Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-8ucb-ajnh-fqb8
Summary
activeresource Gem for Ruby lib/active_resource/base.rb element_path Lack of Encoding
activeresource contains a lack of encoding flaw in the element_path function of
lib/active_resource/base.rb.

There is an issue with the way Active Resource encodes data before querying the back end server.  This encoding mechanism can allow specially crafted requests to possibly access data that may not be expected.

Impacted code will look something like this:

```
require 'activeresource'

class Test < ActiveResource::Base
  self.site = 'http://127.0.0.1:3000'
end

Test.exists?(untrusted_user_input)
```

Where untrusted user input is passed to an Active Resource model.  Specially crafted untrusted input can cause Active Resource to access data in an unexpected way and possibly leak information.

Workarounds
-------------

For those that can't upgrade, the following monkey patch can be applied:

```
module ActiveResource
 class Base
   class << self
     def element_path(id, prefix_options = {}, query_options = nil)
       check_prefix_options(prefix_options)

       prefix_options, query_options = split_options(prefix_options) if query_options.nil?
       "#{prefix(prefix_options)}#{collection_name}/#{URI.encode_www_form_component(id.to_s)}#{format_extension}#{query_string(query_options)}"
     end
   end
 end
end
```
Aliases
0
alias CVE-2020-8151
1
alias GHSA-46j2-xjgp-jrfm
Fixed_packages
0
url pkg:deb/debian/rails@0?distro=trixie
purl pkg:deb/debian/rails@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@0%3Fdistro=trixie
1
url pkg:deb/debian/rails@2:6.0.3.7%2Bdfsg-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/rails@2:6.0.3.7%2Bdfsg-2%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4wah-r1ge-8kbp
1
vulnerability VCID-5qrc-rq8r-r7cd
2
vulnerability VCID-7s2b-9sgy-4qb4
3
vulnerability VCID-j5z3-q9kw-r7er
4
vulnerability VCID-mz5z-rp6w-hqf3
5
vulnerability VCID-upyj-312m-cyhg
6
vulnerability VCID-v7vv-68mh-4fhb
7
vulnerability VCID-vaev-1h3t-7udp
8
vulnerability VCID-y8nc-5c1w-c3ed
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.0.3.7%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/rails@2:6.1.7.10%2Bdfsg-1~deb12u2?distro=trixie
purl pkg:deb/debian/rails@2:6.1.7.10%2Bdfsg-1~deb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4wah-r1ge-8kbp
1
vulnerability VCID-5qrc-rq8r-r7cd
2
vulnerability VCID-7s2b-9sgy-4qb4
3
vulnerability VCID-j5z3-q9kw-r7er
4
vulnerability VCID-mz5z-rp6w-hqf3
5
vulnerability VCID-upyj-312m-cyhg
6
vulnerability VCID-v7vv-68mh-4fhb
7
vulnerability VCID-vaev-1h3t-7udp
8
vulnerability VCID-y8nc-5c1w-c3ed
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:6.1.7.10%252Bdfsg-1~deb12u2%3Fdistro=trixie
3
url pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2~deb13u1?distro=trixie
purl pkg:deb/debian/rails@2:7.2.2.2%2Bdfsg-2~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4wah-r1ge-8kbp
1
vulnerability VCID-5qrc-rq8r-r7cd
2
vulnerability VCID-7s2b-9sgy-4qb4
3
vulnerability VCID-j5z3-q9kw-r7er
4
vulnerability VCID-mz5z-rp6w-hqf3
5
vulnerability VCID-upyj-312m-cyhg
6
vulnerability VCID-v7vv-68mh-4fhb
7
vulnerability VCID-vaev-1h3t-7udp
8
vulnerability VCID-y8nc-5c1w-c3ed
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.2.2%252Bdfsg-2~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/rails@2:7.2.3.1%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/rails@2:7.2.3.1%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rails@2:7.2.3.1%252Bdfsg-1%3Fdistro=trixie
5
url pkg:gem/activeresource@5.1.1
purl pkg:gem/activeresource@5.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@5.1.1
Affected_packages
0
url pkg:gem/activeresource@3.0.0.rc
purl pkg:gem/activeresource@3.0.0.rc
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.0.rc
1
url pkg:gem/activeresource@3.0.0.rc2
purl pkg:gem/activeresource@3.0.0.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.0.rc2
2
url pkg:gem/activeresource@3.0.0
purl pkg:gem/activeresource@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.0
3
url pkg:gem/activeresource@3.0.1
purl pkg:gem/activeresource@3.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.1
4
