Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/rails@1.2.5-1?distro=trixie
Typedeb
Namespacedebian
Namerails
Version1.2.5-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.2.6-1
Latest_non_vulnerable_version2:7.2.3.1+dfsg-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-r1u7-1avr-fqbs
vulnerability_id VCID-r1u7-1avr-fqbs
summary 
Moderate severity vulnerability that affects rails
Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers and ActiveResource servers to determine the existence of arbitrary files and read arbitrary XML files via the Hash.from_xml (Hash#from_xml) method, which uses XmlSimple (XML::Simple) unsafely, as demonstrated by reading passwords from the Pidgin (Gaim) .purple/accounts.xml file.
references
0
reference_url http://bugs.gentoo.org/show_bug.cgi?id=195315
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://bugs.gentoo.org/show_bug.cgi?id=195315
1
reference_url http://docs.info.apple.com/article.html?artnum=307179
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://docs.info.apple.com/article.html?artnum=307179
2
reference_url http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5379
reference_id
reference_type
scores
0
value 0.10596
scoring_system epss
scoring_elements 0.93263
published_at 2026-04-02T12:55:00Z
1
value 0.10596
scoring_system epss
scoring_elements 0.93269
published_at 2026-04-04T12:55:00Z
2
value 0.10596
scoring_system epss
scoring_elements 0.93306
published_at 2026-04-18T12:55:00Z
3
value 0.10596
scoring_system epss
scoring_elements 0.93301
published_at 2026-04-16T12:55:00Z
4
value 0.10596
scoring_system epss
scoring_elements 0.93284
published_at 2026-04-13T12:55:00Z
5
value 0.10596
scoring_system epss
scoring_elements 0.93283
published_at 2026-04-12T12:55:00Z
6
value 0.10596
scoring_system epss
scoring_elements 0.93285
published_at 2026-04-11T12:55:00Z
7
value 0.10596
scoring_system epss
scoring_elements 0.93281
published_at 2026-04-09T12:55:00Z
8
value 0.10596
scoring_system epss
scoring_elements 0.93276
published_at 2026-04-08T12:55:00Z
9
value 0.10596
scoring_system epss
scoring_elements 0.93268
published_at 2026-04-07T12:55:00Z
10
value 0.10596
scoring_system epss
scoring_elements 0.93255
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5379
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5379
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5379
5
reference_url http://security.gentoo.org/glsa/glsa-200711-17.xml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://security.gentoo.org/glsa/glsa-200711-17.xml
6
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
7
reference_url https://rubyonrails.org/2007/10/5/rails-1-2-4-maintenance-release
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rubyonrails.org/2007/10/5/rails-1-2-4-maintenance-release
8
reference_url https://web.archive.org/web/20090602000500/http://dev.rubyonrails.org/ticket/8453
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090602000500/http://dev.rubyonrails.org/ticket/8453
9
reference_url http://weblog.rubyonrails.org/2007/10/5/rails-1-2-4-maintenance-release
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2007/10/5/rails-1-2-4-maintenance-release
10
reference_url http://www.us-cert.gov/cas/techalerts/TA07-352A.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.us-cert.gov/cas/techalerts/TA07-352A.html
11
reference_url http://www.vupen.com/english/advisories/2007/3508
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2007/3508
12
reference_url http://www.vupen.com/english/advisories/2007/4238
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2007/4238
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-5379
reference_id CVE-2007-5379
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-5379
14
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rails/CVE-2007-5379.yml
reference_id CVE-2007-5379.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rails/CVE-2007-5379.yml
15
reference_url https://github.com/advisories/GHSA-fjfg-q662-gm6j
reference_id GHSA-fjfg-q662-gm6j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fjfg-q662-gm6j
16
reference_url https://security.gentoo.org/glsa/200711-17
reference_id GLSA-200711-17
reference_type
scores
url https://security.gentoo.org/glsa/200711-17
fixed_packages
0
url pkg:deb/debian/rails@1.2.5-1?distro=trixie
purl pkg:deb/debian/rails@1.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@1.2.5-1%3Fdistro=trixie
1
url pkg:deb/debian/rails@2:6.0.3.7%2Bdfsg-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/rails@2:6.0.3.7%2Bdfsg-2%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-qxe4-dubt-1kfp
8
