{"url":"http://public2.vulnerablecode.io/api/packages/131500?format=json","purl":"pkg:gem/activerecord@1.12.1","type":"gem","namespace":"","name":"activerecord","version":"1.12.1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"7.1.5.2","latest_non_vulnerable_version":"8.0.2.1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6996?format=json","vulnerability_id":"VCID-2efj-tf8d-dfck","summary":"Strong Parameter bypass with create_with\nThe `create_with` functionality in Active Record was implemented incorrectly and completely bypasses the strong parameter protection.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2014/08/18/10","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2014/08/18/10"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1102.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1102.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3514.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3514.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3514","reference_id":"","reference_type":"","scores":[{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.55991","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56061","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56096","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56098","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.5607","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.55996","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56016","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.55925","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56036","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56057","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56035","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56086","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.5609","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56101","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56078","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3514"},{"reference_url":"http://secunia.com/advisories/60347","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60347"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-3514.yml","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-3514.yml"},{"reference_url":"https://groups.google.com/forum/message/raw?msg=rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/message/raw?msg=rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ"},{"reference_url":"https://groups.google.com/forum/#!topic/ruby-security-ann/M4chq5Sb540","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/ruby-security-ann/M4chq5Sb540"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3514","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3514"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1131240","reference_id":"1131240","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1131240"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-9rf5-jm6f-2fmm","reference_id":"GHSA-9rf5-jm6f-2fmm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9rf5-jm6f-2fmm"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1102","reference_id":"RHSA-2014:1102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1102"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20772?format=json","purl":"pkg:gem/activerecord@4.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-9t7a-muwx-zyee"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/68296?format=json","purl":"pkg:gem/activerecord@4.1.0.beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-9t7a-muwx-zyee"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.0.beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/20773?format=json","purl":"pkg:gem/activerecord@4.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-9t7a-muwx-zyee"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.5"}],"aliases":["CVE-2014-3514","GHSA-9rf5-jm6f-2fmm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2efj-tf8d-dfck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6976?format=json","vulnerability_id":"VCID-3m2y-wy1w-n7h1","summary":"SQL Injection Vulnerabilities Affecting PostgreSQL\nSQLi vulnerability in activerecord.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2014/07/02/5","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2014/07/02/5"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-0877.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-0877.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3483.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3483.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3483","reference_id":"","reference_type":"","scores":[{"value":"0.00924","scoring_system":"epss","scoring_elements":"0.76083","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00924","scoring_system":"epss","scoring_elements":"0.76062","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00924","scoring_system":"epss","scoring_elements":"0.76072","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79355","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79328","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79351","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79279","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79352","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79286","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79309","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79295","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79321","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.7933","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79354","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79339","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3483"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3483"},{"reference_url":"http://secunia.com/advisories/59971","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59971"},{"reference_url":"http://secunia.com/advisories/60214","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60214"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-3483.yml","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-3483.yml"},{"reference_url":"https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J"},{"reference_url":"https://groups.google.com/forum/#!msg/rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!msg/rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J"},{"reference_url":"https://groups.google.com/forum/#!topic/rubyonrails-security/8GtfeYd6qI4","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/rubyonrails-security/8GtfeYd6qI4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3483","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3483"},{"reference_url":"https://web.archive.org/web/20200228150648/http://www.securityfocus.com/bid/68341","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228150648/http://www.securityfocus.com/bid/68341"},{"reference_url":"http://www.debian.org/security/2014/dsa-2982","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-2982"},{"reference_url":"http://www.securityfocus.com/bid/68341","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/68341"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1114427","reference_id":"1114427","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1114427"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-r8fh-hq2p-7qhq","reference_id":"GHSA-r8fh-hq2p-7qhq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r8fh-hq2p-7qhq"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0877","reference_id":"RHSA-2014:0877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0877"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20726?format=json","purl":"pkg:gem/activerecord@4.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-5mr1-tzkd-v3ae"},{"vulnerability":"VCID-9t7a-muwx-zyee"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/68296?format=json","purl":"pkg:gem/activerecord@4.1.0.beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-9t7a-muwx-zyee"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.0.beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/20727?format=json","purl":"pkg:gem/activerecord@4.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-5mr1-tzkd-v3ae"},{"vulnerability":"VCID-9t7a-muwx-zyee"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.3"}],"aliases":["CVE-2014-3483","GHSA-r8fh-hq2p-7qhq","OSV-108665"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3m2y-wy1w-n7h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8403?format=json","vulnerability_id":"VCID-4cky-r218-dkbb","summary":"activerecord vulnerable to SQL Injection\nMultiple SQL injection vulnerabilities in the `quote_table_name` method in the ActiveRecord adapters in `activerecord/lib/active_record/connection_adapters/` in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name.","references":[{"reference_url":"http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source&output=gplain"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2930","reference_id":"","reference_type":"","scores":[{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76497","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.7649","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76369","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76509","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76399","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76457","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76471","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76467","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76425","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76431","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76453","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76427","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76414","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76381","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76366","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2930"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=731438","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=731438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930"},{"reference_url":"https://github.com/rails/rails","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails"},{"reference_url":"https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85"},{"reference_url":"http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6"},{"reference_url":"http://www.debian.org/security/2011/dsa-2301","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2011/dsa-2301"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/08/17/1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/08/17/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/08/19/11","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/08/19/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/08/20/1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/08/20/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/08/22/13","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/08/22/13"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/08/22/14","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/08/22/14"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/08/22/5","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/08/22/5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-2930","reference_id":"CVE-2011-2930","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-2930"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-2930.yml","reference_id":"CVE-2011-2930.YML","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-2930.yml"},{"reference_url":"https://github.com/advisories/GHSA-h6w6-xmqv-7q78","reference_id":"GHSA-h6w6-xmqv-7q78","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h6w6-xmqv-7q78"},{"reference_url":"https://security.gentoo.org/glsa/201412-28","reference_id":"GLSA-201412-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-28"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25089?format=json","purl":"pkg:gem/activerecord@2.3.