Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/10092?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10092?format=api", "vulnerability_id": "VCID-5x54-hckg-x7b8", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nA bypass vulnerability in Active Storage for Google Cloud Storage and Disk services allow an attacker to modify the `content-disposition` and `content-type` parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as cookie bombing and specially crafted AppCache manifests, an attacker can gain access to private signed URLs within a specific storage path. This vulnerability has been fixed", "aliases": [ { "alias": "CVE-2018-16477" }, { "alias": "GHSA-7rr7-rcjw-56vj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937478?format=api", "purl": "pkg:deb/debian/rails@2:5.2.2%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:5.2.2%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037806?format=api", "purl": "pkg:deb/debian/rails@2:5.2.2.1%2Bdfsg-1%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12x8-jxdf-jqdz" }, { "vulnerability": "VCID-19fr-55kr-hyax" }, { "vulnerability": "VCID-1bxs-yghe-cyck" }, { "vulnerability": "VCID-1rxp-g9rz-4yb3" }, { "vulnerability": "VCID-1x8k-t8mr-3fgp" }, { "vulnerability": "VCID-31xv-z8c6-a7bg" }, { "vulnerability": "VCID-3hur-esmy-x3hr" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-6ku5-mtgz-zygw" }, { "vulnerability": "VCID-6pxd-xsaw-tuer" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-ce39-j83r-6ug9" }, { "vulnerability": "VCID-dd9p-x7k3-37ea" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-g3rk-djae-pkeh" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-p5mc-r1rg-5ff7" }, { "vulnerability": "VCID-sfyc-jewr-wuf5" }, { "vulnerability": "VCID-sgdb-985e-4uej" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-t9yh-ss8z-e3cb" }, { "vulnerability": "VCID-v9mt-t1pb-hybk" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-wyy6-h8bq-vyde" }, { "vulnerability": "VCID-yy6t-ybeu-qycc" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" }, { "vulnerability": "VCID-zy7d-3db6-sydw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:5.2.2.1%252Bdfsg-1%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/937455?format=api", "purl": "pkg:deb/debian/rails@2:6.0.3.7%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzv-1t1b-t3g3" }, { "vulnerability": "VCID-5tky-d2en-u7c7" }, { "vulnerability": "VCID-96qr-hdbp-p7ff" }, { "vulnerability": "VCID-a6z9-5n6k-2kak" }, { "vulnerability": "VCID-ad6q-vtdf-syb6" }, { "vulnerability": "VCID-hatd-vkun-13hj" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-qxe4-dubt-1kfp" }, { "vulnerability": "VCID-sarm-n22v-akcm" }, { "vulnerability": "VCID-wpmk-wgpm-cuee" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.0.3.7%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/937453?format=api", "purl": "pkg:deb/debian/rails@2:6.1.7.10%2Bdfsg-1~deb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzv-1t1b-t3g3" }, { "vulnerability": "VCID-5tky-d2en-u7c7" }, { "vulnerability": "VCID-96qr-hdbp-p7ff" }, { "vulnerability": "VCID-a6z9-5n6k-2kak" }, { "vulnerability": "VCID-ad6q-vtdf-syb6" }, { "vulnerability": "VCID-hatd-vkun-13hj" }, { "vulnerability": "VCID-qxe4-dubt-1kfp" }, { "vulnerability": "VCID-sarm-n22v-akcm" }, { "vulnerability": "VCID-wpmk-wgpm-cuee" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.1.7.10%252Bdfsg-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/937458?format=api", "purl": "pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzv-1t1b-t3g3" }, { "vulnerability": "VCID-5tky-d2en-u7c7" }, { "vulnerability": "VCID-96qr-hdbp-p7ff" }, { "vulnerability": "VCID-a6z9-5n6k-2kak" }, { "vulnerability": "VCID-ad6q-vtdf-syb6" }, { "vulnerability": "VCID-hatd-vkun-13hj" }, { "vulnerability": "VCID-qxe4-dubt-1kfp" }, { "vulnerability": "VCID-sarm-n22v-akcm" }, { "vulnerability": "VCID-wpmk-wgpm-cuee" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.2.2%252Bdfsg-2~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/937456?format=api", "purl": "pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.2.2%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/937457?format=api", "purl": "pkg:deb/debian/rails@2:7.2.3%2Bdfsg-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzv-1t1b-t3g3" }, { "vulnerability": "VCID-5tky-d2en-u7c7" }, { "vulnerability": "VCID-96qr-hdbp-p7ff" }, { "vulnerability": "VCID-a6z9-5n6k-2kak" }, { "vulnerability": "VCID-ad6q-vtdf-syb6" }, { "vulnerability": "VCID-hatd-vkun-13hj" }, { "vulnerability": "VCID-qxe4-dubt-1kfp" }, { "vulnerability": "VCID-sarm-n22v-akcm" }, { "vulnerability": "VCID-wpmk-wgpm-cuee" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.3%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066847?format=api", "purl": "pkg:deb/debian/rails@2:7.2.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/33557?format=api", "purl": "pkg:gem/activestorage@5.2.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-65tq-e5eb-eucj" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-ad6q-vtdf-syb6" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activestorage@5.2.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/33563?format=api", "purl": "pkg:gem/rails@5.2.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-65tq-e5eb-eucj" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-8dad-dvat-1fg4" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-c8b5-d83n-nuhw" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-zydu-j9dg-fqdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/rails@5.2.1.1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035729?format=api", "purl": "pkg:deb/debian/rails@1.1.6-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12x8-jxdf-jqdz" }, { "vulnerability": "VCID-19fr-55kr-hyax" }, { "vulnerability": "VCID-1bxs-yghe-cyck" }, { "vulnerability": "VCID-1rgy-k7a9-m7au" }, { "vulnerability": "VCID-1rxp-g9rz-4yb3" }, { "vulnerability": "VCID-1x8k-t8mr-3fgp" }, { "vulnerability": "VCID-2efj-tf8d-dfck" }, { "vulnerability": "VCID-31xv-z8c6-a7bg" }, { "vulnerability": "VCID-333w-aacz-mfcr" }, { "vulnerability": "VCID-3hur-esmy-x3hr" }, { "vulnerability": "VCID-3m2y-wy1w-n7h1" }, { "vulnerability": "VCID-3wtf-uu89-2qe5" }, { "vulnerability": "VCID-3zdr-vasc-a7cn" }, { "vulnerability": "VCID-43f3-rxwm-fkgv" }, { "vulnerability": "VCID-49pq-vg95-jkh2" }, { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-4epw-vk25-mfdw" }, { "vulnerability": "VCID-4he5-y1u4-gkd2" }, { "vulnerability": "VCID-4zhj-en7h-3yaz" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-6ku5-mtgz-zygw" }, { "vulnerability": "VCID-6pxd-xsaw-tuer" }, { "vulnerability": "VCID-6yr6-a21g-dyf5" }, { "vulnerability": "VCID-7f5r-9h1g-nuch" }, { "vulnerability": "VCID-86jq-2md2-d7ah" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-8dad-dvat-1fg4" }, { "vulnerability": "VCID-9hq5-3usy-5fhq" }, { "vulnerability": "VCID-9hvm-2hnk-hyev" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-bjwf-uhyk-63aj" }, { "vulnerability": "VCID-c8b5-d83n-nuhw" }, { "vulnerability": "VCID-ca7u-t1y4-uuc7" }, { "vulnerability": "VCID-carc-ntrd-ebfe" }, { "vulnerability": "VCID-ce39-j83r-6ug9" }, { "vulnerability": "VCID-cnqr-6e98-5kgk" }, { "vulnerability": "VCID-cwa7-9d2t-rfhb" }, { "vulnerability": "VCID-d15q-6ukb-wfff" }, { "vulnerability": "VCID-dd9p-x7k3-37ea" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-eb5z-q7rj-j7hh" }, { "vulnerability": "VCID-ed3f-3bxh-eba4" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-g3rk-djae-pkeh" }, { "vulnerability": "VCID-g5q6-7uav-sqh1" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-gsx2-9sc2-3fbr" }, { "vulnerability": "VCID-hbtn-7423-m3gb" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-hr2h-y693-sbgc" }, { "vulnerability": "VCID-j7p8-hchp-xbe3" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-kkbt-pr7u-f7gn" }, { "vulnerability": "VCID-knsd-pv15-tydx" }, { "vulnerability": "VCID-kr1b-uct1-7kf6" }, { "vulnerability": "VCID-mep3-6sub-ykdk" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-nk6g-hhsk-8kaw" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-p5mc-r1rg-5ff7" }, { "vulnerability": "VCID-pb5f-g4uc-r7fp" }, { "vulnerability": "VCID-r1u7-1avr-fqbs" }, { "vulnerability": "VCID-s5ah-tf63-a7cw" }, { "vulnerability": "VCID-sb9g-rdnm-rqbm" }, { "vulnerability": "VCID-sfyc-jewr-wuf5" }, { "vulnerability": "VCID-sgdb-985e-4uej" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-sz4r-kjse-cbdd" }, { "vulnerability": "VCID-t2cx-7ycd-tqhq" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-t9yh-ss8z-e3cb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-v3r3-bwp5-a3bn" }, { "vulnerability": "VCID-v9mt-t1pb-hybk" }, { "vulnerability": "VCID-va9q-fjn6-yqee" }, { "vulnerability": "VCID-vgm2-8wjy-x7ed" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-wgr4-rzk2-4yet" }, { "vulnerability": "VCID-wyqh-g8df-hkay" }, { "vulnerability": "VCID-wyy6-h8bq-vyde" }, { "vulnerability": "VCID-xa94-z6yu-skf8" }, { "vulnerability": "VCID-xqzj-cww4-nbcy" }, { "vulnerability": "VCID-yy6t-ybeu-qycc" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" }, { "vulnerability": "VCID-z1jv-4ga2-7kd1" }, { "vulnerability": "VCID-zkvd-bfd6-t7dg" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" }, { "vulnerability": "VCID-zy7d-3db6-sydw" }, { "vulnerability": "VCID-zydu-j9dg-fqdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@1.1.6-3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035730?format=api", "purl": "pkg:deb/debian/rails@2.1.0-7%2Blenny2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12x8-jxdf-jqdz" }, { "vulnerability": "VCID-19fr-55kr-hyax" }, { "vulnerability": "VCID-1bxs-yghe-cyck" }, { "vulnerability": "VCID-1rgy-k7a9-m7au" }, { "vulnerability": "VCID-1rxp-g9rz-4yb3" }, { "vulnerability": "VCID-1x8k-t8mr-3fgp" }, { "vulnerability": "VCID-2efj-tf8d-dfck" }, { "vulnerability": "VCID-31xv-z8c6-a7bg" }, { "vulnerability": "VCID-333w-aacz-mfcr" }, { "vulnerability": "VCID-3hur-esmy-x3hr" }, { "vulnerability": "VCID-3m2y-wy1w-n7h1" }, { "vulnerability": "VCID-3wtf-uu89-2qe5" }, { "vulnerability": "VCID-3zdr-vasc-a7cn" }, { "vulnerability": "VCID-43f3-rxwm-fkgv" }, { "vulnerability": "VCID-49pq-vg95-jkh2" }, { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-4epw-vk25-mfdw" }, { "vulnerability": "VCID-4he5-y1u4-gkd2" }, { "vulnerability": "VCID-4zhj-en7h-3yaz" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-6ku5-mtgz-zygw" }, { "vulnerability": "VCID-6pxd-xsaw-tuer" }, { "vulnerability": "VCID-6yr6-a21g-dyf5" }, { "vulnerability": "VCID-7f5r-9h1g-nuch" }, { "vulnerability": "VCID-86jq-2md2-d7ah" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-8dad-dvat-1fg4" }, { "vulnerability": "VCID-9hq5-3usy-5fhq" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-bjwf-uhyk-63aj" }, { "vulnerability": "VCID-c8b5-d83n-nuhw" }, { "vulnerability": "VCID-ca7u-t1y4-uuc7" }, { "vulnerability": "VCID-carc-ntrd-ebfe" }, { "vulnerability": "VCID-ce39-j83r-6ug9" }, { "vulnerability": "VCID-cnqr-6e98-5kgk" }, { "vulnerability": "VCID-cwa7-9d2t-rfhb" }, { "vulnerability": "VCID-d15q-6ukb-wfff" }, { "vulnerability": "VCID-dd9p-x7k3-37ea" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