vulnerability VCID-sarm-n22v-akcm
9
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.0.3.7%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/rails@2:6.1.7.10%2Bdfsg-1~deb12u2?distro=trixie
purl pkg:deb/debian/rails@2:6.1.7.10%2Bdfsg-1~deb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-qxe4-dubt-1kfp
7
vulnerability VCID-sarm-n22v-akcm
8
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.1.7.10%252Bdfsg-1~deb12u2%3Fdistro=trixie
3
url pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2~deb13u1?distro=trixie
purl pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-qxe4-dubt-1kfp
7
vulnerability VCID-sarm-n22v-akcm
8
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.2.2%252Bdfsg-2~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.2.2%252Bdfsg-2%3Fdistro=trixie
5
url pkg:deb/debian/rails@2:7.2.3%2Bdfsg-3?distro=trixie
purl pkg:deb/debian/rails@2:7.2.3%2Bdfsg-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-qxe4-dubt-1kfp
7
vulnerability VCID-sarm-n22v-akcm
8
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.3%252Bdfsg-3%3Fdistro=trixie
6
url pkg:deb/debian/rails@2:7.2.3.1%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/rails@2:7.2.3.1%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.3.1%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-5379, GHSA-fjfg-q662-gm6j, OSV-40717
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r1u7-1avr-fqbs
1
url VCID-wgr4-rzk2-4yet
vulnerability_id VCID-wgr4-rzk2-4yet
summary Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions."
references
0
reference_url http://bugs.gentoo.org/show_bug.cgi?id=195315
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://bugs.gentoo.org/show_bug.cgi?id=195315
1
reference_url http://docs.info.apple.com/article.html?artnum=307179
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://docs.info.apple.com/article.html?artnum=307179
2
reference_url http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5380
reference_id
reference_type
scores
0
value 0.05845
scoring_system epss
scoring_elements 0.90508
published_at 2026-04-02T12:55:00Z
1
value 0.05845
scoring_system epss
scoring_elements 0.90562
published_at 2026-04-18T12:55:00Z
2
value 0.05845
scoring_system epss
scoring_elements 0.90563
published_at 2026-04-16T12:55:00Z
3
value 0.05845
scoring_system epss
scoring_elements 0.90504
published_at 2026-04-01T12:55:00Z
4
value 0.05845
scoring_system epss
scoring_elements 0.90545
published_at 2026-04-13T12:55:00Z
5
value 0.05845
scoring_system epss
scoring_elements 0.90551
published_at 2026-04-12T12:55:00Z
6
value 0.05845
scoring_system epss
scoring_elements 0.90552
published_at 2026-04-11T12:55:00Z
7
value 0.05845
scoring_system epss
scoring_elements 0.90543
published_at 2026-04-09T12:55:00Z
8
value 0.05845
scoring_system epss
scoring_elements 0.90537
published_at 2026-04-08T12:55:00Z
9
value 0.05845
scoring_system epss
scoring_elements 0.90524
published_at 2026-04-07T12:55:00Z
10
value 0.05845
scoring_system epss
scoring_elements 0.90518
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5380
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5380
5
reference_url http://secunia.com/advisories/27657
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/27657
6
reference_url http://secunia.com/advisories/27965
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/27965
7
reference_url http://secunia.com/advisories/28136
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/28136
8
reference_url http://security.gentoo.org/glsa/glsa-200711-17.xml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://security.gentoo.org/glsa/glsa-200711-17.xml
9
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
10
reference_url http://weblog.rubyonrails.org/2007/10/5/rails-1-2-4-maintenance-release
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2007/10/5/rails-1-2-4-maintenance-release
11
reference_url http://www.novell.com/linux/security/advisories/2007_25_sr.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.novell.com/linux/security/advisories/2007_25_sr.html
12
reference_url http://www.securityfocus.com/bid/26096
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/26096
13
reference_url http://www.us-cert.gov/cas/techalerts/TA07-352A.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.us-cert.gov/cas/techalerts/TA07-352A.html
14
reference_url http://www.vupen.com/english/advisories/2007/3508
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2007/3508
15
reference_url http://www.vupen.com/english/advisories/2007/4238
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2007/4238
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-5380
