Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/actionpack@4.1
Typegem
Namespace
Nameactionpack
Version4.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version8.1.2.1
Latest_non_vulnerable_version8.1.2.1
Affected_by_vulnerabilities
0
url VCID-5swj-xwsw-rkac
vulnerability_id VCID-5swj-xwsw-rkac
summary 
Directory Traversal Vulnerability With Certain Route Configurations
The implicit render functionality allows controllers to render a template, even if there is no explicit action with the corresponding name. This module does not perform adequate input sanitization which could allow an attacker to use a specially crafted request to retrieve arbitrary files from the RoR application server.
references
0
reference_url http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:25:09Z/
url http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf
1
reference_url http://osvdb.org/show/osvdb/106704
reference_id
reference_type
scores
url http://osvdb.org/show/osvdb/106704
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-1863.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:25:09Z/
url http://rhn.redhat.com/errata/RHSA-2014-1863.html
3
reference_url https://access.redhat.com/errata/RHSA-2014:0510
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:0510
4
reference_url https://access.redhat.com/errata/RHSA-2014:0816
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:0816
5
reference_url https://access.redhat.com/errata/RHSA-2014:1863
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1863
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0130.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0130.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0130
reference_id
reference_type
scores
0
value 0.5271
scoring_system epss
scoring_elements 0.97998
published_at 2026-06-06T12:55:00Z
1
value 0.5271
scoring_system epss
scoring_elements 0.97994
published_at 2026-06-04T12:55:00Z
2
value 0.5271
scoring_system epss
scoring_elements 0.97997
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0130
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1095105
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1095105
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:25:09Z/
url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ
14
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/NkKc7vTW70o
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rubyonrails-security/NkKc7vTW70o
15
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/PyJo7_m-Ehk
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/ruby-security-ann/PyJo7_m-Ehk
16
reference_url https://web.archive.org/web/20140518192004/http://www.securityfocus.com/bid/67244
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140518192004/http://www.securityfocus.com/bid/67244
17
reference_url https://web.archive.org/web/20150319054505/http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150319054505/http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf
18
reference_url https://web.archive.org/web/20210411041816/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210411041816/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ
19
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0130
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0130
20
reference_url http://www.securityfocus.com/bid/67244
reference_id 67244
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:25:09Z/
url http://www.securityfocus.com/bid/67244
21
reference_url https://access.redhat.com/security/cve/CVE-2014-0130
reference_id CVE-2014-0130
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-0130
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0130
reference_id CVE-2014-0130
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0130