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.13"},{"url":"http://public2.vulnerablecode.io/api/packages/131536?format=json","purl":"pkg:gem/activerecord@2.3.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.14"},{"url":"http://public2.vulnerablecode.io/api/packages/25090?format=json","purl":"pkg:gem/activerecord@3.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/25091?format=json","purl":"pkg:gem/activerecord@3.1.0.rc5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.0.rc5"},{"url":"http://public2.vulnerablecode.io/api/packages/20069?format=json","purl":"pkg:gem/activerecord@3.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.0"}],"aliases":["CVE-2011-2930","GHSA-h6w6-xmqv-7q78"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4cky-r218-dkbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8448?format=json","vulnerability_id":"VCID-bsxw-gh14-rbef","summary":"activerecord vulnerable to SQL Injection\nThe Active Record component in Ruby on Rails efore 2.3.15, 3.0.x before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0154.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0154.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2695.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2695.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2695","reference_id":"","reference_type":"","scores":[{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70562","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70502","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70487","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70473","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70515","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70523","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70503","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70553","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70408","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70422","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70439","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70417","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70462","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70478","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2695"},{"reference_url":"https://github.com/rails/rails","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails"},{"reference_url":"https://github.com/rails/rails/commit/62f81f4d6b3ee40e9887ffd92ab14714bad93f18","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/62f81f4d6b3ee40e9887ffd92ab14714bad93f18"},{"reference_url":"https://groups.google.com/group/rubyonrails-security/msg/aee3413fb038bf56?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/group/rubyonrails-security/msg/aee3413fb038bf56?dmode=source&output=gplain"},{"reference_url":"https://groups.google.com/g/rubyonrails-security/c/l4L0TEVAz1k/m/Vr84sD9B464J","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/rubyonrails-security/c/l4L0TEVAz1k/m/Vr84sD9B464J"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=831573","reference_id":"831573","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=831573"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2695","reference_id":"CVE-2012-2695","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2695"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2695.yml","reference_id":"CVE-2012-2695.YML","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2695.yml"},{"reference_url":"https://github.com/advisories/GHSA-76wq-xw4h-f8wj","reference_id":"GHSA-76wq-xw4h-f8wj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-76wq-xw4h-f8wj"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1542","reference_id":"RHSA-2012:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0154","reference_id":"RHSA-2013:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0154"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25180?format=json","purl":"pkg:gem/activerecord@2.3.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.15"},{"url":"http://public2.vulnerablecode.io/api/packages/25177?format=json","purl":"pkg:gem/activerecord@3.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/25178?format=json","purl":"pkg:gem/activerecord@3.1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.6"},{"url":"http://public2.vulnerablecode.io/api/packages/25179?format=json","purl":"pkg:gem/activerecord@3.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.6"}],"aliases":["CVE-2012-2695","GHSA-76wq-xw4h-f8wj"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bsxw-gh14-rbef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15651?format=json","vulnerability_id":"VCID-eb5z-q7rj-j7hh","summary":"Active Record component in Ruby on Rails has a data-type injection vulnerability\nThe Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attacks against Ruby on Rails applications via a crafted value, as demonstrated by unintended interaction between the \"typed XML\" feature and a MySQL database.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2013/02/06/7","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2013/02/06/7"},{"reference_url":"http://openwall.com/lists/oss-security/2013/04/24/7","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2013/04/24/7"},{"reference_url":"http://pl.reddit.com/r/netsec/comments/17yajp/mysql_madness_and_rails","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://pl.reddit.com/r/netsec/comments/17yajp/mysql_madness_and_rails"},{"reference_url":"http://pl.reddit.com/r/netsec/comments/17yajp/mysql_madness_and_rails/","reference_id":"","reference_type":"","scores":[],"url":"http://pl.reddit.com/r/netsec/comments/17yajp/mysql_madness_and_rails/"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3221.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3221.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3221","reference_id":"","reference_type":"","scores":[{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65245","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65186","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65152","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65202","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65214","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65233","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.6522","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65192","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65227","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65237","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65219","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65234","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65247","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65111","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65161","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3221"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3221"},{"reference_url":"https://gist.github.com/dakull/5442275","reference_id":"","reference_type":"","scores":[],"url":"https://gist.github.com/dakull/5442275"},{"reference_url":"https://github.com/rails/rails","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails"},{"reference_url":"https://groups.google.com/group/rubyonrails-security/msg/1f3bc0b88a60c1ce?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/group/rubyonrails-security/msg/1f3bc0b88a60c1ce?dmode=source&output=gplain"},{"reference_url":"https://web.archive.org/web/20130825191249/http://www.phenoelit.org/blog/archives/2013/02/index.html","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20130825191249/http://www.phenoelit.org/blog/archives/2013/02/index.html"},{"reference_url":"http://www.phenoelit.org/blog/archives/2013/02/index.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.phenoelit.org/blog/archives/2013/02/index.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=954365","reference_id":"954365","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=954365"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-3221","reference_id":"CVE-2013-3221","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-3221"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-3221.yml","reference_id":"CVE-2013-3221.YML","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-3221.yml"},{"reference_url":"https://github.com/advisories/GHSA-f57c-hx33-hvh8","reference_id":"GHSA-f57c-hx33-hvh8","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f57c-hx33-hvh8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/54800?format=json","purl":"pkg:gem/activerecord@4.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-5qu2-b8gt-7qe3"},{"vulnerability":"VCID-9t7a-muwx-zyee"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-qywc-5pj5-y3a9"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.0"}],"aliases":["CVE-2013-3221","GHSA-f57c-hx33-hvh8"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eb5z-q7rj-j7hh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6774?format=json","vulnerability_id":"VCID-hbtn-7423-m3gb","summary":"Circumvention of attr_protected\nThe attr_protected method allows developers to specify a denylist of model attributes which users should not be allowed to assign to. By using a specially crafted request, attackers could circumvent this protection and alter values that were meant to be protected.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0686.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0686.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0276.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0276.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0276","reference_id":"","reference_type":"","scores":[{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69735","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69627","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69644","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69666","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69652","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69637","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69678","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69687","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69669","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69721","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69729","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.6957","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69582","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69598","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00606","scoring_system":"epss","scoring_elements":"0.69577","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276"},{"reference_url":"http://secunia.com/advisories/52112","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52112"},{"reference_url":"http://secunia.com/advisories/52774","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52774"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0276.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0276.yml"},{"reference_url":"https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/AFBKNY7VSH8","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/AFBKNY7VSH8"},{"reference_url":"https://groups.google.com/group/rubyonrails-security/msg/bb44b98a73ef1a06?