Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/actionpack@4.0
Typegem
Namespace
Nameactionpack
Version4.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version7.0.8.7
Latest_non_vulnerable_version8.1.2.1
Affected_by_vulnerabilities
0
url VCID-3wtf-uu89-2qe5
vulnerability_id VCID-3wtf-uu89-2qe5
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails beta2 allow remote attackers to inject arbitrary web script or HTML via the (1) format, (2) negative_format, or (3) units parameter to the (a) number_to_currency, (b) number_to_percentage, or (c) number_to_human helper.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-02/msg00081.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-02/msg00081.html
1
reference_url http://openwall.com/lists/oss-security/2014/02/18/8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/02/18/8
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-0215.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0215.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-0306.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0306.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0081.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0081.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0081
reference_id
reference_type
scores
0
value 0.00885
scoring_system epss
scoring_elements 0.7551
published_at 2026-04-26T12:55:00Z
1
value 0.00885
scoring_system epss
scoring_elements 0.75438
published_at 2026-04-08T12:55:00Z
2
value 0.00885
scoring_system epss
scoring_elements 0.75447
published_at 2026-04-09T12:55:00Z
3
value 0.00885
scoring_system epss
scoring_elements 0.75467
published_at 2026-04-11T12:55:00Z
4
value 0.00885
scoring_system epss
scoring_elements 0.75446
published_at 2026-04-12T12:55:00Z
5
value 0.00885
scoring_system epss
scoring_elements 0.75435
published_at 2026-04-13T12:55:00Z
6
value 0.00885
scoring_system epss
scoring_elements 0.75477
published_at 2026-04-16T12:55:00Z
7
value 0.00885
scoring_system epss
scoring_elements 0.75483
published_at 2026-04-18T12:55:00Z
8
value 0.00885
scoring_system epss
scoring_elements 0.75471
published_at 2026-04-21T12:55:00Z
9
value 0.00885
scoring_system epss
scoring_elements 0.75505
published_at 2026-04-24T12:55:00Z
10
value 0.00885
scoring_system epss
scoring_elements 0.75378
published_at 2026-04-01T12:55:00Z
11
value 0.00885
scoring_system epss
scoring_elements 0.75382
published_at 2026-04-02T12:55:00Z
12
value 0.00885
scoring_system epss
scoring_elements 0.75415
published_at 2026-04-04T12:55:00Z
13
value 0.00885
scoring_system epss
scoring_elements 0.75394
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0081
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130
9
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
10
reference_url https://github.com/rails/rails/commit/08d0a11a3f62718d601d39e617c834759cf59bbb
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/08d0a11a3f62718d601d39e617c834759cf59bbb
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-0081.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-0081.yml
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rails/CVE-2014-0081.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rails/CVE-2014-0081.yml
13
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/tfp6gZCtzr4
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/rubyonrails-security/tfp6gZCtzr4
14
reference_url https://web.archive.org/web/20140911141416/http://www.securitytracker.com/id/1029782
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140911141416/http://www.securitytracker.com/id/1029782
15
reference_url https://web.archive.org/web/20170307202606/http://www.securityfocus.com/bid/65647
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170307202606/http://www.securityfocus.com/bid/65647
16
reference_url https://web.archive.org/web/20201207045136/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/tfp6gZCtzr4/j8LUHmu7fIEJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201207045136/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/tfp6gZCtzr4/j8LUHmu7fIEJ