23
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-0130.yml
reference_id CVE-2014-0130.YML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-0130.yml
24
reference_url https://github.com/advisories/GHSA-6x85-j5j2-27jx
reference_id GHSA-6x85-j5j2-27jx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6x85-j5j2-27jx
fixed_packages
0
url pkg:gem/actionpack@4.1.1
purl pkg:gem/actionpack@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pzg-37dp-cyb1
1
vulnerability VCID-37qm-tp8v-tugb
2
vulnerability VCID-4uv1-e1me-hqb3
3
vulnerability VCID-75m1-xqdk-j7f3
4
vulnerability VCID-9t5z-1umq-qbe4
5
vulnerability VCID-9xc9-zvs2-1kde
6
vulnerability VCID-b464-j8ja-hke6
7
vulnerability VCID-bcwq-ngna-fqhd
8
vulnerability VCID-bfqq-ypyw-dycj
9
vulnerability VCID-cbvq-4ze7-r3g6
10
vulnerability VCID-chxq-j9us-cygh
11
vulnerability VCID-ecg2-wcty-b7hw
12
vulnerability VCID-egdx-4qqa-guh1
13
vulnerability VCID-f21a-143f-9qay
14
vulnerability VCID-f7bp-x4q3-jbeh
15
vulnerability VCID-ftus-vcww-2kgf
16
vulnerability VCID-gqfj-qxbc-xqhm
17
vulnerability VCID-hdu6-u2pb-aqhp
18
vulnerability VCID-hxcf-k4te-h3gu
19
vulnerability VCID-jkk1-jx5j-q3ch
20
vulnerability VCID-mf6k-jx45-m3fy
21
vulnerability VCID-n798-maqx-y3c9
22
vulnerability VCID-nhny-abkr-6qhb
23
vulnerability VCID-nprk-kfvh-vqfh
24
vulnerability VCID-nt1m-frdh-tbbq
25
vulnerability VCID-p6yg-d8wm-4bgz
26
vulnerability VCID-sw7t-5s3e-vkhx
27
vulnerability VCID-ufrj-jn16-jybn
28
vulnerability VCID-ugdk-t2vk-nkfc
29
vulnerability VCID-ujt2-es3k-67aq
30
vulnerability VCID-v3vg-9jdz-guf5
31
vulnerability VCID-vp3u-cexw-57a4
32
vulnerability VCID-vv7c-uwnu-nfhb
33
vulnerability VCID-wake-zgkk-vber
34
vulnerability VCID-xee7-ge26-yfdc
35
vulnerability VCID-xvsy-e7fv-1ufe
36
vulnerability VCID-y8dx-xevb-bka2
37
vulnerability VCID-ypcy-hry9-5fa3
38
vulnerability VCID-z21g-8h32-yyf6
39
vulnerability VCID-zc2d-dx64-2yh3
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.1
aliases CVE-2014-0130, GHSA-6x85-j5j2-27jx
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5swj-xwsw-rkac
1
url VCID-vex8-56fk-gqdf
vulnerability_id VCID-vex8-56fk-gqdf
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails beta2 allow remote attackers to inject arbitrary web script or HTML via the (1) format, (2) negative_format, or (3) units parameter to the (a) number_to_currency, (b) number_to_percentage, or (c) number_to_human helper.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-02/msg00081.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-02/msg00081.html
1
reference_url http://openwall.com/lists/oss-security/2014/02/18/8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/02/18/8
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-0215.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0215.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-0306.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0306.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0081.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0081.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0081
reference_id
reference_type
scores
0
value 0.00885
scoring_system epss
scoring_elements 0.75813
published_at 2026-06-04T12:55:00Z
1
value 0.00885
scoring_system epss
scoring_elements 0.75839
published_at 2026-06-06T12:55:00Z
2
value 0.00885
scoring_system epss
scoring_elements 0.7584
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0081
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130
9
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
10
reference_url https://github.com/rails/rails/commit/08d0a11a3f62718d601d39e617c834759cf59bbb
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/08d0a11a3f62718d601d39e617c834759cf59bbb