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/group/rubyonrails-security/msg/bb44b98a73ef1a06?dmode=source&output=gplain"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0276","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0276"},{"reference_url":"http://support.apple.com/kb/HT5784","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT5784"},{"reference_url":"https://web.archive.org/web/20130217055442/http://www.securityfocus.com/bid/57896","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20130217055442/http://www.securityfocus.com/bid/57896"},{"reference_url":"http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released"},{"reference_url":"http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released/","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released/"},{"reference_url":"http://www.debian.org/security/2013/dsa-2620","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2013/dsa-2620"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/02/11/5","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/02/11/5"},{"reference_url":"http://www.osvdb.org/90072","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/90072"},{"reference_url":"http://www.securityfocus.com/bid/57896","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/57896"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=909528","reference_id":"909528","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=909528"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-gr44-7grc-37vq","reference_id":"GHSA-gr44-7grc-37vq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gr44-7grc-37vq"},{"reference_url":"https://security.gentoo.org/glsa/201412-28","reference_id":"GLSA-201412-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0686","reference_id":"RHSA-2013:0686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0686"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20185?format=json","purl":"pkg:gem/activerecord@2.3.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.17"},{"url":"http://public2.vulnerablecode.io/api/packages/68288?format=json","purl":"pkg:gem/activerecord@3.1.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.11"},{"url":"http://public2.vulnerablecode.io/api/packages/131578?format=json","purl":"pkg:gem/activerecord@3.2.0.rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.0.rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/68289?format=json","purl":"pkg:gem/activerecord@3.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.12"}],"aliases":["CVE-2013-0276","GHSA-gr44-7grc-37vq","OSV-90072"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hbtn-7423-m3gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6766?format=json","vulnerability_id":"VCID-j7p8-hchp-xbe3","summary":"Unsafe Query Generation Risk in Ruby on Rails\nDue to the way Active Record interprets parameters in combination with the way that JSON parameters are parsed, it is possible for an attacker to issue unexpected database queries with \"IS NULL\" or empty where clauses. This issue does *not* let an attacker insert arbitrary values into an SQL query, however they can cause the query to check for NULL or eliminate a WHERE clause when most users wouldn't expect it.","references":[{"reference_url":"http://ics-cert.us-cert.gov/advisories/ICSA-13-036-01A","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ics-cert.us-cert.gov/advisories/ICSA-13-036-01A"},{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0154.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0154.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0155.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0155.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0155.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0155.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0155","reference_id":"","reference_type":"","scores":[{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95207","published_at":"2026-04-29T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95182","published_at":"2026-04-09T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95188","published_at":"2026-04-12T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95191","published_at":"2026-04-13T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95199","published_at":"2026-04-16T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95203","published_at":"2026-04-18T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95204","published_at":"2026-04-21T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95205","published_at":"2026-04-24T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95155","published_at":"2026-04-01T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95166","published_at":"2026-04-02T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95167","published_at":"2026-04-04T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95171","published_at":"2026-04-07T12:55:00Z"},{"value":"0.18174","scoring_system":"epss","scoring_elements":"0.95178","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0155.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0155.yml"},{"reference_url":"https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/t1WFuuQyavI","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/t1WFuuQyavI"},{"reference_url":"https://groups.google.com/group/rubyonrails-security/msg/bc6f13dafe130ee9?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/group/rubyonrails-security/msg/bc6f13dafe130ee9?dmode=source&output=gplain"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0155","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0155"},{"reference_url":"https://puppet.com/security/cve/cve-2013-0155","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/cve-2013-0155"},{"reference_url":"http://support.apple.com/kb/HT5784","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT5784"},{"reference_url":"http://www.debian.org/security/2013/dsa-2609","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2013/dsa-2609"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=892866","reference_id":"892866","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=892866"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-gppp-5xc5-wfpx","reference_id":"GHSA-gppp-5xc5-wfpx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gppp-5xc5-wfpx"},{"reference_url":"https://security.gentoo.org/glsa/201412-28","reference_id":"GLSA-201412-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0154","reference_id":"RHSA-2013:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0155","reference_id":"RHSA-2013:0155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0155"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20160?format=json","purl":"pkg:gem/activerecord@3.0.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.19"},{"url":"http://public2.vulnerablecode.io/api/packages/25088?format=json","purl":"pkg:gem/activerecord@3.1.0.beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.0.beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/20161?format=json","purl":"pkg:gem/activerecord@3.1.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.10"},{"url":"http://public2.vulnerablecode.io/api/packages/131578?format=json","purl":"pkg:gem/activerecord@3.2.0.rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.0.rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/20162?format=json","purl":"pkg:gem/activerecord@3.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.11"}],"aliases":["CVE-2013-0155","GHSA-gppp-5xc5-wfpx","OSV-89025"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j7p8-hchp-xbe3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8414?format=json","vulnerability_id":"VCID-j8zg-kq3z-jqcm","summary":"Improper Input Validation\nRuby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3933","reference_id":"","reference_type":"","scores":[{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72373","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72241","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.7228","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72292","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72297","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72284","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72327","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72336","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72324","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72367","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72376","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72239","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72245","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72265","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3933"},{"reference_url":"http://secunia.com/advisories/41930","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41930"},{"reference_url":"http://securitytracker.com/id?1024624","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1024624"},{"reference_url":"https://github.com/rails/rails","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails"},{"reference_url":"https://github.com/rails/rails/commit/2d96bccb1e8b62e3e11ca0c5d38aaa8cece889ae","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/2d96bccb1e8b62e3e11ca0c5d38aaa8cece889ae"},{"reference_url":"https://github.com/rails/rails/commit/96183e0f284bab27667e5a38fa6a1578eb029585","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/96183e0f284bab27667e5a38fa6a1578eb029585"},{"reference_url":"https://web.archive.org/web/20101129225633/http://securitytracker.com/alerts/2010/Oct/1024624.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20101129225633/http://securitytracker.com/alerts/2010/Oct/1024624.html"},{"reference_url":"https://web.archive.org/web/20111225083933/http://secunia.com/advisories/41930","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20111225083933/http://secunia.com/advisories/41930"},{"reference_url":"https://web.archive.org/web/20201208053819/http://securitytracker.com/id?1024624","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201208053819/http://securitytracker.com/id?1024624"},{"reference_url":"http://weblog.rubyonrails.org/2010/10/15/security-vulnerability-in-nested-attributes-code-in-ruby-on-rails-2-3-9-and-3-0-0","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://weblog.rubyonrails.org/2010/10/15/security-vulnerability-in-nested-attributes-code-in-ruby-on-rails-2-3-9-and-3-0-0"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2719","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2719"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3933","reference_id":"CVE-2010-3933","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3933"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2010-3933.yml","reference_id":"CVE-2010-3933.YML","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2010-3933.yml"},{"reference_url":"https://github.com/advisories/GHSA-gjxw-5w2q-7grf","reference_id":"GHSA-gjxw-5w2q-7grf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gjxw-5w2q-7grf"},{"reference_url":"https://security.gentoo.org/glsa/201412-28","reference_id":"GLSA-201412-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-28"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25111?format=json","purl":"pkg:gem/activerecord@2.3.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.9"},{"url":"http://public2.vulnerablecode.io/api/packages/25112?format=json","purl":"pkg:gem/activerecord@2.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/25113?format=json","purl":"pkg:gem/activerecord@3.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.1"}],"aliases":["CVE-2010-3933","GHSA-gjxw-5w2q-7grf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j8zg-kq3z-jqcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8466?format=json","vulnerability_id":"VCID-kkbt-pr7u-f7gn","summary":"Active Record contains SQL Injection\nSQL injection vulnerability in the Active Record component in Ruby on Rails before 2.3.15, 3.0.x before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use unexpected data types in certain find_by_ method calls.","references":[{"reference_url":"http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts"},{"reference_url":"http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0154.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0154.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0155.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0155.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0220.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0220.