Search for packages
| purl | pkg:gem/authlogic@3.3.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-sz4r-kjse-cbdd | Remote attacker can conduct SQL injection attacks Ruby on Rails contains a flaw in the Authlogic gem. The issue is triggered when the program makes an unsafe method call for find_by_id. With a specially crafted parameter in an environment that knows the secret_token value in secret_token.rb, a remote attacker to more easily conduct SQL injection attacks. |
CVE-2012-6497
GHSA-rx7j-mw4c-76g9 OSV-89064 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-04T14:30:07.145780+00:00 | GHSA Importer | Fixing | VCID-sz4r-kjse-cbdd | https://github.com/advisories/GHSA-rx7j-mw4c-76g9 | 38.1.0 |
| 2026-04-01T13:09:12.135032+00:00 | GithubOSV Importer | Fixing | VCID-sz4r-kjse-cbdd | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rx7j-mw4c-76g9/GHSA-rx7j-mw4c-76g9.json | 38.0.0 |
| 2026-04-01T12:46:47.853559+00:00 | GitLab Importer | Fixing | VCID-sz4r-kjse-cbdd | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/authlogic/CVE-2012-6497.yml | 38.0.0 |