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-0081.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-0081.yml
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rails/CVE-2014-0081.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rails/CVE-2014-0081.yml
13
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/tfp6gZCtzr4
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/rubyonrails-security/tfp6gZCtzr4
14
reference_url https://web.archive.org/web/20140911141416/http://www.securitytracker.com/id/1029782
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140911141416/http://www.securitytracker.com/id/1029782
15
reference_url https://web.archive.org/web/20170307202606/http://www.securityfocus.com/bid/65647
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170307202606/http://www.securityfocus.com/bid/65647
16
reference_url https://web.archive.org/web/20201207045136/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/tfp6gZCtzr4/j8LUHmu7fIEJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201207045136/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/tfp6gZCtzr4/j8LUHmu7fIEJ
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1065520
reference_id 1065520
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1065520
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0081
reference_id CVE-2014-0081
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0081
19
reference_url https://github.com/advisories/GHSA-m46p-ggm5-5j83
reference_id GHSA-m46p-ggm5-5j83
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m46p-ggm5-5j83
20
reference_url https://access.redhat.com/errata/RHSA-2014:0215
reference_id RHSA-2014:0215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0215
21
reference_url https://access.redhat.com/errata/RHSA-2014:0306
reference_id RHSA-2014:0306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0306
fixed_packages
0
url pkg:gem/actionpack@4.1.1
purl pkg:gem/actionpack@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pzg-37dp-cyb1
1
vulnerability VCID-37qm-tp8v-tugb
2
vulnerability VCID-4uv1-e1me-hqb3
3
vulnerability VCID-75m1-xqdk-j7f3
4
vulnerability VCID-9t5z-1umq-qbe4
5
vulnerability VCID-9xc9-zvs2-1kde
6
vulnerability VCID-b464-j8ja-hke6
7
vulnerability VCID-bcwq-ngna-fqhd
8
vulnerability VCID-bfqq-ypyw-dycj
9
vulnerability VCID-cbvq-4ze7-r3g6
10
vulnerability VCID-chxq-j9us-cygh
11
vulnerability VCID-ecg2-wcty-b7hw
12
vulnerability VCID-egdx-4qqa-guh1
13
vulnerability VCID-f21a-143f-9qay
14
vulnerability VCID-f7bp-x4q3-jbeh
15
vulnerability VCID-ftus-vcww-2kgf
16
vulnerability VCID-gqfj-qxbc-xqhm
17
vulnerability VCID-hdu6-u2pb-aqhp
18
vulnerability VCID-hxcf-k4te-h3gu
19
vulnerability VCID-jkk1-jx5j-q3ch
20
vulnerability VCID-mf6k-jx45-m3fy
21
vulnerability VCID-n798-maqx-y3c9
22
vulnerability VCID-nhny-abkr-6qhb
23
vulnerability VCID-nprk-kfvh-vqfh
24
vulnerability VCID-nt1m-frdh-tbbq
25
vulnerability VCID-p6yg-d8wm-4bgz
26
vulnerability VCID-sw7t-5s3e-vkhx
27
vulnerability VCID-ufrj-jn16-jybn
28
vulnerability VCID-ugdk-t2vk-nkfc
29
vulnerability VCID-ujt2-es3k-67aq
30
vulnerability VCID-v3vg-9jdz-guf5
31
vulnerability VCID-vp3u-cexw-57a4
32
vulnerability VCID-vv7c-uwnu-nfhb
33
vulnerability VCID-wake-zgkk-vber
34
vulnerability VCID-xee7-ge26-yfdc
35
vulnerability VCID-xvsy-e7fv-1ufe
36
vulnerability VCID-y8dx-xevb-bka2
37
vulnerability VCID-ypcy-hry9-5fa3
38
vulnerability VCID-z21g-8h32-yyf6
39
vulnerability VCID-zc2d-dx64-2yh3
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.1
aliases CVE-2014-0081, GHSA-m46p-ggm5-5j83, OSV-103439
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vex8-56fk-gqdf
2
url VCID-xee7-ge26-yfdc
vulnerability_id VCID-xee7-ge26-yfdc
summary 
Arbitrary file existence disclosure