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1065520
reference_id 1065520
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1065520
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0081
reference_id CVE-2014-0081
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0081
19
reference_url https://github.com/advisories/GHSA-m46p-ggm5-5j83
reference_id GHSA-m46p-ggm5-5j83
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m46p-ggm5-5j83
20
reference_url https://access.redhat.com/errata/RHSA-2014:0215
reference_id RHSA-2014:0215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0215
21
reference_url https://access.redhat.com/errata/RHSA-2014:0306
reference_id RHSA-2014:0306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0306
fixed_packages
0
url pkg:gem/actionpack@4.0.3
purl pkg:gem/actionpack@4.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xgz-hwng-n3eq
1
vulnerability VCID-333w-aacz-mfcr
2
vulnerability VCID-35rt-t6e1-pfa6
3
vulnerability VCID-3x4p-t3yb-3yak
4
vulnerability VCID-3zdr-vasc-a7cn
5
vulnerability VCID-42dz-pxpv-qff3
6
vulnerability VCID-49pq-vg95-jkh2
7
vulnerability VCID-4yst-m2tc-t3de
8
vulnerability VCID-63gy-6njy-kbd8
9
vulnerability VCID-6j55-bstz-yybj
10
vulnerability VCID-7f5r-9h1g-nuch
11
vulnerability VCID-9hq5-3usy-5fhq
12
vulnerability VCID-a6sp-18av-wya6
13
vulnerability VCID-bjwf-uhyk-63aj
14
vulnerability VCID-cdnw-t8n1-23ep
15
vulnerability VCID-cnqr-6e98-5kgk
16
vulnerability VCID-d15q-6ukb-wfff
17
vulnerability VCID-dd9p-x7k3-37ea
18
vulnerability VCID-ehbj-aezy-d7h4
19
vulnerability VCID-g3rk-djae-pkeh
20
vulnerability VCID-h8gs-ansa-9bd9
21
vulnerability VCID-hmp2-rmzv-wkhg
22
vulnerability VCID-hppf-a715-r7b2
23
vulnerability VCID-j24x-nhsb-yug6
24
vulnerability VCID-knsd-pv15-tydx
25
vulnerability VCID-mnkw-23eu-bkgc
26
vulnerability VCID-msda-xqbp-qfdd
27
vulnerability VCID-n8cc-3stk-97b5
28
vulnerability VCID-p5mc-r1rg-5ff7
29
vulnerability VCID-phxs-zet8-ryh3
30
vulnerability VCID-rps2-k24p-9qgq
31
vulnerability VCID-s5ah-tf63-a7cw
32
vulnerability VCID-sfyc-jewr-wuf5
33
vulnerability VCID-sgdb-985e-4uej
34
vulnerability VCID-tt6r-bytq-4fa4
35
vulnerability VCID-v3r3-bwp5-a3bn
36
vulnerability VCID-vgm2-8wjy-x7ed
37
vulnerability VCID-wg3a-j2dp-ayh4
38
vulnerability VCID-y8gn-9fat-e7d1
39
vulnerability VCID-ynqu-cjn9-fqf2
40
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.0.3
1
url pkg:gem/actionpack@4.1.0.beta1
purl pkg:gem/actionpack@4.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xgz-hwng-n3eq
1
vulnerability VCID-333w-aacz-mfcr
2
vulnerability VCID-3wtf-uu89-2qe5
3
vulnerability VCID-3zdr-vasc-a7cn
4
vulnerability VCID-42dz-pxpv-qff3
5
vulnerability VCID-49pq-vg95-jkh2
6
vulnerability VCID-4yst-m2tc-t3de
7
vulnerability VCID-63gy-6njy-kbd8
8
vulnerability VCID-6j55-bstz-yybj
9
vulnerability VCID-7f5r-9h1g-nuch
10
vulnerability VCID-9hq5-3usy-5fhq
11
vulnerability VCID-a6sp-18av-wya6
12
vulnerability VCID-bjwf-uhyk-63aj
13
vulnerability VCID-cdnw-t8n1-23ep
14
vulnerability VCID-cnqr-6e98-5kgk
15
vulnerability VCID-d15q-6ukb-wfff
16
vulnerability VCID-dd9p-x7k3-37ea
17
vulnerability VCID-ehbj-aezy-d7h4
18
vulnerability VCID-g3rk-djae-pkeh
19
vulnerability VCID-h8gs-ansa-9bd9
20
vulnerability VCID-hmp2-rmzv-wkhg
21
vulnerability VCID-hppf-a715-r7b2
22
vulnerability VCID-j24x-nhsb-yug6
23
vulnerability VCID-knsd-pv15-tydx
24
vulnerability VCID-mnkw-23eu-bkgc
25
vulnerability VCID-msda-xqbp-qfdd
26
vulnerability VCID-p5mc-r1rg-5ff7
27
vulnerability VCID-phxs-zet8-ryh3
28
vulnerability VCID-rps2-k24p-9qgq
29
vulnerability VCID-s5ah-tf63-a7cw
30
vulnerability VCID-sfyc-jewr-wuf5
31
vulnerability VCID-sgdb-985e-4uej
32
vulnerability VCID-tt6r-bytq-4fa4
33
vulnerability VCID-v3r3-bwp5-a3bn
34
vulnerability VCID-vgm2-8wjy-x7ed
35
vulnerability VCID-wg3a-j2dp-ayh4
36
vulnerability VCID-ynqu-cjn9-fqf2
37
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.0.beta1
2
url pkg:gem/actionpack@4.1.1
