Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/actionpack@6.0.4.1
Typegem
Namespace
Nameactionpack
Version6.0.4.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version8.1.2.1
Latest_non_vulnerable_version8.1.2.1
Affected_by_vulnerabilities
0
url VCID-171r-59fd-2bbj
vulnerability_id VCID-171r-59fd-2bbj
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22577.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22577.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22577
reference_id
reference_type
scores
0
value 0.00405
scoring_system epss
scoring_elements 0.61524
published_at 2026-06-14T12:55:00Z
1
value 0.00405
scoring_system epss
scoring_elements 0.61417
published_at 2026-06-11T12:55:00Z
2
value 0.00405
scoring_system epss
scoring_elements 0.61529
published_at 2026-06-13T12:55:00Z
3
value 0.00405
scoring_system epss
scoring_elements 0.61521
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22577
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
12
reference_url https://discuss.rubyonrails.org/t/cve-2022-22577-possible-xss-vulnerability-in-action-pack/80533
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://discuss.rubyonrails.org/t/cve-2022-22577-possible-xss-vulnerability-in-action-pack/80533
13
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
14
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
15
reference_url https://github.com/rails/rails/commit/2b820a2a69fa50cffa74b4aedc57bf92ed6910ec
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/2b820a2a69fa50cffa74b4aedc57bf92ed6910ec
16
reference_url https://github.com/rails/rails/commit/5299b57d596ea274f77f5ffee2b79c6ee0255508
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/5299b57d596ea274f77f5ffee2b79c6ee0255508
17
reference_url https://github.com/rails/rails/commit/8198d7c4accad0b6ba956b9d59528534a289866b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/8198d7c4accad0b6ba956b9d59528534a289866b
18
reference_url https://github.com/rails/rails/commit/d2253115ac2b30f5f7210670af906cebf79cf809
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/d2253115ac2b30f5f7210670af906cebf79cf809
19
reference_url https://github.com/rails/rails/pull/44635
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/pull/44635
20
reference_url https://groups.google.com/g/ruby-security-ann/c/NuFRKaN5swI
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/ruby-security-ann/c/NuFRKaN5swI
21
reference_url https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html
22
reference_url https://rubyonrails.org/2022/4/26/Rails-7-0-2-4-6-1-5-1-6-0-4-8-and-5-2-7-1-have-been-released
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rubyonrails.org/2022/4/26/Rails-7-0-2-4-6-1-5-1-6-0-4-8-and-5-2-7-1-have-been-released
23
reference_url https://security.netapp.com/advisory/ntap-20221118-0002
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20221118-0002
24
reference_url https://security.netapp.com/advisory/ntap-20221118-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20221118-0002/
25
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011941
reference_id 1011941
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011941
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2080302
reference_id 2080302
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2080302
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22577
reference_id CVE-2022-22577
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-22577
28
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2022-22577.yml
reference_id CVE-2022-22577.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2022-22577.yml
29
reference_url https://github.com/advisories/GHSA-mm33-5vfq-3mm3
reference_id GHSA-mm33-5vfq-3mm3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mm33-5vfq-3mm3
30
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
fixed_packages
0
url pkg:gem/actionpack@6.0.4.8
purl pkg:gem/actionpack@6.0.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.0.4.8
1
url pkg:gem/actionpack@6.1.5.1
purl pkg:gem/actionpack@6.1.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.5.1
2
url pkg:gem/actionpack@7.0.2.4
purl pkg:gem/actionpack@7.0.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-g5uw-9j6g-cyb6
6
vulnerability VCID-h6gd-uea5-u3bp
7
vulnerability VCID-q148-xawj-bkeu
8
vulnerability VCID-us61-ajgq-5uaa
9
vulnerability VCID-zbyh-ajmd-tybh
10
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.2.4
aliases CVE-2022-22577, GHSA-mm33-5vfq-3mm3, GMS-2022-1137
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-171r-59fd-2bbj
1
url VCID-2uka-fwza-dyfc
vulnerability_id VCID-2uka-fwza-dyfc
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22792.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22792.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-22792
reference_id
reference_type
scores
0
value 0.02264
scoring_system epss
scoring_elements 0.84992
published_at 2026-06-11T12:55:00Z
1
value 0.02264
scoring_system epss
scoring_elements 0.85046
published_at 2026-06-14T12:55:00Z
2
value 0.02264
scoring_system epss
scoring_elements 0.85053
published_at 2026-06-13T12:55:00Z
3
value 0.02264
scoring_system epss
scoring_elements 0.85044
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-22792
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
14
reference_url https://github.com/rails/rails/releases/tag/v7.0.4.1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/releases/tag/v7.0.4.1
15
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-22792.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-22792.yml
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-22792
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-22792
17
reference_url https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released
18
reference_url https://security.netapp.com/advisory/ntap-20240202-0007
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240202-0007
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030050
reference_id 1030050
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030050
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2164800
reference_id 2164800
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2164800
21
reference_url https://discuss.rubyonrails.org/t/cve-2023-22792-possible-redos-based-dos-vulnerability-in-action-dispatch/82115
reference_id 82115
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-24T20:30:13Z/
url https://discuss.rubyonrails.org/t/cve-2023-22792-possible-redos-based-dos-vulnerability-in-action-dispatch/82115
22
reference_url https://www.debian.org/security/2023/dsa-5372
reference_id dsa-5372
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-24T20:30:13Z/
url https://www.debian.org/security/2023/dsa-5372
23
reference_url https://github.com/advisories/GHSA-p84v-45xj-wwqj
reference_id GHSA-p84v-45xj-wwqj
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p84v-45xj-wwqj
24
reference_url https://security.netapp.com/advisory/ntap-20240202-0007/
reference_id ntap-20240202-0007
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-24T20:30:13Z/
url https://security.netapp.com/advisory/ntap-20240202-0007/
25
reference_url https://access.redhat.com/errata/RHSA-2023:6818
reference_id RHSA-2023:6818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6818
fixed_packages
0
url pkg:gem/actionpack@6.1.7.1
purl pkg:gem/actionpack@6.1.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.7.1
1
url pkg:gem/actionpack@7.0.4.1
purl pkg:gem/actionpack@7.0.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.4.1
aliases CVE-2023-22792, GHSA-p84v-45xj-wwqj, GMS-2023-58
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2uka-fwza-dyfc
2
url VCID-3e1p-t61q-xfft
