Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-sz4r-kjse-cbdd

Summary

Remote attacker can conduct SQL injection attacks
Ruby on Rails contains a flaw in the Authlogic gem. The issue is triggered when the program makes an unsafe method call for find_by_id. With a specially crafted parameter in an environment that knows the secret_token value in secret_token.rb, a remote attacker to more easily conduct SQL injection attacks.

Aliases

alias	CVE-2012-6497

alias	GHSA-rx7j-mw4c-76g9

alias	OSV-89064

Fixed_packages

url	pkg:deb/debian/rails@2.3.14.1?distro=trixie
purl	pkg:deb/debian/rails@2.3.14.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2.3.14.1%3Fdistro=trixie

url pkg:deb/debian/rails@2:2.3.14.2

purl pkg:deb/debian/rails@2:2.3.14.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-12x8-jxdf-jqdz

vulnerability	VCID-19fr-55kr-hyax

vulnerability	VCID-1bxs-yghe-cyck

vulnerability	VCID-1rxp-g9rz-4yb3

vulnerability	VCID-1x8k-t8mr-3fgp

vulnerability	VCID-2efj-tf8d-dfck

vulnerability	VCID-31xv-z8c6-a7bg

vulnerability	VCID-333w-aacz-mfcr

vulnerability	VCID-3hur-esmy-x3hr

vulnerability	VCID-3m2y-wy1w-n7h1

vulnerability	VCID-5qu2-b8gt-7qe3

vulnerability	VCID-5x54-hckg-x7b8

vulnerability	VCID-63gy-6njy-kbd8

vulnerability	VCID-6ku5-mtgz-zygw

vulnerability	VCID-6pxd-xsaw-tuer

vulnerability	VCID-6yr6-a21g-dyf5

vulnerability	VCID-86jq-2md2-d7ah

vulnerability	VCID-895a-ydc5-zfg6

vulnerability	VCID-8dad-dvat-1fg4

vulnerability	VCID-9hq5-3usy-5fhq

vulnerability	VCID-9t7a-muwx-zyee

vulnerability	VCID-a6sp-18av-wya6

vulnerability	VCID-bjwf-uhyk-63aj

vulnerability	VCID-c8b5-d83n-nuhw

vulnerability	VCID-ce39-j83r-6ug9

vulnerability	VCID-d15q-6ukb-wfff

vulnerability	VCID-dd9p-x7k3-37ea

vulnerability	VCID-drg6-gj1f-h7ea

vulnerability	VCID-ed3f-3bxh-eba4

vulnerability	VCID-es1t-7196-4kbb

vulnerability	VCID-g3rk-djae-pkeh

vulnerability	VCID-g5q6-7uav-sqh1

vulnerability	VCID-gjey-bqtd-kqa1

vulnerability	VCID-hppf-a715-r7b2

vulnerability	VCID-jwun-grgg-2uet

vulnerability	VCID-mnkw-23eu-bkgc

vulnerability	VCID-p5mc-r1rg-5ff7

vulnerability	VCID-pb5f-g4uc-r7fp

vulnerability	VCID-s5ah-tf63-a7cw

vulnerability	VCID-sb9g-rdnm-rqbm

vulnerability	VCID-sfyc-jewr-wuf5

vulnerability	VCID-sgdb-985e-4uej

vulnerability	VCID-sygb-mygd-s3gb

vulnerability	VCID-t2cx-7ycd-tqhq

vulnerability	VCID-t684-yp58-hkg8

vulnerability	VCID-t9yh-ss8z-e3cb

vulnerability	VCID-thx6-usb2-kkgc

vulnerability	VCID-v3r3-bwp5-a3bn

vulnerability	VCID-v9mt-t1pb-hybk

vulnerability	VCID-wg3a-j2dp-ayh4

vulnerability	VCID-wyy6-h8bq-vyde

vulnerability	VCID-yy6t-ybeu-qycc

vulnerability	VCID-yzpx-3gam-y3bu

vulnerability	VCID-z1jv-4ga2-7kd1

vulnerability	VCID-zkvd-bfd6-t7dg

vulnerability	VCID-zqzx-avvt-wkhm

vulnerability	VCID-zy7d-3db6-sydw

vulnerability	VCID-zydu-j9dg-fqdb

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:2.3.14.2

url pkg:deb/debian/rails@2:6.0.3.7%2Bdfsg-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/rails@2:6.0.3.7%2Bdfsg-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4tzv-1t1b-t3g3

