VulnerableCode Package Details - pkg:rpm/redhat/rubygem-actionpack@1:3.0.13-8?arch=el6op

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/rubygem-actionpack@1:3.0.13-8?arch=el6op

purl	pkg:rpm/redhat/rubygem-actionpack@1:3.0.13-8?arch=el6op

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	3.1

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-4epw-vk25-mfdw Aliases: CVE-2013-1855 GHSA-q759-hwvc-m3jg OSV-91452	XSS vulnerability in sanitize_css in Action Pack Carefully crafted text can bypass the sanitization provided in the `sanitize_css` method in Action Pack.	There are no reported fixed by versions.
VCID-4he5-y1u4-gkd2 Aliases: CVE-2013-1857 GHSA-j838-vfpq-fmf2 OSV-91454	XSS Vulnerability in the `sanitize` helper The `sanitize` helper in Ruby on Rails is designed to filter HTML and remove all tags and attributes which could be malicious.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:52:02.514866+00:00	RedHat Importer	Affected by	VCID-4he5-y1u4-gkd2	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1857.json	38.0.0
2026-04-01T14:52:02.327007+00:00	RedHat Importer	Affected by	VCID-4epw-vk25-mfdw	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1855.json	38.0.0