Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/ruby193-rubygem-activeresource@1:3.2.17-1?arch=el6sam
Typerpm
Namespaceredhat
Nameruby193-rubygem-activeresource
Version1:3.2.17-1
Qualifiers
arch el6sam
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-464e-wb3p-j3dn
vulnerability_id VCID-464e-wb3p-j3dn
summary 
Reflective XSS Vulnerability
There is a vulnerability in the internationalisation component of Ruby on Rails. When the i18n gem is unable to provide a translation for a given string, it creates a fallback HTML string. Under certain common configurations this string can contain user input which would allow an attacker to execute a reflective XSS attack.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-1794.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1794.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0008.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0008.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-1863.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1863.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4491.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4491.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4491
reference_id
reference_type
scores
0
value 0.00713
scoring_system epss
scoring_elements 0.72689
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4491
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417
10
reference_url http://seclists.org/oss-sec/2013/q4/401
reference_id
reference_type
scores
url http://seclists.org/oss-sec/2013/q4/401
11
reference_url https://github.com/advisories/GHSA-699m-mcjm-9cw8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-699m-mcjm-9cw8
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-4491.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-4491.yml
13
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4491
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4491
15
reference_url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released
16
reference_url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/
17
reference_url http://www.debian.org/security/2014/dsa-2888
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2888
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1036922
reference_id 1036922
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1036922
19
reference_url https://access.redhat.com/errata/RHSA-2013:1794
reference_id RHSA-2013:1794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1794
20
reference_url https://access.redhat.com/errata/RHSA-2014:0008
reference_id RHSA-2014:0008
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0008
fixed_packages
aliases CVE-2013-4491, GHSA-699m-mcjm-9cw8, OSV-100528
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-464e-wb3p-j3dn
1
url VCID-5swj-xwsw-rkac
vulnerability_id VCID-5swj-xwsw-rkac
summary 
Directory Traversal Vulnerability With Certain Route Configurations
The implicit render functionality allows controllers to render a template, even if there is no explicit action with the corresponding name. This module does not perform adequate input sanitization which could allow an attacker to use a specially crafted request to retrieve arbitrary files from the RoR application server.
references
0
reference_url http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf
1
reference_url http://osvdb.org/show/osvdb/106704
reference_id
reference_type
scores
url http://osvdb.org/show/osvdb/106704
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-1863.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1863.html
3
reference_url https://access.redhat.com/errata/RHSA-2014:0510
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:0510
4
reference_url https://access.redhat.com/errata/RHSA-2014:0816
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:0816
5
reference_url https://access.redhat.com/errata/RHSA-2014:1863
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1863
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0130.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0130.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0130
reference_id
reference_type
scores
0
value 0.5271
scoring_system epss
scoring_elements 0.97994
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0130
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1095105
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1095105
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130
12
reference_url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ
13
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/NkKc7vTW70o
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rubyonrails-security/NkKc7vTW70o
14
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/PyJo7_m-Ehk
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/ruby-security-ann/PyJo7_m-Ehk
15
reference_url https://web.archive.org/web/20140518192004/http://www.securityfocus.com/bid/67244
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140518192004/http://www.securityfocus.com/bid/67244
16
reference_url https://web.archive.org/web/20150319054505/http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150319054505/http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf
17
reference_url https://web.archive.org/web/20210411041816/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210411041816/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ
18
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0130
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0130
19
reference_url https://access.redhat.com/security/cve/CVE-2014-0130
reference_id CVE-2014-0130
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-0130
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0130
reference_id CVE-2014-0130
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0130
21
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-0130.yml
reference_id CVE-2014-0130.YML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-0130.yml
22
reference_url https://github.com/advisories/GHSA-6x85-j5j2-27jx
reference_id GHSA-6x85-j5j2-27jx
reference_type
scores
url https://github.com/advisories/GHSA-6x85-j5j2-27jx
fixed_packages
aliases CVE-2014-0130, GHSA-6x85-j5j2-27jx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5swj-xwsw-rkac
2
url VCID-gadc-jens-nuga
vulnerability_id VCID-gadc-jens-nuga
summary 
Denial of Service Vulnerability in Action View
There is a denial of service vulnerability in the header handling component of Action View. Strings sent in specially crafted headers will be cached indefinitely. This can cause the cache to grow infinitely, which will eventually consume all memory on the target machine, causing a denial of service.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-1794.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1794.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2014-0008.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0008.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2014-1863.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1863.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6414.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6414.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6414
reference_id
reference_type
scores
0
value 0.70843
scoring_system epss
scoring_elements 0.98719
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6414
