Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/50467?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50467?format=api", "vulnerability_id": "VCID-qywc-5pj5-y3a9", "summary": "Moderate severity vulnerability that affects activerecord\nWithdrawn, accidental duplicate publish.\n\nActive Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain \"[nil]\" values, a related issue to CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155.", "aliases": [ { "alias": "GHSA-m8h6-m9p5-p2f8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23133?format=api", "purl": "pkg:gem/activerecord@4.2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7.1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54800?format=api", "purl": "pkg:gem/activerecord@4.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/134072?format=api", "purl": "pkg:gem/activerecord@4.2.1.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/134073?format=api", "purl": "pkg:gem/activerecord@4.2.1.rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/134074?format=api", "purl": "pkg:gem/activerecord@4.2.1.rc3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc3" }, { "url": "http://public2.vulnerablecode.io/api/packages/134075?format=api", "purl": "pkg:gem/activerecord@4.2.1.rc4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1.rc4" }, { "url": "http://public2.vulnerablecode.io/api/packages/134076?format=api", "purl": "pkg:gem/activerecord@4.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/134077?format=api", "purl": "pkg:gem/activerecord@4.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/134078?format=api", "purl": "pkg:gem/activerecord@4.2.3.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.3.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/134079?format=api", "purl": "pkg:gem/activerecord@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/134080?format=api", "purl": "pkg:gem/activerecord@4.2.4.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.4.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/134081?format=api", "purl": "pkg:gem/activerecord@4.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/134082?format=api", "purl": "pkg:gem/activerecord@4.2.5.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/134083?format=api", "purl": "pkg:gem/activerecord@4.2.5.rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/134084?format=api", "purl": "pkg:gem/activerecord@4.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-f4h5-8f57-3uhr" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-thx6-usb2-kkgc" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/21642?format=api", "purl": "pkg:gem/activerecord@4.2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/134085?format=api", "purl": "pkg:gem/activerecord@4.2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/134086?format=api", "purl": "pkg:gem/activerecord@4.2.6.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.6.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/134087?format=api", "purl": "pkg:gem/activerecord@4.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/134088?format=api", "purl": "pkg:gem/activerecord@4.2.7.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/134089?format=api", "purl": "pkg:gem/activerecord@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cky-r218-dkbb" }, { "vulnerability": "VCID-5qu2-b8gt-7qe3" }, { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-bsxw-gh14-rbef" }, { "vulnerability": "VCID-j8zg-kq3z-jqcm" }, { "vulnerability": "VCID-n8r7-wthv-fqaj" }, { "vulnerability": "VCID-nzeb-cy9e-tkax" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" }, { "vulnerability": "VCID-sygb-mygd-s3gb" }, { "vulnerability": "VCID-y54w-a8kr-suhy" }, { "vulnerability": "VCID-zqzx-avvt-wkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/141899?format=api", "purl": "pkg:gem/activerecord@4.2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9t7a-muwx-zyee" }, { "vulnerability": "VCID-qywc-5pj5-y3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/activerecord@4.2.7.0" } ], "references": [ { "reference_url": "https://github.com/advisories/GHSA-m8h6-m9p5-p2f8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m8h6-m9p5-p2f8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6317", "reference_id": "CVE-2016-6317", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6317" } ], "weaknesses": [], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qywc-5pj5-y3a9" }