Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/actionpack@3.0.0.alpha0
Typegem
Namespace
Nameactionpack
Version3.0.0.alpha0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version7.0.8.7
Latest_non_vulnerable_version8.1.2.1
Affected_by_vulnerabilities
0
url VCID-1rgy-k7a9-m7au
vulnerability_id VCID-1rgy-k7a9-m7au
summary 
XSS via posted select tag options
Ruby on Rails is vulnerable to remote cross-site scripting because the application does not validate manually generated `select tag options` upon submission to `actionpack/lib/action_view/helpers/form_options_helper.rb`. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
references
0
reference_url http://groups.google.com/group/rubyonrails-security/msg/6fca4f5c47705488?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/rubyonrails-security/msg/6fca4f5c47705488?dmode=source&output=gplain
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075675.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075740.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075740.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1099.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1099.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1099
reference_id
reference_type
scores
0
value 0.00399
scoring_system epss
scoring_elements 0.60704
published_at 2026-04-21T12:55:00Z
1
value 0.00399
scoring_system epss
scoring_elements 0.60616
published_at 2026-04-07T12:55:00Z
2
value 0.00399
scoring_system epss
scoring_elements 0.60645
published_at 2026-04-04T12:55:00Z
3
value 0.00399
scoring_system epss
scoring_elements 0.60665
published_at 2026-04-08T12:55:00Z
4
value 0.00399
scoring_system epss
scoring_elements 0.6068
published_at 2026-04-09T12:55:00Z
5
value 0.00399
scoring_system epss
scoring_elements 0.60705
published_at 2026-04-11T12:55:00Z
6
value 0.00399
scoring_system epss
scoring_elements 0.60691
published_at 2026-04-12T12:55:00Z
7
value 0.00399
scoring_system epss
scoring_elements 0.60671
published_at 2026-04-13T12:55:00Z
8
value 0.00399
scoring_system epss
scoring_elements 0.60713
published_at 2026-04-16T12:55:00Z
9
value 0.00399
scoring_system epss
scoring_elements 0.60719
published_at 2026-04-18T12:55:00Z
10
value 0.00399
scoring_system epss
scoring_elements 0.60541
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1099
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=799276
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=799276
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099
7
reference_url https://github.com/advisories/GHSA-2xjj-5x6h-8vmf
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2xjj-5x6h-8vmf
8
reference_url https://github.com/rails/rails/commit/9435f5a479317458c558ae743b7d876dd5a5db20
reference_id
reference_type
scores
url https://github.com/rails/rails/commit/9435f5a479317458c558ae743b7d876dd5a5db20
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2012-1099.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2012-1099.yml