reference_id CVE-2007-5380
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-5380
17
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rails/CVE-2007-5380.yml
reference_id CVE-2007-5380.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rails/CVE-2007-5380.yml
18
reference_url https://github.com/advisories/GHSA-jwhv-rgqc-fqj5
reference_id GHSA-jwhv-rgqc-fqj5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-jwhv-rgqc-fqj5
19
reference_url https://security.gentoo.org/glsa/200711-17
reference_id GLSA-200711-17
reference_type
scores
url https://security.gentoo.org/glsa/200711-17
20
reference_url https://security.gentoo.org/glsa/200912-02
reference_id GLSA-200912-02
reference_type
scores
url https://security.gentoo.org/glsa/200912-02
fixed_packages
0
url pkg:deb/debian/rails@1.2.5-1?distro=trixie
purl pkg:deb/debian/rails@1.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@1.2.5-1%3Fdistro=trixie
1
url pkg:deb/debian/rails@2:6.0.3.7%2Bdfsg-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/rails@2:6.0.3.7%2Bdfsg-2%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-qxe4-dubt-1kfp
8
vulnerability VCID-sarm-n22v-akcm
9
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.0.3.7%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/rails@2:6.1.7.10%2Bdfsg-1~deb12u2?distro=trixie
purl pkg:deb/debian/rails@2:6.1.7.10%2Bdfsg-1~deb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-qxe4-dubt-1kfp
7
vulnerability VCID-sarm-n22v-akcm
8
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.1.7.10%252Bdfsg-1~deb12u2%3Fdistro=trixie
3
url pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2~deb13u1?distro=trixie
purl pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-qxe4-dubt-1kfp
7
vulnerability VCID-sarm-n22v-akcm
8
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.2.2%252Bdfsg-2~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.2.2%252Bdfsg-2%3Fdistro=trixie
5
url pkg:deb/debian/rails@2:7.2.3%2Bdfsg-3?distro=trixie
purl pkg:deb/debian/rails@2:7.2.3%2Bdfsg-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-qxe4-dubt-1kfp
7
vulnerability VCID-sarm-n22v-akcm
8
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.3%252Bdfsg-3%3Fdistro=trixie
6
url pkg:deb/debian/rails@2:7.2.3.1%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/rails@2:7.2.3.1%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.3.1%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-5380, GHSA-jwhv-rgqc-fqj5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wgr4-rzk2-4yet
2
url VCID-xqzj-cww4-nbcy
vulnerability_id VCID-xqzj-cww4-nbcy
summary 
Moderate severity vulnerability that affects rails
Cross-site scripting (XSS) vulnerability in the to_json (ActiveRecord::Base#to_json) function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values.
references
0
reference_url http://bugs.gentoo.org/show_bug.cgi?id=195315
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://bugs.gentoo.org/show_bug.cgi?id=195315
1
reference_url http://dev.rubyonrails.org/ticket/8371
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://dev.rubyonrails.org/ticket/8371
2
reference_url http://osvdb.org/36378
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://osvdb.org/36378
3
reference_url http://pastie.caboo.se/65550.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://pastie.caboo.se/65550.txt
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-3227
reference_id
reference_type
scores
0
value 0.13632
scoring_system epss
scoring_elements 0.94215
published_at 2026-04-02T12:55:00Z
1
value 0.13632
scoring_system epss
scoring_elements 0.94267
published_at 2026-04-18T12:55:00Z
2
value 0.13632
scoring_system epss
scoring_elements 0.94261
published_at 2026-04-16T12:55:00Z
3
value 0.13632
scoring_system epss
scoring_elements 0.94246
published_at 2026-04-12T12:55:00Z
4
value 0.13632
scoring_system epss
scoring_elements 0.94242
published_at 2026-04-09T12:55:00Z
5
value 0.13632
scoring_system epss
scoring_elements 0.94238
published_at 2026-04-08T12:55:00Z
6
value 0.13632
scoring_system epss
scoring_elements 0.94229
published_at 2026-04-07T12:55:00Z
7
value 0.13632
scoring_system epss
scoring_elements 0.94205
published_at 2026-04-01T12:55:00Z
8
value 0.13632
scoring_system epss
scoring_elements 0.94227
published_at 2026-04-04T12:55:00Z
9
value 0.13632
scoring_system epss
scoring_elements 0.94247
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-3227
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3227
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3227
6
reference_url http://secunia.com/advisories/25699
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/25699