Specially crafted requests can be used to determine whether a file exists on the filesystem that is outside the Rails application's root directory. The files will not be served, but attackers can determine whether the file exists. This only impacts Rails applications that enable static file serving at runtime. For example, the application's production configuration will say: `config.serve_static_assets = true`
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7829.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7829.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7829
reference_id
reference_type
scores
0
value 0.00265
scoring_system epss
scoring_elements 0.50214
published_at 2026-06-06T12:55:00Z
1
value 0.00265
scoring_system epss
scoring_elements 0.50144
published_at 2026-06-04T12:55:00Z
2
value 0.00265
scoring_system epss
scoring_elements 0.50206
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7829
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7829
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7829
4
reference_url https://github.com/advisories/GHSA-h56m-vwxc-3qpw
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h56m-vwxc-3qpw
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7829.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7829.yml
6
reference_url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/rMTQy4oRCGk/loS_CRS8mNEJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/rMTQy4oRCGk/loS_CRS8mNEJ
7
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/rMTQy4oRCGk
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rubyonrails-security/rMTQy4oRCGk
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7829
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7829
9
reference_url https://puppet.com/security/cve/cve-2014-7829
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2014-7829
10
reference_url https://web.archive.org/web/20160403085126/http://www.securityfocus.com/bid/71183
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160403085126/http://www.securityfocus.com/bid/71183
11
reference_url http://weblog.rubyonrails.org/2014/11/19/Rails-4-0-11-1-and-4-1-7-1-have-been-released/
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2014/11/19/Rails-4-0-11-1-and-4-1-7-1-have-been-released/
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1164659
reference_id 1164659
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1164659
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934
reference_id 770934
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934
fixed_packages
0
url pkg:gem/actionpack@4.1.7.1
purl pkg:gem/actionpack@4.1.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pzg-37dp-cyb1
1
vulnerability VCID-37qm-tp8v-tugb
2
vulnerability VCID-4uv1-e1me-hqb3
3
vulnerability VCID-75m1-xqdk-j7f3
4
vulnerability VCID-9t5z-1umq-qbe4
5
vulnerability VCID-9xc9-zvs2-1kde
6
vulnerability VCID-b464-j8ja-hke6
7
vulnerability VCID-bcwq-ngna-fqhd
8
vulnerability VCID-bfqq-ypyw-dycj
9
vulnerability VCID-cbvq-4ze7-r3g6
10
vulnerability VCID-chxq-j9us-cygh
11
vulnerability VCID-ecg2-wcty-b7hw
12
vulnerability VCID-egdx-4qqa-guh1
13
vulnerability VCID-f21a-143f-9qay
14
vulnerability VCID-f7bp-x4q3-jbeh
15
vulnerability VCID-ftus-vcww-2kgf
16
vulnerability VCID-gqfj-qxbc-xqhm
17
vulnerability VCID-hdu6-u2pb-aqhp
18
vulnerability VCID-hxcf-k4te-h3gu
19
vulnerability VCID-jkk1-jx5j-q3ch
20
vulnerability VCID-mf6k-jx45-m3fy
21
vulnerability VCID-n798-maqx-y3c9
22
vulnerability VCID-nhny-abkr-6qhb
23
vulnerability VCID-nprk-kfvh-vqfh
24
vulnerability VCID-nt1m-frdh-tbbq
25
vulnerability VCID-p6yg-d8wm-4bgz
26
vulnerability VCID-sw7t-5s3e-vkhx
27
vulnerability VCID-ufrj-jn16-jybn
28
vulnerability VCID-ugdk-t2vk-nkfc
29
vulnerability VCID-ujt2-es3k-67aq
30
vulnerability VCID-v3vg-9jdz-guf5
31