vulnerability	VCID-5tky-d2en-u7c7

vulnerability	VCID-96qr-hdbp-p7ff

vulnerability	VCID-a6z9-5n6k-2kak

vulnerability	VCID-ad6q-vtdf-syb6

vulnerability	VCID-hatd-vkun-13hj

vulnerability	VCID-n8r7-wthv-fqaj

vulnerability	VCID-qxe4-dubt-1kfp

vulnerability	VCID-sarm-n22v-akcm

vulnerability	VCID-wpmk-wgpm-cuee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.0.3.7%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/rails@2:6.1.7.10%2Bdfsg-1~deb12u2?distro=trixie

purl pkg:deb/debian/rails@2:6.1.7.10%2Bdfsg-1~deb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4tzv-1t1b-t3g3

vulnerability	VCID-5tky-d2en-u7c7

vulnerability	VCID-96qr-hdbp-p7ff

vulnerability	VCID-a6z9-5n6k-2kak

vulnerability	VCID-ad6q-vtdf-syb6

vulnerability	VCID-hatd-vkun-13hj

vulnerability	VCID-qxe4-dubt-1kfp

vulnerability	VCID-sarm-n22v-akcm

vulnerability	VCID-wpmk-wgpm-cuee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.1.7.10%252Bdfsg-1~deb12u2%3Fdistro=trixie

url pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2~deb13u1?distro=trixie

purl pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4tzv-1t1b-t3g3

vulnerability	VCID-5tky-d2en-u7c7

vulnerability	VCID-96qr-hdbp-p7ff

vulnerability	VCID-a6z9-5n6k-2kak

vulnerability	VCID-ad6q-vtdf-syb6

vulnerability	VCID-hatd-vkun-13hj

vulnerability	VCID-qxe4-dubt-1kfp

vulnerability	VCID-sarm-n22v-akcm

vulnerability	VCID-wpmk-wgpm-cuee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.2.2%252Bdfsg-2~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.2.2%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/rails@2:7.2.3%2Bdfsg-3?distro=trixie

purl pkg:deb/debian/rails@2:7.2.3%2Bdfsg-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4tzv-1t1b-t3g3

vulnerability	VCID-5tky-d2en-u7c7

vulnerability	VCID-96qr-hdbp-p7ff

vulnerability	VCID-a6z9-5n6k-2kak

vulnerability	VCID-ad6q-vtdf-syb6

vulnerability	VCID-hatd-vkun-13hj

vulnerability	VCID-qxe4-dubt-1kfp

vulnerability	VCID-sarm-n22v-akcm

vulnerability	VCID-wpmk-wgpm-cuee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.3%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/rails@2:7.2.3.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/rails@2:7.2.3.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.3.1%252Bdfsg-1%3Fdistro=trixie

url	pkg:gem/authlogic@3.3.0
purl	pkg:gem/authlogic@3.3.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@3.3.0

