Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/50972?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/50972?format=api", "purl": "pkg:gem/actionpack@4.1.0a", "type": "gem", "namespace": "", "name": "actionpack", "version": "4.1.0a", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "8.1.2.1", "latest_non_vulnerable_version": "8.1.2.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10585?format=api", "vulnerability_id": "VCID-1161-4sdr-fkc3", "summary": "Arbitrary file existence disclosure\nSpecially crafted requests can be used to determine whether a file exists on the filesystem that is outside the Rails application's root directory. The files will not be served, but attackers can determine whether the file exists. This only impacts Rails applications that enable static file serving at runtime. For example, the application's production configuration will say: `config.serve_static_assets = true`", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7818", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44675", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7818" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/dCp7duBiQgo/v_R_8PFs5IwJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/dCp7duBiQgo/v_R_8PFs5IwJ" }, { "reference_url": "https://groups.google.com/forum/#!topic/rubyonrails-security/dCp7duBiQgo", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/dCp7duBiQgo" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934", "reference_id": "770934", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7818", "reference_id": "CVE-2014-7818", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7818" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7818.yml", "reference_id": "CVE-2014-7818.YML", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7818.yml" }, { "reference_url": "https://puppet.com/security/cve/cve-2014-7829", "reference_id": "CVE-2014-7829", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://puppet.com/security/cve/cve-2014-7829" }, { "reference_url": "https://github.com/advisories/GHSA-29gr-w57f-rpfw", "reference_id": "GHSA-29gr-w57f-rpfw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-29gr-w57f-rpfw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/90972?format=api", "purl": "pkg:gem/actionpack@4.1.0.beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1161-4sdr-fkc3" }, { "vulnerability": "VCID-1bxj-7h5q-jbdz" }, { "vulnerability": "VCID-26je-urbt-8kee" }, { "vulnerability": "VCID-31rm-1rpc-g3dq" }, { "vulnerability": "VCID-4jjq-jkgc-mkca" }, { "vulnerability": "VCID-6cjf-b88j-n3bw" }, { "vulnerability": "VCID-6jdd-kze9-myfz" }, { "vulnerability": "VCID-7yhn-w7nv-xqf7" }, { "vulnerability": "VCID-9w4d-2z52-wyaf" }, { "vulnerability": "VCID-apra-79g2-wkfn" }, { "vulnerability": "VCID-b5zn-u8pu-zya6" }, { "vulnerability": "VCID-ct3m-wed2-6bhq" }, { "vulnerability": "VCID-dz1r-ae9g-57en" }, { "vulnerability": "VCID-f22x-hsz9-kfau" }, { "vulnerability": "VCID-fm16-z8wy-6fgz" }, { "vulnerability": "VCID-fnkq-8eys-gygm" }, { "vulnerability": "VCID-hud5-xxhh-u3ex" }, { "vulnerability": "VCID-j585-zz5s-nqd5" }, { "vulnerability": "VCID-jnrw-sue5-zqex" }, { "vulnerability": "VCID-kyj5-b8wz