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6496.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6496.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6496","reference_id":"","reference_type":"","scores":[{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77266","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77202","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77181","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77177","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77217","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77219","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.7721","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77245","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77251","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77115","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77122","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77151","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77133","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77166","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77174","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6496"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=889649","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=889649"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6496"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201401-22.xml","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://security.gentoo.org/glsa/glsa-201401-22.xml"},{"reference_url":"https://github.com/rails/rails","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails"},{"reference_url":"https://github.com/rails/rails/commit/9de9b359d0d24f70f0f6c5c58a7ad8750684d456","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/9de9b359d0d24f70f0f6c5c58a7ad8750684d456"},{"reference_url":"https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM"},{"reference_url":"https://groups.google.com/group/rubyonrails-security/msg/23daa048baf28b64?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/group/rubyonrails-security/msg/23daa048baf28b64?dmode=source&output=gplain"},{"reference_url":"http://www.securityfocus.com/bid/57084","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/57084"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6496","reference_id":"CVE-2012-6496","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6496"},{"reference_url":"https://github.com/advisories/GHSA-gh2w-j7cx-2664","reference_id":"GHSA-gh2w-j7cx-2664","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gh2w-j7cx-2664"},{"reference_url":"https://security.gentoo.org/glsa/201401-22","reference_id":"GLSA-201401-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0154","reference_id":"RHSA-2013:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0155","reference_id":"RHSA-2013:0155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0155"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25180?format=json","purl":"pkg:gem/activerecord@2.3.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.15"},{"url":"http://public2.vulnerablecode.io/api/packages/68292?format=json","purl":"pkg:gem/activerecord@3.0.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.18"},{"url":"http://public2.vulnerablecode.io/api/packages/25088?format=json","purl":"pkg:gem/activerecord@3.1.0.beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.0.beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/68293?format=json","purl":"pkg:gem/activerecord@3.1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/131578?format=json","purl":"pkg:gem/activerecord@3.2.0.rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.0.rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/68294?format=json","purl":"pkg:gem/activerecord@3.2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.10"}],"aliases":["CVE-2012-6496","GHSA-gh2w-j7cx-2664","OSV-88661"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkbt-pr7u-f7gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6902?format=json","vulnerability_id":"VCID-n5fx-u6fs-vydu","summary":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')\nSQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/cast.rb in Active Record in Ruby on Rails beta1, when PostgreSQL is used, allows remote attackers to execute \"add data\" SQL commands via vectors involving \\ (backslash) characters that are not properly handled in operations on array columns.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2014/02/18/9","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2014/02/18/9"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0080.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0080.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0080","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48006","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48062","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48114","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4811","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48065","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48047","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48059","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47995","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48033","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48053","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48003","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48056","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4805","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48074","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0080"},{"reference_url":"https://github.com/advisories/GHSA-hqf9-rc9j-5fmj","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hqf9-rc9j-5fmj"},{"reference_url":"https://github.com/rails/rails/tree/main/activerecord","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/tree/main/activerecord"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-0080.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-0080.yml"},{"reference_url":"https://groups.google.com/forum/#!topic/rubyonrails-security/Wu96YkTUR6s","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/rubyonrails-security/Wu96YkTUR6s"},{"reference_url":"https://web.archive.org/web/20210301004521/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/Wu96YkTUR6s/pPLBMZrlwvYJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210301004521/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/Wu96YkTUR6s/pPLBMZrlwvYJ"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1065517","reference_id":"1065517","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1065517"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0080","reference_id":"CVE-2014-0080","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0080"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20070?format=json","purl":"pkg:gem/activerecord@3.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/20551?format=json","purl":"pkg:gem/activerecord@4.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-5mr1-tzkd-v3ae"},{"vulnerability":"VCID-9t7a-muwx-zyee"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/68296?format=json","purl":"pkg:gem/activerecord@4.1.0.beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-9t7a-muwx-zyee"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.0.beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/68297?format=json","purl":"pkg:gem/activerecord@4.1.0.beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-9t7a-muwx-zyee"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.1.0.beta2"}],"aliases":["CVE-2014-0080","GHSA-hqf9-rc9j-5fmj","OSV-103438"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n5fx-u6fs-vydu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53902?format=json","vulnerability_id":"VCID-n8r7-wthv-fqaj","summary":"Active Record RCE bug with Serialized Columns\nWhen serialized columns that use YAML (the default) are deserialized, Rails uses YAML.unsafe_load to convert the YAML data in to Ruby objects. If an attacker can manipulate data in the database (via means like SQL injection), then it may be possible for the attacker to escalate to an RCE.\n\nThere are no feasible workarounds for this issue, but other coders (such as JSON) are not impacted.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32224.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32224.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32224","reference_id":"","reference_type":"","scores":[{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.83138","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.8313","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.83122","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.83009","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.83052","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.83045","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.8302","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.83023","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.831","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.83096","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.83057","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.83062","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01864","scoring_system":"epss","scoring_elements":"0.83068","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32224"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32224","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32224"},{"reference_url":"https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-3hhc-qp5v-9p2j","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-24T15:17:17Z/"}],"url":"https://github.com/advisories/GHSA-3hhc-qp5v-9p2j"},{"reference_url":"https://github.com/rails/rails/commit/611990f1a6c137c2d56b1ba06b27e5d2434dcd6a","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/611990f1a6c137c2d56b1ba06b27e5d2434dcd6a"},{"reference_url":"https://github.com/rails/rails/commits/main/activerecord","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commits/main/activerecord"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2022-32224.yml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2022-32224.yml"},{"reference_url":"https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":""},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-24T15:17:17Z/"}],"url":"https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-32224","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-32224"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016140","reference_id":"1016140","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016140"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108997","reference_id":"2108997","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108997"},{"reference_url":"https://security.gentoo.org/glsa/202408-24","reference_id":"GLSA-202408-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0261","reference_id":"RHSA-2023:0261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1151","reference_id":"RHSA-2023:1151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2097","reference_id":"RHSA-2023:2097","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2097"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81424?format=json","purl":"pkg:gem/activerecord@5.2.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@5.2.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/81423?format=json","purl":"pkg:gem/activerecord@6.0.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-t9yh-ss8z-e3cb"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@6.0.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/81422?format=json","purl":"pkg:gem/activerecord@6.1.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-t9yh-ss8z-e3cb"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@6.1.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/81421?format=json","purl":"pkg:gem/activerecord@7.0.