vulnerability_id VCID-3e1p-t61q-xfft
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23633.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23633.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23633
reference_id
reference_type
scores
0
value 0.00254
scoring_system epss
scoring_elements 0.49194
published_at 2026-06-14T12:55:00Z
1
value 0.00254
scoring_system epss
scoring_elements 0.49204
published_at 2026-06-13T12:55:00Z
2
value 0.00254
scoring_system epss
scoring_elements 0.49186
published_at 2026-06-12T12:55:00Z
3
value 0.00254
scoring_system epss
scoring_elements 0.49049
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23633
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
12
reference_url https://discuss.rubyonrails.org/t/cve-2022-23633-possible-exposure-of-information-vulnerability-in-action-pack/80016
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.rubyonrails.org/t/cve-2022-23633-possible-exposure-of-information-vulnerability-in-action-pack/80016
13
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
14
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
15
reference_url https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/f9a2ad03943d5c2ba54e1d45f155442b519c75da
16
reference_url https://groups.google.com/g/ruby-security-ann/c/FkTM-_7zSNA/m/K2RiMJBlBAAJ
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/ruby-security-ann/c/FkTM-_7zSNA/m/K2RiMJBlBAAJ
17
reference_url https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html
18
reference_url https://rubyonrails.org/2022/2/11/Rails-7-0-2-2-6-1-4-6-6-0-4-6-and-5-2-6-2-have-been-released
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rubyonrails.org/2022/2/11/Rails-7-0-2-2-6-1-4-6-6-0-4-6-and-5-2-6-2-have-been-released
19
reference_url https://security.netapp.com/advisory/ntap-20240119-0013
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240119-0013
20
reference_url https://security.netapp.com/advisory/ntap-20240119-0013/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20240119-0013/
21
reference_url http://www.openwall.com/lists/oss-security/2022/02/11/5
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/02/11/5
22
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005389
reference_id 1005389
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005389
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2063149
reference_id 2063149
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2063149
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23633
reference_id CVE-2022-23633
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23633
25
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2022-23633.yml
reference_id CVE-2022-23633.YML
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2022-23633.yml
26
reference_url https://github.com/advisories/GHSA-wh98-p28r-vrc9
reference_id GHSA-wh98-p28r-vrc9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wh98-p28r-vrc9
27
reference_url https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9
reference_id GHSA-wh98-p28r-vrc9
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9
28
reference_url https://access.redhat.com/errata/RHSA-2022:5498
reference_id RHSA-2022:5498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5498
fixed_packages
0
url pkg:gem/actionpack@6.0.4.6
purl pkg:gem/actionpack@6.0.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-171r-59fd-2bbj
1
vulnerability VCID-2uka-fwza-dyfc
2
vulnerability VCID-3k19-3heq-dufq
3
vulnerability VCID-5r3f-m1fv-f7bp
4
vulnerability VCID-6hkq-y2fb-skgq
5
vulnerability VCID-fnx8-28wd-qqgx
6
vulnerability VCID-h6gd-uea5-u3bp
7
vulnerability VCID-kkxa-423m-vqbt
8
vulnerability VCID-q148-xawj-bkeu
9
vulnerability VCID-us61-ajgq-5uaa
10
vulnerability VCID-zbyh-ajmd-tybh
11
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.0.4.6
1
url pkg:gem/actionpack@6.1.0.rc1
purl pkg:gem/actionpack@6.1.0.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-f5mb-arn4-skau
5
vulnerability VCID-fnx8-28wd-qqgx
6
vulnerability VCID-h6gd-uea5-u3bp
7
vulnerability VCID-q148-xawj-bkeu
8
vulnerability VCID-us61-ajgq-5uaa
9
vulnerability VCID-zbyh-ajmd-tybh
10
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.0.rc1
2
url pkg:gem/actionpack@6.1.4.6
purl pkg:gem/actionpack@6.1.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-171r-59fd-2bbj
1
vulnerability VCID-2uka-fwza-dyfc
2
vulnerability VCID-3k19-3heq-dufq
3
vulnerability VCID-5r3f-m1fv-f7bp
4
vulnerability VCID-6hkq-y2fb-skgq
5
vulnerability VCID-fnx8-28wd-qqgx
6
vulnerability VCID-h6gd-uea5-u3bp
7
vulnerability VCID-kkxa-423m-vqbt
8
vulnerability VCID-q148-xawj-bkeu
9
vulnerability VCID-us61-ajgq-5uaa
10
vulnerability VCID-zbyh-ajmd-tybh
11
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.4.6
3
url pkg:gem/actionpack@7.0.0.alpha1
purl pkg:gem/actionpack@7.0.0.alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.0.alpha1
4
url pkg:gem/actionpack@7.0.2.2
purl pkg:gem/actionpack@7.0.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-171r-59fd-2bbj
1
vulnerability VCID-2uka-fwza-dyfc
2
vulnerability VCID-3k19-3heq-dufq
3
vulnerability VCID-5r3f-m1fv-f7bp
4
vulnerability VCID-6hkq-y2fb-skgq
5
vulnerability VCID-fnx8-28wd-qqgx
6
vulnerability VCID-g5uw-9j6g-cyb6
7
vulnerability VCID-h6gd-uea5-u3bp
8
vulnerability VCID-kkxa-423m-vqbt
9
vulnerability VCID-q148-xawj-bkeu
10
vulnerability VCID-us61-ajgq-5uaa
11
vulnerability VCID-zbyh-ajmd-tybh
12
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.2.2
aliases CVE-2022-23633, GHSA-wh98-p28r-vrc9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3e1p-t61q-xfft
3
url VCID-3k19-3heq-dufq
vulnerability_id VCID-3k19-3heq-dufq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41128.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41128.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-41128
reference_id
reference_type
scores
0
value 0.00557
scoring_system epss
scoring_elements 0.68744
published_at 2026-06-12T12:55:00Z
1
value 0.00557
scoring_system epss
scoring_elements 0.68757
published_at 2026-06-13T12:55:00Z
2
value 0.00557
scoring_system epss
scoring_elements 0.68652
published_at 2026-06-11T12:55:00Z
3
value 0.00557
scoring_system epss
scoring_elements 0.68753
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-41128
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41128
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41128
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085376
reference_id 1085376
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085376
6
reference_url https://github.com/rails/rails/commit/27121e80f6dbb260f5a9f0452cd8411cb681f075
reference_id 27121e80f6dbb260f5a9f0452cd8411cb681f075
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T17:09:25Z/
url https://github.com/rails/rails/commit/27121e80f6dbb260f5a9f0452cd8411cb681f075
7
reference_url https://github.com/rails/rails/commit/b0fe99fa854ec8ff4498e75779b458392d1560ef
reference_id b0fe99fa854ec8ff4498e75779b458392d1560ef
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T17:09:25Z/
url https://github.com/rails/rails/commit/b0fe99fa854ec8ff4498e75779b458392d1560ef
8
reference_url https://github.com/rails/rails/commit/b1241f468d1b32235f438c2e2203386e6efd3891
reference_id b1241f468d1b32235f438c2e2203386e6efd3891
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T17:09:25Z/
url https://github.com/rails/rails/commit/b1241f468d1b32235f438c2e2203386e6efd3891
9
reference_url https://access.redhat.com/security/cve/cve-2024-41128
reference_id cve-2024-41128
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T17:09:25Z/
url https://access.redhat.com/security/cve/cve-2024-41128
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-41128
