Search for packages
| purl | pkg:rpm/redhat/ruby193-rubygem-activerecord@1:3.2.8-6?arch=el6 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-455w-hqsj-jkh1
Aliases: CVE-2013-0196 |
OpenShift Enterprise and Online vulnerable to CSRF attack with REST API | There are no reported fixed by versions. |
|
VCID-xa94-z6yu-skf8
Aliases: CVE-2013-1854 GHSA-3crr-9vmg-864v OSV-91453 |
Symbol DoS vulnerability in Active Record When a hash is provided as the find value for a query, the keys of the hash may be converted to symbols. Carefully crafted requests can coerce `params[:name]` to return a hash, and the keys to that hash may be converted to symbols. All users running an affected release should either upgrade or use one of the work arounds immediately. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:52:02.149901+00:00 | RedHat Importer | Affected by | VCID-xa94-z6yu-skf8 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1854.json | 38.0.0 |
| 2026-04-01T14:46:16.921267+00:00 | RedHat Importer | Affected by | VCID-455w-hqsj-jkh1 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0196.json | 38.0.0 |