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-t9yh-ss8z-e3cb"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@7.0.3.1"}],"aliases":["CVE-2022-32224","GHSA-3hhc-qp5v-9p2j","GMS-2022-3029"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n8r7-wthv-fqaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6775?format=json","vulnerability_id":"VCID-nk6g-hhsk-8kaw","summary":"Serialized Attributes YAML Vulnerability with Rails 2.3 and 3.0\nThere is a vulnerability in the serialized attribute handling code in Ruby on Rails, applications which allow users to directly assign to the serialized fields in their models are at risk of Denial of Service or Remote Code Execution vulnerabilities.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0277.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0277.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0277","reference_id":"","reference_type":"","scores":[{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.91283","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.91251","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.91257","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.9127","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.91277","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.91287","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.9132","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.91322","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.91312","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.9131","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.91311","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.91236","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.91286","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06742","scoring_system":"epss","scoring_elements":"0.91241","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277"},{"reference_url":"http://secunia.com/advisories/52112","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52112"},{"reference_url":"http://securitytracker.com/id?1028109","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://securitytracker.com/id?1028109"},{"reference_url":"https://github.com/rails/rails/tree/v6.1.4.1/activerecord","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/tree/v6.1.4.1/activerecord"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0277.yml","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0277.yml"},{"reference_url":"https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/KtmwSbEpzrU","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/KtmwSbEpzrU"},{"reference_url":"https://groups.google.com/group/rubyonrails-security/msg/302ec7ce90f13837?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/group/rubyonrails-security/msg/302ec7ce90f13837?dmode=source&output=gplain"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0277","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0277"},{"reference_url":"https://puppet.com/security/cve/cve-2013-0277","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://puppet.com/security/cve/cve-2013-0277"},{"reference_url":"http://support.apple.com/kb/HT5784","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT5784"},{"reference_url":"http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released"},{"reference_url":"http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released/","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released/"},{"reference_url":"http://www.debian.org/security/2013/dsa-2620","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2013/dsa-2620"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/02/11/6","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/02/11/6"},{"reference_url":"http://www.osvdb.org/90073","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/90073"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=909633","reference_id":"909633","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=909633"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-fhj9-cjjh-27vm","reference_id":"GHSA-fhj9-cjjh-27vm","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fhj9-cjjh-27vm"},{"reference_url":"https://security.gentoo.org/glsa/201412-28","reference_id":"GLSA-201412-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-28"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20185?format=json","purl":"pkg:gem/activerecord@2.3.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.17"},{"url":"http://public2.vulnerablecode.io/api/packages/20069?format=json","purl":"pkg:gem/activerecord@3.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.0"}],"aliases":["CVE-2013-0277","GHSA-fhj9-cjjh-27vm","OSV-90073"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nk6g-hhsk-8kaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8423?format=json","vulnerability_id":"VCID-nzeb-cy9e-tkax","summary":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')\nMultiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) :limit and (2) :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer.","references":[{"reference_url":"http://blog.innerewut.de/2008/6/16/why-you-should-upgrade-to-rails-2-1","reference_id":"","reference_type":"","scores":[],"url":"http://blog.innerewut.de/2008/6/16/why-you-should-upgrade-to-rails-2-1"},{"reference_url":"http://gist.github.com/8946","reference_id":"","reference_type":"","scores":[],"url":"http://gist.github.com/8946"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html"},{"reference_url":"http://rails.lighthouseapp.com/projects/8994/tickets/288","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rails.lighthouseapp.com/projects/8994/tickets/288"},{"reference_url":"http://rails.lighthouseapp.com/projects/8994/tickets/964","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rails.lighthouseapp.com/projects/8994/tickets/964"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4094","reference_id":"","reference_type":"","scores":[{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86876","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.8686","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86856","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86839","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86844","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86847","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86834","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86806","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86812","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86793","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86782","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86884","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.86883","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4094"},{"reference_url":"http://secunia.com/advisories/31875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31875"},{"reference_url":"http://secunia.com/advisories/31909","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31909"},{"reference_url":"http://secunia.com/advisories/31910","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31910"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45109","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45109"},{"reference_url":"https://github.com/rails/rails","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails"},{"reference_url":"https://github.com/rails/rails/commit/ef0ea782b1f5cf7b08e74ea3002a16c708f66645","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/ef0ea782b1f5cf7b08e74ea3002a16c708f66645"},{"reference_url":"https://web.archive.org/web/20080620000955/http://blog.innerewut.de/2008/6/16/why-you-should-upgrade-to-rails-2-1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20080620000955/http://blog.innerewut.de/2008/6/16/why-you-should-upgrade-to-rails-2-1"},{"reference_url":"https://web.archive.org/web/20080620201733/http://blog.innerewut.de/files/rails/activerecord-1.15.3.patch","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20080620201733/http://blog.innerewut.de/files/rails/activerecord-1.15.3.patch"},{"reference_url":"https://web.archive.org/web/20080620201744/http://blog.innerewut.de/files/rails/activerecord-2.0.2.patch","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20080620201744/http://blog.innerewut.de/files/rails/activerecord-2.0.2.patch"},{"reference_url":"https://web.archive.org/web/20081104151751/http://gist.github.com/8946","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20081104151751/http://gist.github.com/8946"},{"reference_url":"https://web.archive.org/web/20081113122736/http://secunia.com/advisories/31875","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20081113122736/http://secunia.com/advisories/31875"},{"reference_url":"https://web.archive.org/web/20081113122736/http://secunia.com/advisories/31875/","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20081113122736/http://secunia.com/advisories/31875/"},{"reference_url":"https://web.archive.org/web/20081207211431/http://secunia.com/advisories/31909","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20081207211431/http://secunia.com/advisories/31909"},{"reference_url":"https://web.archive.org/web/20081207211436/http://secunia.com/advisories/31910","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20081207211436/http://secunia.com/advisories/31910"},{"reference_url":"https://web.archive.org/web/20091101000000*/http://www.vupen.com/english/advisories/2008/2562","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20091101000000*/http://www.vupen.com/english/advisories/2008/2562"},{"reference_url":"https://web.archive.org/web/20120120194518/http://www.securityfocus.com/bid/31176","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20120120194518/http://www.securityfocus.com/bid/31176"},{"reference_url":"https://web.archive.org/web/20201207112829/http://www.securitytracker.com/id?1020871","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201207112829/http://www.securitytracker.com/id?1020871"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/09/13/2","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2008/09/13/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/09/16/1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2008/09/16/1"},{"reference_url":"http://www.rorsecurity.info/2008/09/08/sql-injection-issue-in-limit-and-offset-parameter","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.rorsecurity.info/2008/09/08/sql-injection-issue-in-limit-and-offset-parameter"},{"reference_url":"http://www.rorsecurity.info/2008/09/08/sql-injection-issue-in-limit-and-offset-parameter/","reference_id":"","reference_type":"","scores":[],"url":"http://www.rorsecurity.info/2008/09/08/sql-injection-issue-in-limit-and-offset-parameter/"},{"reference_url":"http://www.securityfocus.com/bid/31176","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31176"},{"reference_url":"http://www.securitytracker.com/id?1020871","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020871"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2562","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2562"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500791","reference_id":"500791","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500791"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.10.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.10.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.10.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.11.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.11.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.11.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.11.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.11.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.11.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.12.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.12.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.12.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.13.