-pkgj" }, { "vulnerability": "VCID-m8rg-xa7x-6yan" }, { "vulnerability": "VCID-mrwn-mkcp-j7dv" }, { "vulnerability": "VCID-n2ap-zgrd-skhf" }, { "vulnerability": "VCID-pssv-24tn-kkc5" }, { "vulnerability": "VCID-r7ur-pzac-7bbk" }, { "vulnerability": "VCID-sd3k-af7j-h7h4" }, { "vulnerability": "VCID-sevc-c95q-tyg8" }, { "vulnerability": "VCID-t1ep-g6cz-7kgr" }, { "vulnerability": "VCID-tc9x-h24m-9ufe" }, { "vulnerability": "VCID-wyvv-ks5y-fkex" }, { "vulnerability": "VCID-x6wm-6c84-2qdw" }, { "vulnerability": "VCID-xhqj-617q-f7fb" }, { "vulnerability": "VCID-yp5x-mgfj-xbbf" }, { "vulnerability": "VCID-ypmv-73g2-gfex" }, { "vulnerability": "VCID-yrjj-cken-6qff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.0.beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/50976?format=api", "purl": "pkg:gem/actionpack@4.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bxj-7h5q-jbdz" }, { "vulnerability": "VCID-31rm-1rpc-g3dq" }, { "vulnerability": "VCID-4jjq-jkgc-mkca" }, { "vulnerability": "VCID-6cjf-b88j-n3bw" }, { "vulnerability": "VCID-6jdd-kze9-myfz" }, { "vulnerability": "VCID-7yhn-w7nv-xqf7" }, { "vulnerability": "VCID-9w4d-2z52-wyaf" }, { "vulnerability": "VCID-apra-79g2-wkfn" }, { "vulnerability": "VCID-b5zn-u8pu-zya6" }, { "vulnerability": "VCID-ct3m-wed2-6bhq" }, { "vulnerability": "VCID-dz1r-ae9g-57en" }, { "vulnerability": "VCID-f22x-hsz9-kfau" }, { "vulnerability": "VCID-fm16-z8wy-6fgz" }, { "vulnerability": "VCID-fnkq-8eys-gygm" }, { "vulnerability": "VCID-hud5-xxhh-u3ex" }, { "vulnerability": "VCID-j585-zz5s-nqd5" }, { "vulnerability": "VCID-jnrw-sue5-zqex" }, { "vulnerability": "VCID-kyj5-b8wz-pkgj" }, { "vulnerability": "VCID-m8rg-xa7x-6yan" }, { "vulnerability": "VCID-mrwn-mkcp-j7dv" }, { "vulnerability": "VCID-n2ap-zgrd-skhf" }, { "vulnerability": "VCID-pssv-24tn-kkc5" }, { "vulnerability": "VCID-r7ur-pzac-7bbk" }, { "vulnerability": "VCID-sd3k-af7j-h7h4" }, { "vulnerability": "VCID-sevc-c95q-tyg8" }, { "vulnerability": "VCID-t1ep-g6cz-7kgr" }, { "vulnerability": "VCID-tc9x-h24m-9ufe" }, { "vulnerability": "VCID-wyvv-ks5y-fkex" }, { "vulnerability": "VCID-x6wm-6c84-2qdw" }, { "vulnerability": "VCID-xhqj-617q-f7fb" }, { "vulnerability": "VCID-yp5x-mgfj-xbbf" }, { "vulnerability": "VCID-ypmv-73g2-gfex" }, { "vulnerability": "VCID-yrjj-cken-6qff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/73704?format=api", "purl": "pkg:gem/actionpack@4.2.0.beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1161-4sdr-fkc3" }, { "vulnerability": "VCID-1bxj-7h5q-jbdz" }, { "vulnerability": "VCID-31rm-1rpc-g3dq" }, { "vulnerability": "VCID-4jjq-jkgc-mkca" }, { "vulnerability": "VCID-6cjf-b88j-n3bw" }, { "vulnerability": "VCID-6jdd-kze9-myfz" }, { "vulnerability": "VCID-7yhn-w7nv-xqf7" }, { "vulnerability": "VCID-9w4d-2z52-wyaf" }, { "vulnerability": "VCID-apra-79g2-wkfn" }, { "vulnerability": "VCID-b5zn-u8pu-zya6" }, { "vulnerability": "VCID-dz1r-ae9g-57en" }, { "vulnerability": "VCID-f22x-hsz9-kfau" }, { "vulnerability": "VCID-fm16-z8wy-6fgz" }, { "vulnerability": "VCID-fnkq-8eys-gygm" }, { "vulnerability": "VCID-hud5-xxhh-u3ex" }, { "vulnerability": "VCID-j585-zz5s-nqd5" }, { "vulnerability": "VCID-jnrw-sue5-zqex" }, { "vulnerability": "VCID-kyj5-b8wz-pkgj" }, { "vulnerability": "VCID-m8rg-xa7x-6yan" }, { "vulnerability": "VCID-mrwn-mkcp-j7dv" }, { "vulnerability": "VCID-n2ap-zgrd-skhf" }, { "vulnerability": "VCID-pssv-24tn-kkc5" }, { "vulnerability": "VCID-r7ur-pzac-7bbk" }, { "vulnerability": "VCID-sd3k-af7j-h7h4" }, { "vulnerability": "VCID-sevc-c95q-tyg8" }, { "vulnerability": "VCID-t1ep-g6cz-7kgr" }, { "vulnerability": "VCID-tc9x-h24m-9ufe" }, { "vulnerability": "VCID-wyvv-ks5y-fkex" }, { "vulnerability": "VCID-x6wm-6c84-2qdw" }, { "vulnerability": "VCID-xhqj-617q-f7fb" }, { "vulnerability": "VCID-yp5x-mgfj-xbbf" }, { "vulnerability": "VCID-ypmv-73g2-gfex" }, { "vulnerability": "VCID-yrjj-cken-6qff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/50977?format=api", "purl": "pkg:gem/actionpack@4.2.0.beta3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bxj-7h5q-jbdz" }, { "vulnerability": "VCID-31rm-1rpc-g3dq" }, { "vulnerability": "VCID-4jjq-jkgc-mkca" }, { "vulnerability": "VCID-6cjf-b88j-n3bw" }, { "vulnerability": "VCID-6jdd-kze9-myfz" }, { "vulnerability": "VCID-7yhn-w7nv-xqf7" }, { "vulnerability": "VCID-9w4d-2z52-wyaf" }, { "vulnerability": "VCID-apra-79g2-wkfn" }, { "vulnerability": "VCID-b5zn-u8pu-zya6" }, { "vulnerability": "VCID-dz1r-ae9g-57en" }, { "vulnerability": "VCID-f22x-hsz9-kfau" }, { "vulnerability": "VCID-fm16-z8wy-6fgz" }, { "vulnerability": "VCID-fnkq-8eys-gygm" }, { "vulnerability": "VCID-hud5-xxhh-u3ex" }, { "vulnerability": "VCID-j585-zz5s-nqd5" }, { "vulnerability": "VCID-jnrw-sue5-zqex" }, { "vulnerability": "VCID-kyj5-b8wz-pkgj" }, { "vulnerability": "VCID-m8rg-xa7x-6yan" }, { "vulnerability": "VCID-mrwn-mkcp-j7dv" }, { "vulnerability": "VCID-n2ap-zgrd-skhf" }, { "vulnerability": "VCID-pssv-24tn-kkc5" }, { "vulnerability": "VCID-r7ur-pzac-7bbk" }, { "vulnerability": "VCID-sd3k-af7j-h7h4" }, { "vulnerability": "VCID-sevc-c95q-tyg8" }, { "vulnerability": "VCID-t1ep-g6cz-7kgr" }, { "vulnerability": "VCID-tc9x-h24m-9ufe" }, { "vulnerability": "VCID-wyvv-ks5y-fkex" }, { "vulnerability": "VCID-x6wm-6c84-2qdw" }, { "vulnerability": "VCID-xhqj-617q-f7fb" }, { "vulnerability": "VCID-yp5x-mgfj-xbbf" }, { "vulnerability": "VCID-ypmv-73g2-gfex" }, { "vulnerability": "VCID-yrjj-cken-6qff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta3" } ], "aliases": [ "CVE-2014-7818", "GHSA-29gr-w57f-rpfw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1161-4sdr-fkc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10591?format=api", "vulnerability_id": "VCID-t1ep-g6cz-7kgr", "summary": "Arbitrary file existence disclosure\nSpecially crafted requests can be used to determine whether a file exists on the filesystem that is outside the Rails application's root directory. The files will not be served, but attackers can determine whether the file exists. This only impacts Rails applications that enable static file serving at runtime. For example, the application's production configuration will say: `config.serve_static_assets = true`", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.5012", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7829" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/rMTQy4oRCGk/loS_CRS8mNEJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/rMTQy4oRCGk/loS_CRS8mNEJ" }, { "reference_url": "https://groups.google.com/forum/#!topic/rubyonrails-security/rMTQy4oRCGk", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/rMTQy4oRCGk" }, { "reference_url": "https://web.archive.org/web/20160403085126/http://www.securityfocus.com/bid/71183", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160403085126/http://www.securityfocus.com/bid/71183" }, { "reference_url": "http://weblog.rubyonrails.org/2014/11/19/Rails-4-0-11-1-and-4-1-7-1-have-been-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2014/11/19/Rails-4-0-11-1-and-4-1-7-1-have-been-released/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934", "reference_id": "770934", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7829", "reference_id": "CVE-2014-7829", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7829" }, { "reference_url": "https://puppet.com/security/cve/cve-2014-7829", "reference_id": "CVE-2014-7829", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://puppet.com/security/cve/cve-2014-7829" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7829.yml", "reference_id": "CVE-2014-7829.YML", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7829.yml" }, { "reference_url": "https://github.com/advisories/GHSA-h56m-vwxc-3qpw", "reference_id": "GHSA-h56m-vwxc-3qpw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h56m-vwxc-3qpw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/90972?format=api", "purl": "pkg:gem/actionpack@4.1.0.beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1161-4sdr-fkc3" }, { "vulnerability": "VCID-1bxj-7h5q-jbdz" }, { "vulnerability": "VCID-26je-urbt-8kee" }, { "vulnerability": "VCID-31rm-1rpc-g3dq" }, { "vulnerability": "VCID-4jjq-jkgc-mkca" }, { "vulnerability": "VCID-6cjf-b88j-n3bw" }, { "vulnerability": "VCID-6jdd-kze9-myfz" }, { "vulnerability": "VCID-7yhn-w7nv-xqf7" }, { "vulnerability": "VCID-9w4d-2z52-wyaf" }, { "vulnerability": "VCID-apra-79g2-wkfn" }, { "vulnerability": "VCID-b5zn-u8pu-zya6" }, { "vulnerability": "VCID-ct3m-wed2-6bhq" }, { "vulnerability": "VCID-dz1r-ae9g-57en" }, { "vulnerability": "VCID-f22x-hsz9-kfau" }, { "vulnerability": "VCID-fm16-z8wy-6fgz" }, { "vulnerability": "VCID-fnkq-8eys-gygm" }, { "vulnerability": "VCID-hud5-xxhh-u3ex" }, { "vulnerability": "VCID-j585-zz5s-nqd5" }, { "vulnerability": "VCID-jnrw-sue5-zqex" }, { "vulnerability": "VCID-kyj5-b8wz-pkgj" }, { "vulnerability": "VCID-m8rg-xa7x-6yan" }, { "vulnerability": "VCID-mrwn-mkcp-j7dv" }, { "vulnerability": "VCID-n2ap-zgrd-skhf" }, { "vulnerability": "VCID-pssv-24tn-kkc5" }, { "vulnerability": "VCID-r7ur-pzac-7bbk" }, { "vulnerability": "VCID-sd3k-af7j-h7h4" }, { "vulnerability": "VCID-sevc-c95q-tyg8" }, { "vulnerability": "VCID-t1ep-g6cz-7kgr" }, { "vulnerability": "VCID-tc9x-h24m-9ufe" }, { "vulnerability": "VCID-wyvv-ks5y-fkex" }, { "vulnerability": "VCID-x6wm-6c84-2qdw" }, { "vulnerability": "VCID-xhqj-617q-f7fb" }, { "vulnerability": "VCID-yp5x-mgfj-xbbf" }, { "vulnerability": "VCID-ypmv-73g2-gfex" }, { "vulnerability": "VCID-yrjj-cken-6qff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.0.beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/50986?format=