reference_id CVE-2024-41128
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-41128
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-41128.yml
reference_id CVE-2024-41128.YML
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-41128.yml
12
reference_url https://github.com/rails/rails/commit/fb493bebae1a9b83e494fe7edbf01f6167d606fd
reference_id fb493bebae1a9b83e494fe7edbf01f6167d606fd
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T17:09:25Z/
url https://github.com/rails/rails/commit/fb493bebae1a9b83e494fe7edbf01f6167d606fd
13
reference_url https://github.com/advisories/GHSA-x76w-6vjr-8xgj
reference_id GHSA-x76w-6vjr-8xgj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x76w-6vjr-8xgj
14
reference_url https://github.com/rails/rails/security/advisories/GHSA-x76w-6vjr-8xgj
reference_id GHSA-x76w-6vjr-8xgj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T17:09:25Z/
url https://github.com/rails/rails/security/advisories/GHSA-x76w-6vjr-8xgj
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2319036
reference_id show_bug.cgi?id=2319036
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T17:09:25Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2319036
16
reference_url https://usn.ubuntu.com/7290-1/
reference_id USN-7290-1
reference_type
scores
url https://usn.ubuntu.com/7290-1/
fixed_packages
0
url pkg:gem/actionpack@6.1.7.9
purl pkg:gem/actionpack@6.1.7.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
1
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.7.9
1
url pkg:gem/actionpack@7.0.0.alpha1
purl pkg:gem/actionpack@7.0.0.alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.0.alpha1
2
url pkg:gem/actionpack@7.0.8.5
purl pkg:gem/actionpack@7.0.8.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
1
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.8.5
3
url pkg:gem/actionpack@7.1.0.beta1
purl pkg:gem/actionpack@7.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-5r3f-m1fv-f7bp
2
vulnerability VCID-6hkq-y2fb-skgq
3
vulnerability VCID-q148-xawj-bkeu
4
vulnerability VCID-us61-ajgq-5uaa
5
vulnerability VCID-zbyh-ajmd-tybh
6
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.1.0.beta1
4
url pkg:gem/actionpack@7.1.4.1
purl pkg:gem/actionpack@7.1.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
1
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.1.4.1
5
url pkg:gem/actionpack@7.2.0.beta1
purl pkg:gem/actionpack@7.2.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-q148-xawj-bkeu
2
vulnerability VCID-us61-ajgq-5uaa
3
vulnerability VCID-zbyh-ajmd-tybh
4
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.2.0.beta1
6
url pkg:gem/actionpack@7.2.1.1
purl pkg:gem/actionpack@7.2.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
1
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.2.1.1
7
url pkg:gem/actionpack@8.0.0.beta1
purl pkg:gem/actionpack@8.0.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-us61-ajgq-5uaa
2
vulnerability VCID-zbyh-ajmd-tybh
3
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@8.0.0.beta1
aliases CVE-2024-41128, GHSA-x76w-6vjr-8xgj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3k19-3heq-dufq
4
url VCID-5r3f-m1fv-f7bp
vulnerability_id VCID-5r3f-m1fv-f7bp
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26142.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26142.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-26142
reference_id
reference_type
scores
0
value 0.03542
scoring_system epss
scoring_elements 0.87994
published_at 2026-06-14T12:55:00Z
1
value 0.03542
scoring_system epss
scoring_elements 0.87996
published_at 2026-06-13T12:55:00Z
2
value 0.03542
scoring_system epss
scoring_elements 0.87989
published_at 2026-06-12T12:55:00Z
3
value 0.03542
scoring_system epss
scoring_elements 0.87948
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-26142
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2266324
reference_id 2266324
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2266324
5
reference_url https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946
reference_id 84946
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-28T20:01:00Z/
url https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946
6
reference_url https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272
reference_id b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-28T20:01:00Z/
url https://github.com/rails/rails/commit/b4d3bfb5ed8a5b5a90aad3a3b28860c7a931e272
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-26142
reference_id CVE-2024-26142
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-26142
8
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml
reference_id CVE-2024-26142.yml
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-28T20:01:00Z/
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26142.yml
9
reference_url https://github.com/advisories/GHSA-jjhx-jhvp-74wq
reference_id GHSA-jjhx-jhvp-74wq
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jjhx-jhvp-74wq
10
reference_url https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq
reference_id GHSA-jjhx-jhvp-74wq
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-28T20:01:00Z/
url https://github.com/rails/rails/security/advisories/GHSA-jjhx-jhvp-74wq
11
reference_url https://security.netapp.com/advisory/ntap-20240503-0003/
reference_id ntap-20240503-0003
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-28T20:01:00Z/
url https://security.netapp.com/advisory/ntap-20240503-0003/
fixed_packages
0
url pkg:gem/actionpack@7.1.3.1
purl pkg:gem/actionpack@7.1.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-q148-xawj-bkeu
2
vulnerability VCID-us61-ajgq-5uaa
3
vulnerability VCID-zbyh-ajmd-tybh
4
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.1.3.1
aliases CVE-2024-26142, GHSA-jjhx-jhvp-74wq
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5r3f-m1fv-f7bp
5
url VCID-6hkq-y2fb-skgq
vulnerability_id VCID-6hkq-y2fb-skgq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26143.json
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26143.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-26143
reference_id
reference_type
scores
0
value 0.02067
scoring_system epss
scoring_elements 0.843
published_at 2026-06-11T12:55:00Z
1
value 0.02067
scoring_system epss
scoring_elements 0.84358
published_at 2026-06-14T12:55:00Z
2
value 0.02067
scoring_system epss
scoring_elements 0.84364
published_at 2026-06-13T12:55:00Z
3
value 0.02067
scoring_system epss
scoring_elements 0.84355
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-26143
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
4
reference_url https://security.netapp.com/advisory/ntap-20240510-0004
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240510-0004
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2266388
reference_id 2266388
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2266388
6
reference_url https://github.com/rails/rails/commit/4c83b331092a79d58e4adffe4be5f250fa5782cc
reference_id 4c83b331092a79d58e4adffe4be5f250fa5782cc
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-29T18:24:49Z/
url https://github.com/rails/rails/commit/4c83b331092a79d58e4adffe4be5f250fa5782cc
7
reference_url https://github.com/rails/rails/commit/5187a9ef51980ad1b8e81945ebe0462d28f84f9e
reference_id 5187a9ef51980ad1b8e81945ebe0462d28f84f9e
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-29T18:24:49Z/
url https://github.com/rails/rails/commit/5187a9ef51980ad1b8e81945ebe0462d28f84f9e
8
reference_url https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947
reference_id 84947
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-29T18:24:49Z/