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/OSVDB-79727.yml
reference_id
reference_type
scores
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/OSVDB-79727.yml
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1099
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1099
12
reference_url http://weblog.rubyonrails.org/2012/3/1/ann-rails-3-0-12-has-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2012/3/1/ann-rails-3-0-12-has-been-released
13
reference_url http://www.debian.org/security/2012/dsa-2466
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2466
14
reference_url http://www.openwall.com/lists/oss-security/2012/03/02/6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/03/02/6
15
reference_url http://www.openwall.com/lists/oss-security/2012/03/03/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/03/03/1
fixed_packages
0
url pkg:gem/actionpack@3.0.12
purl pkg:gem/actionpack@3.0.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xgz-hwng-n3eq
1
vulnerability VCID-333w-aacz-mfcr
2
vulnerability VCID-35rt-t6e1-pfa6
3
vulnerability VCID-3wtf-uu89-2qe5
4
vulnerability VCID-3x4p-t3yb-3yak
5
vulnerability VCID-3zdr-vasc-a7cn
6
vulnerability VCID-49pq-vg95-jkh2
7
vulnerability VCID-4epw-vk25-mfdw
8
vulnerability VCID-4he5-y1u4-gkd2
9
vulnerability VCID-5hqj-fxmk-cbcy
10
vulnerability VCID-63gy-6njy-kbd8
11
vulnerability VCID-6j55-bstz-yybj
12
vulnerability VCID-7f5r-9h1g-nuch
13
vulnerability VCID-86jq-2md2-d7ah
14
vulnerability VCID-9hq5-3usy-5fhq
15
vulnerability VCID-a6sp-18av-wya6
16
vulnerability VCID-awt1-8bxs-xffs
17
vulnerability VCID-bjwf-uhyk-63aj
18
vulnerability VCID-c1w4-z275-tqg7
19
vulnerability VCID-carc-ntrd-ebfe
20
vulnerability VCID-cdnw-t8n1-23ep
21
vulnerability VCID-cnqr-6e98-5kgk
22
vulnerability VCID-cwa7-9d2t-rfhb
23
vulnerability VCID-dd9p-x7k3-37ea
24
vulnerability VCID-ehbj-aezy-d7h4
25
vulnerability VCID-g3rk-djae-pkeh
26
vulnerability VCID-h8gs-ansa-9bd9
27
vulnerability VCID-h94p-ywve-y7h9
28
vulnerability VCID-hmp2-rmzv-wkhg
29
vulnerability VCID-hppf-a715-r7b2
30
vulnerability VCID-j24x-nhsb-yug6
31
vulnerability VCID-kcj2-v7av-47cv
32
vulnerability VCID-knsd-pv15-tydx
33
vulnerability VCID-mep3-6sub-ykdk
34
vulnerability VCID-mnkw-23eu-bkgc
35
vulnerability VCID-msda-xqbp-qfdd
36
vulnerability VCID-n8cc-3stk-97b5
37
vulnerability VCID-nf8s-2aaa-17fw
38
vulnerability VCID-p5mc-r1rg-5ff7
39
vulnerability VCID-phxs-zet8-ryh3
40
vulnerability VCID-pmrb-t3bm-zkb6
41
vulnerability VCID-rps2-k24p-9qgq
42
vulnerability VCID-sfyc-jewr-wuf5
43
vulnerability VCID-sgdb-985e-4uej
44
vulnerability VCID-tt6r-bytq-4fa4
45
vulnerability VCID-v3r3-bwp5-a3bn
46
vulnerability VCID-vgm2-8wjy-x7ed
47
vulnerability VCID-wg3a-j2dp-ayh4
48
vulnerability VCID-y8gn-9fat-e7d1
49
vulnerability VCID-ynqu-cjn9-fqf2
50
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.0.12
1
url pkg:gem/actionpack@3.1.0.beta1