url pkg:gem/activeresource@3.0.2
purl pkg:gem/activeresource@3.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.2
5
url pkg:gem/activeresource@3.0.3
purl pkg:gem/activeresource@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.3
6
url pkg:gem/activeresource@3.0.4.rc
purl pkg:gem/activeresource@3.0.4.rc
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.4.rc
7
url pkg:gem/activeresource@3.0.4.rc1
purl pkg:gem/activeresource@3.0.4.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.4.rc1
8
url pkg:gem/activeresource@3.0.4
purl pkg:gem/activeresource@3.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.4
9
url pkg:gem/activeresource@3.0.5.rc1
purl pkg:gem/activeresource@3.0.5.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.5.rc1
10
url pkg:gem/activeresource@3.0.5
purl pkg:gem/activeresource@3.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.5
11
url pkg:gem/activeresource@3.0.6.rc1
purl pkg:gem/activeresource@3.0.6.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.6.rc1
12
url pkg:gem/activeresource@3.0.6.rc2
purl pkg:gem/activeresource@3.0.6.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.6.rc2
13
url pkg:gem/activeresource@3.0.6
purl pkg:gem/activeresource@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.6
14
url pkg:gem/activeresource@3.0.7.rc1
purl pkg:gem/activeresource@3.0.7.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.7.rc1
15
url pkg:gem/activeresource@3.0.7.rc2
purl pkg:gem/activeresource@3.0.7.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.7.rc2
16
url pkg:gem/activeresource@3.0.7
purl pkg:gem/activeresource@3.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.7
17
url pkg:gem/activeresource@3.0.8.rc1
purl pkg:gem/activeresource@3.0.8.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.8.rc1
18
url pkg:gem/activeresource@3.0.8.rc2
purl pkg:gem/activeresource@3.0.8.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.8.rc2
19
url pkg:gem/activeresource@3.0.8.rc4
purl pkg:gem/activeresource@3.0.8.rc4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.8.rc4
20
url pkg:gem/activeresource@3.0.8
purl pkg:gem/activeresource@3.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.8
21
url pkg:gem/activeresource@3.0.9.rc1
purl pkg:gem/activeresource@3.0.9.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.9.rc1
22
url pkg:gem/activeresource@3.0.9.rc3
purl pkg:gem/activeresource@3.0.9.rc3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.9.rc3
23
url pkg:gem/activeresource@3.0.9.rc4
purl pkg:gem/activeresource@3.0.9.rc4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.9.rc4
24
url pkg:gem/activeresource@3.0.9.rc5
purl pkg:gem/activeresource@3.0.9.rc5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.9.rc5
25
url pkg:gem/activeresource@3.0.9
purl pkg:gem/activeresource@3.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.9
26
url pkg:gem/activeresource@3.0.10.rc1
purl pkg:gem/activeresource@3.0.10.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.10.rc1
27
url pkg:gem/activeresource@3.0.10
purl pkg:gem/activeresource@3.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.10
28
url pkg:gem/activeresource@3.0.11
purl pkg:gem/activeresource@3.0.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.11
29
url pkg:gem/activeresource@3.0.12.rc1
purl pkg:gem/activeresource@3.0.12.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.12.rc1
30
url pkg:gem/activeresource@3.0.12
purl pkg:gem/activeresource@3.0.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.12
31
url pkg:gem/activeresource@3.0.13.rc1
purl pkg:gem/activeresource@3.0.13.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.13.rc1
32
url pkg:gem/activeresource@3.0.13
purl pkg:gem/activeresource@3.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.13
33
url pkg:gem/activeresource@3.0.14
purl pkg:gem/activeresource@3.0.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.14
34
url pkg:gem/activeresource@3.0.15
purl pkg:gem/activeresource@3.0.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.15
35
url pkg:gem/activeresource@3.0.16
purl pkg:gem/activeresource@3.0.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.16
36
url pkg:gem/activeresource@3.0.17