Affected_packages

url pkg:deb/debian/rails@1.1.6-3

purl pkg:deb/debian/rails@1.1.6-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-12x8-jxdf-jqdz

vulnerability	VCID-19fr-55kr-hyax

vulnerability	VCID-1bxs-yghe-cyck

vulnerability	VCID-1rgy-k7a9-m7au

vulnerability	VCID-1rxp-g9rz-4yb3

vulnerability	VCID-1x8k-t8mr-3fgp

vulnerability	VCID-2efj-tf8d-dfck

vulnerability	VCID-31xv-z8c6-a7bg

vulnerability	VCID-333w-aacz-mfcr

vulnerability	VCID-3hur-esmy-x3hr

vulnerability	VCID-3m2y-wy1w-n7h1

vulnerability	VCID-3wtf-uu89-2qe5

vulnerability	VCID-3zdr-vasc-a7cn

vulnerability	VCID-43f3-rxwm-fkgv

vulnerability	VCID-49pq-vg95-jkh2

vulnerability	VCID-4cky-r218-dkbb

vulnerability	VCID-4epw-vk25-mfdw

vulnerability	VCID-4he5-y1u4-gkd2

vulnerability	VCID-4zhj-en7h-3yaz

vulnerability	VCID-5qu2-b8gt-7qe3

vulnerability	VCID-5x54-hckg-x7b8

vulnerability	VCID-63gy-6njy-kbd8

vulnerability	VCID-6ku5-mtgz-zygw

vulnerability	VCID-6pxd-xsaw-tuer

vulnerability	VCID-6yr6-a21g-dyf5

vulnerability	VCID-7f5r-9h1g-nuch

vulnerability	VCID-86jq-2md2-d7ah

vulnerability	VCID-895a-ydc5-zfg6

vulnerability	VCID-8dad-dvat-1fg4

vulnerability	VCID-9hq5-3usy-5fhq

vulnerability	VCID-9hvm-2hnk-hyev

vulnerability	VCID-9t7a-muwx-zyee

vulnerability	VCID-a6sp-18av-wya6

vulnerability	VCID-bjwf-uhyk-63aj

vulnerability	VCID-c8b5-d83n-nuhw

vulnerability	VCID-ca7u-t1y4-uuc7

vulnerability	VCID-carc-ntrd-ebfe

vulnerability	VCID-ce39-j83r-6ug9

vulnerability	VCID-cnqr-6e98-5kgk

vulnerability	VCID-cwa7-9d2t-rfhb

vulnerability	VCID-d15q-6ukb-wfff

vulnerability	VCID-dd9p-x7k3-37ea

vulnerability	VCID-drg6-gj1f-h7ea

vulnerability	VCID-eb5z-q7rj-j7hh

vulnerability	VCID-ed3f-3bxh-eba4

vulnerability	VCID-es1t-7196-4kbb

vulnerability	VCID-g3rk-djae-pkeh