purl pkg:gem/actionpack@3.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rgy-k7a9-m7au
1
vulnerability VCID-1xgz-hwng-n3eq
2
vulnerability VCID-333w-aacz-mfcr
3
vulnerability VCID-35rt-t6e1-pfa6
4
vulnerability VCID-3wtf-uu89-2qe5
5
vulnerability VCID-3x4p-t3yb-3yak
6
vulnerability VCID-3zdr-vasc-a7cn
7
vulnerability VCID-49pq-vg95-jkh2
8
vulnerability VCID-4epw-vk25-mfdw
9
vulnerability VCID-4he5-y1u4-gkd2
10
vulnerability VCID-5hqj-fxmk-cbcy
11
vulnerability VCID-63gy-6njy-kbd8
12
vulnerability VCID-6j55-bstz-yybj
13
vulnerability VCID-7f5r-9h1g-nuch
14
vulnerability VCID-86jq-2md2-d7ah
15
vulnerability VCID-9hq5-3usy-5fhq
16
vulnerability VCID-a6sp-18av-wya6
17
vulnerability VCID-awt1-8bxs-xffs
18
vulnerability VCID-bjwf-uhyk-63aj
19
vulnerability VCID-c1w4-z275-tqg7
20
vulnerability VCID-carc-ntrd-ebfe
21
vulnerability VCID-cdnw-t8n1-23ep
22
vulnerability VCID-cnqr-6e98-5kgk
23
vulnerability VCID-cwa7-9d2t-rfhb
24
vulnerability VCID-dd9p-x7k3-37ea
25
vulnerability VCID-ehbj-aezy-d7h4
26
vulnerability VCID-g3rk-djae-pkeh
27
vulnerability VCID-h8gs-ansa-9bd9
28
vulnerability VCID-h94p-ywve-y7h9
29
vulnerability VCID-hmp2-rmzv-wkhg
30
vulnerability VCID-hppf-a715-r7b2
31
vulnerability VCID-j24x-nhsb-yug6
32
vulnerability VCID-kcj2-v7av-47cv
33
vulnerability VCID-knsd-pv15-tydx
34
vulnerability VCID-mep3-6sub-ykdk
35
vulnerability VCID-mnkw-23eu-bkgc
36
vulnerability VCID-msda-xqbp-qfdd
37
vulnerability VCID-n8cc-3stk-97b5
38
vulnerability VCID-nf8s-2aaa-17fw
39
vulnerability VCID-p5mc-r1rg-5ff7
40
vulnerability VCID-phxs-zet8-ryh3
41
vulnerability VCID-pmrb-t3bm-zkb6
42
vulnerability VCID-rps2-k24p-9qgq
43
vulnerability VCID-sfyc-jewr-wuf5
44
vulnerability VCID-sgdb-985e-4uej
45
vulnerability VCID-tt6r-bytq-4fa4
46
vulnerability VCID-v3r3-bwp5-a3bn
47
vulnerability VCID-vgm2-8wjy-x7ed
48
vulnerability VCID-wg3a-j2dp-ayh4
49
vulnerability VCID-y8gn-9fat-e7d1
50
vulnerability VCID-ynqu-cjn9-fqf2
51
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.1.0.beta1
2
url pkg:gem/actionpack@3.1.4
purl pkg:gem/actionpack@3.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xgz-hwng-n3eq
1
vulnerability VCID-333w-aacz-mfcr
2
vulnerability VCID-35rt-t6e1-pfa6
3
vulnerability VCID-3wtf-uu89-2qe5
4
vulnerability VCID-3x4p-t3yb-3yak
5
vulnerability VCID-3zdr-vasc-a7cn
6
vulnerability VCID-49pq-vg95-jkh2
7
vulnerability VCID-4epw-vk25-mfdw
8
vulnerability VCID-4he5-y1u4-gkd2
9
vulnerability VCID-5hqj-fxmk-cbcy
10
vulnerability VCID-63gy-6njy-kbd8
11
vulnerability VCID-6j55-bstz-yybj
12
vulnerability VCID-7f5r-9h1g-nuch
13
vulnerability VCID-86jq-2md2-d7ah
14
vulnerability VCID-9hq5-3usy-5fhq
15
vulnerability VCID-a6sp-18av-wya6
16
vulnerability VCID-awt1-8bxs-xffs
17
vulnerability VCID-bjwf-uhyk-63aj
18
vulnerability VCID-c1w4-z275-tqg7
19
vulnerability VCID-carc-ntrd-ebfe
20
vulnerability VCID-cdnw-t8n1-23ep
21
vulnerability VCID-cnqr-6e98-5kgk
22
vulnerability VCID-cwa7-9d2t-rfhb
23
