Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/activerecord@3.0.4
Typegem
Namespace
Nameactiverecord
Version3.0.4
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.0.10
Latest_non_vulnerable_version7.0.4.1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1mc1-zb64-yued
vulnerability_id VCID-1mc1-zb64-yued
summary 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.
references
0
reference_url http://groups.google.com/group/rubyonrails-security/msg/4e19864cf6ad40ad?dmode=source&output=gplain
reference_id
reference_type
scores
url http://groups.google.com/group/rubyonrails-security/msg/4e19864cf6ad40ad?dmode=source&output=gplain
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html
2
reference_url http://secunia.com/advisories/43278
reference_id
reference_type
scores
url http://secunia.com/advisories/43278
3
reference_url http://securitytracker.com/id?1025063
reference_id
reference_type
scores
url http://securitytracker.com/id?1025063
4
reference_url http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4
5
reference_url http://www.vupen.com/english/advisories/2011/0877
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0877
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-0448
reference_id CVE-2011-0448
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2011-0448
7
reference_url https://github.com/advisories/GHSA-jmm9-2p29-vh2w
reference_id GHSA-jmm9-2p29-vh2w
reference_type
scores
url https://github.com/advisories/GHSA-jmm9-2p29-vh2w
fixed_packages
0
url pkg:gem/activerecord@3.0.4
purl pkg:gem/activerecord@3.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.4
aliases CVE-2011-0448, GHSA-jmm9-2p29-vh2w
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1mc1-zb64-yued
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.4