Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/actionpack@3.0
Typegem
Namespace
Nameactionpack
Version3.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version8.1.2.1
Latest_non_vulnerable_version8.1.2.1
Affected_by_vulnerabilities
0
url VCID-4bzb-ft3d-dkgg
vulnerability_id VCID-4bzb-ft3d-dkgg
summary 
actionpack Cross-site Scripting vulnerability
Cross-site scripting (XSS) vulnerability in `actionpack/lib/action_view/helpers/form_tag_helper.rb` in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the `prompt` field to the `select_tag` helper.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3463.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3463.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3463
reference_id
reference_type
scores
0
value 0.00333
scoring_system epss
scoring_elements 0.56331
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3463
3
reference_url https://github.com/rails/rails/commit/6d0526db91afb0675c2ad3d871529d1536303c64
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/6d0526db91afb0675c2ad3d871529d1536303c64
4
reference_url https://groups.google.com/forum/?fromgroups=#!searchin/rubyonrails-security/3463/rubyonrails-security/fV3QUToSMSw/eHBSFOUYHpYJ
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!searchin/rubyonrails-security/3463/rubyonrails-security/fV3QUToSMSw/eHBSFOUYHpYJ
5
reference_url https://groups.google.com/group/rubyonrails-security/msg/961e18e514527078?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/961e18e514527078?dmode=source&output=gplain
6
reference_url https://groups.google.com/g/rubyonrails-security/c/fV3QUToSMSw/m/eHBSFOUYHpYJ?pli=1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/rubyonrails-security/c/fV3QUToSMSw/m/eHBSFOUYHpYJ?pli=1
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3463
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3463
8
reference_url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released
9
reference_url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released/
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released/
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=847196
reference_id 847196
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=847196
11
reference_url https://github.com/advisories/GHSA-98mf-8f57-64qf
reference_id GHSA-98mf-8f57-64qf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-98mf-8f57-64qf
12
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
13
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
fixed_packages
0
url pkg:gem/actionpack@3.0.17
purl pkg:gem/actionpack@3.0.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-123f-6px7-3qdg
1
vulnerability VCID-1b9z-efz6-9fdu
2
vulnerability VCID-3edd-m27s-a3ek
3
vulnerability VCID-3rn4-abmh-nkhv
4
vulnerability VCID-4w1v-z4zj-6ydp
5
vulnerability VCID-58sa-6uag-z7hp
6
vulnerability VCID-5pfg-7ntp-eff4
