/c/fV3QUToSMSw/m/eHBSFOUYHpYJ?pli=1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/rubyonrails-security/c/fV3QUToSMSw/m/eHBSFOUYHpYJ?pli=1
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3463
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3463
8
reference_url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released
9
reference_url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released/
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released/
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=847196
reference_id 847196
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=847196
11
reference_url https://github.com/advisories/GHSA-98mf-8f57-64qf
reference_id GHSA-98mf-8f57-64qf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-98mf-8f57-64qf
12
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
13
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
fixed_packages
0
url pkg:gem/actionpack@3.0.17
purl pkg:gem/actionpack@3.0.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xgz-hwng-n3eq
1
vulnerability VCID-333w-aacz-mfcr
2
vulnerability VCID-35rt-t6e1-pfa6
3
vulnerability VCID-3wtf-uu89-2qe5
4
vulnerability VCID-3x4p-t3yb-3yak
5
vulnerability VCID-3zdr-vasc-a7cn
6
vulnerability VCID-49pq-vg95-jkh2
7
vulnerability VCID-4epw-vk25-mfdw
8
vulnerability VCID-4he5-y1u4-gkd2
9
vulnerability VCID-5hqj-fxmk-cbcy
10
vulnerability VCID-63gy-6njy-kbd8
11
vulnerability VCID-6j55-bstz-yybj
12
vulnerability VCID-7f5r-9h1g-nuch
13
vulnerability VCID-86jq-2md2-d7ah
14
vulnerability VCID-9hq5-3usy-5fhq
15
vulnerability VCID-a6sp-18av-wya6
16
vulnerability VCID-bjwf-uhyk-63aj
17
vulnerability VCID-carc-ntrd-ebfe
18
vulnerability VCID-cdnw-t8n1-23ep
19
vulnerability VCID-cnqr-6e98-5kgk
20
vulnerability VCID-dd9p-x7k3-37ea
21
vulnerability VCID-ehbj-aezy-d7h4
22
vulnerability VCID-g3rk-djae-pkeh
23
vulnerability VCID-h8gs-ansa-9bd9
24
vulnerability VCID-h94p-ywve-y7h9
25
vulnerability VCID-hmp2-rmzv-wkhg
26
vulnerability VCID-hppf-a715-r7b2
27
vulnerability VCID-j24x-nhsb-yug6
28
vulnerability VCID-kcj2-v7av-47cv
29
vulnerability VCID-knsd-pv15-tydx
30
vulnerability VCID-mep3-6sub-ykdk
31
vulnerability VCID-mnkw-23eu-bkgc
32
vulnerability VCID-msda-xqbp-qfdd
33
vulnerability VCID-n8cc-3stk-97b5
34
vulnerability VCID-nf8s-2aaa-17fw
35
vulnerability VCID-p5mc-r1rg-5ff7
36
vulnerability VCID-phxs-zet8-ryh3
37
vulnerability VCID-pmrb-t3bm-zkb6
38
vulnerability VCID-rps2-k24p-9qgq
39
vulnerability VCID-sfyc-jewr-wuf5
40
vulnerability VCID-sgdb-985e-4uej
41
vulnerability VCID-tt6r-bytq-4fa4
42
vulnerability VCID-v3r3-bwp5-a3bn
43
vulnerability VCID-vgm2-8wjy-x7ed
44
vulnerability VCID-wg3a-j2dp-ayh4
45
vulnerability VCID-y8gn-9fat-e7d1
46
vulnerability VCID-ynqu-cjn9-fqf2
47