url https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-26143
reference_id CVE-2024-26143
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-26143
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26143.yml
reference_id CVE-2024-26143.yml
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-29T18:24:49Z/
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-26143.yml
11
reference_url https://github.com/advisories/GHSA-9822-6m93-xqf4
reference_id GHSA-9822-6m93-xqf4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9822-6m93-xqf4
12
reference_url https://github.com/rails/rails/security/advisories/GHSA-9822-6m93-xqf4
reference_id GHSA-9822-6m93-xqf4
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-29T18:24:49Z/
url https://github.com/rails/rails/security/advisories/GHSA-9822-6m93-xqf4
13
reference_url https://security.netapp.com/advisory/ntap-20240510-0004/
reference_id ntap-20240510-0004
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-29T18:24:49Z/
url https://security.netapp.com/advisory/ntap-20240510-0004/
fixed_packages
0
url pkg:gem/actionpack@7.0.8.1
purl pkg:gem/actionpack@7.0.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-q148-xawj-bkeu
2
vulnerability VCID-us61-ajgq-5uaa
3
vulnerability VCID-zbyh-ajmd-tybh
4
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.8.1
1
url pkg:gem/actionpack@7.1.3.1
purl pkg:gem/actionpack@7.1.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-q148-xawj-bkeu
2
vulnerability VCID-us61-ajgq-5uaa
3
vulnerability VCID-zbyh-ajmd-tybh
4
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.1.3.1
aliases CVE-2024-26143, GHSA-9822-6m93-xqf4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6hkq-y2fb-skgq
6
url VCID-fnx8-28wd-qqgx
vulnerability_id VCID-fnx8-28wd-qqgx
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22795.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22795.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-22795
reference_id
reference_type
scores
0
value 0.01304
scoring_system epss
scoring_elements 0.80176
published_at 2026-06-11T12:55:00Z
1
value 0.01304
scoring_system epss
scoring_elements 0.80246
published_at 2026-06-14T12:55:00Z
2
value 0.01304
scoring_system epss
scoring_elements 0.80254
published_at 2026-06-13T12:55:00Z
3
value 0.01304
scoring_system epss
scoring_elements 0.80238
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-22795
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
12
reference_url https://discuss.rubyonrails.org/t/cve-2023-22795-possible-redos-based-dos-vulnerability-in-action-dispatch/82118
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://discuss.rubyonrails.org/t/cve-2023-22795-possible-redos-based-dos-vulnerability-in-action-dispatch/82118
13
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
14
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
15
reference_url https://github.com/rails/rails/commit/8d82687f3b04b2803320b64f985308239a8c3d2f
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/8d82687f3b04b2803320b64f985308239a8c3d2f
16
reference_url https://github.com/rails/rails/commit/8dc45950619a4c64d16fb9370570c996d201f9b0
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/8dc45950619a4c64d16fb9370570c996d201f9b0
17
reference_url https://github.com/rails/rails/commit/cd461c3e64e09cdcb1e379d1c35423c5e2caa592
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/cd461c3e64e09cdcb1e379d1c35423c5e2caa592
18
reference_url https://github.com/rails/rails/releases/tag/v6.1.7.1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/releases/tag/v6.1.7.1
19
reference_url https://github.com/rails/rails/releases/tag/v7.0.4.1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/releases/tag/v7.0.4.1
20
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-22795.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-22795.yml
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-22795
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-22795
22
reference_url https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030050
reference_id 1030050
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030050
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2164799
reference_id 2164799
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2164799
25
reference_url https://github.com/advisories/GHSA-8xww-x3g3-6jcv
reference_id GHSA-8xww-x3g3-6jcv
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8xww-x3g3-6jcv
26
reference_url https://access.redhat.com/errata/RHSA-2023:6818
reference_id RHSA-2023:6818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6818
fixed_packages
0
url pkg:gem/actionpack@6.1.7.1
purl pkg:gem/actionpack@6.1.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.7.1
1
url pkg:gem/actionpack@7.0.4.1
purl pkg:gem/actionpack@7.0.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.4.1
aliases CVE-2023-22795, GHSA-8xww-x3g3-6jcv, GMS-2023-56
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fnx8-28wd-qqgx
7
url VCID-h6gd-uea5-u3bp
vulnerability_id VCID-h6gd-uea5-u3bp
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28362.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28362.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-28362
reference_id
reference_type
scores
0
value 0.00207
scoring_system epss
scoring_elements 0.43064
published_at 2026-06-11T12:55:00Z
1
value 0.00207
scoring_system epss
scoring_elements 0.43231
published_at 2026-06-14T12:55:00Z
2
value 0.00207
scoring_system epss
scoring_elements 0.4324
published_at 2026-06-13T12:55:00Z
3
value 0.00207
scoring_system epss
scoring_elements 0.43222
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-28362
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28362
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
5
reference_url https://github.com/rails/rails/commit/c9ab9b32bcdcfd8bcd55907f6c7b20b4e004cc23
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/c9ab9b32bcdcfd8bcd55907f6c7b20b4e004cc23
6
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-28362.yml
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-28362.yml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-28362
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-28362
8
reference_url https://security.netapp.com/advisory/ntap-20250502-0009
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20250502-0009
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051058
reference_id 1051058
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051058
10
reference_url https://github.com/rails/rails/commit/1c3f93d1e90a3475f9ae2377ead25ccf11f71441
reference_id 1c3f93d1e90a3475f9ae2377ead25ccf11f71441
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:26:42Z/
url https://github.com/rails/rails/commit/1c3f93d1e90a3475f9ae2377ead25ccf11f71441
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2217785
reference_id 2217785
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2217785
12
reference_url https://github.com/rails/rails/commit/69e37c84e3f77d75566424c7d0015172d6a6fac5
reference_id 69e37c84e3f77d75566424c7d0015172d6a6fac5
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:26:42Z/
url https://github.com/rails/rails/commit/69e37c84e3f77d75566424c7d0015172d6a6fac5
13
reference_url https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132
reference_id 83132
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements
1
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
2
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:26:42Z/
url https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132
14
reference_url https://github.com/advisories/GHSA-4g8v-vg43-wpgf
reference_id GHSA-4g8v-vg43-wpgf
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:26:42Z/