7
vulnerability VCID-5psk-hzaf-1kbz
8
vulnerability VCID-6z21-pd9d-pfgk
9
vulnerability VCID-8nkw-8mka-1ygk
10
vulnerability VCID-98gu-r7wd-cuah
11
vulnerability VCID-9gqn-8g4t-wfby
12
vulnerability VCID-a6wp-n5yh-ybcv
13
vulnerability VCID-b4sv-b9pz-r7er
14
vulnerability VCID-bfbp-7umh-2fcp
15
vulnerability VCID-cs1f-uhb2-xkcm
16
vulnerability VCID-dd87-gevs-juhe
17
vulnerability VCID-eeru-6pyc-8bcd
18
vulnerability VCID-ejgq-s79w-abd6
19
vulnerability VCID-g13k-qvy7-q3fk
20
vulnerability VCID-g2a6-uem4-uuce
21
vulnerability VCID-hh65-ycrj-d7gz
22
vulnerability VCID-jpj6-wzp3-m3e4
23
vulnerability VCID-k6aw-heeb-wke2
24
vulnerability VCID-mnh7-4rvx-suay
25
vulnerability VCID-n7ga-1sx4-yfcv
26
vulnerability VCID-n7kh-9mpq-13c7
27
vulnerability VCID-nax4-x97j-9fgr
28
vulnerability VCID-nmz3-ux68-dkfd
29
vulnerability VCID-nnka-c23v-qub7
30
vulnerability VCID-p1yd-keq8-rkh3
31
vulnerability VCID-qth9-abgp-wyaq
32
vulnerability VCID-r6mr-ay8d-nqdd
33
vulnerability VCID-sg9h-7dqr-xugu
34
vulnerability VCID-v2hk-dfbe-5khc
35
vulnerability VCID-v3u5-6bpb-qfgf
36
vulnerability VCID-vhjv-9864-tbcs
37
vulnerability VCID-vs1a-m7ya-rue8
38
vulnerability VCID-y13c-awe3-2bc1
39
vulnerability VCID-z16b-zfgu-13a9
40
vulnerability VCID-zapd-uts9-zfch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.0.17
1
url pkg:gem/actionpack@3.1.0.beta1
purl pkg:gem/actionpack@3.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-123f-6px7-3qdg
1
vulnerability VCID-1b9z-efz6-9fdu
2
vulnerability VCID-1xbd-73qv-mff9
3
vulnerability VCID-3edd-m27s-a3ek
4
vulnerability VCID-3rn4-abmh-nkhv
5
vulnerability VCID-4bzb-ft3d-dkgg
6
vulnerability VCID-4w1v-z4zj-6ydp
7
vulnerability VCID-58sa-6uag-z7hp
8
vulnerability VCID-5a2t-fre4-zkay
9
vulnerability VCID-5pfg-7ntp-eff4
10
vulnerability VCID-5psk-hzaf-1kbz
11
vulnerability VCID-6z21-pd9d-pfgk
12
vulnerability VCID-8nkw-8mka-1ygk
13
vulnerability VCID-98gu-r7wd-cuah
14
vulnerability VCID-9gqn-8g4t-wfby
15
vulnerability VCID-a6wp-n5yh-ybcv
16
vulnerability VCID-b4sv-b9pz-r7er
17
vulnerability VCID-bfbp-7umh-2fcp
18
vulnerability VCID-cs1f-uhb2-xkcm
19
vulnerability VCID-dd87-gevs-juhe
20
vulnerability VCID-eeru-6pyc-8bcd
21
vulnerability VCID-ejgq-s79w-abd6
22
vulnerability VCID-g13k-qvy7-q3fk
23
vulnerability VCID-g2a6-uem4-uuce
24
vulnerability VCID-hh65-ycrj-d7gz
25
vulnerability VCID-jpj6-wzp3-m3e4
26
vulnerability VCID-k6aw-heeb-wke2
27
vulnerability VCID-mnh7-4rvx-suay
28
vulnerability VCID-n7ga-1sx4-yfcv
29
vulnerability VCID-n7kh-9mpq-13c7
30
vulnerability VCID-nax4-x97j-9fgr
31
vulnerability VCID-nmz3-ux68-dkfd
32
vulnerability VCID-nnka-c23v-qub7
33
vulnerability VCID-p1yd-keq8-rkh3
34
vulnerability VCID-qth9-abgp-wyaq
35
vulnerability VCID-r6mr-ay8d-nqdd
36
vulnerability VCID-rgw4-mrr9-euda
37
vulnerability VCID-sg9h-7dqr-xugu
38
vulnerability VCID-v2hk-dfbe-5khc
39