vulnerability VCID-vp3u-cexw-57a4
32
vulnerability VCID-vv7c-uwnu-nfhb
33
vulnerability VCID-wake-zgkk-vber
34
vulnerability VCID-xee7-ge26-yfdc
35
vulnerability VCID-y8dx-xevb-bka2
36
vulnerability VCID-ypcy-hry9-5fa3
37
vulnerability VCID-z21g-8h32-yyf6
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.7.1
1
url pkg:gem/actionpack@4.1.8
purl pkg:gem/actionpack@4.1.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pzg-37dp-cyb1
1
vulnerability VCID-37qm-tp8v-tugb
2
vulnerability VCID-4uv1-e1me-hqb3
3
vulnerability VCID-75m1-xqdk-j7f3
4
vulnerability VCID-9t5z-1umq-qbe4
5
vulnerability VCID-9xc9-zvs2-1kde
6
vulnerability VCID-b464-j8ja-hke6
7
vulnerability VCID-bcwq-ngna-fqhd
8
vulnerability VCID-bfqq-ypyw-dycj
9
vulnerability VCID-cbvq-4ze7-r3g6
10
vulnerability VCID-chxq-j9us-cygh
11
vulnerability VCID-ecg2-wcty-b7hw
12
vulnerability VCID-egdx-4qqa-guh1
13
vulnerability VCID-f21a-143f-9qay
14
vulnerability VCID-f7bp-x4q3-jbeh
15
vulnerability VCID-ftus-vcww-2kgf
16
vulnerability VCID-gqfj-qxbc-xqhm
17
vulnerability VCID-hdu6-u2pb-aqhp
18
vulnerability VCID-hxcf-k4te-h3gu
19
vulnerability VCID-jkk1-jx5j-q3ch
20
vulnerability VCID-mf6k-jx45-m3fy
21
vulnerability VCID-n798-maqx-y3c9
22
vulnerability VCID-nhny-abkr-6qhb
23
vulnerability VCID-nprk-kfvh-vqfh
24
vulnerability VCID-nt1m-frdh-tbbq
25
vulnerability VCID-p6yg-d8wm-4bgz
26
vulnerability VCID-sw7t-5s3e-vkhx
27
vulnerability VCID-ufrj-jn16-jybn
28
vulnerability VCID-ugdk-t2vk-nkfc
29
vulnerability VCID-v3vg-9jdz-guf5
30
vulnerability VCID-vp3u-cexw-57a4
31
vulnerability VCID-vv7c-uwnu-nfhb
32
vulnerability VCID-wake-zgkk-vber
33
vulnerability VCID-xee7-ge26-yfdc
34
vulnerability VCID-y8dx-xevb-bka2
35
vulnerability VCID-ypcy-hry9-5fa3
36
vulnerability VCID-z21g-8h32-yyf6
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.8
2
url pkg:gem/actionpack@4.2.0.beta1
purl pkg:gem/actionpack@4.2.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pzg-37dp-cyb1
1
vulnerability VCID-37qm-tp8v-tugb
2
vulnerability VCID-4uv1-e1me-hqb3
3
vulnerability VCID-75m1-xqdk-j7f3
4
vulnerability VCID-9t5z-1umq-qbe4
5
vulnerability VCID-b464-j8ja-hke6
6
vulnerability VCID-bcwq-ngna-fqhd
7
vulnerability VCID-bfqq-ypyw-dycj
8
vulnerability VCID-cbvq-4ze7-r3g6
9
vulnerability VCID-chxq-j9us-cygh
10
vulnerability VCID-ecg2-wcty-b7hw
11
vulnerability VCID-egdx-4qqa-guh1
12
vulnerability VCID-f21a-143f-9qay
13
vulnerability VCID-f7bp-x4q3-jbeh
14
vulnerability VCID-ftus-vcww-2kgf
15
vulnerability VCID-gqfj-qxbc-xqhm
16
vulnerability VCID-hdu6-u2pb-aqhp
17
vulnerability VCID-hxcf-k4te-h3gu
18
vulnerability VCID-jkk1-jx5j-q3ch
19
vulnerability VCID-n798-maqx-y3c9
20
vulnerability VCID-nhny-abkr-6qhb
21
vulnerability VCID-nprk-kfvh-vqfh
22
vulnerability VCID-nt1m-frdh-tbbq
23
vulnerability VCID-p6yg-d8wm-4bgz
24
vulnerability VCID-sw7t-5s3e-vkhx
25
vulnerability VCID-ufrj-jn16-jybn
26
vulnerability VCID-ugdk-t2vk-nkfc
27
vulnerability VCID-v3vg-9jdz-guf5
28
vulnerability VCID-vp3u-cexw-57a4
29
vulnerability VCID-xee7-ge26-yfdc
30
vulnerability VCID-xvsy-e7fv-1ufe
31
vulnerability VCID-ypcy-hry9-5fa3
32
vulnerability VCID-z21g-8h32-yyf6
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta1
3
url pkg:gem/actionpack@4.2.0.beta4
purl pkg:gem/actionpack@4.2.0.beta4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pzg-37dp-cyb1
1
vulnerability VCID-37qm-tp8v-tugb
2
vulnerability VCID-4uv1-e1me-hqb3
3
vulnerability VCID-75m1-xqdk-j7f3
4
vulnerability VCID-9t5z-1umq-qbe4
5
vulnerability VCID-b464-j8ja-hke6
6
vulnerability VCID-bcwq-ngna-fqhd
7
vulnerability VCID-bfqq-ypyw-dycj
8
vulnerability VCID-cbvq-4ze7-r3g6
9
vulnerability VCID-chxq-j9us-cygh
10
vulnerability VCID-ecg2-wcty-b7hw
11
vulnerability VCID-egdx-4qqa-guh1
12
vulnerability VCID-f21a-143f-9qay
13
