Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/367532?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/367532?format=api", "purl": "pkg:gem/actionpack@3.2.0a", "type": "gem", "namespace": "", "name": "actionpack", "version": "3.2.0a", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "8.1.2.1", "latest_non_vulnerable_version": "8.1.2.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27073?format=api", "vulnerability_id": "VCID-sg9h-7dqr-xugu", "summary": "actionpack vulnerable to Path Traversal\nDirectory traversal vulnerability in `actionpack/lib/action_dispatch/middleware/static.rb` in Action Pack in Ruby on Rails 3.x before 3.2.20, 4.0.x before 4.0.11, 4.1.x before 4.1.7, and 4.2.x before 4.2.0.beta3, when `serve_static_assets` is enabled, allows remote attackers to determine the existence of files outside the application root via a `/..%2F` sequence.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7818.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7818.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7818", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44666", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7818" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7818", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7818" }, { "reference_url": "https://github.com/advisories/GHSA-29gr-w57f-rpfw", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-29gr-w57f-rpfw" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7818.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7818.yml" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/dCp7duBiQgo/v_R_8PFs5IwJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/dCp7duBiQgo/v_R_8PFs5IwJ" }, { "reference_url": "https://groups.google.com/forum/#!topic/rubyonrails-security/dCp7duBiQgo", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/dCp7duBiQgo" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7818", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7818" }, { "reference_url": "https://puppet.com/security/cve/cve-2014-7829", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://puppet.com/security/cve/cve-2014-7829" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161499", "reference_id": "1161499", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161499" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934", "reference_id": "770934", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60559?format=api", "purl": "pkg:gem/actionpack@3.2.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-123f-6px7-3qdg" }, { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-832g-x9kb-3bbx" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-b4sv-b9pz-r7er" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-v3u5-6bpb-qfgf" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.2.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/60560?format=api", "purl": "pkg:gem/actionpack@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-123f-6px7-3qdg" }, { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-v3u5-6bpb-qfgf" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/380905?format=api", "purl": "pkg:gem/actionpack@4.1.0.beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-123f-6px7-3qdg" }, { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-sg9h-7dqr-xugu" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-v3u5-6bpb-qfgf" }, { "vulnerability": "VCID-vs1a-m7ya-rue8" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.0.beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/60561?format=api", "purl": "pkg:gem/actionpack@4.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-123f-6px7-3qdg" }, { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-v3u5-6bpb-qfgf" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/320317?format=api", "purl": "pkg:gem/actionpack@4.2.0.beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-sg9h-7dqr-xugu" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-v3u5-6bpb-qfgf" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/60562?format=api", "purl": "pkg:gem/actionpack@4.2.0.beta3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-v3u5-6bpb-qfgf" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta3" } ], "aliases": [ "CVE-2014-7818", "GHSA-29gr-w57f-rpfw" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sg9h-7dqr-xugu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27000?format=api", "vulnerability_id": "VCID-v3u5-6bpb-qfgf", "summary": "Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4.2.0.beta4, when serve_static_assets is enabled, allows remote attackers to determine the existence of files outside the application root via vectors involving a \\ (backslash) character, a similar issue to CVE-2014-7818.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7829.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7829.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50107", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7829" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7829", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7829" }, { "reference_url": "https://github.com/advisories/GHSA-h56m-vwxc-3qpw", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h56m-vwxc-3qpw" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7829.