vulnerability	VCID-g5q6-7uav-sqh1

vulnerability	VCID-gjey-bqtd-kqa1

vulnerability	VCID-gsx2-9sc2-3fbr

vulnerability	VCID-hbtn-7423-m3gb

vulnerability	VCID-hppf-a715-r7b2

vulnerability	VCID-hr2h-y693-sbgc

vulnerability	VCID-j7p8-hchp-xbe3

vulnerability	VCID-jwun-grgg-2uet

vulnerability	VCID-kkbt-pr7u-f7gn

vulnerability	VCID-knsd-pv15-tydx

vulnerability	VCID-kr1b-uct1-7kf6

vulnerability	VCID-mep3-6sub-ykdk

vulnerability	VCID-mnkw-23eu-bkgc

vulnerability	VCID-nk6g-hhsk-8kaw

vulnerability	VCID-nzeb-cy9e-tkax

vulnerability	VCID-p5mc-r1rg-5ff7

vulnerability	VCID-pb5f-g4uc-r7fp

vulnerability	VCID-r1u7-1avr-fqbs

vulnerability	VCID-s5ah-tf63-a7cw

vulnerability	VCID-sb9g-rdnm-rqbm

vulnerability	VCID-sfyc-jewr-wuf5

vulnerability	VCID-sgdb-985e-4uej

vulnerability	VCID-sygb-mygd-s3gb

vulnerability	VCID-sz4r-kjse-cbdd

vulnerability	VCID-t2cx-7ycd-tqhq

vulnerability	VCID-t684-yp58-hkg8

vulnerability	VCID-t9yh-ss8z-e3cb

vulnerability	VCID-thx6-usb2-kkgc

vulnerability	VCID-v3r3-bwp5-a3bn

vulnerability	VCID-v9mt-t1pb-hybk

vulnerability	VCID-va9q-fjn6-yqee

vulnerability	VCID-vgm2-8wjy-x7ed

vulnerability	VCID-wg3a-j2dp-ayh4

vulnerability	VCID-wgr4-rzk2-4yet

vulnerability	VCID-wyqh-g8df-hkay

vulnerability	VCID-wyy6-h8bq-vyde

vulnerability	VCID-xa94-z6yu-skf8

vulnerability	VCID-xqzj-cww4-nbcy

vulnerability	VCID-yy6t-ybeu-qycc

vulnerability	VCID-yzpx-3gam-y3bu

vulnerability	VCID-z1jv-4ga2-7kd1

vulnerability	VCID-zkvd-bfd6-t7dg

vulnerability	VCID-zqzx-avvt-wkhm

vulnerability	VCID-zy7d-3db6-sydw

vulnerability	VCID-zydu-j9dg-fqdb

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@1.1.6-3

url pkg:deb/debian/rails@2.1.0-7%2Blenny2

purl pkg:deb/debian/rails@2.1.0-7%2Blenny2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-12x8-jxdf-jqdz