purl pkg:gem/actionpack@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xgz-hwng-n3eq
1
vulnerability VCID-333w-aacz-mfcr
2
vulnerability VCID-3x4p-t3yb-3yak
3
vulnerability VCID-3zdr-vasc-a7cn
4
vulnerability VCID-42dz-pxpv-qff3
5
vulnerability VCID-49pq-vg95-jkh2
6
vulnerability VCID-4yst-m2tc-t3de
7
vulnerability VCID-63gy-6njy-kbd8
8
vulnerability VCID-6j55-bstz-yybj
9
vulnerability VCID-7f5r-9h1g-nuch
10
vulnerability VCID-9hq5-3usy-5fhq
11
vulnerability VCID-a6sp-18av-wya6
12
vulnerability VCID-bjwf-uhyk-63aj
13
vulnerability VCID-cdnw-t8n1-23ep
14
vulnerability VCID-cnqr-6e98-5kgk
15
vulnerability VCID-d15q-6ukb-wfff
16
vulnerability VCID-dd9p-x7k3-37ea
17
vulnerability VCID-ehbj-aezy-d7h4
18
vulnerability VCID-g3rk-djae-pkeh
19
vulnerability VCID-h8gs-ansa-9bd9
20
vulnerability VCID-hmp2-rmzv-wkhg
21
vulnerability VCID-hppf-a715-r7b2
22
vulnerability VCID-j24x-nhsb-yug6
23
vulnerability VCID-knsd-pv15-tydx
24
vulnerability VCID-mnkw-23eu-bkgc
25
vulnerability VCID-msda-xqbp-qfdd
26
vulnerability VCID-n8cc-3stk-97b5
27
vulnerability VCID-p5mc-r1rg-5ff7
28
vulnerability VCID-phxs-zet8-ryh3
29
vulnerability VCID-rps2-k24p-9qgq
30
vulnerability VCID-s5ah-tf63-a7cw
31
vulnerability VCID-sfyc-jewr-wuf5
32
vulnerability VCID-sgdb-985e-4uej
33
vulnerability VCID-tt6r-bytq-4fa4
34
vulnerability VCID-v3r3-bwp5-a3bn
35
vulnerability VCID-vgm2-8wjy-x7ed
36
vulnerability VCID-wg3a-j2dp-ayh4
37
vulnerability VCID-ynqu-cjn9-fqf2
38
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.1
aliases CVE-2014-0081, GHSA-m46p-ggm5-5j83, OSV-103439
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3wtf-uu89-2qe5
1
url VCID-pmrb-t3bm-zkb6
vulnerability_id VCID-pmrb-t3bm-zkb6
summary 
Denial of Service Vulnerability in Action View
There is a denial of service vulnerability in the header handling component of Action View. Strings sent in specially crafted headers will be cached indefinitely. This can cause the cache to grow infinitely, which will eventually consume all memory on the target machine, causing a denial of service.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-1794.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1794.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2014-0008.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0008.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2014-1863.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1863.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6414.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6414.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6414
reference_id
reference_type
scores
0
value 0.70843
scoring_system epss
scoring_elements 0.98696
published_at 2026-04-09T12:55:00Z
1
value 0.70843
scoring_system epss
scoring_elements 0.98695
published_at 2026-04-07T12:55:00Z
2
value 0.70843
scoring_system epss
scoring_elements 0.98691
published_at 2026-04-04T12:55:00Z
3
value 0.70843
scoring_system epss
scoring_elements 0.98688
published_at 2026-04-02T12:55:00Z
4
value 0.70843
scoring_system epss
scoring_elements 0.98687
published_at 2026-04-01T12:55:00Z
5
value 0.70843
scoring_system epss
scoring_elements 0.9871
published_at 2026-04-26T12:55:00Z
6
value 0.70843
scoring_system epss
scoring_elements 0.98708
published_at 2026-04-24T12:55:00Z
7
value 0.70843
scoring_system epss
scoring_elements 0.98704
published_at 2026-04-21T12:55:00Z
8
value 0.70843
scoring_system epss
scoring_elements 0.98702
published_at 2026-04-16T12:55:00Z
9
value 0.70843
scoring_system epss
scoring_elements 0.987
published_at 2026-04-13T12:55:00Z
10
value 0.70843
scoring_system epss
scoring_elements 0.98699
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6414
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417
14
reference_url http://seclists.org/oss-sec/2013/q4/400
reference_id
reference_type
scores
url http://seclists.org/oss-sec/2013/q4/400
15
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
16
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-6414.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-6414.yml