vulnerability VCID-v3u5-6bpb-qfgf
40
vulnerability VCID-vhjv-9864-tbcs
41
vulnerability VCID-vs1a-m7ya-rue8
42
vulnerability VCID-y13c-awe3-2bc1
43
vulnerability VCID-z16b-zfgu-13a9
44
vulnerability VCID-zapd-uts9-zfch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.1.0.beta1
2
url pkg:gem/actionpack@3.1.8
purl pkg:gem/actionpack@3.1.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-123f-6px7-3qdg
1
vulnerability VCID-1b9z-efz6-9fdu
2
vulnerability VCID-3edd-m27s-a3ek
3
vulnerability VCID-3rn4-abmh-nkhv
4
vulnerability VCID-4w1v-z4zj-6ydp
5
vulnerability VCID-58sa-6uag-z7hp
6
vulnerability VCID-5pfg-7ntp-eff4
7
vulnerability VCID-5psk-hzaf-1kbz
8
vulnerability VCID-6z21-pd9d-pfgk
9
vulnerability VCID-8nkw-8mka-1ygk
10
vulnerability VCID-98gu-r7wd-cuah
11
vulnerability VCID-9gqn-8g4t-wfby
12
vulnerability VCID-a6wp-n5yh-ybcv
13
vulnerability VCID-b4sv-b9pz-r7er
14
vulnerability VCID-bfbp-7umh-2fcp
15
vulnerability VCID-cs1f-uhb2-xkcm
16
vulnerability VCID-dd87-gevs-juhe
17
vulnerability VCID-eeru-6pyc-8bcd
18
vulnerability VCID-ejgq-s79w-abd6
19
vulnerability VCID-g13k-qvy7-q3fk
20
vulnerability VCID-g2a6-uem4-uuce
21
vulnerability VCID-hh65-ycrj-d7gz
22
vulnerability VCID-jpj6-wzp3-m3e4
23
vulnerability VCID-k6aw-heeb-wke2
24
vulnerability VCID-mnh7-4rvx-suay
25
vulnerability VCID-n7ga-1sx4-yfcv
26
vulnerability VCID-n7kh-9mpq-13c7
27
vulnerability VCID-nax4-x97j-9fgr
28
vulnerability VCID-nmz3-ux68-dkfd
29
vulnerability VCID-nnka-c23v-qub7
30
vulnerability VCID-p1yd-keq8-rkh3
31
vulnerability VCID-qth9-abgp-wyaq
32
vulnerability VCID-r6mr-ay8d-nqdd
33
vulnerability VCID-sg9h-7dqr-xugu
34
vulnerability VCID-v2hk-dfbe-5khc
35
vulnerability VCID-v3u5-6bpb-qfgf
36
vulnerability VCID-vhjv-9864-tbcs
37
vulnerability VCID-vs1a-m7ya-rue8
38
vulnerability VCID-y13c-awe3-2bc1
39
vulnerability VCID-z16b-zfgu-13a9
40
vulnerability VCID-zapd-uts9-zfch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.1.8
3
url pkg:gem/actionpack@3.2.0.rc1
purl pkg:gem/actionpack@3.2.0.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-123f-6px7-3qdg
1
vulnerability VCID-1b9z-efz6-9fdu
2
vulnerability VCID-1xbd-73qv-mff9
3
vulnerability VCID-3edd-m27s-a3ek
4
vulnerability VCID-3rn4-abmh-nkhv
5
vulnerability VCID-4bzb-ft3d-dkgg
6
vulnerability VCID-4w1v-z4zj-6ydp
7
vulnerability VCID-58sa-6uag-z7hp
8
vulnerability VCID-5a2t-fre4-zkay
9
vulnerability VCID-5pfg-7ntp-eff4
10
vulnerability VCID-5psk-hzaf-1kbz
11
vulnerability VCID-6z21-pd9d-pfgk
12
vulnerability VCID-832g-x9kb-3bbx
13
vulnerability VCID-8nkw-8mka-1ygk
14
vulnerability VCID-98gu-r7wd-cuah
15
vulnerability VCID-9gqn-8g4t-wfby
16
vulnerability VCID-a6wp-n5yh-ybcv
17
vulnerability VCID-b4sv-b9pz-r7er
18
vulnerability VCID-bfbp-7umh-2fcp
19
vulnerability VCID-brwd-e9kx-xuc2
20
vulnerability VCID-cs1f-uhb2-xkcm
21
vulnerability VCID-dd87-gevs-juhe
22
vulnerability VCID-eeru-6pyc-8bcd