api", "purl": "pkg:gem/actionpack@4.1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bxj-7h5q-jbdz" }, { "vulnerability": "VCID-31rm-1rpc-g3dq" }, { "vulnerability": "VCID-4jjq-jkgc-mkca" }, { "vulnerability": "VCID-6cjf-b88j-n3bw" }, { "vulnerability": "VCID-6jdd-kze9-myfz" }, { "vulnerability": "VCID-7yhn-w7nv-xqf7" }, { "vulnerability": "VCID-9w4d-2z52-wyaf" }, { "vulnerability": "VCID-apra-79g2-wkfn" }, { "vulnerability": "VCID-b5zn-u8pu-zya6" }, { "vulnerability": "VCID-ct3m-wed2-6bhq" }, { "vulnerability": "VCID-dz1r-ae9g-57en" }, { "vulnerability": "VCID-f22x-hsz9-kfau" }, { "vulnerability": "VCID-fm16-z8wy-6fgz" }, { "vulnerability": "VCID-fnkq-8eys-gygm" }, { "vulnerability": "VCID-hud5-xxhh-u3ex" }, { "vulnerability": "VCID-j585-zz5s-nqd5" }, { "vulnerability": "VCID-jnrw-sue5-zqex" }, { "vulnerability": "VCID-kyj5-b8wz-pkgj" }, { "vulnerability": "VCID-m8rg-xa7x-6yan" }, { "vulnerability": "VCID-mrwn-mkcp-j7dv" }, { "vulnerability": "VCID-n2ap-zgrd-skhf" }, { "vulnerability": "VCID-pssv-24tn-kkc5" }, { "vulnerability": "VCID-r7ur-pzac-7bbk" }, { "vulnerability": "VCID-sd3k-af7j-h7h4" }, { "vulnerability": "VCID-sevc-c95q-tyg8" }, { "vulnerability": "VCID-tc9x-h24m-9ufe" }, { "vulnerability": "VCID-wyvv-ks5y-fkex" }, { "vulnerability": "VCID-x6wm-6c84-2qdw" }, { "vulnerability": "VCID-xhqj-617q-f7fb" }, { "vulnerability": "VCID-yp5x-mgfj-xbbf" }, { "vulnerability": "VCID-ypmv-73g2-gfex" }, { "vulnerability": "VCID-yrjj-cken-6qff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/50987?format=api", "purl": "pkg:gem/actionpack@4.1.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bxj-7h5q-jbdz" }, { "vulnerability": "VCID-31rm-1rpc-g3dq" }, { "vulnerability": "VCID-4jjq-jkgc-mkca" }, { "vulnerability": "VCID-6cjf-b88j-n3bw" }, { "vulnerability": "VCID-6jdd-kze9-myfz" }, { "vulnerability": "VCID-7yhn-w7nv-xqf7" }, { "vulnerability": "VCID-9w4d-2z52-wyaf" }, { "vulnerability": "VCID-apra-79g2-wkfn" }, { "vulnerability": "VCID-b5zn-u8pu-zya6" }, { "vulnerability": "VCID-ct3m-wed2-6bhq" }, { "vulnerability": "VCID-dz1r-ae9g-57en" }, { "vulnerability": "VCID-f22x-hsz9-kfau" }, { "vulnerability": "VCID-fm16-z8wy-6fgz" }, { "vulnerability": "VCID-fnkq-8eys-gygm" }, { "vulnerability": "VCID-hud5-xxhh-u3ex" }, { "vulnerability": "VCID-j585-zz5s-nqd5" }, { "vulnerability": "VCID-jnrw-sue5-zqex" }, { "vulnerability": "VCID-kyj5-b8wz-pkgj" }, { "vulnerability": "VCID-m8rg-xa7x-6yan" }, { "vulnerability": "VCID-mrwn-mkcp-j7dv" }, { "vulnerability": "VCID-n2ap-zgrd-skhf" }, { "vulnerability": "VCID-pssv-24tn-kkc5" }, { "vulnerability": "VCID-r7ur-pzac-7bbk" }, { "vulnerability": "VCID-sd3k-af7j-h7h4" }, { "vulnerability": "VCID-sevc-c95q-tyg8" }, { "vulnerability": "VCID-t1ep-g6cz-7kgr" }, { "vulnerability": "VCID-tc9x-h24m-9ufe" }, { "vulnerability": "VCID-wyvv-ks5y-fkex" }, { "vulnerability": "VCID-x6wm-6c84-2qdw" }, { "vulnerability": "VCID-xhqj-617q-f7fb" }, { "vulnerability": "VCID-yp5x-mgfj-xbbf" }, { "vulnerability": "VCID-ypmv-73g2-gfex" }, { "vulnerability": "VCID-yrjj-cken-6qff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/73704?format=api", "purl": "pkg:gem/actionpack@4.2.0.beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