url https://github.com/advisories/GHSA-4g8v-vg43-wpgf
15
reference_url https://access.redhat.com/errata/RHSA-2023:7851
reference_id RHSA-2023:7851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7851
fixed_packages
0
url pkg:gem/actionpack@6.1.7.4
purl pkg:gem/actionpack@6.1.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-5r3f-m1fv-f7bp
2
vulnerability VCID-6hkq-y2fb-skgq
3
vulnerability VCID-q148-xawj-bkeu
4
vulnerability VCID-us61-ajgq-5uaa
5
vulnerability VCID-zbyh-ajmd-tybh
6
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.7.4
1
url pkg:gem/actionpack@7.0.5.1
purl pkg:gem/actionpack@7.0.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-5r3f-m1fv-f7bp
2
vulnerability VCID-6hkq-y2fb-skgq
3
vulnerability VCID-q148-xawj-bkeu
4
vulnerability VCID-us61-ajgq-5uaa
5
vulnerability VCID-zbyh-ajmd-tybh
6
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.5.1
aliases CVE-2023-28362, GHSA-4g8v-vg43-wpgf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6gd-uea5-u3bp
8
url VCID-kkxa-423m-vqbt
vulnerability_id VCID-kkxa-423m-vqbt
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27777.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27777.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-27777
reference_id
reference_type
scores
0
value 0.00852
scoring_system epss
scoring_elements 0.75423
published_at 2026-06-12T12:55:00Z
1
value 0.00852
scoring_system epss
scoring_elements 0.75432
published_at 2026-06-14T12:55:00Z
2
value 0.00852
scoring_system epss
scoring_elements 0.75352
published_at 2026-06-11T12:55:00Z
3
value 0.00852
scoring_system epss
scoring_elements 0.75437
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-27777
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
12
reference_url https://discuss.rubyonrails.org/t/cve-2022-27777-possible-xss-vulnerability-in-action-view-tag-helpers/80534
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://discuss.rubyonrails.org/t/cve-2022-27777-possible-xss-vulnerability-in-action-view-tag-helpers/80534
13
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
14
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
15
reference_url https://github.com/rails/rails/commit/649516ce0feb699ae06a8c5e81df75d460cc9a85
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/649516ce0feb699ae06a8c5e81df75d460cc9a85
16
reference_url https://groups.google.com/g/ruby-security-ann/c/9wJPEDv-iRw
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/ruby-security-ann/c/9wJPEDv-iRw
17
reference_url https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html
18
reference_url https://rubyonrails.org/2022/4/26/Rails-7-0-2-4-6-1-5-1-6-0-4-8-and-5-2-7-1-have-been-released
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rubyonrails.org/2022/4/26/Rails-7-0-2-4-6-1-5-1-6-0-4-8-and-5-2-7-1-have-been-released
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016982
reference_id 1016982
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016982
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2080296
reference_id 2080296
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2080296
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-27777
reference_id CVE-2022-27777
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-27777
22
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2022-27777.yml
reference_id CVE-2022-27777.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2022-27777.yml
23
reference_url https://github.com/advisories/GHSA-ch3h-j2vf-95pv
reference_id GHSA-ch3h-j2vf-95pv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-ch3h-j2vf-95pv
24
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
fixed_packages
0
url pkg:gem/actionpack@6.0.4.8
purl pkg:gem/actionpack@6.0.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.0.4.8
1
url pkg:gem/actionpack@6.1.5.1
purl pkg:gem/actionpack@6.1.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.5.1
2
url pkg:gem/actionpack@7.0.2.4
purl pkg:gem/actionpack@7.0.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-g5uw-9j6g-cyb6
6
vulnerability VCID-h6gd-uea5-u3bp
7
vulnerability VCID-q148-xawj-bkeu
8
vulnerability VCID-us61-ajgq-5uaa
9
vulnerability VCID-zbyh-ajmd-tybh
10
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.2.4
aliases CVE-2022-27777, GHSA-ch3h-j2vf-95pv, GMS-2022-1138
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kkxa-423m-vqbt
9
url VCID-q148-xawj-bkeu
vulnerability_id VCID-q148-xawj-bkeu
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28103.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28103.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-28103
reference_id
reference_type
scores
0
value 0.00832
scoring_system epss
scoring_elements 0.75028
published_at 2026-06-11T12:55:00Z
1
value 0.00832
scoring_system epss
scoring_elements 0.75109
published_at 2026-06-14T12:55:00Z
2
value 0.00832
scoring_system epss
scoring_elements 0.75112
published_at 2026-06-13T12:55:00Z
3
value 0.00832
scoring_system epss
scoring_elements 0.75099
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-28103
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
4
reference_url https://security.netapp.com/advisory/ntap-20241206-0002
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241206-0002
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072705
reference_id 1072705
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072705
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2290530
reference_id 2290530
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2290530
7
reference_url https://github.com/rails/rails/commit/35858f1d9d57f6c4050a8d9ab754bd5d088b4523
reference_id 35858f1d9d57f6c4050a8d9ab754bd5d088b4523
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T16:17:47Z/
url https://github.com/rails/rails/commit/35858f1d9d57f6c4050a8d9ab754bd5d088b4523
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-28103
reference_id CVE-2024-28103
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-28103
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-28103.yml
reference_id CVE-2024-28103.YML
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-28103.yml
10
reference_url https://github.com/advisories/GHSA-fwhr-88qx-h9g7
reference_id GHSA-fwhr-88qx-h9g7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fwhr-88qx-h9g7
11
reference_url https://github.com/rails/rails/security/advisories/GHSA-fwhr-88qx-h9g7
reference_id GHSA-fwhr-88qx-h9g7
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T16:17:47Z/
url https://github.com/rails/rails/security/advisories/GHSA-fwhr-88qx-h9g7
fixed_packages
0
url pkg:gem/actionpack@6.1.7.8
purl pkg:gem/actionpack@6.1.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-us61-ajgq-5uaa
2
vulnerability VCID-zbyh-ajmd-tybh
3
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.7.8
1
url pkg:gem/actionpack@7.0.0.alpha1
purl pkg:gem/actionpack@7.0.0.alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.0.alpha1
2
url pkg:gem/actionpack@7.0.8.4
purl pkg:gem/actionpack@7.0.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-us61-ajgq-5uaa
2
vulnerability VCID-zbyh-ajmd-tybh
3
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.8.4
3
url pkg:gem/actionpack@7.1.0.beta1
purl pkg:gem/actionpack@7.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-5r3f-m1fv-f7bp
2
vulnerability VCID-6hkq-y2fb-skgq
3
vulnerability VCID-q148-xawj-bkeu
4
vulnerability VCID-us61-ajgq-5uaa
5
vulnerability VCID-zbyh-ajmd-tybh
6
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.1.0.beta1
4
url pkg:gem/actionpack@7.1.3.4
purl pkg:gem/actionpack@7.1.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-us61-ajgq-5uaa
2
vulnerability VCID-zbyh-ajmd-tybh
3
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.1.3.4