vulnerability	VCID-19fr-55kr-hyax

vulnerability	VCID-1bxs-yghe-cyck

vulnerability	VCID-1rgy-k7a9-m7au

vulnerability	VCID-1rxp-g9rz-4yb3

vulnerability	VCID-1x8k-t8mr-3fgp

vulnerability	VCID-2efj-tf8d-dfck

vulnerability	VCID-31xv-z8c6-a7bg

vulnerability	VCID-333w-aacz-mfcr

vulnerability	VCID-3hur-esmy-x3hr

vulnerability	VCID-3m2y-wy1w-n7h1

vulnerability	VCID-3wtf-uu89-2qe5

vulnerability	VCID-3zdr-vasc-a7cn

vulnerability	VCID-43f3-rxwm-fkgv

vulnerability	VCID-49pq-vg95-jkh2

vulnerability	VCID-4cky-r218-dkbb

vulnerability	VCID-4epw-vk25-mfdw

vulnerability	VCID-4he5-y1u4-gkd2

vulnerability	VCID-4zhj-en7h-3yaz

vulnerability	VCID-5qu2-b8gt-7qe3

vulnerability	VCID-5x54-hckg-x7b8

vulnerability	VCID-63gy-6njy-kbd8

vulnerability	VCID-6ku5-mtgz-zygw

vulnerability	VCID-6pxd-xsaw-tuer

vulnerability	VCID-6yr6-a21g-dyf5

vulnerability	VCID-7f5r-9h1g-nuch

vulnerability	VCID-86jq-2md2-d7ah

vulnerability	VCID-895a-ydc5-zfg6

vulnerability	VCID-8dad-dvat-1fg4

vulnerability	VCID-9hq5-3usy-5fhq

vulnerability	VCID-9t7a-muwx-zyee

vulnerability	VCID-a6sp-18av-wya6

vulnerability	VCID-bjwf-uhyk-63aj

vulnerability	VCID-c8b5-d83n-nuhw

vulnerability	VCID-ca7u-t1y4-uuc7

vulnerability	VCID-carc-ntrd-ebfe

vulnerability	VCID-ce39-j83r-6ug9

vulnerability	VCID-cnqr-6e98-5kgk

vulnerability	VCID-cwa7-9d2t-rfhb

vulnerability	VCID-d15q-6ukb-wfff

vulnerability	VCID-dd9p-x7k3-37ea

vulnerability	VCID-drg6-gj1f-h7ea

vulnerability	VCID-eb5z-q7rj-j7hh

vulnerability	VCID-ed3f-3bxh-eba4

vulnerability	VCID-es1t-7196-4kbb

vulnerability	VCID-g3rk-djae-pkeh

vulnerability	VCID-g5q6-7uav-sqh1

vulnerability	VCID-gjey-bqtd-kqa1

vulnerability	VCID-gsx2-9sc2-3fbr

vulnerability	VCID-hbtn-7423-m3gb

vulnerability	VCID-hppf-a715-r7b2

vulnerability	VCID-hr2h-y693-sbgc

vulnerability	VCID-j7p8-hchp-xbe3

vulnerability	VCID-jwun-grgg-2uet

vulnerability	VCID-kkbt-pr7u-f7gn

vulnerability	VCID-knsd-pv15-tydx

vulnerability	VCID-kr1b-uct1-7kf6

vulnerability	VCID-mep3-6sub-ykdk

vulnerability	VCID-mnkw-23eu-bkgc

vulnerability	VCID-nk6g-hhsk-8kaw

vulnerability	VCID-p5mc-r1rg-5ff7

vulnerability	VCID-pb5f-g4uc-r7fp

vulnerability	VCID-s5ah-tf63-a7cw

vulnerability	VCID-sb9g-rdnm-rqbm

vulnerability	VCID-sfyc-jewr-wuf5

vulnerability	VCID-sgdb-985e-4uej

vulnerability	VCID-sygb-mygd-s3gb

vulnerability	VCID-sz4r-kjse-cbdd

vulnerability	VCID-t2cx-7ycd-tqhq

vulnerability	VCID-t684-yp58-hkg8

vulnerability	VCID-t9yh-ss8z-e3cb

vulnerability	VCID-thx6-usb2-kkgc

vulnerability	VCID-v3r3-bwp5-a3bn

vulnerability	VCID-v9mt-t1pb-hybk

vulnerability	VCID-va9q-fjn6-yqee

vulnerability	VCID-vgm2-8wjy-x7ed

vulnerability	VCID-wg3a-j2dp-ayh4

vulnerability	VCID-wyy6-h8bq-vyde

vulnerability	VCID-xa94-z6yu-skf8

vulnerability	VCID-yy6t-ybeu-qycc

vulnerability	VCID-yzpx-3gam-y3bu

vulnerability	VCID-z1jv-4ga2-7kd1

vulnerability	VCID-zkvd-bfd6-t7dg

vulnerability	VCID-zqzx-avvt-wkhm

vulnerability	VCID-zy7d-3db6-sydw

vulnerability	VCID-zydu-j9dg-fqdb

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2.1.0-7%252Blenny2

url pkg:deb/debian/rails@2.3.5-1.2%2Bsqueeze8

purl pkg:deb/debian/rails@2.3.5-1.2%2Bsqueeze8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-12x8-jxdf-jqdz