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.13.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.13.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.14.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.14.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.14.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.14.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.14.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.14.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.14.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.14.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.14.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.14.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.14.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.14.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.9.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.9.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.9.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.9.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.9.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.9.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.9.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.9.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.9.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.9.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:0.9.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:0.9.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.9.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:1.9.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:1.9.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:0.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:0.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:0.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-4094","reference_id":"CVE-2008-4094","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-4094"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2008-4094.yml","reference_id":"CVE-2008-4094.YML","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2008-4094.yml"},{"reference_url":"https://github.com/advisories/GHSA-xf96-32q2-9rw2","reference_id":"GHSA-xf96-32q2-9rw2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xf96-32q2-9rw2"},{"reference_url":"https://security.gentoo.org/glsa/200912-02","reference_id":"GLSA-200912-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200912-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25086?format=json","purl":"pkg:gem/activerecord@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/25125?format=json","purl":"pkg:gem/activerecord@2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.1.1"}],"aliases":["CVE-2008-4094","GHSA-xf96-32q2-9rw2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nzeb-cy9e-tkax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6734?format=json","vulnerability_id":"VCID-phxs-zet8-ryh3","summary":"SQL Injection\nRuby on Rails contains a flaw related to the way ActiveRecord handles parameters in conjunction with the way Rack parses query parameters. This issue may allow an attacker to inject arbitrary `IS NULL` clauses in to application SQL queries. This may also allow an attacker to have the SQL query check for `NULL` in arbitrary places.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0154.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0154.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2660.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2660.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2660","reference_id":"","reference_type":"","scores":[{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52712","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52745","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52796","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.5278","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52763","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52801","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52808","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52792","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52741","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52663","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52708","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52734","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.527","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52751","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2660"},{"reference_url":"https://github.com/rails/rails","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails"},{"reference_url":"https://github.com/rails/rails/commit/61eed87ce32caf534bf1f52dd8134097b4ad9e1b","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/61eed87ce32caf534bf1f52dd8134097b4ad9e1b"},{"reference_url":"https://github.com/rails/rails/commit/dff6db18840e2fd1dd3f3e4ef0ae7a9a3986d01d#diff-3179d24efacadd64068c4d9c1184eac3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/rails/rails/commit/dff6db18840e2fd1dd3f3e4ef0ae7a9a3986d01d#diff-3179d24efacadd64068c4d9c1184eac3"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/OSVDB-82610.yml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/OSVDB-82610.yml"},{"reference_url":"https://groups.google.com/forum/#!original/rubyonrails-security/8SA-M3as7A8/Mr9fi9X4kNgJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!original/rubyonrails-security/8SA-M3as7A8/Mr9fi9X4kNgJ"},{"reference_url":"https://groups.google.com/group/rubyonrails-security/msg/d890f8d58b5fbf32?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/group/rubyonrails-security/msg/d890f8d58b5fbf32?dmode=source&output=gplain"},{"reference_url":"https://groups.google.com/g/rubyonrails-security/c/8SA-M3as7A8/m/Mr9fi9X4kNgJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/rubyonrails-security/c/8SA-M3as7A8/m/Mr9fi9X4kNgJ"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=827353","reference_id":"827353","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=827353"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2660","reference_id":"CVE-2012-2660","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2660"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2012-2660.yml","reference_id":"CVE-2012-2660.YML","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2012-2660.yml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2660.yml","reference_id":"CVE-2012-2660.YML","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2660.yml"},{"reference_url":"https://github.com/advisories/GHSA-hgpp-pp89-4fgf","reference_id":"GHSA-hgpp-pp89-4fgf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hgpp-pp89-4fgf"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1542","reference_id":"RHSA-2012:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0154","reference_id":"RHSA-2013:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0154"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20071?format=json","purl":"pkg:gem/activerecord@3.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/25088?format=json","purl":"pkg:gem/activerecord@3.1.0.beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.0.beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/20072?format=json","purl":"pkg:gem/activerecord@3.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/131578?format=json","purl":"pkg:gem/activerecord@3.2.0.rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.0.rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/20073?format=json","purl":"pkg:gem/activerecord@3.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.4"}],"aliases":["CVE-2012-2660","GHSA-hgpp-pp89-4fgf","OSV-82610"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-phxs-zet8-ryh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6736?format=json","vulnerability_id":"VCID-rq7w-zmh4-17e1","summary":"SQL injection vulnerability in Active Record\nDue to the way Active Record handles nested query parameters, an attacker can use a specially crafted request to inject some forms of SQL into your application's SQL queries.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0154.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0154.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2661.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2661.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2661","reference_id":"","reference_type":"","scores":[{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72743","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72697","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72739","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72747","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72604","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72611","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72628","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72605","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72644","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72656","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72679","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72662","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72652","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72694","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72705","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2661"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2661","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2661"},{"reference_url":"https://github.com/rails/rails/commit/71f7917c553cdc9a0ee49e87af0efb7429759718#diff-2ec9993375ecb711e08452788d625581","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/rails/rails/commit/71f7917c553cdc9a0ee49e87af0efb7429759718#diff-2ec9993375ecb711e08452788d625581"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/OSVDB-82403.yml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/OSVDB-82403.yml"},{"reference_url":"https://groups.google.com/group/rubyonrails-security/msg/fc2da6c627fc92df?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/group/rubyonrails-security/msg/fc2da6c627fc92df?dmode=source&output=gplain"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2661","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2661"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=827363","reference_id":"827363","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=827363"},{"reference_url":"https://github.com/advisories/GHSA-fh39-v733-mxfr","reference_id":"GHSA-fh39-v733-mxfr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fh39-v733-mxfr"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1542","reference_id":"RHSA-2012:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0154","reference_id":"RHSA-2013:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0154"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/131536?format=json","purl":"pkg:gem/activerecord@2.3.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.14"},{"url":"http://public2.vulnerablecode.io/api/packages/20071?format=json","purl":"pkg:gem/activerecord@3.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/25088?format=json","purl":"pkg:gem/activerecord@3.1.0.beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.0.beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/20072?format=json","purl":"pkg:gem/activerecord@3.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/131578?format=json","purl":"pkg:gem/activerecord@3.2.0.rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.0.rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/20073?format=json","purl":"pkg:gem/activerecord@3.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.4"}],"aliases":["CVE-2012-2661","GHSA-fh39-v733-mxfr","OSV-82403"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rq7w-zmh4-17e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8463?format=json","vulnerability_id":"VCID-sb9g-rdnm-rqbm","summary":"SQL Injection in Active Record\nSQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2014/07/02/5","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2014/07/02/5"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-0876.