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417
14
reference_url http://seclists.org/oss-sec/2013/q4/400
reference_id
reference_type
scores
url http://seclists.org/oss-sec/2013/q4/400
15
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
16
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-6414.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-6414.yml
17
reference_url https://groups.google.com/forum/message/raw?msg=ruby-security-ann/A-ebV4WxzKg/KNPTbX8XAQUJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/message/raw?msg=ruby-security-ann/A-ebV4WxzKg/KNPTbX8XAQUJ
18
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/A-ebV4WxzKg
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/ruby-security-ann/A-ebV4WxzKg
19
reference_url https://puppet.com/security/cve/cve-2013-6414
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2013-6414
20
reference_url https://web.archive.org/web/20160421165124/http://secunia.com/advisories/57836
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160421165124/http://secunia.com/advisories/57836
21
reference_url https://web.archive.org/web/20160808161629/https://puppet.com/security/cve/cve-2013-6414
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160808161629/https://puppet.com/security/cve/cve-2013-6414
22
reference_url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released
23
reference_url http://www.debian.org/security/2014/dsa-2888
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2888
24
reference_url http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1036483
reference_id 1036483
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1036483
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6414
reference_id CVE-2013-6414
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6414
27
reference_url https://access.redhat.com/errata/RHSA-2013:1794
reference_id RHSA-2013:1794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1794
28
reference_url https://access.redhat.com/errata/RHSA-2014:0008
reference_id RHSA-2014:0008
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0008
fixed_packages
aliases CVE-2013-6414, GHSA-mpxf-gcw2-pw5q, OSV-100525
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gadc-jens-nuga
3
url VCID-ghj9-vyyr-tub8
vulnerability_id VCID-ghj9-vyyr-tub8
summary 
XSS Vulnerability in number_to_currency
The number_to_currency helper allows users to nicely format a numeric value. The unit parameter is not escaped correctly. Application which pass user controlled data as the unit parameter are vulnerable to an XSS attack.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00080.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00080.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html
5
reference_url http://lists.opensuse.org/opensuse-updates/2014-01/msg00013.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-01/msg00013.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2013-1794.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1794.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2014-0008.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0008.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-1863.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1863.html
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6415.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6415.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6415
reference_id
reference_type
scores
0
value 0.01506
scoring_system epss
scoring_elements 0.815
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6415
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417
16
reference_url http://seclists.org/oss-sec/2013/q4/402
reference_id
reference_type
scores
url http://seclists.org/oss-sec/2013/q4/402
17
reference_url https://github.com/advisories/GHSA-6h5q-96hp-9jgm
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-6h5q-96hp-9jgm
18
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-6415.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-6415.yml
19
reference_url https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9WiRn2nhfq0/2K2KRB4LwCMJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9WiRn2nhfq0/2K2KRB4LwCMJ
20
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/9WiRn2nhfq0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/ruby-security-ann/9WiRn2nhfq0
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6415
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6415
22
reference_url https://puppet.com/security/cve/cve-2013-6415
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2013-6415
23
reference_url https://web.archive.org/web/20131206180005/http://www.securityfocus.com/bid/64077
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131206180005/http://www.securityfocus.com/bid/64077
24
reference_url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released
25
reference_url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/
26
reference_url http://www.debian.org/security/2014/dsa-2888
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2888
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1036910
reference_id 1036910
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1036910
28
reference_url https://access.redhat.com/errata/RHSA-2013:1794
reference_id RHSA-2013:1794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1794
29
reference_url https://access.redhat.com/errata/RHSA-2014:0008
reference_id RHSA-2014:0008
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0008
fixed_packages
aliases CVE-2013-6415, GHSA-6h5q-96hp-9jgm, OSV-100524
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ghj9-vyyr-tub8
4
url VCID-kt2t-d3bx-jydv
vulnerability_id VCID-kt2t-d3bx-jydv
summary 
XSS vulnerability in sanitize_css in Action Pack
Carefully crafted text can bypass the sanitization provided in the `sanitize_css` method in Action Pack.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00072.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00072.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00073.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00073.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2014-01/msg00013.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-01/msg00013.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0698.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0698.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2014-1863.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1863.html
5
reference_url https://access.redhat.com/errata/RHSA-2013:0698
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0698
6
reference_url https://access.redhat.com/errata/RHSA-2014:1863
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1863
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1855.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1855.json
8
reference_url https://access.redhat.com/security/cve/CVE-2013-1855
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-1855
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1855
reference_id
reference_type
scores
0
value 0.00536
scoring_system epss
scoring_elements 0.67807
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1855
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=921331
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=921331
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-1855.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-1855.yml