vulnerability VCID-dd9p-x7k3-37ea
24
vulnerability VCID-ehbj-aezy-d7h4
25
vulnerability VCID-g3rk-djae-pkeh
26
vulnerability VCID-h8gs-ansa-9bd9
27
vulnerability VCID-h94p-ywve-y7h9
28
vulnerability VCID-hmp2-rmzv-wkhg
29
vulnerability VCID-hppf-a715-r7b2
30
vulnerability VCID-j24x-nhsb-yug6
31
vulnerability VCID-kcj2-v7av-47cv
32
vulnerability VCID-knsd-pv15-tydx
33
vulnerability VCID-mep3-6sub-ykdk
34
vulnerability VCID-mnkw-23eu-bkgc
35
vulnerability VCID-msda-xqbp-qfdd
36
vulnerability VCID-n8cc-3stk-97b5
37
vulnerability VCID-nf8s-2aaa-17fw
38
vulnerability VCID-p5mc-r1rg-5ff7
39
vulnerability VCID-phxs-zet8-ryh3
40
vulnerability VCID-pmrb-t3bm-zkb6
41
vulnerability VCID-rps2-k24p-9qgq
42
vulnerability VCID-sfyc-jewr-wuf5
43
vulnerability VCID-sgdb-985e-4uej
44
vulnerability VCID-tt6r-bytq-4fa4
45
vulnerability VCID-v3r3-bwp5-a3bn
46
vulnerability VCID-vgm2-8wjy-x7ed
47
vulnerability VCID-wg3a-j2dp-ayh4
48
vulnerability VCID-y8gn-9fat-e7d1
49
vulnerability VCID-ynqu-cjn9-fqf2
50
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.1.4
3
url pkg:gem/actionpack@3.2.0.rc1
purl pkg:gem/actionpack@3.2.0.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rgy-k7a9-m7au
1
vulnerability VCID-1xgz-hwng-n3eq
2
vulnerability VCID-333w-aacz-mfcr
3
vulnerability VCID-35rt-t6e1-pfa6
4
vulnerability VCID-3wtf-uu89-2qe5
5
vulnerability VCID-3x4p-t3yb-3yak
6
vulnerability VCID-3zdr-vasc-a7cn
7
vulnerability VCID-49pq-vg95-jkh2
8
vulnerability VCID-4epw-vk25-mfdw
9
vulnerability VCID-4he5-y1u4-gkd2
10
vulnerability VCID-5hqj-fxmk-cbcy
11
vulnerability VCID-63gy-6njy-kbd8
12
vulnerability VCID-6j55-bstz-yybj
13
vulnerability VCID-7f5r-9h1g-nuch
14
vulnerability VCID-86jq-2md2-d7ah
15
vulnerability VCID-9hq5-3usy-5fhq
16
vulnerability VCID-a6sp-18av-wya6
17
vulnerability VCID-awt1-8bxs-xffs
18
vulnerability VCID-bjwf-uhyk-63aj
19
vulnerability VCID-c1w4-z275-tqg7
20
vulnerability VCID-carc-ntrd-ebfe
21
vulnerability VCID-cdnw-t8n1-23ep
22
vulnerability VCID-cnqr-6e98-5kgk
23
vulnerability VCID-cwa7-9d2t-rfhb
24
vulnerability VCID-dd9p-x7k3-37ea
25
vulnerability VCID-ehbj-aezy-d7h4
26
vulnerability VCID-g3rk-djae-pkeh
27
vulnerability VCID-h8gs-ansa-9bd9
28
vulnerability VCID-h94p-ywve-y7h9
29
vulnerability VCID-hmp2-rmzv-wkhg
30
vulnerability VCID-hppf-a715-r7b2
31
vulnerability VCID-j24x-nhsb-yug6
32
vulnerability VCID-kcj2-v7av-47cv
33
vulnerability VCID-knsd-pv15-tydx
34
vulnerability VCID-mep3-6sub-ykdk
35
vulnerability VCID-mnkw-23eu-bkgc
36
vulnerability VCID-msda-xqbp-qfdd
37
vulnerability VCID-n8cc-3stk-97b5
38
vulnerability VCID-nf8s-2aaa-17fw
39
vulnerability VCID-p5mc-r1rg-5ff7
40
vulnerability VCID-phxs-zet8-ryh3
41
vulnerability VCID-pmrb-t3bm-zkb6
42
vulnerability VCID-rps2-k24p-9qgq
43
vulnerability VCID-s5ah-tf63-a7cw
44
vulnerability VCID-sfyc-jewr-wuf5
45
vulnerability VCID-sgdb-985e-4uej
46
vulnerability VCID-tt6r-bytq-4fa4
47
vulnerability VCID-v3r3-bwp5-a3bn
48
vulnerability VCID-vgm2-8wjy-x7ed