-eb5z-q7rj-j7hh" }, { "vulnerability": "VCID-ed3f-3bxh-eba4" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-g3rk-djae-pkeh" }, { "vulnerability": "VCID-g5q6-7uav-sqh1" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-gsx2-9sc2-3fbr" }, { "vulnerability": "VCID-hbtn-7423-m3gb" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-hr2h-y693-sbgc" }, { "vulnerability": "VCID-j7p8-hchp-xbe3" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-kkbt-pr7u-f7gn" }, { "vulnerability": "VCID-knsd-pv15-tydx" }, { "vulnerability": "VCID-kr1b-uct1-7kf6" }, { "vulnerability": "VCID-mep3-6sub-ykdk" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-nk6g-hhsk-8kaw" }, { "vulnerability": "VCID-p5mc-r1rg-5ff7" }, { "vulnerability": "VCID-pb5f-g4uc-r7fp" }, { "vulnerability": "VCID-s5ah-tf63-a7cw" }, { "vulnerability": "VCID-sb9g-rdnm-rqbm" }, { "vulnerability": "VCID-sfyc-jewr-wuf5" }, { "vulnerability": "VCID-sgdb-985e-4uej" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-sz4r-kjse-cbdd" }, { "vulnerability": "VCID-t2cx-7ycd-tqhq" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-t9yh-ss8z-e3cb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-v3r3-bwp5-a3bn" }, { "vulnerability": "VCID-v9mt-t1pb-hybk" }, { "vulnerability": "VCID-va9q-fjn6-yqee" }, { "vulnerability": "VCID-vgm2-8wjy-x7ed" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-wyy6-h8bq-vyde" }, { "vulnerability": "VCID-xa94-z6yu-skf8" }, { "vulnerability": "VCID-yy6t-ybeu-qycc" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" }, { "vulnerability": "VCID-z1jv-4ga2-7kd1" }, { "vulnerability": "VCID-zkvd-bfd6-t7dg" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" }, { "vulnerability": "VCID-zy7d-3db6-sydw" }, { "vulnerability": "VCID-zydu-j9dg-fqdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2.1.0-7%252Blenny2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035731?format=api", "purl": "pkg:deb/debian/rails@2.3.5-1.2%2Bsqueeze8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12x8-jxdf-jqdz" }, { "vulnerability": "VCID-19fr-55kr-hyax" }, { "vulnerability": "VCID-1bxs-yghe-cyck" }, { "vulnerability": "VCID-1rgy-k7a9-m7au" }, { "vulnerability": "VCID-1rxp-g9rz-4yb3" }, { "vulnerability": "VCID-1x8k-t8mr-3fgp" }, { "vulnerability": "VCID-2efj-tf8d-dfck" }, { "vulnerability": "VCID-31xv-z8c6-a7bg" }, { "vulnerability": "VCID-333w-aacz-mfcr" }, { "vulnerability": "VCID-3hur-esmy-x3hr" }, { "vulnerability": "VCID-3m2y-wy1w-n7h1" }, { "vulnerability": "VCID-3wtf-uu89-2qe5" }, { "vulnerability": "VCID-43f3-rxwm-fkgv" }, { "vulnerability": "VCID-49pq-vg95-jkh2" }, { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-4epw-vk25-mfdw" }, { "vulnerability": "VCID-4he5-y1u4-gkd2" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-6ku5-mtgz-zygw" }, { "vulnerability": "VCID-6pxd-xsaw-tuer" }, { "vulnerability": "VCID-6yr6-a21g-dyf5" }, { "vulnerability": "VCID-86jq-2md2-d7ah" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-8dad-dvat-1fg4" }, { "vulnerability": "VCID-9hq5-3usy-5fhq" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-bjwf-uhyk-63aj" }, { "vulnerability": "VCID-c8b5-d83n-nuhw" }, { "vulnerability": "VCID-ca7u-t1y4-uuc7" }, { "vulnerability": "VCID-carc-ntrd-ebfe" }, { "vulnerability": "VCID-ce39-j83r-6ug9" }, { "vulnerability": "VCID-cnqr-6e98-5kgk" }, { "vulnerability": "VCID-cwa7-9d2t-rfhb" }, { "vulnerability": "VCID-d15q-6ukb-wfff" }, { "vulnerability": "VCID-dd9p-x7k3-37ea" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-eb5z-q7rj-j7hh" }, { "vulnerability": "VCID-ed3f-3bxh-eba4" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-g3rk-djae-pkeh" }, { "vulnerability": "VCID-g5q6-7uav-sqh1" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