{"url":"http://public2.vulnerablecode.io/api/packages/54588?format=json","purl":"pkg:gem/activerecord@3.0.4","type":"gem","namespace":"","name":"activerecord","version":"3.0.4","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.0.10","latest_non_vulnerable_version":"7.0.4.1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39099?format=json","vulnerability_id":"VCID-1mc1-zb64-yued","summary":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')\nRuby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.","references":[{"reference_url":"http://groups.google.com/group/rubyonrails-security/msg/4e19864cf6ad40ad?dmode=source&output=gplain","reference_id":"","reference_type":"","scores":[],"url":"http://groups.google.com/group/rubyonrails-security/msg/4e19864cf6ad40ad?dmode=source&output=gplain"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html"},{"reference_url":"http://secunia.com/advisories/43278","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43278"},{"reference_url":"http://securitytracker.com/id?1025063","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1025063"},{"reference_url":"http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0877","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0877"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0448","reference_id":"CVE-2011-0448","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0448"},{"reference_url":"https://github.com/advisories/GHSA-jmm9-2p29-vh2w","reference_id":"GHSA-jmm9-2p29-vh2w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-jmm9-2p29-vh2w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/54588?format=json","purl":"pkg:gem/activerecord@3.0.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.4"}],"aliases":["CVE-2011-0448","GHSA-jmm9-2p29-vh2w"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mc1-zb64-yued"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@3.0.4"}