49
vulnerability VCID-wg3a-j2dp-ayh4
50
vulnerability VCID-y8gn-9fat-e7d1
51
vulnerability VCID-ynqu-cjn9-fqf2
52
vulnerability VCID-z1jv-4ga2-7kd1
53
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.2.0.rc1
4
url pkg:gem/actionpack@3.2.2
purl pkg:gem/actionpack@3.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xgz-hwng-n3eq
1
vulnerability VCID-333w-aacz-mfcr
2
vulnerability VCID-35rt-t6e1-pfa6
3
vulnerability VCID-3wtf-uu89-2qe5
4
vulnerability VCID-3x4p-t3yb-3yak
5
vulnerability VCID-3zdr-vasc-a7cn
6
vulnerability VCID-42dz-pxpv-qff3
7
vulnerability VCID-49pq-vg95-jkh2
8
vulnerability VCID-4epw-vk25-mfdw
9
vulnerability VCID-4he5-y1u4-gkd2
10
vulnerability VCID-5hqj-fxmk-cbcy
11
vulnerability VCID-63gy-6njy-kbd8
12
vulnerability VCID-6j55-bstz-yybj
13
vulnerability VCID-7f5r-9h1g-nuch
14
vulnerability VCID-86jq-2md2-d7ah
15
vulnerability VCID-9hq5-3usy-5fhq
16
vulnerability VCID-a6sp-18av-wya6
17
vulnerability VCID-awt1-8bxs-xffs
18
vulnerability VCID-bjwf-uhyk-63aj
19
vulnerability VCID-c1w4-z275-tqg7
20
vulnerability VCID-carc-ntrd-ebfe
21
vulnerability VCID-cdnw-t8n1-23ep
22
vulnerability VCID-cnqr-6e98-5kgk
23
vulnerability VCID-cwa7-9d2t-rfhb
24
vulnerability VCID-dd9p-x7k3-37ea
25
vulnerability VCID-ehbj-aezy-d7h4
26
vulnerability VCID-g3rk-djae-pkeh
27
vulnerability VCID-h8gs-ansa-9bd9
28
vulnerability VCID-h94p-ywve-y7h9
29
vulnerability VCID-hmp2-rmzv-wkhg
30
vulnerability VCID-hppf-a715-r7b2
31
vulnerability VCID-j24x-nhsb-yug6
32
vulnerability VCID-kcj2-v7av-47cv
33
vulnerability VCID-knsd-pv15-tydx
34
vulnerability VCID-mep3-6sub-ykdk
35
vulnerability VCID-mnkw-23eu-bkgc
36
vulnerability VCID-msda-xqbp-qfdd
37
vulnerability VCID-n8cc-3stk-97b5
38
vulnerability VCID-nf8s-2aaa-17fw
39
vulnerability VCID-p5mc-r1rg-5ff7
40
vulnerability VCID-phxs-zet8-ryh3
41
vulnerability VCID-pmrb-t3bm-zkb6
42
vulnerability VCID-rps2-k24p-9qgq
43
vulnerability VCID-s5ah-tf63-a7cw
44
vulnerability VCID-sfyc-jewr-wuf5
45
vulnerability VCID-sgdb-985e-4uej
46
vulnerability VCID-tt6r-bytq-4fa4
47
vulnerability VCID-v3r3-bwp5-a3bn
48
vulnerability VCID-vgm2-8wjy-x7ed
49
vulnerability VCID-wg3a-j2dp-ayh4
50
vulnerability VCID-y8gn-9fat-e7d1
51
vulnerability VCID-ynqu-cjn9-fqf2
52
vulnerability VCID-z1jv-4ga2-7kd1
53
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.2.2
aliases CVE-2012-1099, GHSA-2xjj-5x6h-8vmf, OSV-79727
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1rgy-k7a9-m7au
1
url VCID-rps2-k24p-9qgq
vulnerability_id VCID-rps2-k24p-9qgq
summary 
Translate helper method which may allow an attacker to insert arbitrary code into a page
The helper method for i18n translations has a convention whereby translations strings with a name ending in 'html' are considered HTML safe. There is also a mechanism for interpolation. It has been discovered that these 'html' strings allow arbitrary values to be contained in the interpolated input, and these values are not escaped.