vulnerability VCID-f7bp-x4q3-jbeh
14
vulnerability VCID-ftus-vcww-2kgf
15
vulnerability VCID-gqfj-qxbc-xqhm
16
vulnerability VCID-hdu6-u2pb-aqhp
17
vulnerability VCID-hxcf-k4te-h3gu
18
vulnerability VCID-jkk1-jx5j-q3ch
19
vulnerability VCID-n798-maqx-y3c9
20
vulnerability VCID-nhny-abkr-6qhb
21
vulnerability VCID-nprk-kfvh-vqfh
22
vulnerability VCID-nt1m-frdh-tbbq
23
vulnerability VCID-p6yg-d8wm-4bgz
24
vulnerability VCID-sw7t-5s3e-vkhx
25
vulnerability VCID-ufrj-jn16-jybn
26
vulnerability VCID-ugdk-t2vk-nkfc
27
vulnerability VCID-v3vg-9jdz-guf5
28
vulnerability VCID-vp3u-cexw-57a4
29
vulnerability VCID-xee7-ge26-yfdc
30
vulnerability VCID-ypcy-hry9-5fa3
31
vulnerability VCID-z21g-8h32-yyf6
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta4
aliases CVE-2014-7829, GHSA-h56m-vwxc-3qpw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xee7-ge26-yfdc
3
url VCID-xvsy-e7fv-1ufe
vulnerability_id VCID-xvsy-e7fv-1ufe
summary 
Arbitrary file existence disclosure
Specially crafted requests can be used to determine whether a file exists on the filesystem that is outside the Rails application's root directory. The files will not be served, but attackers can determine whether the file exists. This only impacts Rails applications that enable static file serving at runtime. For example, the application's production configuration will say: `config.serve_static_assets = true`
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7818.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7818.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7818
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44743
published_at 2026-06-05T12:55:00Z
1
value 0.0022
scoring_system epss
scoring_elements 0.4475
published_at 2026-06-06T12:55:00Z
2
value 0.0022
scoring_system epss
scoring_elements 0.44674
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7818
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7818
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7818
4
reference_url https://github.com/advisories/GHSA-29gr-w57f-rpfw
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-29gr-w57f-rpfw
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7818.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2014-7818.yml
6
reference_url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/dCp7duBiQgo/v_R_8PFs5IwJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/dCp7duBiQgo/v_R_8PFs5IwJ
7
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/dCp7duBiQgo
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rubyonrails-security/dCp7duBiQgo
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7818
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7818
9
reference_url https://puppet.com/security/cve/cve-2014-7829
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2014-7829
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1161499
reference_id 1161499
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1161499
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934
reference_id 770934
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770934
fixed_packages
0
url pkg:gem/actionpack@4.1.7
purl pkg:gem/actionpack@4.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pzg-37dp-cyb1
1
vulnerability VCID-37qm-tp8v-tugb
2
vulnerability VCID-4uv1-e1me-hqb3
3
vulnerability VCID-75m1-xqdk-j7f3
4
vulnerability VCID-9t5z-1umq-qbe4
5
vulnerability VCID-9xc9-zvs2-1kde
6
vulnerability VCID-b464-j8ja-hke6
7
vulnerability VCID-bcwq-ngna-fqhd
8
vulnerability VCID-bfqq-ypyw-dycj
9
vulnerability VCID-cbvq-4ze7-r3g6
10
vulnerability VCID-chxq-j9us-cygh
11
vulnerability VCID-ecg2-wcty-b7hw
12
vulnerability VCID-egdx-4qqa-guh1
13
vulnerability VCID-f21a-143f-9qay
14
vulnerability VCID-f7bp-x4q3-jbeh
15
vulnerability VCID-ftus-vcww-2kgf