purl pkg:gem/activeresource@3.0.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.17
37
url pkg:gem/activeresource@3.0.18
purl pkg:gem/activeresource@3.0.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.18
38
url pkg:gem/activeresource@3.0.19
purl pkg:gem/activeresource@3.0.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.19
39
url pkg:gem/activeresource@3.0.20
purl pkg:gem/activeresource@3.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.0.20
40
url pkg:gem/activeresource@3.1.0.beta1
purl pkg:gem/activeresource@3.1.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.0.beta1
41
url pkg:gem/activeresource@3.1.0.rc1
purl pkg:gem/activeresource@3.1.0.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.0.rc1
42
url pkg:gem/activeresource@3.1.0.rc2
purl pkg:gem/activeresource@3.1.0.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.0.rc2
43
url pkg:gem/activeresource@3.1.0.rc3
purl pkg:gem/activeresource@3.1.0.rc3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.0.rc3
44
url pkg:gem/activeresource@3.1.0.rc4
purl pkg:gem/activeresource@3.1.0.rc4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.0.rc4
45
url pkg:gem/activeresource@3.1.0.rc5
purl pkg:gem/activeresource@3.1.0.rc5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.0.rc5
46
url pkg:gem/activeresource@3.1.0.rc6
purl pkg:gem/activeresource@3.1.0.rc6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.0.rc6
47
url pkg:gem/activeresource@3.1.0.rc8
purl pkg:gem/activeresource@3.1.0.rc8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.0.rc8
48
url pkg:gem/activeresource@3.1.0
purl pkg:gem/activeresource@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.0
49
url pkg:gem/activeresource@3.1.1.rc1
purl pkg:gem/activeresource@3.1.1.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.1.rc1
50
url pkg:gem/activeresource@3.1.1.rc2
purl pkg:gem/activeresource@3.1.1.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.1.rc2
51
url pkg:gem/activeresource@3.1.1.rc3
purl pkg:gem/activeresource@3.1.1.rc3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.1.rc3
52
url pkg:gem/activeresource@3.1.1
purl pkg:gem/activeresource@3.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.1
53
url pkg:gem/activeresource@3.1.2.rc1
purl pkg:gem/activeresource@3.1.2.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.2.rc1
54
url pkg:gem/activeresource@3.1.2.rc2
purl pkg:gem/activeresource@3.1.2.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.2.rc2
55
url pkg:gem/activeresource@3.1.2
purl pkg:gem/activeresource@3.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.2
56
url pkg:gem/activeresource@3.1.3
purl pkg:gem/activeresource@3.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.3
57
url pkg:gem/activeresource@3.1.4.rc1
purl pkg:gem/activeresource@3.1.4.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.4.rc1
58
url pkg:gem/activeresource@3.1.4
purl pkg:gem/activeresource@3.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.4
59
url pkg:gem/activeresource@3.1.5.rc1
purl pkg:gem/activeresource@3.1.5.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.5.rc1
60
url pkg:gem/activeresource@3.1.5
purl pkg:gem/activeresource@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.5
61
url pkg:gem/activeresource@3.1.6
purl pkg:gem/activeresource@3.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.6
62
url pkg:gem/activeresource@3.1.7
purl pkg:gem/activeresource@3.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.7
63
url pkg:gem/activeresource@3.1.8
purl pkg:gem/activeresource@3.1.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.8
64
url pkg:gem/activeresource@3.1.9
purl pkg:gem/activeresource@3.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.9
65
url pkg:gem/activeresource@3.1.10
purl pkg:gem/activeresource@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.10
66
url pkg:gem/activeresource@3.1.11
purl pkg:gem/activeresource@3.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.11
67
url pkg:gem/activeresource@3.1.12
purl pkg:gem/activeresource@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.1.12
68
url pkg:gem/activeresource@3.2.0.rc1
purl pkg:gem/activeresource@3.2.0.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.0.rc1
69
url pkg:gem/activeresource@3.2.0.rc2