17
reference_url https://groups.google.com/forum/message/raw?msg=ruby-security-ann/A-ebV4WxzKg/KNPTbX8XAQUJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/message/raw?msg=ruby-security-ann/A-ebV4WxzKg/KNPTbX8XAQUJ
18
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/A-ebV4WxzKg
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/ruby-security-ann/A-ebV4WxzKg
19
reference_url https://puppet.com/security/cve/cve-2013-6414
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2013-6414
20
reference_url https://web.archive.org/web/20160421165124/http://secunia.com/advisories/57836
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160421165124/http://secunia.com/advisories/57836
21
reference_url https://web.archive.org/web/20160808161629/https://puppet.com/security/cve/cve-2013-6414
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160808161629/https://puppet.com/security/cve/cve-2013-6414
22
reference_url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released
23
reference_url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/
24
reference_url http://www.debian.org/security/2014/dsa-2888
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2888
25
reference_url http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release
26
reference_url http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/
reference_id
reference_type
scores
url http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1036483
reference_id 1036483
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1036483
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6414
reference_id CVE-2013-6414
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6414
29
reference_url https://github.com/advisories/GHSA-mpxf-gcw2-pw5q
reference_id GHSA-mpxf-gcw2-pw5q
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mpxf-gcw2-pw5q
30
reference_url https://access.redhat.com/errata/RHSA-2013:1794
reference_id RHSA-2013:1794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1794
31
reference_url https://access.redhat.com/errata/RHSA-2014:0008
reference_id RHSA-2014:0008
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0008
fixed_packages
0
url pkg:gem/actionpack@4.0.2
purl pkg:gem/actionpack@4.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xgz-hwng-n3eq
1
vulnerability VCID-333w-aacz-mfcr
2
vulnerability VCID-35rt-t6e1-pfa6
3
vulnerability VCID-3wtf-uu89-2qe5
4
vulnerability VCID-3x4p-t3yb-3yak
5
vulnerability VCID-3zdr-vasc-a7cn
6
vulnerability VCID-42dz-pxpv-qff3
7
vulnerability VCID-49pq-vg95-jkh2
8
vulnerability VCID-4yst-m2tc-t3de
9
vulnerability VCID-63gy-6njy-kbd8
10
vulnerability VCID-6j55-bstz-yybj
11
vulnerability VCID-7f5r-9h1g-nuch
12
vulnerability VCID-9hq5-3usy-5fhq
13
vulnerability VCID-a6sp-18av-wya6
14
vulnerability VCID-bjwf-uhyk-63aj
15
vulnerability VCID-cdnw-t8n1-23ep
16
vulnerability VCID-cnqr-6e98-5kgk
17
vulnerability VCID-d15q-6ukb-wfff
18
vulnerability VCID-dd9p-x7k3-37ea
19
vulnerability VCID-ehbj-aezy-d7h4
20
vulnerability VCID-g3rk-djae-pkeh
21
vulnerability VCID-h8gs-ansa-9bd9
22
vulnerability VCID-hmp2-rmzv-wkhg
23
vulnerability VCID-hppf-a715-r7b2
24
vulnerability VCID-j24x-nhsb-yug6
25
vulnerability VCID-knsd-pv15-tydx
26
vulnerability VCID-mnkw-23eu-bkgc
27
vulnerability VCID-msda-xqbp-qfdd
28
vulnerability VCID-n8cc-3stk-97b5
29
vulnerability VCID-p5mc-r1rg-5ff7
30
vulnerability VCID-phxs-zet8-ryh3
31
vulnerability VCID-rps2-k24p-9qgq
32
vulnerability VCID-s5ah-tf63-a7cw
33
vulnerability VCID-sfyc-jewr-wuf5
34
vulnerability VCID-sgdb-985e-4uej
35
vulnerability VCID-tt6r-bytq-4fa4
36
vulnerability VCID-v3r3-bwp5-a3bn
37
vulnerability VCID-vgm2-8wjy-x7ed
38
vulnerability VCID-wg3a-j2dp-ayh4
39
vulnerability VCID-y8gn-9fat-e7d1
40
vulnerability VCID-ynqu-cjn9-fqf2
41
vulnerability VCID-zkvd-bfd6-t7dg
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.0.2
aliases CVE-2013-6414, GHSA-mpxf-gcw2-pw5q, OSV-100525
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pmrb-t3bm-zkb6
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.0