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-0876.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3482.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3482.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3482","reference_id":"","reference_type":"","scores":[{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81389","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81315","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81336","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81322","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81351","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81354","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81376","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81384","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81252","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81261","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81283","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81282","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.8131","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3483"},{"reference_url":"http://secunia.com/advisories/59973","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59973"},{"reference_url":"http://secunia.com/advisories/60214","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60214"},{"reference_url":"http://secunia.com/advisories/60763","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60763"},{"reference_url":"https://github.com/rails/rails","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails"},{"reference_url":"https://github.com/rails/rails/commit/1f2192e46d78ee0ba2b06373f2c24caf8440ff5b","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/1f2192e46d78ee0ba2b06373f2c24caf8440ff5b"},{"reference_url":"https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J"},{"reference_url":"https://groups.google.com/g/rubyonrails-security/c/wDxePLJGZdI","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/rubyonrails-security/c/wDxePLJGZdI"},{"reference_url":"http://www.debian.org/security/2014/dsa-2982","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-2982"},{"reference_url":"http://www.securityfocus.com/bid/68343","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/68343"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1114425","reference_id":"1114425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1114425"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.13:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.13:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.13:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.13:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.13:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.13:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.15:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.15:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.15:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:2.3.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:2.3.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:2.3.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3482","reference_id":"CVE-2014-3482","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3482"},{"reference_url":"https://github.com/advisories/GHSA-mhwp-qhpc-h3jm","reference_id":"GHSA-mhwp-qhpc-h3jm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mhwp-qhpc-h3jm"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0876","reference_id":"RHSA-2014:0876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0876"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25338?format=json","purl":"pkg:gem/activerecord@3.2.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.19"},{"url":"http://public2.vulnerablecode.io/api/packages/130966?format=json","purl":"pkg:gem/activerecord@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-5mr1-tzkd-v3ae"},{"vulnerability":"VCID-9t7a-muwx-zyee"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.0.0"}],"aliases":["CVE-2014-3482","GHSA-mhwp-qhpc-h3jm","OSV-108664"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sb9g-rdnm-rqbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16096?format=json","vulnerability_id":"VCID-sygb-mygd-s3gb","summary":"Duplicate\nThis advisory duplicates another.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44566.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44566.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44566","reference_id":"","reference_type":"","scores":[{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.81452","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.81448","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.8144","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83996","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02421","scoring_system":"epss","scoring_elements":"0.85087","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02421","scoring_system":"epss","scoring_elements":"0.85153","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02421","scoring_system":"epss","scoring_elements":"0.8515","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02421","scoring_system":"epss","scoring_elements":"0.85129","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02421","scoring_system":"epss","scoring_elements":"0.8512","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02421","scoring_system":"epss","scoring_elements":"0.85113","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02421","scoring_system":"epss","scoring_elements":"0.85091","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02421","scoring_system":"epss","scoring_elements":"0.8507","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02421","scoring_system":"epss","scoring_elements":"0.85132","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02421","scoring_system":"epss","scoring_elements":"0.85134","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44566"},{"reference_url":"https://code.jeremyevans.net/2022-11-01-forcing-sequential-scans-on-postgresql.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T13:43:31Z/"}],"url":"https://code.jeremyevans.net/2022-11-01-forcing-sequential-scans-on-postgresql.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44566"},{"reference_url":"https://discuss.rubyonrails.org/t/cve-2022-44566-possible-denial-of-service-vulnerability-in-activerecords-postgresql-adapter/82119","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T13:43:31Z/"}],"url":"https://discuss.rubyonrails.org/t/cve-2022-44566-possible-denial-of-service-vulnerability-in-activerecords-postgresql-adapter/82119"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rails/rails","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails"},{"reference_url":"https://github.com/rails/rails/commit/4f44aa9d514e701ada92b5cf08beccf566eeaebf","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/4f44aa9d514e701ada92b5cf08beccf566eeaebf"},{"reference_url":"https://github.com/rails/rails/commit/82bcdc011e2ff674e7dd8fd8cee3a831c908d29b","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/82bcdc011e2ff674e7dd8fd8cee3a831c908d29b"},{"reference_url":"https://github.com/rails/rails/releases/tag/v6.1.7.1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/releases/tag/v6.1.7.1"},{"reference_url":"https://github.com/rails/rails/releases/tag/v7.0.4.1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/releases/tag/v7.0.4.1"},{"reference_url":"https://mailchi.mp/railslts/rails-lts-multiple-dos-vulnerabilities-in-rails-rack-and-globalid","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailchi.mp/railslts/rails-lts-multiple-dos-vulnerabilities-in-rails-rack-and-globalid"},{"reference_url":"https://makandracards.com/railslts/508019-rails-5-2-lts-changelog#section-jan-20th-2023-rails-version-5-2-8-15","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://makandracards.com/railslts/508019-rails-5-2-lts-changelog#section-jan-20th-2023-rails-version-5-2-8-15"},{"reference_url":"https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030050","reference_id":"1030050","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030050"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164789","reference_id":"2164789","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164789"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-44566","reference_id":"CVE-2022-44566","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-44566"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2022-44566.yml","reference_id":"CVE-2022-44566.YML","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2022-44566.yml"},{"reference_url":"https://github.com/advisories/GHSA-579w-22j4-4749","reference_id":"GHSA-579w-22j4-4749","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-579w-22j4-4749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6818","reference_id":"RHSA-2023:6818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6818"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55420?format=json","purl":"pkg:gem/activerecord@6.1.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@6.1.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/55421?format=json","purl":"pkg:gem/activerecord@7.0.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@7.0.4.1"}],"aliases":["CVE-2022-44566","GHSA-579w-22j4-4749","GMS-2023-59"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sygb-mygd-s3gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6799?format=json","vulnerability_id":"VCID-xa94-z6yu-skf8","summary":"Symbol DoS vulnerability in Active Record\nWhen a hash is provided as the find value for a query, the keys of the hash may be converted to symbols. Carefully crafted requests can coerce `params[:name]` to return a hash, and the keys to that hash may be converted to symbols. All users running an affected release should either upgrade or use one of the work arounds immediately.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-04/msg00070.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-04/msg00070.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-04/msg00071.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-04/msg00071.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-04/msg00075.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-04/msg00075.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-04/msg00078.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-04/msg00078.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-04/msg00079.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-04/msg00079.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0699.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0699.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1863.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1863.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0699","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1863","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2014:1863"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1854.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1854.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-1854","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-1854"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1854","reference_id":"","reference_type":"","scores":[{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.8284","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82755","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82771","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82766","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.828","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82803","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82825","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82834","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82697","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82713","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82726","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82723","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.82748","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1854"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=921329","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=921329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1854"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-1854.