-hbtn-7423-m3gb" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-hr2h-y693-sbgc" }, { "vulnerability": "VCID-j7p8-hchp-xbe3" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-kkbt-pr7u-f7gn" }, { "vulnerability": "VCID-knsd-pv15-tydx" }, { "vulnerability": "VCID-kr1b-uct1-7kf6" }, { "vulnerability": "VCID-mep3-6sub-ykdk" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-nk6g-hhsk-8kaw" }, { "vulnerability": "VCID-p5mc-r1rg-5ff7" }, { "vulnerability": "VCID-pb5f-g4uc-r7fp" }, { "vulnerability": "VCID-s5ah-tf63-a7cw" }, { "vulnerability": "VCID-sb9g-rdnm-rqbm" }, { "vulnerability": "VCID-sfyc-jewr-wuf5" }, { "vulnerability": "VCID-sgdb-985e-4uej" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-sz4r-kjse-cbdd" }, { "vulnerability": "VCID-t2cx-7ycd-tqhq" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-t9yh-ss8z-e3cb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-v3r3-bwp5-a3bn" }, { "vulnerability": "VCID-v9mt-t1pb-hybk" }, { "vulnerability": "VCID-va9q-fjn6-yqee" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-wyy6-h8bq-vyde" }, { "vulnerability": "VCID-xa94-z6yu-skf8" }, { "vulnerability": "VCID-yy6t-ybeu-qycc" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" }, { "vulnerability": "VCID-z1jv-4ga2-7kd1" }, { "vulnerability": "VCID-zkvd-bfd6-t7dg" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" }, { "vulnerability": "VCID-zy7d-3db6-sydw" }, { "vulnerability": "VCID-zydu-j9dg-fqdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2.3.5-1.2%252Bsqueeze8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035732?format=api", "purl": "pkg:deb/debian/rails@2:2.3.14.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12x8-jxdf-jqdz" }, { "vulnerability": "VCID-19fr-55kr-hyax" }, { "vulnerability": "VCID-1bxs-yghe-cyck" }, { "vulnerability": "VCID-1rxp-g9rz-4yb3" }, { "vulnerability": "VCID-1x8k-t8mr-3fgp" }, { "vulnerability": "VCID-2efj-tf8d-dfck" }, { "vulnerability": "VCID-31xv-z8c6-a7bg" }, { "vulnerability": "VCID-333w-aacz-mfcr" }, { "vulnerability": "VCID-3hur-esmy-x3hr" }, { "vulnerability": "VCID-3m2y-wy1w-n7h1" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-6ku5-mtgz-zygw" }, { "vulnerability": "VCID-6pxd-xsaw-tuer" }, { "vulnerability": "VCID-6yr6-a21g-dyf5" }, { "vulnerability": "VCID-86jq-2md2-d7ah" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-8dad-dvat-1fg4" }, { "vulnerability": "VCID-9hq5-3usy-5fhq" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-bjwf-uhyk-63aj" }, { "vulnerability": "VCID-c8b5-d83n-nuhw" }, { "vulnerability": "VCID-ce39-j83r-6ug9" }, { "vulnerability": "VCID-d15q-6ukb-wfff" }, { "vulnerability": "VCID-dd9p-x7k3-37ea" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-ed3f-3bxh-eba4" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-g3rk-djae-pkeh" }, { "vulnerability": "VCID-g5q6-7uav-sqh1" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-p5mc-r1rg-5ff7" }, { "vulnerability": "VCID-pb5f-g4uc-r7fp" }, { "vulnerability": "VCID-s5ah-tf63-a7cw" }, { "vulnerability": "VCID-sb9g-rdnm-rqbm" }, { "vulnerability": "VCID-sfyc-jewr-wuf5" }, { "vulnerability": "VCID-sgdb-985e-4uej" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-t2cx-7ycd-tqhq" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-t9yh-ss8z-e3cb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-v3r3-bwp5-a3bn" }, { "vulnerability": "VCID-v9mt-t1pb-hybk" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-wyy6-h8bq-vyde" }, { "vulnerability": "VCID-yy6t-ybeu-qycc" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" }, { "vulnerability": "VCID-z1jv-4ga2-7kd1" }, { "vulnerability": "VCID-zkvd-bfd6-t7dg" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" }, { "vulnerability": "VCID-zy7d-3db6-sydw" }, { "vulnerability": "VCID-zydu-j9dg-fqdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:2.3.14.