Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/108632?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/108632?format=api", "vulnerability_id": "VCID-15cg-fdbp-t3de", "summary": "Moderate severity vulnerability that affects activerecord\nWithdrawn, accidental duplicate publish.\n\nActive Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain \"[nil]\" values, a related issue to CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155.", "aliases": [ { "alias": "GHSA-m8h6-m9p5-p2f8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52871?format=api", "purl": "pkg:gem/activerecord@4.2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7.1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63189?format=api", "purl": "pkg:gem/activerecord@4.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/160732?format=api", "purl": "pkg:gem/activerecord@4.2.1.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/160733?format=api", "purl": "pkg:gem/activerecord@4.2.1.rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/160734?format=api", "purl": "pkg:gem/activerecord@4.2.1.rc3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc3" }, { "url": "http://public2.vulnerablecode.io/api/packages/160735?format=api", "purl": "pkg:gem/activerecord@4.2.1.rc4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc4" }, { "url": "http://public2.vulnerablecode.io/api/packages/160737?format=api", "purl": "pkg:gem/activerecord@4.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/160738?format=api", "purl": "pkg:gem/activerecord@4.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/160739?format=api", "purl": "pkg:gem/activerecord@4.2.3.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.3.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/160740?format=api", "purl": "pkg:gem/activerecord@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/160741?format=api", "purl": "pkg:gem/activerecord@4.2.4.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.4.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/160743?format=api", "purl": "pkg:gem/activerecord@4.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/160744?format=api", "purl": "pkg:gem/activerecord@4.2.5.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/160745?format=api", "purl": "pkg:gem/activerecord@4.2.5.rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/160746?format=api", "purl": "pkg:gem/activerecord@4.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-79jn-p5u5-wqae" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-dgm6-3uee-9qcg" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/52522?format=api", "purl": "pkg:gem/activerecord@4.2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/160748?format=api", "purl": "pkg:gem/activerecord@4.2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/160749?format=api", "purl": "pkg:gem/activerecord@4.2.6.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.6.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/160750?format=api", "purl": "pkg:gem/activerecord@4.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/160751?format=api", "purl": "pkg:gem/activerecord@4.2.7.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/511702?format=api", "purl": "pkg:gem/activerecord@4.2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/160753?format=api", "purl": "pkg:gem/activerecord@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15cg-fdbp-t3de" }, { "vulnerability": "VCID-1mc1-zb64-yued" }, { "vulnerability": "VCID-7yfa-c4dx-xfd3" }, { "vulnerability": "VCID-8n6u-hbhg-7qdx" }, { "vulnerability": "VCID-aqs7-rhz9-qfgw" }, { "vulnerability": "VCID-d29a-3hw6-zffk" }, { "vulnerability": "VCID-gyv5-prcn-9qae" }, { "vulnerability": "VCID-kt5q-24cw-3faa" }, { "vulnerability": "VCID-pt1n-pq3j-jbg5" }, { "vulnerability": "VCID-rqsw-ndbm-xbfh" }, { "vulnerability": "VCID-vh3y-nfex-rkcw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7" } ], "references": [ { "reference_url": "https://github.com/advisories/GHSA-m8h6-m9p5-p2f8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m8h6-m9p5-p2f8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6317", "reference_id": "CVE-2016-6317", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6317" } ], "weaknesses": [], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-15cg-fdbp-t3de" }