purl pkg:gem/activeresource@3.2.0.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.0.rc2
70
url pkg:gem/activeresource@3.2.0
purl pkg:gem/activeresource@3.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.0
71
url pkg:gem/activeresource@3.2.1
purl pkg:gem/activeresource@3.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.1
72
url pkg:gem/activeresource@3.2.2.rc1
purl pkg:gem/activeresource@3.2.2.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.2.rc1
73
url pkg:gem/activeresource@3.2.2
purl pkg:gem/activeresource@3.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.2
74
url pkg:gem/activeresource@3.2.3.rc1
purl pkg:gem/activeresource@3.2.3.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.3.rc1
75
url pkg:gem/activeresource@3.2.3.rc2
purl pkg:gem/activeresource@3.2.3.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.3.rc2
76
url pkg:gem/activeresource@3.2.3
purl pkg:gem/activeresource@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.3
77
url pkg:gem/activeresource@3.2.4.rc1
purl pkg:gem/activeresource@3.2.4.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.4.rc1
78
url pkg:gem/activeresource@3.2.4
purl pkg:gem/activeresource@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.4
79
url pkg:gem/activeresource@3.2.5
purl pkg:gem/activeresource@3.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.5
80
url pkg:gem/activeresource@3.2.6
purl pkg:gem/activeresource@3.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.6
81
url pkg:gem/activeresource@3.2.7.rc1
purl pkg:gem/activeresource@3.2.7.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.7.rc1
82
url pkg:gem/activeresource@3.2.7
purl pkg:gem/activeresource@3.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.7
83
url pkg:gem/activeresource@3.2.8.rc1
purl pkg:gem/activeresource@3.2.8.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.8.rc1
84
url pkg:gem/activeresource@3.2.8.rc2
purl pkg:gem/activeresource@3.2.8.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.8.rc2
85
url pkg:gem/activeresource@3.2.8
purl pkg:gem/activeresource@3.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.8
86
url pkg:gem/activeresource@3.2.9.rc1
purl pkg:gem/activeresource@3.2.9.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.9.rc1
87
url pkg:gem/activeresource@3.2.9.rc2
purl pkg:gem/activeresource@3.2.9.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.9.rc2
88
url pkg:gem/activeresource@3.2.9.rc3
purl pkg:gem/activeresource@3.2.9.rc3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.9.rc3
89
url pkg:gem/activeresource@3.2.9
purl pkg:gem/activeresource@3.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.9
90
url pkg:gem/activeresource@3.2.10
purl pkg:gem/activeresource@3.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.10
91
url pkg:gem/activeresource@3.2.11
purl pkg:gem/activeresource@3.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.11
92
url pkg:gem/activeresource@3.2.12
purl pkg:gem/activeresource@3.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.12
93
url pkg:gem/activeresource@3.2.13.rc1
purl pkg:gem/activeresource@3.2.13.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.13.rc1
94
url pkg:gem/activeresource@3.2.13.rc2
purl pkg:gem/activeresource@3.2.13.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.13.rc2
95
url pkg:gem/activeresource@3.2.13
purl pkg:gem/activeresource@3.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.13
96
url pkg:gem/activeresource@3.2.14.rc1
purl pkg:gem/activeresource@3.2.14.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.14.rc1
97
url pkg:gem/activeresource@3.2.14.rc2
purl pkg:gem/activeresource@3.2.14.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.14.rc2
98
url pkg:gem/activeresource@3.2.14
purl pkg:gem/activeresource@3.2.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.14
99
url pkg:gem/activeresource@3.2.15.rc1
purl pkg:gem/activeresource@3.2.15.rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.15.rc1
100
url pkg:gem/activeresource@3.2.15.rc2
purl pkg:gem/activeresource@3.2.15.rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.15.rc2
101
url pkg:gem/activeresource@3.2.15.rc3
purl pkg:gem/activeresource@3.2.15.rc3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.15.rc3