vulnerability	VCID-19fr-55kr-hyax

vulnerability	VCID-1bxs-yghe-cyck

vulnerability	VCID-1rgy-k7a9-m7au

vulnerability	VCID-1rxp-g9rz-4yb3

vulnerability	VCID-1x8k-t8mr-3fgp

vulnerability	VCID-2efj-tf8d-dfck

vulnerability	VCID-31xv-z8c6-a7bg

vulnerability	VCID-333w-aacz-mfcr

vulnerability	VCID-3hur-esmy-x3hr

vulnerability	VCID-3m2y-wy1w-n7h1

vulnerability	VCID-3wtf-uu89-2qe5

vulnerability	VCID-43f3-rxwm-fkgv

vulnerability	VCID-49pq-vg95-jkh2

vulnerability	VCID-4cky-r218-dkbb

vulnerability	VCID-4epw-vk25-mfdw

vulnerability	VCID-4he5-y1u4-gkd2

vulnerability	VCID-5qu2-b8gt-7qe3

vulnerability	VCID-5x54-hckg-x7b8

vulnerability	VCID-63gy-6njy-kbd8

vulnerability	VCID-6ku5-mtgz-zygw

vulnerability	VCID-6pxd-xsaw-tuer

vulnerability	VCID-6yr6-a21g-dyf5

vulnerability	VCID-86jq-2md2-d7ah

vulnerability	VCID-895a-ydc5-zfg6

vulnerability	VCID-8dad-dvat-1fg4

vulnerability	VCID-9hq5-3usy-5fhq

vulnerability	VCID-9t7a-muwx-zyee

vulnerability	VCID-a6sp-18av-wya6

vulnerability	VCID-bjwf-uhyk-63aj

vulnerability	VCID-c8b5-d83n-nuhw

vulnerability	VCID-ca7u-t1y4-uuc7

vulnerability	VCID-carc-ntrd-ebfe

vulnerability	VCID-ce39-j83r-6ug9

vulnerability	VCID-cnqr-6e98-5kgk

vulnerability	VCID-cwa7-9d2t-rfhb

vulnerability	VCID-d15q-6ukb-wfff

vulnerability	VCID-dd9p-x7k3-37ea

vulnerability	VCID-drg6-gj1f-h7ea

vulnerability	VCID-eb5z-q7rj-j7hh

vulnerability	VCID-ed3f-3bxh-eba4

vulnerability	VCID-es1t-7196-4kbb

vulnerability	VCID-g3rk-djae-pkeh

vulnerability	VCID-g5q6-7uav-sqh1

vulnerability	VCID-gjey-bqtd-kqa1

vulnerability	VCID-hbtn-7423-m3gb

vulnerability	VCID-hppf-a715-r7b2

vulnerability	VCID-hr2h-y693-sbgc

vulnerability	VCID-j7p8-hchp-xbe3

vulnerability	VCID-jwun-grgg-2uet

vulnerability	VCID-kkbt-pr7u-f7gn

vulnerability	VCID-knsd-pv15-tydx

vulnerability	VCID-kr1b-uct1-7kf6

vulnerability	VCID-mep3-6sub-ykdk

vulnerability	VCID-mnkw-23eu-bkgc

vulnerability	VCID-nk6g-hhsk-8kaw

vulnerability	VCID-p5mc-r1rg-5ff7

vulnerability	VCID-pb5f-g4uc-r7fp

vulnerability	VCID-s5ah-tf63-a7cw

vulnerability	VCID-sb9g-rdnm-rqbm

vulnerability	VCID-sfyc-jewr-wuf5

vulnerability	VCID-sgdb-985e-4uej

vulnerability	VCID-sygb-mygd-s3gb

vulnerability	VCID-sz4r-kjse-cbdd

vulnerability	VCID-t2cx-7ycd-tqhq

vulnerability	VCID-t684-yp58-hkg8

vulnerability	VCID-t9yh-ss8z-e3cb

vulnerability	VCID-thx6-usb2-kkgc

vulnerability	VCID-v3r3-bwp5-a3bn

vulnerability	VCID-v9mt-t1pb-hybk

vulnerability	VCID-va9q-fjn6-yqee

vulnerability	VCID-wg3a-j2dp-ayh4

vulnerability	VCID-wyy6-h8bq-vyde

vulnerability	VCID-xa94-z6yu-skf8

vulnerability	VCID-yy6t-ybeu-qycc

vulnerability	VCID-yzpx-3gam-y3bu

vulnerability	VCID-z1jv-4ga2-7kd1

vulnerability	VCID-zkvd-bfd6-t7dg

vulnerability	VCID-zqzx-avvt-wkhm

vulnerability	VCID-zy7d-3db6-sydw

vulnerability	VCID-zydu-j9dg-fqdb

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2.3.5-1.2%252Bsqueeze8

url pkg:gem/authlogic@0.10.4

purl pkg:gem/authlogic@0.10.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@0.10.4

url pkg:gem/authlogic@1.0.0

purl pkg:gem/authlogic@1.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.0.0

url pkg:gem/authlogic@1.1.0

purl pkg:gem/authlogic@1.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.1.0