references
0
reference_url http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2b61d70fb73c7cc5?pli=1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2b61d70fb73c7cc5?pli=1
1
reference_url http://groups.google.com/group/rubyonrails-security/msg/c65c24fbc4b6dd82?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/rubyonrails-security/msg/c65c24fbc4b6dd82?dmode=source&output=gplain
2
reference_url http://openwall.com/lists/oss-security/2011/11/18/8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2011/11/18/8
3
reference_url http://osvdb.org/77199
reference_id
reference_type
scores
url http://osvdb.org/77199
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4319.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4319.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4319
reference_id
reference_type
scores
0
value 0.00607
scoring_system epss
scoring_elements 0.69718
published_at 2026-04-16T12:55:00Z
1
value 0.00607
scoring_system epss
scoring_elements 0.69677
published_at 2026-04-13T12:55:00Z
2
value 0.00607
scoring_system epss
scoring_elements 0.6969
published_at 2026-04-12T12:55:00Z
3
value 0.00607
scoring_system epss
scoring_elements 0.69705
published_at 2026-04-11T12:55:00Z
4
value 0.00607
scoring_system epss
scoring_elements 0.69684
published_at 2026-04-09T12:55:00Z
5
value 0.00607
scoring_system epss
scoring_elements 0.69621
published_at 2026-04-02T12:55:00Z
6
value 0.00607
scoring_system epss
scoring_elements 0.69708
published_at 2026-04-21T12:55:00Z
7
value 0.00607
scoring_system epss
scoring_elements 0.69727
published_at 2026-04-18T12:55:00Z
8
value 0.00607
scoring_system epss
scoring_elements 0.69607
published_at 2026-04-01T12:55:00Z
9
value 0.00607
scoring_system epss
scoring_elements 0.69636
published_at 2026-04-04T12:55:00Z
10
value 0.00607
scoring_system epss
scoring_elements 0.69666
published_at 2026-04-08T12:55:00Z
11
value 0.00607
scoring_system epss
scoring_elements 0.69615
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4319
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/71364
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/71364
7
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
8
reference_url https://github.com/rails/rails/commit/2d5b105d4bcb652550dda8b5613376d1b8beb70c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/2d5b105d4bcb652550dda8b5613376d1b8beb70c
9
reference_url https://github.com/rails/rails/commit/ba2d85012088fd0db0fab98b2e512c77c83cbade
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/ba2d85012088fd0db0fab98b2e512c77c83cbade
10
reference_url https://github.com/rails/rails/commit/ba2d85012088fd0db0fab98b2e512c77c83cbade#diff-79e8a3e6d1d2808c4f93f63b3928a5a1
reference_id
reference_type
scores
url https://github.com/rails/rails/commit/ba2d85012088fd0db0fab98b2e512c77c83cbade#diff-79e8a3e6d1d2808c4f93f63b3928a5a1
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2011-4319.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2011-4319.yml