1161-4sdr-fkc3" }, { "vulnerability": "VCID-1bxj-7h5q-jbdz" }, { "vulnerability": "VCID-31rm-1rpc-g3dq" }, { "vulnerability": "VCID-4jjq-jkgc-mkca" }, { "vulnerability": "VCID-6cjf-b88j-n3bw" }, { "vulnerability": "VCID-6jdd-kze9-myfz" }, { "vulnerability": "VCID-7yhn-w7nv-xqf7" }, { "vulnerability": "VCID-9w4d-2z52-wyaf" }, { "vulnerability": "VCID-apra-79g2-wkfn" }, { "vulnerability": "VCID-b5zn-u8pu-zya6" }, { "vulnerability": "VCID-dz1r-ae9g-57en" }, { "vulnerability": "VCID-f22x-hsz9-kfau" }, { "vulnerability": "VCID-fm16-z8wy-6fgz" }, { "vulnerability": "VCID-fnkq-8eys-gygm" }, { "vulnerability": "VCID-hud5-xxhh-u3ex" }, { "vulnerability": "VCID-j585-zz5s-nqd5" }, { "vulnerability": "VCID-jnrw-sue5-zqex" }, { "vulnerability": "VCID-kyj5-b8wz-pkgj" }, { "vulnerability": "VCID-m8rg-xa7x-6yan" }, { "vulnerability": "VCID-mrwn-mkcp-j7dv" }, { "vulnerability": "VCID-n2ap-zgrd-skhf" }, { "vulnerability": "VCID-pssv-24tn-kkc5" }, { "vulnerability": "VCID-r7ur-pzac-7bbk" }, { "vulnerability": "VCID-sd3k-af7j-h7h4" }, { "vulnerability": "VCID-sevc-c95q-tyg8" }, { "vulnerability": "VCID-t1ep-g6cz-7kgr" }, { "vulnerability": "VCID-tc9x-h24m-9ufe" }, { "vulnerability": "VCID-wyvv-ks5y-fkex" }, { "vulnerability": "VCID-x6wm-6c84-2qdw" }, { "vulnerability": "VCID-xhqj-617q-f7fb" }, { "vulnerability": "VCID-yp5x-mgfj-xbbf" }, { "vulnerability": "VCID-ypmv-73g2-gfex" }, { "vulnerability": "VCID-yrjj-cken-6qff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/73705?format=api", "purl": "pkg:gem/actionpack@4.2.0.beta4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bxj-7h5q-jbdz" }, { "vulnerability": "VCID-31rm-1rpc-g3dq" }, { "vulnerability": "VCID-4jjq-jkgc-mkca" }, { "vulnerability": "VCID-6cjf-b88j-n3bw" }, { "vulnerability": "VCID-6jdd-kze9-myfz" }, { "vulnerability": "VCID-7yhn-w7nv-xqf7" }, { "vulnerability": "VCID-9w4d-2z52-wyaf" }, { "vulnerability": "VCID-apra-79g2-wkfn" }, { "vulnerability": "VCID-b5zn-u8pu-zya6" }, { "vulnerability": "VCID-dz1r-ae9g-57en" }, { "vulnerability": "VCID-f22x-hsz9-kfau" }, { "vulnerability": "VCID-fm16-z8wy-6fgz" }, { "vulnerability": "VCID-fnkq-8eys-gygm" }, { "vulnerability": "VCID-hud5-xxhh-u3ex" }, { "vulnerability": "VCID-j585-zz5s-nqd5" }, { "vulnerability": "VCID-jnrw-sue5-zqex" }, { "vulnerability": "VCID-kyj5-b8wz-pkgj" }, { "vulnerability": "VCID-m8rg-xa7x-6yan" }, { "vulnerability": "VCID-mrwn-mkcp-j7dv" }, { "vulnerability": "VCID-n2ap-zgrd-skhf" }, { "vulnerability": "VCID-pssv-24tn-kkc5" }, { "vulnerability": "VCID-r7ur-pzac-7bbk" }, { "vulnerability": "VCID-sd3k-af7j-h7h4" }, { "vulnerability": "VCID-sevc-c95q-tyg8" }, { "vulnerability": "VCID-t1ep-g6cz-7kgr" }, { "vulnerability": "VCID-tc9x-h24m-9ufe" }, { "vulnerability": "VCID-wyvv-ks5y-fkex" }, { "vulnerability": "VCID-x6wm-6c84-2qdw" }, { "vulnerability": "VCID-xhqj-617q-f7fb" }, { "vulnerability": "VCID-yp5x-mgfj-xbbf" }, { "vulnerability": "VCID-ypmv-73g2-gfex" }, { "vulnerability": "VCID-yrjj-cken-6qff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta4" } ], "aliases": [ "CVE-2014-7829", "GHSA-h56m-vwxc-3qpw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t1ep-g6cz-7kgr" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.0a" }