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035733?format=api", "purl": "pkg:deb/debian/rails@2:4.1.8-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12x8-jxdf-jqdz" }, { "vulnerability": "VCID-19fr-55kr-hyax" }, { "vulnerability": "VCID-1bxs-yghe-cyck" }, { "vulnerability": "VCID-1rxp-g9rz-4yb3" }, { "vulnerability": "VCID-1x8k-t8mr-3fgp" }, { "vulnerability": "VCID-31xv-z8c6-a7bg" }, { "vulnerability": "VCID-3hur-esmy-x3hr" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-6ku5-mtgz-zygw" }, { "vulnerability": "VCID-6pxd-xsaw-tuer" }, { "vulnerability": "VCID-6yr6-a21g-dyf5" }, { "vulnerability": "VCID-86jq-2md2-d7ah" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-8dad-dvat-1fg4" }, { "vulnerability": "VCID-9hq5-3usy-5fhq" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-bjwf-uhyk-63aj" }, { "vulnerability": "VCID-c8b5-d83n-nuhw" }, { "vulnerability": "VCID-ce39-j83r-6ug9" }, { "vulnerability": "VCID-d15q-6ukb-wfff" }, { "vulnerability": "VCID-dd9p-x7k3-37ea" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-ed3f-3bxh-eba4" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-g3rk-djae-pkeh" }, { "vulnerability": "VCID-g5q6-7uav-sqh1" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-p5mc-r1rg-5ff7" }, { "vulnerability": "VCID-pb5f-g4uc-r7fp" }, { "vulnerability": "VCID-s5ah-tf63-a7cw" }, { "vulnerability": "VCID-sfyc-jewr-wuf5" }, { "vulnerability": "VCID-sgdb-985e-4uej" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-t2cx-7ycd-tqhq" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-t9yh-ss8z-e3cb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-v3r3-bwp5-a3bn" }, { "vulnerability": "VCID-v9mt-t1pb-hybk" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-wyy6-h8bq-vyde" }, { "vulnerability": "VCID-yy6t-ybeu-qycc" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" }, { "vulnerability": "VCID-z1jv-4ga2-7kd1" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" }, { "vulnerability": "VCID-zy7d-3db6-sydw" }, { "vulnerability": "VCID-zydu-j9dg-fqdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:4.1.8-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035734?format=api", "purl": "pkg:deb/debian/rails@2:4.1.8-1%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12x8-jxdf-jqdz" }, { "vulnerability": "VCID-19fr-55kr-hyax" }, { "vulnerability": "VCID-1bxs-yghe-cyck" }, { "vulnerability": "VCID-1rxp-g9rz-4yb3" }, { "vulnerability": "VCID-1x8k-t8mr-3fgp" }, { "vulnerability": "VCID-31xv-z8c6-a7bg" }, { "vulnerability": "VCID-3hur-esmy-x3hr" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-6ku5-mtgz-zygw" }, { "vulnerability": "VCID-6pxd-xsaw-tuer" }, { "vulnerability": "VCID-6yr6-a21g-dyf5" }, { "vulnerability": "VCID-86jq-2md2-d7ah" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-8dad-dvat-1fg4" }, { "vulnerability": "VCID-9hq5-3usy-5fhq" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-bjwf-uhyk-63aj" }, { "vulnerability": "VCID-c8b5-d83n-nuhw" }, { "vulnerability": "VCID-ce39-j83r-6ug9" }, { "vulnerability": "VCID-d15q-6ukb-wfff" }, { "vulnerability": "VCID-dd9p-x7k3-37ea" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-ed3f-3bxh-eba4" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-g3rk-djae-pkeh" }, { "vulnerability": "VCID-g5q6-7uav-sqh1" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-p5mc-r1rg-5ff7" }, { "vulnerability": "VCID-pb5f-g4uc-r7fp" }, { "vulnerability": "VCID-s5ah-tf63-a7cw" }, { "vulnerability": "VCID-sfyc-jewr-wuf5" }, { "vulnerability": "VCID-sgdb-985e-4uej" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-t2cx-7ycd-tqhq" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