5
url pkg:gem/actionpack@7.2.0.beta2
purl pkg:gem/actionpack@7.2.0.beta2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-us61-ajgq-5uaa
2
vulnerability VCID-zbyh-ajmd-tybh
3
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.2.0.beta2
aliases CVE-2024-28103, GHSA-fwhr-88qx-h9g7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q148-xawj-bkeu
10
url VCID-tnty-pw45-4ug3
vulnerability_id VCID-tnty-pw45-4ug3
summary actionpack Open Redirect in Host Authorization Middleware
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44528.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44528.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44528
reference_id
reference_type
scores
0
value 0.28611
scoring_system epss
scoring_elements 0.96653
published_at 2026-06-12T12:55:00Z
1
value 0.28611
scoring_system epss
scoring_elements 0.96642
published_at 2026-06-11T12:55:00Z
2
value 0.28611
scoring_system epss
scoring_elements 0.96657
published_at 2026-06-14T12:55:00Z
3
value 0.28611
scoring_system epss
scoring_elements 0.96654
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44528
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
12
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
13
reference_url https://github.com/rails/rails/blob/v6.1.4.2/actionpack/CHANGELOG.md#rails-6142-december-14-2021
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/blob/v6.1.4.2/actionpack/CHANGELOG.md#rails-6142-december-14-2021
14
reference_url https://github.com/rails/rails/commit/0fccfb9a3097a9c4260c791f1a40b128517e7815
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/0fccfb9a3097a9c4260c791f1a40b128517e7815
15
reference_url https://github.com/rails/rails/commit/aecba3c301b80e9d5a63c30ea1b287bceaf2c107
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/aecba3c301b80e9d5a63c30ea1b287bceaf2c107
16
reference_url https://groups.google.com/g/ruby-security-ann/c/vG9gz3nk1pM/m/7-NU4MNrDAAJ
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/ruby-security-ann/c/vG9gz3nk1pM/m/7-NU4MNrDAAJ
17
reference_url https://groups.google.com/g/ruby-security-ann/c/vG9gz3nk1pM/m/7-NU4MNrDAAJ?utm_medium=email&utm_source=footer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/ruby-security-ann/c/vG9gz3nk1pM/m/7-NU4MNrDAAJ?utm_medium=email&utm_source=footer
18
reference_url https://security.netapp.com/advisory/ntap-20240208-0003
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240208-0003
19
reference_url https://security.netapp.com/advisory/ntap-20240208-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20240208-0003/
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001817
reference_id 1001817
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001817
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2034266
reference_id 2034266
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2034266
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44528
reference_id CVE-2021-44528
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44528
23
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2021-44528.yml
reference_id CVE-2021-44528.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2021-44528.yml
24
reference_url https://github.com/advisories/GHSA-qphc-hf5q-v8fc
reference_id GHSA-qphc-hf5q-v8fc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qphc-hf5q-v8fc
fixed_packages
0
url pkg:gem/actionpack@6.0.4.2
purl pkg:gem/actionpack@6.0.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-171r-59fd-2bbj
1
vulnerability VCID-2uka-fwza-dyfc
2
vulnerability VCID-3e1p-t61q-xfft
3
vulnerability VCID-3k19-3heq-dufq
4
vulnerability VCID-5r3f-m1fv-f7bp
5
vulnerability VCID-6hkq-y2fb-skgq
6
vulnerability VCID-fnx8-28wd-qqgx
7
vulnerability VCID-h6gd-uea5-u3bp
8
vulnerability VCID-kkxa-423m-vqbt
9
vulnerability VCID-q148-xawj-bkeu
10
vulnerability VCID-us61-ajgq-5uaa
11
vulnerability VCID-zbyh-ajmd-tybh
12
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.0.4.2
1
url pkg:gem/actionpack@6.1.0.rc1
purl pkg:gem/actionpack@6.1.0.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-f5mb-arn4-skau
5
vulnerability VCID-fnx8-28wd-qqgx
6
vulnerability VCID-h6gd-uea5-u3bp
7
vulnerability VCID-q148-xawj-bkeu
8
vulnerability VCID-us61-ajgq-5uaa
9
vulnerability VCID-zbyh-ajmd-tybh
10
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.0.rc1
2
url pkg:gem/actionpack@6.1.4.2
purl pkg:gem/actionpack@6.1.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-171r-59fd-2bbj
1
vulnerability VCID-2uka-fwza-dyfc
2
vulnerability VCID-3e1p-t61q-xfft
3
vulnerability VCID-3k19-3heq-dufq
4
vulnerability VCID-5r3f-m1fv-f7bp
5
vulnerability VCID-6hkq-y2fb-skgq
6
vulnerability VCID-fnx8-28wd-qqgx
7
vulnerability VCID-h6gd-uea5-u3bp
8
vulnerability VCID-kkxa-423m-vqbt
9
vulnerability VCID-q148-xawj-bkeu
10
vulnerability VCID-us61-ajgq-5uaa
11
vulnerability VCID-zbyh-ajmd-tybh
12
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.4.2
3
url pkg:gem/actionpack@7.0.0.alpha1
purl pkg:gem/actionpack@7.0.0.alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.0.alpha1
aliases CVE-2021-44528, GHSA-qphc-hf5q-v8fc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnty-pw45-4ug3
11
url VCID-us61-ajgq-5uaa
vulnerability_id VCID-us61-ajgq-5uaa
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33167.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33167.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33167
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.0629
published_at 2026-06-11T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0628
published_at 2026-06-14T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.06299
published_at 2026-06-13T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.0631
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33167
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
4
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2026-33167.yml
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2026-33167.yml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33167
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33167
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450552
reference_id 2450552
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450552
7
reference_url https://github.com/rails/rails/commit/6752711c8c31d79ba50d13af6a6698a3b85415e0
reference_id 6752711c8c31d79ba50d13af6a6698a3b85415e0
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T18:44:05Z/
url https://github.com/rails/rails/commit/6752711c8c31d79ba50d13af6a6698a3b85415e0
8
reference_url https://github.com/advisories/GHSA-pgm4-439c-5jp6
reference_id GHSA-pgm4-439c-5jp6
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pgm4-439c-5jp6
9
reference_url https://github.com/rails/rails/security/advisories/GHSA-pgm4-439c-5jp6
reference_id GHSA-pgm4-439c-5jp6
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T18:44:05Z/
url https://github.com/rails/rails/security/advisories/GHSA-pgm4-439c-5jp6
10
reference_url https://github.com/rails/rails/releases/tag/v8.1.2.1
reference_id v8.1.2.1
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T18:44:05Z/
url https://github.com/rails/rails/releases/tag/v8.1.2.1
fixed_packages
0
url pkg:gem/actionpack@8.1.2.1
purl pkg:gem/actionpack@8.1.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@8.1.2.1
aliases CVE-2026-33167, GHSA-pgm4-439c-5jp6
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-us61-ajgq-5uaa
12
url VCID-zbyh-ajmd-tybh
vulnerability_id VCID-zbyh-ajmd-tybh
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47887.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47887.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-47887
reference_id
reference_type
scores
0