url pkg:gem/authlogic@1.1.1

purl pkg:gem/authlogic@1.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.1.1

url pkg:gem/authlogic@1.1.2

purl pkg:gem/authlogic@1.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.1.2

url pkg:gem/authlogic@1.2.0

purl pkg:gem/authlogic@1.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.2.0

url pkg:gem/authlogic@1.2.1

purl pkg:gem/authlogic@1.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.2.1

url pkg:gem/authlogic@1.2.2

purl pkg:gem/authlogic@1.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.2.2

url pkg:gem/authlogic@1.3.0

purl pkg:gem/authlogic@1.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.3.0

url pkg:gem/authlogic@1.3.1

purl pkg:gem/authlogic@1.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.3.1

url pkg:gem/authlogic@1.3.2

purl pkg:gem/authlogic@1.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.3.2

url pkg:gem/authlogic@1.3.3

purl pkg:gem/authlogic@1.3.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.3.3

url pkg:gem/authlogic@1.3.4

purl pkg:gem/authlogic@1.3.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.3.4

url pkg:gem/authlogic@1.3.5

purl pkg:gem/authlogic@1.3.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.3.5

url pkg:gem/authlogic@1.3.6

purl pkg:gem/authlogic@1.3.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.3.6

url pkg:gem/authlogic@1.3.7

purl pkg:gem/authlogic@1.3.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.3.7

url pkg:gem/authlogic@1.3.8

purl pkg:gem/authlogic@1.3.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.3.8

url pkg:gem/authlogic@1.3.9

purl pkg:gem/authlogic@1.3.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.3.9

url pkg:gem/authlogic@1.4.0

purl pkg:gem/authlogic@1.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.4.0

url pkg:gem/authlogic@1.4.1

purl pkg:gem/authlogic@1.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.4.1

url pkg:gem/authlogic@1.4.2

purl pkg:gem/authlogic@1.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.4.2

url pkg:gem/authlogic@1.4.3

purl pkg:gem/authlogic@1.4.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@1.4.3

url pkg:gem/authlogic@2.0.0

purl pkg:gem/authlogic@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.0

url pkg:gem/authlogic@2.0.1

purl pkg:gem/authlogic@2.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.1

url pkg:gem/authlogic@2.0.2

purl pkg:gem/authlogic@2.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.2

url pkg:gem/authlogic@2.0.3

purl pkg:gem/authlogic@2.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.3

url pkg:gem/authlogic@2.0.4

purl pkg:gem/authlogic@2.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.4

url pkg:gem/authlogic@2.0.5

purl pkg:gem/authlogic@2.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.5

url pkg:gem/authlogic@2.0.6

purl pkg:gem/authlogic@2.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.6

url pkg:gem/authlogic@2.0.7

purl pkg:gem/authlogic@2.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.7

url pkg:gem/authlogic@2.0.8

purl pkg:gem/authlogic@2.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.8

url pkg:gem/authlogic@2.0.9

purl pkg:gem/authlogic@2.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.9

url pkg:gem/authlogic@2.0.11

purl pkg:gem/authlogic@2.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.11

url pkg:gem/authlogic@2.0.12

purl pkg:gem/authlogic@2.0.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.12

url pkg:gem/authlogic@2.0.13

purl pkg:gem/authlogic@2.0.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.13

url pkg:gem/authlogic@2.0.14

purl pkg:gem/authlogic@2.0.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.0.14

url pkg:gem/authlogic@2.1.0

purl pkg:gem/authlogic@2.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.1.0

url pkg:gem/authlogic@2.1.1

purl pkg:gem/authlogic@2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.1.1

url pkg:gem/authlogic@2.1.2

purl pkg:gem/authlogic@2.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.1.2

url pkg:gem/authlogic@2.1.3

purl pkg:gem/authlogic@2.1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.1.3

url pkg:gem/authlogic@2.1.4

purl pkg:gem/authlogic@2.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.1.4

url pkg:gem/authlogic@2.1.5

purl pkg:gem/authlogic@2.1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.1.5