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/OSVDB-77199.yml
reference_id
reference_type
scores
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/OSVDB-77199.yml
13
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/K2HXD7c8fMU
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rubyonrails-security/K2HXD7c8fMU
14
reference_url https://web.archive.org/web/20200228155840/http://www.securityfocus.com/bid/50722
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228155840/http://www.securityfocus.com/bid/50722
15
reference_url https://web.archive.org/web/20210307005941/http://www.securitytracker.com/id?1026342
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210307005941/http://www.securitytracker.com/id?1026342
16
reference_url http://weblog.rubyonrails.org/2011/11/18/rails-3-0-11-has-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2011/11/18/rails-3-0-11-has-been-released
17
reference_url http://weblog.rubyonrails.org/2011/11/18/rails-3-1-2-has-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2011/11/18/rails-3-1-2-has-been-released
18
reference_url http://www.securityfocus.com/bid/50722
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/50722
19
reference_url http://www.securitytracker.com/id?1026342
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1026342
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=755004
reference_id 755004
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=755004
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4319
reference_id CVE-2011-4319
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-4319
22
reference_url https://github.com/advisories/GHSA-xxr8-833v-c7wc
reference_id GHSA-xxr8-833v-c7wc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xxr8-833v-c7wc
fixed_packages
0
url pkg:gem/actionpack@3.0.11
purl pkg:gem/actionpack@3.0.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rgy-k7a9-m7au
1
vulnerability VCID-1xgz-hwng-n3eq
2
vulnerability VCID-333w-aacz-mfcr
3
vulnerability VCID-35rt-t6e1-pfa6
4
vulnerability VCID-3wtf-uu89-2qe5
5
vulnerability VCID-3x4p-t3yb-3yak
6
vulnerability VCID-3zdr-vasc-a7cn
7
vulnerability VCID-49pq-vg95-jkh2
8
vulnerability VCID-4epw-vk25-mfdw
9
vulnerability VCID-4he5-y1u4-gkd2
10
vulnerability VCID-5hqj-fxmk-cbcy
11
vulnerability VCID-63gy-6njy-kbd8
12
vulnerability VCID-6j55-bstz-yybj
13
vulnerability VCID-7f5r-9h1g-nuch
14
vulnerability VCID-86jq-2md2-d7ah
15
vulnerability VCID-9hq5-3usy-5fhq
16
vulnerability VCID-a6sp-18av-wya6
17
vulnerability VCID-awt1-8bxs-xffs
18
vulnerability VCID-bjwf-uhyk-63aj
19
vulnerability VCID-c1w4-z275-tqg7
20
vulnerability VCID-carc-ntrd-ebfe
21
vulnerability VCID-cdnw-t8n1-23ep
22
vulnerability VCID-cnqr-6e98-5kgk
23
vulnerability VCID-cwa7-9d2t-rfhb
24
vulnerability VCID-dd9p-x7k3-37ea
25
vulnerability VCID-ehbj-aezy-d7h4
26
vulnerability VCID-g3rk-djae-pkeh
27
vulnerability VCID-h8gs-ansa-9bd9
28
vulnerability VCID-h94p-ywve-y7h9
29
vulnerability VCID-hmp2-rmzv-wkhg
30
vulnerability VCID-hppf-a715-r7b2
31