12
reference_url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_QHo4BqnN8
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_QHo4BqnN8
13
reference_url https://groups.google.com/group/rubyonrails-security/msg/8ed835a97cdd1afd?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/8ed835a97cdd1afd?dmode=source&output=gplain
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1855
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1855
15
reference_url http://support.apple.com/kb/HT5784
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT5784
16
reference_url https://web.archive.org/web/20130609174600/http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130609174600/http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
17
reference_url https://web.archive.org/web/20131109010518/http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131109010518/http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
18
reference_url http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released
19
reference_url https://security.gentoo.org/glsa/201412-28
reference_id GLSA-201412-28
reference_type
scores
url https://security.gentoo.org/glsa/201412-28
fixed_packages
aliases CVE-2013-1855, GHSA-q759-hwvc-m3jg, OSV-91452
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kt2t-d3bx-jydv
5
url VCID-qmvt-9qth-77a6
vulnerability_id VCID-qmvt-9qth-77a6
summary 
XSS Vulnerability in the `sanitize` helper
The `sanitize` helper in Ruby on Rails is designed to filter HTML and remove all tags and attributes which could be malicious.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00072.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00072.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00073.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00073.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2014-01/msg00013.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-01/msg00013.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0698.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0698.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2014-1863.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1863.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1857.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1857.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1857
reference_id
reference_type
scores
0
value 0.00625
scoring_system epss
scoring_elements 0.70564
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1857
7
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
8
reference_url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/zAAU7vGTPvI
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/zAAU7vGTPvI
9
reference_url https://groups.google.com/group/rubyonrails-security/msg/78b9817a5943f6d6?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/78b9817a5943f6d6?dmode=source&output=gplain
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1857
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1857
11
reference_url http://support.apple.com/kb/HT5784
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT5784
12
reference_url https://web.archive.org/web/20130609174600/http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130609174600/http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
13
reference_url https://web.archive.org/web/20131109010518/http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131109010518/http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
14
reference_url http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=921335
reference_id 921335
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=921335
16
reference_url https://security.gentoo.org/glsa/201412-28
reference_id GLSA-201412-28
reference_type
scores
url https://security.gentoo.org/glsa/201412-28
fixed_packages
aliases CVE-2013-1857, GHSA-j838-vfpq-fmf2, OSV-91454
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qmvt-9qth-77a6
6
url VCID-wu15-9j1q-17ag
vulnerability_id VCID-wu15-9j1q-17ag
summary 
Symbol DoS vulnerability in Active Record
When a hash is provided as the find value for a query, the keys of the hash may be converted to symbols. Carefully crafted requests can coerce `params[:name]` to return a hash, and the keys to that hash may be converted to symbols. All users running an affected release should either upgrade or use one of the work arounds immediately.
references
0
reference_url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
1
reference_url http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00070.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00070.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00071.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00071.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00075.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00075.html
5
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00078.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00078.html
6
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00079.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00079.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2013-0699.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0699.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-1863.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1863.html
9
reference_url https://access.redhat.com/errata/RHSA-2013:0699
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0699
10
reference_url https://access.redhat.com/errata/RHSA-2014:1863
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1863
11
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1854.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1854.json
12
reference_url https://access.redhat.com/security/cve/CVE-2013-1854
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-1854
13
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1854
reference_id
reference_type
scores
0
value 0.01795
scoring_system epss
scoring_elements 0.83107
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1854
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=921329
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=921329
15
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-1854.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-1854.yml
16
reference_url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/jgJ4cjjS8FE
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/jgJ4cjjS8FE
17
reference_url https://groups.google.com/group/ruby-security-ann/msg/34e0d780b04308de?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/ruby-security-ann/msg/34e0d780b04308de?dmode=source&output=gplain
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1854
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1854
19
reference_url http://support.apple.com/kb/HT5784
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT5784
20
reference_url http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released
21
reference_url https://security.gentoo.org/glsa/201412-28
reference_id GLSA-201412-28
reference_type
scores
url https://security.gentoo.org/glsa/201412-28
fixed_packages
aliases CVE-2013-1854, GHSA-3crr-9vmg-864v, OSV-91453
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wu15-9j1q-17ag
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby193-rubygem-activeresource@1:3.2.17-1%3Farch=el6sam