url pkg:gem/authlogic@2.1.6

purl pkg:gem/authlogic@2.1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.1.6

url pkg:gem/authlogic@2.1.7

purl pkg:gem/authlogic@2.1.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.1.7

url pkg:gem/authlogic@2.1.8

purl pkg:gem/authlogic@2.1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@2.1.8

url pkg:gem/authlogic@3.0.0

purl pkg:gem/authlogic@3.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@3.0.0

url pkg:gem/authlogic@3.0.1

purl pkg:gem/authlogic@3.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@3.0.1

url pkg:gem/authlogic@3.0.2

purl pkg:gem/authlogic@3.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@3.0.2

url pkg:gem/authlogic@3.0.3

purl pkg:gem/authlogic@3.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@3.0.3

url pkg:gem/authlogic@3.1.0

purl pkg:gem/authlogic@3.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@3.1.0

url pkg:gem/authlogic@3.1.1

purl pkg:gem/authlogic@3.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@3.1.1

url pkg:gem/authlogic@3.1.2

purl pkg:gem/authlogic@3.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@3.1.2

url pkg:gem/authlogic@3.1.3

purl pkg:gem/authlogic@3.1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@3.1.3

url pkg:gem/authlogic@3.2.0

purl pkg:gem/authlogic@3.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sz4r-kjse-cbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/authlogic@3.2.0

References

reference_url

http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts

reference_url	http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/
reference_id
reference_type
scores
url	http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/

reference_url

http://openwall.com/lists/oss-security/2013/01/03/12

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://openwall.com/lists/oss-security/2013/01/03/12

reference_url	http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html
reference_id
reference_type
scores
url	http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-6497

reference_id

reference_type

scores

value	0.00397
scoring_system	epss
scoring_elements	0.60606
published_at	2026-04-16T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.60519
published_at	2026-04-02T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.60546
published_at	2026-04-04T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.60515
published_at	2026-04-07T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.60563
published_at	2026-04-08T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.6058
published_at	2026-04-09T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.60601
published_at	2026-04-11T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.60586
published_at	2026-04-12T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.60565
published_at	2026-04-13T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.60444
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-6497

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6497
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6497

reference_url

https://github.com/binarylogic/authlogic

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/binarylogic/authlogic

reference_url

https://github.com/binarylogic/authlogic/commit/1d57a6c4abe43a3c0b4ef578486ea00e1f7a9873

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/binarylogic/authlogic/commit/1d57a6c4abe43a3c0b4ef578486ea00e1f7a9873

reference_url	https://github.com/binarylogic/authlogic/commit/1d57a6c4abe43a3c0b4ef578486ea00e1f7a9873#diff-724a09c582d42a66c65c0bdaadcb21ee
reference_id
reference_type
scores
url	https://github.com/binarylogic/authlogic/commit/1d57a6c4abe43a3c0b4ef578486ea00e1f7a9873#diff-724a09c582d42a66c65c0bdaadcb21ee

reference_url

https://github.com/binarylogic/authlogic/pull/341

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/binarylogic/authlogic/pull/341

reference_url	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/authlogic/OSVDB-89064.yml
reference_id
reference_type
scores
url	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/authlogic/OSVDB-89064.yml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-6497

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-6497

reference_url

https://web.archive.org/web/20130104161608/http://www.securityfocus.com/bid/57084

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20130104161608/http://www.securityfocus.com/bid/57084

reference_url

https://web.archive.org/web/20130116043311/http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20130116043311/http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html

reference_url	http://www.securityfocus.com/bid/57084
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/57084

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails::::::::
reference_id	cpe:2.3:a:rubyonrails:rails::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails::::::::

reference_url

https://github.com/advisories/GHSA-rx7j-mw4c-76g9

reference_id

GHSA-rx7j-mw4c-76g9

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-rx7j-mw4c-76g9

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	89
name	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
description	The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sz4r-kjse-cbdd

Vulnerability Instance