-t9yh-ss8z-e3cb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-v3r3-bwp5-a3bn" }, { "vulnerability": "VCID-v9mt-t1pb-hybk" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-wyy6-h8bq-vyde" }, { "vulnerability": "VCID-yy6t-ybeu-qycc" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" }, { "vulnerability": "VCID-z1jv-4ga2-7kd1" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" }, { "vulnerability": "VCID-zy7d-3db6-sydw" }, { "vulnerability": "VCID-zydu-j9dg-fqdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:4.1.8-1%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037805?format=api", "purl": "pkg:deb/debian/rails@2:4.2.7.1-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12x8-jxdf-jqdz" }, { "vulnerability": "VCID-19fr-55kr-hyax" }, { "vulnerability": "VCID-1bxs-yghe-cyck" }, { "vulnerability": "VCID-1rxp-g9rz-4yb3" }, { "vulnerability": "VCID-1x8k-t8mr-3fgp" }, { "vulnerability": "VCID-31xv-z8c6-a7bg" }, { "vulnerability": "VCID-3hur-esmy-x3hr" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-6ku5-mtgz-zygw" }, { "vulnerability": "VCID-6pxd-xsaw-tuer" }, { "vulnerability": "VCID-6yr6-a21g-dyf5" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-8dad-dvat-1fg4" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-c8b5-d83n-nuhw" }, { "vulnerability": "VCID-ce39-j83r-6ug9" }, { "vulnerability": "VCID-dd9p-x7k3-37ea" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-g3rk-djae-pkeh" }, { "vulnerability": "VCID-g5q6-7uav-sqh1" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-p5mc-r1rg-5ff7" }, { "vulnerability": "VCID-sfyc-jewr-wuf5" }, { "vulnerability": "VCID-sgdb-985e-4uej" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-t9yh-ss8z-e3cb" }, { "vulnerability": "VCID-v9mt-t1pb-hybk" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-wyy6-h8bq-vyde" }, { "vulnerability": "VCID-yy6t-ybeu-qycc" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" }, { "vulnerability": "VCID-zy7d-3db6-sydw" }, { "vulnerability": "VCID-zydu-j9dg-fqdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:4.2.7.1-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/33555?format=api", "purl": "pkg:gem/activestorage@5.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-65tq-e5eb-eucj" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-ad6q-vtdf-syb6" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activestorage@5.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/140312?format=api", "purl": "pkg:gem/activestorage@5.2.1.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-65tq-e5eb-eucj" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-ad6q-vtdf-syb6" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activestorage@5.2.1.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/142066?format=api", "purl": "pkg:gem/activestorage@5.2.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5x54-hckg-x7b8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activestorage@5.2.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/140313?format=api", "purl": "pkg:gem/activestorage@5.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-65tq-e5eb-eucj" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-ad6q-vtdf-syb6" }, { "vulnerability": "VCID-drg6-gj1f-h7ea" }, { "vulnerability": "VCID-yzpx-3gam-y3bu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activestorage@5.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/33559?format=api", "purl": "pkg:gem/rails@5.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-65tq-e5eb-eucj" }, { "vulnerability": "VCID-6yr6-a21g-dyf5" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-8dad-dvat-1fg4" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-c8b5-d83n-nuhw" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-zydu-j9dg-fqdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/rails@5.