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.0.17
1
url pkg:gem/actionpack@3.1.0.beta1
purl pkg:gem/actionpack@3.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rgy-k7a9-m7au
1
vulnerability VCID-1xgz-hwng-n3eq
2
vulnerability VCID-333w-aacz-mfcr
3
vulnerability VCID-35rt-t6e1-pfa6
4
vulnerability VCID-3wtf-uu89-2qe5
5
vulnerability VCID-3x4p-t3yb-3yak
6
vulnerability VCID-3zdr-vasc-a7cn
7
vulnerability VCID-49pq-vg95-jkh2
8
vulnerability VCID-4epw-vk25-mfdw
9
vulnerability VCID-4he5-y1u4-gkd2
10
vulnerability VCID-5hqj-fxmk-cbcy
11
vulnerability VCID-63gy-6njy-kbd8
12
vulnerability VCID-6j55-bstz-yybj
13
vulnerability VCID-7f5r-9h1g-nuch
14
vulnerability VCID-86jq-2md2-d7ah
15
vulnerability VCID-9hq5-3usy-5fhq
16
vulnerability VCID-a6sp-18av-wya6
17
vulnerability VCID-awt1-8bxs-xffs
18
vulnerability VCID-bjwf-uhyk-63aj
19
vulnerability VCID-c1w4-z275-tqg7
20
vulnerability VCID-carc-ntrd-ebfe
21
vulnerability VCID-cdnw-t8n1-23ep
22
vulnerability VCID-cnqr-6e98-5kgk
23
vulnerability VCID-cwa7-9d2t-rfhb
24
vulnerability VCID-dd9p-x7k3-37ea
25
vulnerability VCID-ehbj-aezy-d7h4
26
vulnerability VCID-g3rk-djae-pkeh
27
vulnerability VCID-h8gs-ansa-9bd9
28
vulnerability VCID-h94p-ywve-y7h9
29
vulnerability VCID-hmp2-rmzv-wkhg
30
vulnerability VCID-hppf-a715-r7b2
31
vulnerability VCID-j24x-nhsb-yug6
32
vulnerability VCID-kcj2-v7av-47cv
33
vulnerability VCID-knsd-pv15-tydx
34
vulnerability VCID-mep3-6sub-ykdk
35
vulnerability VCID-mnkw-23eu-bkgc
36
vulnerability VCID-msda-xqbp-qfdd
37
vulnerability VCID-n8cc-3stk-97b5
38
vulnerability VCID-nf8s-2aaa-17fw
39
vulnerability VCID-p5mc-r1rg-5ff7
40
vulnerability VCID-phxs-zet8-ryh3
41
vulnerability VCID-pmrb-t3bm-zkb6
42
vulnerability VCID-rps2-k24p-9qgq
43
vulnerability VCID-sfyc-jewr-wuf5
44
vulnerability VCID-sgdb-985e-4uej
45
vulnerability VCID-tt6r-bytq-4fa4
46
vulnerability VCID-v3r3-bwp5-a3bn
47
vulnerability VCID-vgm2-8wjy-x7ed
48
vulnerability VCID-wg3a-j2dp-ayh4
49
vulnerability VCID-y8gn-9fat-e7d1
50
vulnerability VCID-ynqu-cjn9-fqf2
51
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.1.0.beta1
2
url pkg:gem/actionpack@3.1.8
purl pkg:gem/actionpack@3.1.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xgz-hwng-n3eq
1
vulnerability VCID-333w-aacz-mfcr
2
vulnerability VCID-35rt-t6e1-pfa6
3
vulnerability VCID-3wtf-uu89-2qe5
4
vulnerability VCID-3x4p-t3yb-3yak
5
vulnerability VCID-3zdr-vasc-a7cn
6
vulnerability VCID-49pq-vg95-jkh2
7
vulnerability VCID-4epw-vk25-mfdw
8
vulnerability VCID-4he5-y1u4-gkd2
9
vulnerability VCID-5hqj-fxmk-cbcy
10
vulnerability VCID-63gy-6njy-kbd8
11
vulnerability VCID-6j55-bstz-yybj
12
vulnerability VCID-7f5r-9h1g-nuch
13
vulnerability VCID-86jq-2md2-d7ah
14
vulnerability VCID-9hq5-3usy-5fhq
15
vulnerability VCID-a6sp-18av-wya6