value 0.00273
scoring_system epss
scoring_elements 0.50971
published_at 2026-06-11T12:55:00Z
1
value 0.00273
scoring_system epss
scoring_elements 0.51105
published_at 2026-06-14T12:55:00Z
2
value 0.00273
scoring_system epss
scoring_elements 0.51117
published_at 2026-06-13T12:55:00Z
3
value 0.00273
scoring_system epss
scoring_elements 0.51102
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-47887
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47887
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47887
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085376
reference_id 1085376
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085376
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2319034
reference_id 2319034
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2319034
7
reference_url https://github.com/rails/rails/commit/56b2fc3302836405b496e196a8d5fc0195e55049
reference_id 56b2fc3302836405b496e196a8d5fc0195e55049
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T16:34:50Z/
url https://github.com/rails/rails/commit/56b2fc3302836405b496e196a8d5fc0195e55049
8
reference_url https://github.com/rails/rails/commit/7c1398854d51f9bb193fb79f226647351133d08a
reference_id 7c1398854d51f9bb193fb79f226647351133d08a
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T16:34:50Z/
url https://github.com/rails/rails/commit/7c1398854d51f9bb193fb79f226647351133d08a
9
reference_url https://github.com/rails/rails/commit/8e057db25bff1dc7a98e9ae72e0083825b9ac545
reference_id 8e057db25bff1dc7a98e9ae72e0083825b9ac545
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T16:34:50Z/
url https://github.com/rails/rails/commit/8e057db25bff1dc7a98e9ae72e0083825b9ac545
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-47887
reference_id CVE-2024-47887
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-47887
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-47887.yml
reference_id CVE-2024-47887.YML
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-47887.yml
12
reference_url https://github.com/rails/rails/commit/f4dc83d8926509d0958ec21fcdbc2e7df3d32ce2
reference_id f4dc83d8926509d0958ec21fcdbc2e7df3d32ce2
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T16:34:50Z/
url https://github.com/rails/rails/commit/f4dc83d8926509d0958ec21fcdbc2e7df3d32ce2
13
reference_url https://github.com/advisories/GHSA-vfg9-r3fq-jvx4
reference_id GHSA-vfg9-r3fq-jvx4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vfg9-r3fq-jvx4
14
reference_url https://github.com/rails/rails/security/advisories/GHSA-vfg9-r3fq-jvx4
reference_id GHSA-vfg9-r3fq-jvx4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T16:34:50Z/
url https://github.com/rails/rails/security/advisories/GHSA-vfg9-r3fq-jvx4
15
reference_url https://usn.ubuntu.com/7290-1/
reference_id USN-7290-1
reference_type
scores
url https://usn.ubuntu.com/7290-1/
fixed_packages
0
url pkg:gem/actionpack@6.1.7.9
purl pkg:gem/actionpack@6.1.7.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
1
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.7.9
1
url pkg:gem/actionpack@7.0.0.alpha1
purl pkg:gem/actionpack@7.0.0.alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uka-fwza-dyfc
1
vulnerability VCID-3k19-3heq-dufq
2
vulnerability VCID-5r3f-m1fv-f7bp
3
vulnerability VCID-6hkq-y2fb-skgq
4
vulnerability VCID-fnx8-28wd-qqgx
5
vulnerability VCID-h6gd-uea5-u3bp
6
vulnerability VCID-q148-xawj-bkeu
7
vulnerability VCID-us61-ajgq-5uaa
8
vulnerability VCID-zbyh-ajmd-tybh
9
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.0.alpha1
2
url pkg:gem/actionpack@7.0.8.5
purl pkg:gem/actionpack@7.0.8.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
1
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.8.5
3
url pkg:gem/actionpack@7.1.0.beta1
purl pkg:gem/actionpack@7.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-5r3f-m1fv-f7bp
2
vulnerability VCID-6hkq-y2fb-skgq
3
vulnerability VCID-q148-xawj-bkeu
4
vulnerability VCID-us61-ajgq-5uaa
5
vulnerability VCID-zbyh-ajmd-tybh
6
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.1.0.beta1
4
url pkg:gem/actionpack@7.1.4.1
purl pkg:gem/actionpack@7.1.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
1
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.1.4.1
5
url pkg:gem/actionpack@7.2.0.beta1
purl pkg:gem/actionpack@7.2.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-q148-xawj-bkeu
2
vulnerability VCID-us61-ajgq-5uaa
3
vulnerability VCID-zbyh-ajmd-tybh
4
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.2.0.beta1
6
url pkg:gem/actionpack@7.2.1.1
purl pkg:gem/actionpack@7.2.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
1
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.2.1.1
7
url pkg:gem/actionpack@8.0.0.beta1
purl pkg:gem/actionpack@8.0.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-us61-ajgq-5uaa
2
vulnerability VCID-zbyh-ajmd-tybh
3
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@8.0.0.beta1
aliases CVE-2024-47887, GHSA-vfg9-r3fq-jvx4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zbyh-ajmd-tybh
13
url VCID-zxy2-w4m6-tucw
vulnerability_id VCID-zxy2-w4m6-tucw
summary Action Pack is a framework for handling and responding to web requests. There is a possible Cross Site Scripting (XSS) vulnerability in the `content_security_policy` helper starting in version 5.2.0 of Action Pack and prior to versions 7.0.8.7, 7.1.5.1, 7.2.2.1, and 8.0.0.1. Applications which set Content-Security-Policy (CSP) headers dynamically from untrusted user input may be vulnerable to carefully crafted inputs being able to inject new directives into the CSP. This could lead to a bypass of the CSP and its protection against XSS and other attacks. Versions 7.0.8.7, 7.1.5.1, 7.2.2.1, and 8.0.0.1 contain a fix. As a workaround, applications can avoid setting CSP headers dynamically from untrusted input, or can validate/sanitize that input.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54133.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54133.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-54133
reference_id
reference_type
scores
0
value 0.0019
scoring_system epss
scoring_elements 0.40917
published_at 2026-06-14T12:55:00Z
1
value 0.0019
scoring_system epss
scoring_elements 0.4093
published_at 2026-06-13T12:55:00Z
2
value 0.0019
scoring_system epss
scoring_elements 0.40739
published_at 2026-06-11T12:55:00Z
3
value 0.0019
scoring_system epss
scoring_elements 0.40906
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-54133
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54133
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54133
3
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
4
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-54133.yml
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2024-54133.yml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-54133
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-54133
6
reference_url https://security.netapp.com/advisory/ntap-20250306-0010
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20250306-0010
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089755
reference_id 1089755
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089755
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2331619
reference_id 2331619
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2331619
9
reference_url https://github.com/rails/rails/commit/2e3f41e4538b9ca1044357f6644f037bbb7c6c49
reference_id 2e3f41e4538b9ca1044357f6644f037bbb7c6c49
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T16:05:59Z/
url https://github.com/rails/rails/commit/2e3f41e4538b9ca1044357f6644f037bbb7c6c49
10
reference_url https://github.com/rails/rails/commit/3da2479cfe1e00177114b17e496213c40d286b3a