102
url pkg:gem/activeresource@3.2.15
purl pkg:gem/activeresource@3.2.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.15
103
url pkg:gem/activeresource@3.2.16
purl pkg:gem/activeresource@3.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.16
104
url pkg:gem/activeresource@3.2.17
purl pkg:gem/activeresource@3.2.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.17
105
url pkg:gem/activeresource@3.2.18
purl pkg:gem/activeresource@3.2.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.18
106
url pkg:gem/activeresource@3.2.19
purl pkg:gem/activeresource@3.2.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.19
107
url pkg:gem/activeresource@3.2.20
purl pkg:gem/activeresource@3.2.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.20
108
url pkg:gem/activeresource@3.2.21
purl pkg:gem/activeresource@3.2.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.21
109
url pkg:gem/activeresource@3.2.22
purl pkg:gem/activeresource@3.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.22
110
url pkg:gem/activeresource@3.2.22.1
purl pkg:gem/activeresource@3.2.22.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.22.1
111
url pkg:gem/activeresource@3.2.22.2
purl pkg:gem/activeresource@3.2.22.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.22.2
112
url pkg:gem/activeresource@3.2.22.3
purl pkg:gem/activeresource@3.2.22.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.22.3
113
url pkg:gem/activeresource@3.2.22.4
purl pkg:gem/activeresource@3.2.22.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.22.4
114
url pkg:gem/activeresource@3.2.22.5
purl pkg:gem/activeresource@3.2.22.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@3.2.22.5
115
url pkg:gem/activeresource@4.0.0.beta1
purl pkg:gem/activeresource@4.0.0.beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@4.0.0.beta1
116
url pkg:gem/activeresource@4.0.0
purl pkg:gem/activeresource@4.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@4.0.0
117
url pkg:gem/activeresource@4.1.0
purl pkg:gem/activeresource@4.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@4.1.0
118
url pkg:gem/activeresource@5.0.0
purl pkg:gem/activeresource@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@5.0.0
119
url pkg:gem/activeresource@5.1.0
purl pkg:gem/activeresource@5.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8ucb-ajnh-fqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/activeresource@5.1.0
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8151
reference_id
reference_type
scores
0
value 0.00286
scoring_system epss
scoring_elements 0.52396
published_at 2026-06-05T12:55:00Z
1
value 0.00286
scoring_system epss
scoring_elements 0.52336
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8151
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/rails/activeresource
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/activeresource
3
reference_url https://github.com/rails/activeresource/commit/0de18f7e96fa90bbf23b16ac11980bc2cb6a716e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/activeresource/commit/0de18f7e96fa90bbf23b16ac11980bc2cb6a716e
4
reference_url https://github.com/rails/rails/commit/0e969bdaf8ff2e3384350687aa0b583f94d6dfbc
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/0e969bdaf8ff2e3384350687aa0b583f94d6dfbc
5
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/pktoF4VmiM8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rubyonrails-security/pktoF4VmiM8
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P7B7A4H22DZ522HLDS3JX3NX2CXIOZSR
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P7B7A4H22DZ522HLDS3JX3NX2CXIOZSR
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-8151
reference_id CVE-2020-8151
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-8151
8
reference_url https://github.com/advisories/GHSA-46j2-xjgp-jrfm
reference_id GHSA-46j2-xjgp-jrfm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-46j2-xjgp-jrfm
Weaknesses
0
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
1
cwe_id 863
name Incorrect Authorization
description The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score5.3 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-8ucb-ajnh-fqb8