vulnerability VCID-j24x-nhsb-yug6
32
vulnerability VCID-kcj2-v7av-47cv
33
vulnerability VCID-knsd-pv15-tydx
34
vulnerability VCID-mep3-6sub-ykdk
35
vulnerability VCID-mnkw-23eu-bkgc
36
vulnerability VCID-msda-xqbp-qfdd
37
vulnerability VCID-n8cc-3stk-97b5
38
vulnerability VCID-nf8s-2aaa-17fw
39
vulnerability VCID-p5mc-r1rg-5ff7
40
vulnerability VCID-phxs-zet8-ryh3
41
vulnerability VCID-pmrb-t3bm-zkb6
42
vulnerability VCID-rps2-k24p-9qgq
43
vulnerability VCID-sfyc-jewr-wuf5
44
vulnerability VCID-sgdb-985e-4uej
45
vulnerability VCID-tt6r-bytq-4fa4
46
vulnerability VCID-v3r3-bwp5-a3bn
47
vulnerability VCID-vgm2-8wjy-x7ed
48
vulnerability VCID-wg3a-j2dp-ayh4
49
vulnerability VCID-y8gn-9fat-e7d1
50
vulnerability VCID-ynqu-cjn9-fqf2
51
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.0.11
1
url pkg:gem/actionpack@3.1.2
purl pkg:gem/actionpack@3.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rgy-k7a9-m7au
1
vulnerability VCID-1xgz-hwng-n3eq
2
vulnerability VCID-333w-aacz-mfcr
3
vulnerability VCID-35rt-t6e1-pfa6
4
vulnerability VCID-3wtf-uu89-2qe5
5
vulnerability VCID-3x4p-t3yb-3yak
6
vulnerability VCID-3zdr-vasc-a7cn
7
vulnerability VCID-49pq-vg95-jkh2
8
vulnerability VCID-4epw-vk25-mfdw
9
vulnerability VCID-4he5-y1u4-gkd2
10
vulnerability VCID-5hqj-fxmk-cbcy
11
vulnerability VCID-63gy-6njy-kbd8
12
vulnerability VCID-6j55-bstz-yybj
13
vulnerability VCID-7f5r-9h1g-nuch
14
vulnerability VCID-86jq-2md2-d7ah
15
vulnerability VCID-9hq5-3usy-5fhq
16
vulnerability VCID-a6sp-18av-wya6
17
vulnerability VCID-awt1-8bxs-xffs
18
vulnerability VCID-bjwf-uhyk-63aj
19
vulnerability VCID-c1w4-z275-tqg7
20
vulnerability VCID-carc-ntrd-ebfe
21
vulnerability VCID-cdnw-t8n1-23ep
22
vulnerability VCID-cnqr-6e98-5kgk
23
vulnerability VCID-cwa7-9d2t-rfhb
24
vulnerability VCID-dd9p-x7k3-37ea
25
vulnerability VCID-ehbj-aezy-d7h4
26
vulnerability VCID-g3rk-djae-pkeh
27
vulnerability VCID-h8gs-ansa-9bd9
28
vulnerability VCID-h94p-ywve-y7h9
29
vulnerability VCID-hmp2-rmzv-wkhg
30
vulnerability VCID-hppf-a715-r7b2
31
vulnerability VCID-j24x-nhsb-yug6
32
vulnerability VCID-kcj2-v7av-47cv
33
vulnerability VCID-knsd-pv15-tydx
34
vulnerability VCID-mep3-6sub-ykdk
35
vulnerability VCID-mnkw-23eu-bkgc
36
vulnerability VCID-msda-xqbp-qfdd
37
vulnerability VCID-n8cc-3stk-97b5
38
vulnerability VCID-nf8s-2aaa-17fw
39
vulnerability VCID-p5mc-r1rg-5ff7
40
vulnerability VCID-phxs-zet8-ryh3
41
vulnerability VCID-pmrb-t3bm-zkb6
42
vulnerability VCID-rps2-k24p-9qgq
43
vulnerability VCID-sfyc-jewr-wuf5
44
vulnerability VCID-sgdb-985e-4uej
45
vulnerability VCID-tt6r-bytq-4fa4
46
vulnerability VCID-v3r3-bwp5-a3bn
47
vulnerability VCID-vgm2-8wjy-x7ed
48
vulnerability VCID-wg3a-j2dp-ayh4
49
vulnerability VCID-y8gn-9fat-e7d1
50
vulnerability VCID-ynqu-cjn9-fqf2
51
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.1.2
aliases CVE-2011-4319, GHSA-xxr8-833v-c7wc, OSV-77199
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rps2-k24p-9qgq
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.0.0.alpha0