Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:gem/activerecord@2.4
purl pkg:gem/activerecord@2.4
Tags Ghost
Next non-vulnerable version 7.1.5.2
Latest non-vulnerable version 8.0.2.1
Risk 4.5
Vulnerabilities affecting this package (8)
Vulnerability Summary Fixed by
VCID-18n5-8cur-m7ae
Aliases:
CVE-2012-2661
GHSA-fh39-v733-mxfr
OSV-82403
Active Record vulnerable to SQL Injection via nested query parameters
3.0.13
Affected by 18 other vulnerabilities.
3.1.0.beta1
Affected by 21 other vulnerabilities.
3.1.5
Affected by 19 other vulnerabilities.
3.2.0.rc1
Affected by 21 other vulnerabilities.
3.2.4
Affected by 19 other vulnerabilities.
VCID-39m4-12ms-skh2
Aliases:
CVE-2013-0277
GHSA-fhj9-cjjh-27vm
OSV-90073
Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code.
3.1.0
Affected by 21 other vulnerabilities.
VCID-3ser-nhqn-mbar
Aliases:
CVE-2013-0155
GHSA-gppp-5xc5-wfpx
OSV-89025
Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code.
3.0.19
Affected by 16 other vulnerabilities.
3.1.0.beta1
Affected by 21 other vulnerabilities.
3.1.10
Affected by 17 other vulnerabilities.
3.2.0.rc1
Affected by 21 other vulnerabilities.
3.2.11
Affected by 17 other vulnerabilities.
VCID-fbrw-bbm6-fbhp
Aliases:
CVE-2011-0448
GHSA-jmm9-2p29-vh2w
Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code.
3.0.4
Affected by 20 other vulnerabilities.
3.0.5.rc1
Affected by 20 other vulnerabilities.
VCID-hh3w-dxkg-8ygx
Aliases:
CVE-2013-0276
GHSA-gr44-7grc-37vq
OSV-90072
Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code.
3.1.11
Affected by 15 other vulnerabilities.
3.2.0.rc1
Affected by 21 other vulnerabilities.
3.2.12
Affected by 15 other vulnerabilities.
VCID-rhyd-xbpb-wufa
Aliases:
CVE-2013-1854
GHSA-3crr-9vmg-864v
OSV-91453
Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code.
3.0.0
Affected by 22 other vulnerabilities.
3.1.12
Affected by 15 other vulnerabilities.
3.2.13
Affected by 15 other vulnerabilities.
VCID-sfaa-e8am-x7gn
Aliases:
CVE-2010-3933
GHSA-gjxw-5w2q-7grf
Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code.
3.0.1
Affected by 20 other vulnerabilities.
VCID-u2gv-wvdc-tfbs
Aliases:
CVE-2011-2930
GHSA-h6w6-xmqv-7q78
Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code.
3.0.10
Affected by 20 other vulnerabilities.
3.1.0.rc5
Affected by 21 other vulnerabilities.
3.1.0
Affected by 21 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-12T03:52:08.654224+00:00 Ruby Importer Affected by VCID-sfaa-e8am-x7gn https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2010-3933.yml 38.6.0
2026-06-12T03:52:08.582240+00:00 Ruby Importer Affected by VCID-fbrw-bbm6-fbhp https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-0448.yml 38.6.0
2026-06-12T03:52:08.522852+00:00 Ruby Importer Affected by VCID-hh3w-dxkg-8ygx https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0276.yml 38.6.0
2026-06-12T03:52:08.434425+00:00 Ruby Importer Affected by VCID-18n5-8cur-m7ae https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2661.yml 38.6.0
2026-06-12T03:52:08.368307+00:00 Ruby Importer Affected by VCID-u2gv-wvdc-tfbs https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-2930.yml 38.6.0
2026-06-12T03:52:08.346466+00:00 Ruby Importer Affected by VCID-39m4-12ms-skh2 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0277.yml 38.6.0
2026-06-12T03:52:08.242789+00:00 Ruby Importer Affected by VCID-rhyd-xbpb-wufa https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-1854.yml 38.6.0
2026-06-12T03:52:08.200212+00:00 Ruby Importer Affected by VCID-3ser-nhqn-mbar https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0155.yml 38.6.0