7
reference_url http://secunia.com/advisories/27657
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/27657
8
reference_url http://secunia.com/advisories/27756
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/27756
9
reference_url http://security.gentoo.org/glsa/glsa-200711-17.xml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://security.gentoo.org/glsa/glsa-200711-17.xml
10
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
11
reference_url http://weblog.rubyonrails.org/2007/10/12/rails-1-2-5-maintenance-release
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2007/10/12/rails-1-2-5-maintenance-release
12
reference_url http://weblog.rubyonrails.org/2007/10/5/rails-1-2-4-maintenance-release
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2007/10/5/rails-1-2-4-maintenance-release
13
reference_url http://www.novell.com/linux/security/advisories/2007_24_sr.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.novell.com/linux/security/advisories/2007_24_sr.html
14
reference_url http://www.securityfocus.com/bid/24161
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/24161
15
reference_url http://www.vupen.com/english/advisories/2007/2216
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2007/2216
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429177
reference_id 429177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429177
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubyonrails:rails:1.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.5:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-3227
reference_id CVE-2007-3227
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-3227
19
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/30089.txt
reference_id CVE-2007-3227;OSVDB-36378
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/30089.txt
20
reference_url https://www.securityfocus.com/bid/24161/info
reference_id CVE-2007-3227;OSVDB-36378
reference_type exploit
scores
url https://www.securityfocus.com/bid/24161/info
21
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rails/CVE-2007-3227.yml
reference_id CVE-2007-3227.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rails/CVE-2007-3227.yml
22
reference_url https://github.com/advisories/GHSA-gm25-fpmr-43fj
reference_id GHSA-gm25-fpmr-43fj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-gm25-fpmr-43fj
23
reference_url https://security.gentoo.org/glsa/200711-17
reference_id GLSA-200711-17
reference_type
scores
url https://security.gentoo.org/glsa/200711-17
fixed_packages
0
url pkg:deb/debian/rails@1.2.5-1?distro=trixie
purl pkg:deb/debian/rails@1.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@1.2.5-1%3Fdistro=trixie
1
url pkg:deb/debian/rails@2:6.0.3.7%2Bdfsg-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/rails@2:6.0.3.7%2Bdfsg-2%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-qxe4-dubt-1kfp
8
vulnerability VCID-sarm-n22v-akcm
9
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.0.3.7%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/rails@2:6.1.7.10%2Bdfsg-1~deb12u2?distro=trixie
purl pkg:deb/debian/rails@2:6.1.7.10%2Bdfsg-1~deb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-qxe4-dubt-1kfp
7
vulnerability VCID-sarm-n22v-akcm
8
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.1.7.10%252Bdfsg-1~deb12u2%3Fdistro=trixie
3
url pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2~deb13u1?distro=trixie
purl pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-qxe4-dubt-1kfp
7
vulnerability VCID-sarm-n22v-akcm
8
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.2.2%252Bdfsg-2~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.2.2%252Bdfsg-2%3Fdistro=trixie
5
url pkg:deb/debian/rails@2:7.2.3%2Bdfsg-3?distro=trixie
purl pkg:deb/debian/rails@2:7.2.3%2Bdfsg-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4tzv-1t1b-t3g3
1
vulnerability VCID-5tky-d2en-u7c7
2
vulnerability VCID-96qr-hdbp-p7ff
3
vulnerability VCID-a6z9-5n6k-2kak
4
vulnerability VCID-ad6q-vtdf-syb6
5
vulnerability VCID-hatd-vkun-13hj
6
vulnerability VCID-qxe4-dubt-1kfp
7
vulnerability VCID-sarm-n22v-akcm
8
vulnerability VCID-wpmk-wgpm-cuee
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.3%252Bdfsg-3%3Fdistro=trixie
6
url pkg:deb/debian/rails@2:7.2.3.1%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/rails@2:7.2.3.1%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.3.1%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-3227, GHSA-gm25-fpmr-43fj, OSV-36378
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xqzj-cww4-nbcy
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@1.2.5-1%3Fdistro=trixie