16
vulnerability VCID-gqfj-qxbc-xqhm
17
vulnerability VCID-hdu6-u2pb-aqhp
18
vulnerability VCID-hxcf-k4te-h3gu
19
vulnerability VCID-jkk1-jx5j-q3ch
20
vulnerability VCID-mf6k-jx45-m3fy
21
vulnerability VCID-n798-maqx-y3c9
22
vulnerability VCID-nhny-abkr-6qhb
23
vulnerability VCID-nprk-kfvh-vqfh
24
vulnerability VCID-nt1m-frdh-tbbq
25
vulnerability VCID-p6yg-d8wm-4bgz
26
vulnerability VCID-sw7t-5s3e-vkhx
27
vulnerability VCID-ufrj-jn16-jybn
28
vulnerability VCID-ugdk-t2vk-nkfc
29
vulnerability VCID-ujt2-es3k-67aq
30
vulnerability VCID-v3vg-9jdz-guf5
31
vulnerability VCID-vp3u-cexw-57a4
32
vulnerability VCID-vv7c-uwnu-nfhb
33
vulnerability VCID-wake-zgkk-vber
34
vulnerability VCID-xee7-ge26-yfdc
35
vulnerability VCID-y8dx-xevb-bka2
36
vulnerability VCID-ypcy-hry9-5fa3
37
vulnerability VCID-z21g-8h32-yyf6
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1.7
1
url pkg:gem/actionpack@4.2.0.beta1
purl pkg:gem/actionpack@4.2.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pzg-37dp-cyb1
1
vulnerability VCID-37qm-tp8v-tugb
2
vulnerability VCID-4uv1-e1me-hqb3
3
vulnerability VCID-75m1-xqdk-j7f3
4
vulnerability VCID-9t5z-1umq-qbe4
5
vulnerability VCID-b464-j8ja-hke6
6
vulnerability VCID-bcwq-ngna-fqhd
7
vulnerability VCID-bfqq-ypyw-dycj
8
vulnerability VCID-cbvq-4ze7-r3g6
9
vulnerability VCID-chxq-j9us-cygh
10
vulnerability VCID-ecg2-wcty-b7hw
11
vulnerability VCID-egdx-4qqa-guh1
12
vulnerability VCID-f21a-143f-9qay
13
vulnerability VCID-f7bp-x4q3-jbeh
14
vulnerability VCID-ftus-vcww-2kgf
15
vulnerability VCID-gqfj-qxbc-xqhm
16
vulnerability VCID-hdu6-u2pb-aqhp
17
vulnerability VCID-hxcf-k4te-h3gu
18
vulnerability VCID-jkk1-jx5j-q3ch
19
vulnerability VCID-n798-maqx-y3c9
20
vulnerability VCID-nhny-abkr-6qhb
21
vulnerability VCID-nprk-kfvh-vqfh
22
vulnerability VCID-nt1m-frdh-tbbq
23
vulnerability VCID-p6yg-d8wm-4bgz
24
vulnerability VCID-sw7t-5s3e-vkhx
25
vulnerability VCID-ufrj-jn16-jybn
26
vulnerability VCID-ugdk-t2vk-nkfc
27
vulnerability VCID-v3vg-9jdz-guf5
28
vulnerability VCID-vp3u-cexw-57a4
29
vulnerability VCID-xee7-ge26-yfdc
30
vulnerability VCID-xvsy-e7fv-1ufe
31
vulnerability VCID-ypcy-hry9-5fa3
32
vulnerability VCID-z21g-8h32-yyf6
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta1
2
url pkg:gem/actionpack@4.2.0.beta3
purl pkg:gem/actionpack@4.2.0.beta3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pzg-37dp-cyb1
1
vulnerability VCID-37qm-tp8v-tugb
2
vulnerability VCID-4uv1-e1me-hqb3
3
vulnerability VCID-75m1-xqdk-j7f3
4
vulnerability VCID-9t5z-1umq-qbe4
5
vulnerability VCID-b464-j8ja-hke6
6
vulnerability VCID-bcwq-ngna-fqhd
7
vulnerability VCID-bfqq-ypyw-dycj
8
vulnerability VCID-cbvq-4ze7-r3g6
9
vulnerability VCID-chxq-j9us-cygh
10
vulnerability VCID-ecg2-wcty-b7hw
11
vulnerability VCID-egdx-4qqa-guh1
12
vulnerability VCID-f21a-143f-9qay
13
vulnerability VCID-f7bp-x4q3-jbeh
14
vulnerability VCID-ftus-vcww-2kgf
15
vulnerability VCID-gqfj-qxbc-xqhm
16
vulnerability VCID-hdu6-u2pb-aqhp
17
vulnerability VCID-hxcf-k4te-h3gu
18
vulnerability VCID-jkk1-jx5j-q3ch
19
vulnerability VCID-n798-maqx-y3c9
20
vulnerability VCID-nhny-abkr-6qhb
21
vulnerability VCID-nprk-kfvh-vqfh
22
vulnerability VCID-nt1m-frdh-tbbq
23
vulnerability VCID-p6yg-d8wm-4bgz
24
vulnerability VCID-sw7t-5s3e-vkhx
25
vulnerability VCID-ufrj-jn16-jybn
26
vulnerability VCID-ugdk-t2vk-nkfc
27
vulnerability VCID-v3vg-9jdz-guf5
28
vulnerability VCID-vp3u-cexw-57a4
29
vulnerability VCID-xee7-ge26-yfdc
30
vulnerability VCID-ypcy-hry9-5fa3
31
vulnerability VCID-z21g-8h32-yyf6
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.2.0.beta3
aliases CVE-2014-7818, GHSA-29gr-w57f-rpfw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xvsy-e7fv-1ufe
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/actionpack@4.1