23
vulnerability VCID-ejgq-s79w-abd6
24
vulnerability VCID-g13k-qvy7-q3fk
25
vulnerability VCID-g2a6-uem4-uuce
26
vulnerability VCID-hh65-ycrj-d7gz
27
vulnerability VCID-jpj6-wzp3-m3e4
28
vulnerability VCID-k6aw-heeb-wke2
29
vulnerability VCID-mnh7-4rvx-suay
30
vulnerability VCID-n7ga-1sx4-yfcv
31
vulnerability VCID-n7kh-9mpq-13c7
32
vulnerability VCID-nax4-x97j-9fgr
33
vulnerability VCID-nmz3-ux68-dkfd
34
vulnerability VCID-nnka-c23v-qub7
35
vulnerability VCID-p1yd-keq8-rkh3
36
vulnerability VCID-qth9-abgp-wyaq
37
vulnerability VCID-r6mr-ay8d-nqdd
38
vulnerability VCID-rgw4-mrr9-euda
39
vulnerability VCID-sg9h-7dqr-xugu
40
vulnerability VCID-v2hk-dfbe-5khc
41
vulnerability VCID-v3u5-6bpb-qfgf
42
vulnerability VCID-vhjv-9864-tbcs
43
vulnerability VCID-vs1a-m7ya-rue8
44
vulnerability VCID-y13c-awe3-2bc1
45
vulnerability VCID-z16b-zfgu-13a9
46
vulnerability VCID-zapd-uts9-zfch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.2.0.rc1
4
url pkg:gem/actionpack@3.2.8
purl pkg:gem/actionpack@3.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-123f-6px7-3qdg
1
vulnerability VCID-1b9z-efz6-9fdu
2
vulnerability VCID-3edd-m27s-a3ek
3
vulnerability VCID-3rn4-abmh-nkhv
4
vulnerability VCID-4w1v-z4zj-6ydp
5
vulnerability VCID-58sa-6uag-z7hp
6
vulnerability VCID-5pfg-7ntp-eff4
7
vulnerability VCID-5psk-hzaf-1kbz
8
vulnerability VCID-6z21-pd9d-pfgk
9
vulnerability VCID-832g-x9kb-3bbx
10
vulnerability VCID-8nkw-8mka-1ygk
11
vulnerability VCID-98gu-r7wd-cuah
12
vulnerability VCID-9gqn-8g4t-wfby
13
vulnerability VCID-a6wp-n5yh-ybcv
14
vulnerability VCID-b4sv-b9pz-r7er
15
vulnerability VCID-bfbp-7umh-2fcp
16
vulnerability VCID-brwd-e9kx-xuc2
17
vulnerability VCID-cs1f-uhb2-xkcm
18
vulnerability VCID-dd87-gevs-juhe
19
vulnerability VCID-eeru-6pyc-8bcd
20
vulnerability VCID-ejgq-s79w-abd6
21
vulnerability VCID-g13k-qvy7-q3fk
22
vulnerability VCID-g2a6-uem4-uuce
23
vulnerability VCID-hh65-ycrj-d7gz
24
vulnerability VCID-jpj6-wzp3-m3e4
25
vulnerability VCID-k6aw-heeb-wke2
26
vulnerability VCID-mnh7-4rvx-suay
27
vulnerability VCID-n7ga-1sx4-yfcv
28
vulnerability VCID-n7kh-9mpq-13c7
29
vulnerability VCID-nax4-x97j-9fgr
30
vulnerability VCID-nmz3-ux68-dkfd
31
vulnerability VCID-nnka-c23v-qub7
32
vulnerability VCID-p1yd-keq8-rkh3
33
vulnerability VCID-qth9-abgp-wyaq
34
vulnerability VCID-r6mr-ay8d-nqdd
35
vulnerability VCID-sg9h-7dqr-xugu
36
vulnerability VCID-v2hk-dfbe-5khc
37
vulnerability VCID-v3u5-6bpb-qfgf
38
vulnerability VCID-vhjv-9864-tbcs
39
vulnerability VCID-vs1a-m7ya-rue8
40
vulnerability VCID-y13c-awe3-2bc1
41
vulnerability VCID-z16b-zfgu-13a9
42
vulnerability VCID-zapd-uts9-zfch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.2.8
aliases CVE-2012-3463, GHSA-98mf-8f57-64qf, OSV-84515
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4bzb-ft3d-dkgg
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.0