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/181089?format=api", "purl": "pkg:gem/rails@5.2.1.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-65tq-e5eb-eucj" }, { "vulnerability": "VCID-6yr6-a21g-dyf5" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-8dad-dvat-1fg4" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-c8b5-d83n-nuhw" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-zydu-j9dg-fqdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/rails@5.2.1.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/181090?format=api", "purl": "pkg:gem/rails@5.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-5x54-hckg-x7b8" }, { "vulnerability": "VCID-63gy-6njy-kbd8" }, { "vulnerability": "VCID-65tq-e5eb-eucj" }, { "vulnerability": "VCID-6yr6-a21g-dyf5" }, { "vulnerability": "VCID-895a-ydc5-zfg6" }, { "vulnerability": "VCID-8dad-dvat-1fg4" }, { "vulnerability": "VCID-a6sp-18av-wya6" }, { "vulnerability": "VCID-c8b5-d83n-nuhw" }, { "vulnerability": "VCID-es1t-7196-4kbb" }, { "vulnerability": "VCID-gjey-bqtd-kqa1" }, { "vulnerability": "VCID-hppf-a715-r7b2" }, { "vulnerability": "VCID-jwun-grgg-2uet" }, { "vulnerability": "VCID-mnkw-23eu-bkgc" }, { "vulnerability": "VCID-t684-yp58-hkg8" }, { "vulnerability": "VCID-wg3a-j2dp-ayh4" }, { "vulnerability": "VCID-zydu-j9dg-fqdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/rails@5.2.1" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16477", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4944", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49345", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49372", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.494", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49354", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49408", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49404", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49422", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49394", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49397", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49443", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16477" }, { "reference_url": "https://github.com/advisories/GHSA-7rr7-rcjw-56vj", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7rr7-rcjw-56vj" }, { "reference_url": "https://groups.google.com/d/msg/rubyonrails-security/3KQRnXDIuLg/mByx5KkqBAAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/d/msg/rubyonrails-security/3KQRnXDIuLg/mByx5KkqBAAJ" }, { "reference_url": "https://groups.google.com/forum/#!topic/rubyonrails-security/3KQRnXDIuLg", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/3KQRnXDIuLg" }, { "reference_url": "https://weblog.rubyonrails.org/2018/11/27/Rails-4-2-5-0-5-1-5-2-have-been-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://weblog.rubyonrails.org/2018/11/27/Rails-4-2-5-0-5-1-5-2-have-been-released" }, { "reference_url": "https://weblog.rubyonrails.org/2018/11/27/Rails-4-2-5-0-5-1-5-2-have-been-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://weblog.rubyonrails.org/2018/11/27/Rails-4-2-5-0-5-1-5-2-have-been-released/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914848", "reference_id": "914848", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914848" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16477", "reference_id": "CVE-2018-16477", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16477" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 200, "name": "Exposure of Sensitive Information to an Unauthorized Actor", "description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5x54-hckg-x7b8" }