16
vulnerability VCID-bjwf-uhyk-63aj
17
vulnerability VCID-carc-ntrd-ebfe
18
vulnerability VCID-cdnw-t8n1-23ep
19
vulnerability VCID-cnqr-6e98-5kgk
20
vulnerability VCID-dd9p-x7k3-37ea
21
vulnerability VCID-ehbj-aezy-d7h4
22
vulnerability VCID-g3rk-djae-pkeh
23
vulnerability VCID-h8gs-ansa-9bd9
24
vulnerability VCID-h94p-ywve-y7h9
25
vulnerability VCID-hmp2-rmzv-wkhg
26
vulnerability VCID-hppf-a715-r7b2
27
vulnerability VCID-j24x-nhsb-yug6
28
vulnerability VCID-kcj2-v7av-47cv
29
vulnerability VCID-knsd-pv15-tydx
30
vulnerability VCID-mep3-6sub-ykdk
31
vulnerability VCID-mnkw-23eu-bkgc
32
vulnerability VCID-msda-xqbp-qfdd
33
vulnerability VCID-n8cc-3stk-97b5
34
vulnerability VCID-nf8s-2aaa-17fw
35
vulnerability VCID-p5mc-r1rg-5ff7
36
vulnerability VCID-phxs-zet8-ryh3
37
vulnerability VCID-pmrb-t3bm-zkb6
38
vulnerability VCID-rps2-k24p-9qgq
39
vulnerability VCID-sfyc-jewr-wuf5
40
vulnerability VCID-sgdb-985e-4uej
41
vulnerability VCID-tt6r-bytq-4fa4
42
vulnerability VCID-v3r3-bwp5-a3bn
43
vulnerability VCID-vgm2-8wjy-x7ed
44
vulnerability VCID-wg3a-j2dp-ayh4
45
vulnerability VCID-y8gn-9fat-e7d1
46
vulnerability VCID-ynqu-cjn9-fqf2
47
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.1.8
3
url pkg:gem/actionpack@3.2.0.rc1
purl pkg:gem/actionpack@3.2.0.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rgy-k7a9-m7au
1
vulnerability VCID-1xgz-hwng-n3eq
2
vulnerability VCID-333w-aacz-mfcr
3
vulnerability VCID-35rt-t6e1-pfa6
4
vulnerability VCID-3wtf-uu89-2qe5
5
vulnerability VCID-3x4p-t3yb-3yak
6
vulnerability VCID-3zdr-vasc-a7cn
7
vulnerability VCID-49pq-vg95-jkh2
8
vulnerability VCID-4epw-vk25-mfdw
9
vulnerability VCID-4he5-y1u4-gkd2
10
vulnerability VCID-5hqj-fxmk-cbcy
11
vulnerability VCID-63gy-6njy-kbd8
12
vulnerability VCID-6j55-bstz-yybj
13
vulnerability VCID-7f5r-9h1g-nuch
14
vulnerability VCID-86jq-2md2-d7ah
15
vulnerability VCID-9hq5-3usy-5fhq
16
vulnerability VCID-a6sp-18av-wya6
17
vulnerability VCID-awt1-8bxs-xffs
18
vulnerability VCID-bjwf-uhyk-63aj
19
vulnerability VCID-c1w4-z275-tqg7
20
vulnerability VCID-carc-ntrd-ebfe
21
vulnerability VCID-cdnw-t8n1-23ep
22
vulnerability VCID-cnqr-6e98-5kgk
23
vulnerability VCID-cwa7-9d2t-rfhb
24
vulnerability VCID-dd9p-x7k3-37ea
25
vulnerability VCID-ehbj-aezy-d7h4
26
vulnerability VCID-g3rk-djae-pkeh
27
vulnerability VCID-h8gs-ansa-9bd9
28
vulnerability VCID-h94p-ywve-y7h9
29
vulnerability VCID-hmp2-rmzv-wkhg
30
vulnerability VCID-hppf-a715-r7b2
31
vulnerability VCID-j24x-nhsb-yug6
32
vulnerability VCID-kcj2-v7av-47cv
33
vulnerability VCID-knsd-pv15-tydx
34
vulnerability VCID-mep3-6sub-ykdk
35
vulnerability VCID-mnkw-23eu-bkgc
36
vulnerability VCID-msda-xqbp-qfdd
37
vulnerability VCID-n8cc-3stk-97b5
38
vulnerability VCID-nf8s-2aaa-17fw