reference_id 3da2479cfe1e00177114b17e496213c40d286b3a
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T16:05:59Z/
url https://github.com/rails/rails/commit/3da2479cfe1e00177114b17e496213c40d286b3a
11
reference_url https://github.com/rails/rails/commit/5558e72f22fc69c1c407b31ac5fb3b4ce087b542
reference_id 5558e72f22fc69c1c407b31ac5fb3b4ce087b542
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T16:05:59Z/
url https://github.com/rails/rails/commit/5558e72f22fc69c1c407b31ac5fb3b4ce087b542
12
reference_url https://github.com/rails/rails/commit/cb16a3bb515b5d769f73926d9757270ace691f1d
reference_id cb16a3bb515b5d769f73926d9757270ace691f1d
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T16:05:59Z/
url https://github.com/rails/rails/commit/cb16a3bb515b5d769f73926d9757270ace691f1d
13
reference_url https://github.com/advisories/GHSA-vfm5-rmrh-j26v
reference_id GHSA-vfm5-rmrh-j26v
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vfm5-rmrh-j26v
14
reference_url https://github.com/rails/rails/security/advisories/GHSA-vfm5-rmrh-j26v
reference_id GHSA-vfm5-rmrh-j26v
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T16:05:59Z/
url https://github.com/rails/rails/security/advisories/GHSA-vfm5-rmrh-j26v
fixed_packages
0
url pkg:gem/actionpack@7.0.8.7
purl pkg:gem/actionpack@7.0.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.0.8.7
1
url pkg:gem/actionpack@7.1.0.beta1
purl pkg:gem/actionpack@7.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-5r3f-m1fv-f7bp
2
vulnerability VCID-6hkq-y2fb-skgq
3
vulnerability VCID-q148-xawj-bkeu
4
vulnerability VCID-us61-ajgq-5uaa
5
vulnerability VCID-zbyh-ajmd-tybh
6
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.1.0.beta1
2
url pkg:gem/actionpack@7.1.5.1
purl pkg:gem/actionpack@7.1.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.1.5.1
3
url pkg:gem/actionpack@7.2.0.beta1
purl pkg:gem/actionpack@7.2.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-q148-xawj-bkeu
2
vulnerability VCID-us61-ajgq-5uaa
3
vulnerability VCID-zbyh-ajmd-tybh
4
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.2.0.beta1
4
url pkg:gem/actionpack@7.2.2.1
purl pkg:gem/actionpack@7.2.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@7.2.2.1
5
url pkg:gem/actionpack@8.0.0.beta1
purl pkg:gem/actionpack@8.0.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3k19-3heq-dufq
1
vulnerability VCID-us61-ajgq-5uaa
2
vulnerability VCID-zbyh-ajmd-tybh
3
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@8.0.0.beta1
6
url pkg:gem/actionpack@8.0.0.1
purl pkg:gem/actionpack@8.0.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-us61-ajgq-5uaa
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@8.0.0.1
aliases CVE-2024-54133, GHSA-vfm5-rmrh-j26v
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zxy2-w4m6-tucw
Fixing_vulnerabilities
0
url VCID-4j57-xdw3-a7em
vulnerability_id VCID-4j57-xdw3-a7em
summary open redirect
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22942.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22942.json
1
reference_url https://access.redhat.com/security/cve/cve-2021-22942
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2021-22942
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22942
reference_id
reference_type
scores
0
value 0.00533
scoring_system epss
scoring_elements 0.67919
published_at 2026-06-14T12:55:00Z
1
value 0.00533
scoring_system epss
scoring_elements 0.67822
published_at 2026-06-11T12:55:00Z
2
value 0.00533
scoring_system epss
scoring_elements 0.6791
published_at 2026-06-12T12:55:00Z
3
value 0.00533
scoring_system epss
scoring_elements 0.67923
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22942
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22942
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44528
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22577
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27777
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
13
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
14
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2021-22942.yml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2021-22942.yml
15
reference_url https://groups.google.com/g/rubyonrails-security/c/wB5tRn7h36c
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/rubyonrails-security/c/wB5tRn7h36c
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-22942
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-22942
17
reference_url https://rubygems.org/gems/actionpack
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rubygems.org/gems/actionpack
18
reference_url https://security.netapp.com/advisory/ntap-20240202-0005
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240202-0005
19
reference_url https://security.netapp.com/advisory/ntap-20240202-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20240202-0005/
20
reference_url https://weblog.rubyonrails.org/2021/8/19/Rails-6-0-4-1-and-6-1-4-1-have-been-released
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://weblog.rubyonrails.org/2021/8/19/Rails-6-0-4-1-and-6-1-4-1-have-been-released
21
reference_url https://weblog.rubyonrails.org/2021/8/19/Rails-6-0-4-1-and-6-1-4-1-have-been-released/
reference_id
reference_type
scores
url https://weblog.rubyonrails.org/2021/8/19/Rails-6-0-4-1-and-6-1-4-1-have-been-released/
22
reference_url http://www.openwall.com/lists/oss-security/2021/12/14/5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/12/14/5
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1995940
reference_id 1995940
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1995940
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992586
reference_id 992586
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992586
25
reference_url https://security.archlinux.org/AVG-2492
reference_id AVG-2492
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2492
26
reference_url https://security.archlinux.org/AVG-2493
reference_id AVG-2493
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2493
27
reference_url https://github.com/advisories/GHSA-2rqw-v265-jf8c
reference_id GHSA-2rqw-v265-jf8c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2rqw-v265-jf8c
fixed_packages
0
url pkg:gem/actionpack@6.0.4.1
purl pkg:gem/actionpack@6.0.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-171r-59fd-2bbj
1
vulnerability VCID-2uka-fwza-dyfc
2
vulnerability VCID-3e1p-t61q-xfft
3
vulnerability VCID-3k19-3heq-dufq
4
vulnerability VCID-5r3f-m1fv-f7bp
5
vulnerability VCID-6hkq-y2fb-skgq
6
vulnerability VCID-fnx8-28wd-qqgx
7
vulnerability VCID-h6gd-uea5-u3bp
8
vulnerability VCID-kkxa-423m-vqbt
9
vulnerability VCID-q148-xawj-bkeu
10
vulnerability VCID-tnty-pw45-4ug3
11
vulnerability VCID-us61-ajgq-5uaa
12
vulnerability VCID-zbyh-ajmd-tybh
13
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.0.4.1
1
url pkg:gem/actionpack@6.1.4.1
purl pkg:gem/actionpack@6.1.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-171r-59fd-2bbj
1
vulnerability VCID-2uka-fwza-dyfc
2
vulnerability VCID-3e1p-t61q-xfft
3
vulnerability VCID-3k19-3heq-dufq
4
vulnerability VCID-5r3f-m1fv-f7bp
5
vulnerability VCID-6hkq-y2fb-skgq
6
vulnerability VCID-fnx8-28wd-qqgx
7
vulnerability VCID-h6gd-uea5-u3bp
8
vulnerability VCID-kkxa-423m-vqbt
9
vulnerability VCID-q148-xawj-bkeu
10
vulnerability VCID-tnty-pw45-4ug3
11
vulnerability VCID-us61-ajgq-5uaa
12
vulnerability VCID-zbyh-ajmd-tybh
13
vulnerability VCID-zxy2-w4m6-tucw
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.1.4.1
aliases CVE-2021-22942, GHSA-2rqw-v265-jf8c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4j57-xdw3-a7em
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/actionpack@6.0.4.1