Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-qywc-5pj5-y3a9
Summary
Moderate severity vulnerability that affects activerecord
Withdrawn, accidental duplicate publish.

Active Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155.
Aliases
0
alias GHSA-m8h6-m9p5-p2f8
Fixed_packages
0
url pkg:gem/activerecord@4.2.7.1
purl pkg:gem/activerecord@4.2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-bsxw-gh14-rbef
3
vulnerability VCID-j8zg-kq3z-jqcm
4
vulnerability VCID-n8r7-wthv-fqaj
5
vulnerability VCID-nzeb-cy9e-tkax
6
vulnerability VCID-sygb-mygd-s3gb
7
vulnerability VCID-y54w-a8kr-suhy
8
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7.1
Affected_packages
0
url pkg:gem/activerecord@4.2.0
purl pkg:gem/activerecord@4.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.0
1
url pkg:gem/activerecord@4.2.1.rc1
purl pkg:gem/activerecord@4.2.1.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc1
2
url pkg:gem/activerecord@4.2.1.rc2
purl pkg:gem/activerecord@4.2.1.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc2
3
url pkg:gem/activerecord@4.2.1.rc3
purl pkg:gem/activerecord@4.2.1.rc3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc3
4
url pkg:gem/activerecord@4.2.1.rc4
purl pkg:gem/activerecord@4.2.1.rc4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc4
5
url pkg:gem/activerecord@4.2.1
purl pkg:gem/activerecord@4.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1
6
url pkg:gem/activerecord@4.2.2
purl pkg:gem/activerecord@4.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.2
7
url pkg:gem/activerecord@4.2.3.rc1
purl pkg:gem/activerecord@4.2.3.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.3.rc1
8
url pkg:gem/activerecord@4.2.3
purl pkg:gem/activerecord@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.3
9
url pkg:gem/activerecord@4.2.4.rc1
purl pkg:gem/activerecord@4.2.4.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.4.rc1
10
url pkg:gem/activerecord@4.2.4
purl pkg:gem/activerecord@4.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.4
11
url pkg:gem/activerecord@4.2.5.rc1
purl pkg:gem/activerecord@4.2.5.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.rc1
12
url pkg:gem/activerecord@4.2.5.rc2
purl pkg:gem/activerecord@4.2.5.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.rc2
13
url pkg:gem/activerecord@4.2.5
purl pkg:gem/activerecord@4.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-f4h5-8f57-3uhr
5
vulnerability VCID-j8zg-kq3z-jqcm
6
vulnerability VCID-n8r7-wthv-fqaj
7
vulnerability VCID-nzeb-cy9e-tkax
8
vulnerability VCID-qywc-5pj5-y3a9
9
vulnerability VCID-sygb-mygd-s3gb
10
vulnerability VCID-thx6-usb2-kkgc
11
vulnerability VCID-y54w-a8kr-suhy
12
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5
14
url pkg:gem/activerecord@4.2.5.1
purl pkg:gem/activerecord@4.2.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-j8zg-kq3z-jqcm
5
vulnerability VCID-n8r7-wthv-fqaj
6
vulnerability VCID-nzeb-cy9e-tkax
7
vulnerability VCID-qywc-5pj5-y3a9
8
vulnerability VCID-sygb-mygd-s3gb
9
vulnerability VCID-y54w-a8kr-suhy
10
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.1
15
url pkg:gem/activerecord@4.2.5.2
purl pkg:gem/activerecord@4.2.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-j8zg-kq3z-jqcm
5
vulnerability VCID-n8r7-wthv-fqaj
6
vulnerability VCID-nzeb-cy9e-tkax
7
vulnerability VCID-qywc-5pj5-y3a9
8
vulnerability VCID-sygb-mygd-s3gb
9
vulnerability VCID-y54w-a8kr-suhy
10
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.2
16
url pkg:gem/activerecord@4.2.6.rc1
purl pkg:gem/activerecord@4.2.6.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-j8zg-kq3z-jqcm
5
vulnerability VCID-n8r7-wthv-fqaj
6
vulnerability VCID-nzeb-cy9e-tkax
7
vulnerability VCID-qywc-5pj5-y3a9
8
vulnerability VCID-sygb-mygd-s3gb
9
vulnerability VCID-y54w-a8kr-suhy
10
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.6.rc1
17
url pkg:gem/activerecord@4.2.6
purl pkg:gem/activerecord@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-j8zg-kq3z-jqcm
5
vulnerability VCID-n8r7-wthv-fqaj
6
vulnerability VCID-nzeb-cy9e-tkax
7
vulnerability VCID-qywc-5pj5-y3a9
8
vulnerability VCID-sygb-mygd-s3gb
9
vulnerability VCID-y54w-a8kr-suhy
10
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.6
18
url pkg:gem/activerecord@4.2.7.rc1
purl pkg:gem/activerecord@4.2.7.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-j8zg-kq3z-jqcm
5
vulnerability VCID-n8r7-wthv-fqaj
6
vulnerability VCID-nzeb-cy9e-tkax
7
vulnerability VCID-qywc-5pj5-y3a9
8
vulnerability VCID-sygb-mygd-s3gb
9
vulnerability VCID-y54w-a8kr-suhy
10
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7.rc1
19
url pkg:gem/activerecord@4.2.7.0
purl pkg:gem/activerecord@4.2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9t7a-muwx-zyee
1
vulnerability VCID-qywc-5pj5-y3a9
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7.0
20
url pkg:gem/activerecord@4.2.7
purl pkg:gem/activerecord@4.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cky-r218-dkbb
1
vulnerability VCID-5qu2-b8gt-7qe3
2
vulnerability VCID-9t7a-muwx-zyee
3
vulnerability VCID-bsxw-gh14-rbef
4
vulnerability VCID-j8zg-kq3z-jqcm
5
vulnerability VCID-n8r7-wthv-fqaj
6
vulnerability VCID-nzeb-cy9e-tkax
7
vulnerability VCID-qywc-5pj5-y3a9
8
vulnerability VCID-sygb-mygd-s3gb
9
vulnerability VCID-y54w-a8kr-suhy
10
vulnerability VCID-zqzx-avvt-wkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7
References
0
reference_url https://github.com/advisories/GHSA-m8h6-m9p5-p2f8
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-m8h6-m9p5-p2f8
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6317
reference_id CVE-2016-6317
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6317
Weaknesses
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-qywc-5pj5-y3a9