39
vulnerability VCID-p5mc-r1rg-5ff7
40
vulnerability VCID-phxs-zet8-ryh3
41
vulnerability VCID-pmrb-t3bm-zkb6
42
vulnerability VCID-rps2-k24p-9qgq
43
vulnerability VCID-s5ah-tf63-a7cw
44
vulnerability VCID-sfyc-jewr-wuf5
45
vulnerability VCID-sgdb-985e-4uej
46
vulnerability VCID-tt6r-bytq-4fa4
47
vulnerability VCID-v3r3-bwp5-a3bn
48
vulnerability VCID-vgm2-8wjy-x7ed
49
vulnerability VCID-wg3a-j2dp-ayh4
50
vulnerability VCID-y8gn-9fat-e7d1
51
vulnerability VCID-ynqu-cjn9-fqf2
52
vulnerability VCID-z1jv-4ga2-7kd1
53
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.2.0.rc1
4
url pkg:gem/actionpack@3.2.8
purl pkg:gem/actionpack@3.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xgz-hwng-n3eq
1
vulnerability VCID-333w-aacz-mfcr
2
vulnerability VCID-35rt-t6e1-pfa6
3
vulnerability VCID-3wtf-uu89-2qe5
4
vulnerability VCID-3x4p-t3yb-3yak
5
vulnerability VCID-3zdr-vasc-a7cn
6
vulnerability VCID-42dz-pxpv-qff3
7
vulnerability VCID-49pq-vg95-jkh2
8
vulnerability VCID-4epw-vk25-mfdw
9
vulnerability VCID-4he5-y1u4-gkd2
10
vulnerability VCID-5hqj-fxmk-cbcy
11
vulnerability VCID-63gy-6njy-kbd8
12
vulnerability VCID-6j55-bstz-yybj
13
vulnerability VCID-7f5r-9h1g-nuch
14
vulnerability VCID-86jq-2md2-d7ah
15
vulnerability VCID-9hq5-3usy-5fhq
16
vulnerability VCID-a6sp-18av-wya6
17
vulnerability VCID-bjwf-uhyk-63aj
18
vulnerability VCID-carc-ntrd-ebfe
19
vulnerability VCID-cdnw-t8n1-23ep
20
vulnerability VCID-cnqr-6e98-5kgk
21
vulnerability VCID-dd9p-x7k3-37ea
22
vulnerability VCID-ehbj-aezy-d7h4
23
vulnerability VCID-g3rk-djae-pkeh
24
vulnerability VCID-h8gs-ansa-9bd9
25
vulnerability VCID-h94p-ywve-y7h9
26
vulnerability VCID-hmp2-rmzv-wkhg
27
vulnerability VCID-hppf-a715-r7b2
28
vulnerability VCID-j24x-nhsb-yug6
29
vulnerability VCID-kcj2-v7av-47cv
30
vulnerability VCID-knsd-pv15-tydx
31
vulnerability VCID-mep3-6sub-ykdk
32
vulnerability VCID-mnkw-23eu-bkgc
33
vulnerability VCID-msda-xqbp-qfdd
34
vulnerability VCID-n8cc-3stk-97b5
35
vulnerability VCID-nf8s-2aaa-17fw
36
vulnerability VCID-p5mc-r1rg-5ff7
37
vulnerability VCID-phxs-zet8-ryh3
38
vulnerability VCID-pmrb-t3bm-zkb6
39
vulnerability VCID-rps2-k24p-9qgq
40
vulnerability VCID-s5ah-tf63-a7cw
41
vulnerability VCID-sfyc-jewr-wuf5
42
vulnerability VCID-sgdb-985e-4uej
43
vulnerability VCID-tt6r-bytq-4fa4
44
vulnerability VCID-v3r3-bwp5-a3bn
45
vulnerability VCID-vgm2-8wjy-x7ed
46
vulnerability VCID-wg3a-j2dp-ayh4
47
vulnerability VCID-y8gn-9fat-e7d1
48
vulnerability VCID-ynqu-cjn9-fqf2
49
vulnerability VCID-z1jv-4ga2-7kd1
50
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.2.8
aliases CVE-2012-3463, GHSA-98mf-8f57-64qf, OSV-84515
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c1w4-z275-tqg7
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.0