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-1854.yml"},{"reference_url":"https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/jgJ4cjjS8FE","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/jgJ4cjjS8FE"},{"reference_url":"https://groups.google.com/group/ruby-security-ann/msg/34e0d780b04308de?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/group/ruby-security-ann/msg/34e0d780b04308de?dmode=source&output=gplain"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1854","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1854"},{"reference_url":"http://support.apple.com/kb/HT5784","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT5784"},{"reference_url":"http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released"},{"reference_url":"http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released/","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:2.3.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:2.3.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:2.3.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:3.1.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:ruby_on_rails:3.1.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:ruby_on_rails:3.1.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-3crr-9vmg-864v","reference_id":"GHSA-3crr-9vmg-864v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3crr-9vmg-864v"},{"reference_url":"https://security.gentoo.org/glsa/201412-28","reference_id":"GLSA-201412-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-28"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20257?format=json","purl":"pkg:gem/activerecord@2.3.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.18"},{"url":"http://public2.vulnerablecode.io/api/packages/20068?format=json","purl":"pkg:gem/activerecord@3.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/20258?format=json","purl":"pkg:gem/activerecord@3.1.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/20259?format=json","purl":"pkg:gem/activerecord@3.2.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-thx6-usb2-kkgc"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.2.13"}],"aliases":["CVE-2013-1854","GHSA-3crr-9vmg-864v","OSV-91453"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xa94-z6yu-skf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8459?format=json","vulnerability_id":"VCID-y54w-a8kr-suhy","summary":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')\nRuby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.","references":[{"reference_url":"http://groups.google.com/group/rubyonrails-security/msg/4e19864cf6ad40ad?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://groups.google.com/group/rubyonrails-security/msg/4e19864cf6ad40ad?dmode=source&output=gplain"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0448","reference_id":"","reference_type":"","scores":[{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71837","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71786","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.7177","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71752","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71795","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.718","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71783","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71829","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71834","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71719","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71738","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.7175","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71762","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0448"},{"reference_url":"http://secunia.com/advisories/43278","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43278"},{"reference_url":"http://securitytracker.com/id?1025063","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1025063"},{"reference_url":"https://github.com/rails/rails","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails"},{"reference_url":"https://github.com/rails/rails/commit/354da43ab0a10b3b7b3f9cb0619aa562c3be8474","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails/commit/354da43ab0a10b3b7b3f9cb0619aa562c3be8474"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-0448.yml","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-0448.yml"},{"reference_url":"https://web.archive.org/web/20201220214809/http://securitytracker.com/id?1025063","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201220214809/http://securitytracker.com/id?1025063"},{"reference_url":"http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0877","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0877"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0448","reference_id":"CVE-2011-0448","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0448"},{"reference_url":"https://github.com/advisories/GHSA-jmm9-2p29-vh2w","reference_id":"GHSA-jmm9-2p29-vh2w","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jmm9-2p29-vh2w"},{"reference_url":"https://security.gentoo.org/glsa/201412-28","reference_id":"GLSA-201412-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-28"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/131534?format=json","purl":"pkg:gem/activerecord@2.3.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@2.3.11"},{"url":"http://public2.vulnerablecode.io/api/packages/25258?format=json","purl":"pkg:gem/activerecord@3.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/131545?format=json","purl":"pkg:gem/activerecord@3.0.5.rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2efj-tf8d-dfck"},{"vulnerability":"VCID-3m2y-wy1w-n7h1"},{"vulnerability":"VCID-4cky-r218-dkbb"},{"vulnerability":"VCID-bsxw-gh14-rbef"},{"vulnerability":"VCID-eb5z-q7rj-j7hh"},{"vulnerability":"VCID-f4h5-8f57-3uhr"},{"vulnerability":"VCID-hbtn-7423-m3gb"},{"vulnerability":"VCID-j7p8-hchp-xbe3"},{"vulnerability":"VCID-j8zg-kq3z-jqcm"},{"vulnerability":"VCID-kkbt-pr7u-f7gn"},{"vulnerability":"VCID-n5fx-u6fs-vydu"},{"vulnerability":"VCID-n8r7-wthv-fqaj"},{"vulnerability":"VCID-nk6g-hhsk-8kaw"},{"vulnerability":"VCID-nzeb-cy9e-tkax"},{"vulnerability":"VCID-phxs-zet8-ryh3"},{"vulnerability":"VCID-rq7w-zmh4-17e1"},{"vulnerability":"VCID-sb9g-rdnm-rqbm"},{"vulnerability":"VCID-sygb-mygd-s3gb"},{"vulnerability":"VCID-xa94-z6yu-skf8"},{"vulnerability":"VCID-y54w-a8kr-suhy"},{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.5.rc1"}],"aliases":["CVE-2011-0448","GHSA-jmm9-2p29-vh2w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y54w-a8kr-suhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27910?format=json","vulnerability_id":"VCID-zqzx-avvt-wkhm","summary":"Active Record logging vulnerable to ANSI escape injection\nThis vulnerability has been assigned the CVE identifier CVE-2025-55193\n\n### Impact\nThe ID passed to `find` or similar methods may be logged without escaping. If this is directly to the terminal it may include unescaped ANSI sequences.\n\n### Releases\nThe fixed releases are available at the normal locations.\n\n### Credits\n\nThanks to [lio346](https://hackerone.com/lio346) from Unit 515 of OPSWAT for reporting this vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55193.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55193.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55193","reference_id":"","reference_type":"","scores":[{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33475","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.3337","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33335","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33358","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.334","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33396","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33363","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33317","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33444","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35258","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34957","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34975","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35209","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47284","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55193"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55193","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55193"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rails/rails","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/rails"},{"reference_url":"https://github.com/rails/rails/commit/3beef20013736fd52c5dcfdf061f7999ba318290","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-14T13:42:07Z/"}],"url":"https://github.com/rails/rails/commit/3beef20013736fd52c5dcfdf061f7999ba318290"},{"reference_url":"https://github.com/rails/rails/commit/568c0bc2f1e74c65d150a84b89a080949bf9eb9b","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-14T13:42:07Z/"}],"url":"https://github.com/rails/rails/commit/568c0bc2f1e74c65d150a84b89a080949bf9eb9b"},{"reference_url":"https://github.com/rails/rails/commit/6a944ca4805e72050a0fbb1a461534eb760d3202","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-14T13:42:07Z/"}],"url":"https://github.com/rails/rails/commit/6a944ca4805e72050a0fbb1a461534eb760d3202"},{"reference_url":"https://github.com/rails/rails/security/advisories/GHSA-76r7-hhxj-r776","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-14T13:42:07Z/"}],"url":"https://github.com/rails/rails/security/advisories/GHSA-76r7-hhxj-r776"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2025-55193.yml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2025-55193.yml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55193","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55193"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111106","reference_id":"1111106","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111106"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388446","reference_id":"2388446","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388446"},{"reference_url":"https://github.com/advisories/GHSA-76r7-hhxj-r776","reference_id":"GHSA-76r7-hhxj-r776","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-76r7-hhxj-r776"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/69784?format=json","purl":"pkg:gem/activerecord@7.1.5.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@7.1.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/140291?format=json","purl":"pkg:gem/activerecord@7.2.0.beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@7.2.0.beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/69783?format=json","purl":"pkg:gem/activerecord@7.2.2.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@7.2.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/140300?format=json","purl":"pkg:gem/activerecord@8.0.0.beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zqzx-avvt-wkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@8.0.0.beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/69782?format=json","purl":"pkg:gem/activerecord@8.0.2.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@8.0.2.1"}],"aliases":["CVE-2025-55193","GHSA-76r7-hhxj-r776"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zqzx-avvt-wkhm"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@1.12.1"}