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7829.yml" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/rMTQy4oRCGk/loS_CRS8mNEJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/rMTQy4oRCGk/loS_CRS8mNEJ" }, { "reference_url": "https://groups.google.com/forum/#!topic/rubyonrails-security/rMTQy4oRCGk", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/rMTQy4oRCGk" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7829", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7829" }, { "reference_url": "https://puppet.com/security/cve/cve-2014-7829", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://puppet.com/security/cve/cve-2014-7829" }, { "reference_url": "https://web.archive.org/web/20160403085126/http://www.securityfocus.com/bid/71183", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160403085126/http://www.securityfocus.com/bid/71183" }, { "reference_url": "http://weblog.rubyonrails.org/2014/11/19/Rails-4-0-11-1-and-4-1-7-1-have-been-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2014/11/19/Rails-4-0-11-1-and-4-1-7-1-have-been-released/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164659", "reference_id": "1164659", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164659" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934", "reference_id": "770934", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60545?format=api", "purl": "pkg:gem/actionpack@3.2.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-123f-6px7-3qdg" }, { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-832g-x9kb-3bbx" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-b4sv-b9pz-r7er" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.2.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/367538?format=api", "purl": "pkg:gem/actionpack@4.0.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-123f-6px7-3qdg" }, { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.0.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/60546?format=api", "purl": "pkg:gem/actionpack@4.0.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-123f-6px7-3qdg" }, { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-v3u5-6bpb-qfgf" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.0.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/380905?format=api", "purl": "pkg:gem/actionpack@4.1.0.beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-123f-6px7-3qdg" }, { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-sg9h-7dqr-xugu" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-v3u5-6bpb-qfgf" }, { "vulnerability": "VCID-vs1a-m7ya-rue8" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.0.beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/367539?format=api", "purl": "pkg:gem/actionpack@4.1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-123f-6px7-3qdg" }, { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/60544?format=api", "purl": "pkg:gem/actionpack@4.1.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-123f-6px7-3qdg" }, { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-v3u5-6bpb-qfgf" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/320317?format=api", "purl": "pkg:gem/actionpack@4.2.0.beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-sg9h-7dqr-xugu" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-v3u5-6bpb-qfgf" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/60547?format=api", "purl": "pkg:gem/actionpack@4.2.0.beta4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b9z-efz6-9fdu" }, { "vulnerability": "VCID-3edd-m27s-a3ek" }, { "vulnerability": "VCID-4w1v-z4zj-6ydp" }, { "vulnerability": "VCID-5pfg-7ntp-eff4" }, { "vulnerability": "VCID-6z21-pd9d-pfgk" }, { "vulnerability": "VCID-8nkw-8mka-1ygk" }, { "vulnerability": "VCID-98gu-r7wd-cuah" }, { "vulnerability": "VCID-a6wp-n5yh-ybcv" }, { "vulnerability": "VCID-bfbp-7umh-2fcp" }, { "vulnerability": "VCID-brwd-e9kx-xuc2" }, { "vulnerability": "VCID-dd87-gevs-juhe" }, { "vulnerability": "VCID-eeru-6pyc-8bcd" }, { "vulnerability": "VCID-ejgq-s79w-abd6" }, { "vulnerability": "VCID-g13k-qvy7-q3fk" }, { "vulnerability": "VCID-g2a6-uem4-uuce" }, { "vulnerability": "VCID-k6aw-heeb-wke2" }, { "vulnerability": "VCID-kshz-ckjc-77ab" }, { "vulnerability": "VCID-m156-zkzd-57g9" }, { "vulnerability": "VCID-m9ud-s6w6-x7ac" }, { "vulnerability": "VCID-mnh7-4rvx-suay" }, { "vulnerability": "VCID-n7ga-1sx4-yfcv" }, { "vulnerability": "VCID-n7kh-9mpq-13c7" }, { "vulnerability": "VCID-nmz3-ux68-dkfd" }, { "vulnerability": "VCID-p1yd-keq8-rkh3" }, { "vulnerability": "VCID-qth9-abgp-wyaq" }, { "vulnerability": "VCID-r6mr-ay8d-nqdd" }, { "vulnerability": "VCID-v2hk-dfbe-5khc" }, { "vulnerability": "VCID-v3u5-6bpb-qfgf" }, { "vulnerability": "VCID-y13c-awe3-2bc1" }, { "vulnerability": "VCID-z16b-zfgu-13a9" }, { "vulnerability": "VCID-zapd-uts9-zfch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta4" } ], "aliases": [ "CVE-2014-7829", "GHSA-h56m-vwxc-3qpw" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v3u5-6bpb-qfgf" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@3.2.0a" }