VulnerableCode Package Details - pkg:gem/activerecord@4.2.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:gem/activerecord@4.2.0

Essentials
History (22)

purl	pkg:gem/activerecord@4.2.0

Next non-vulnerable version	7.1.5.2
Latest non-vulnerable version	8.0.2.1
Risk	4.5

Vulnerabilities affecting this package (13)

Vulnerability	Summary	Fixed by
VCID-1ua6-6a16-9fde Aliases: CVE-2025-55193 GHSA-76r7-hhxj-r776		7.1.5.2 Affected by 0 other vulnerabilities. 7.2.0.beta1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 7.2.2.2 Affected by 0 other vulnerabilities. 8.0.0.beta1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 8.0.2.1 Affected by 0 other vulnerabilities.
VCID-3qsf-qm7w-y7be Aliases: CVE-2015-7577 GHSA-xrr6-3pc4-m447		4.2.5.1 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.0.0.beta1.1 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-8ajf-ebxr-7bgf Aliases: CVE-2021-22880 GHSA-8hc4-xxm3-5ppp		5.2.4.5 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.0.3.5 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.1.2.1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-a78m-qhav-13dm Aliases: GHSA-7phj-gmgx-2r66	Moderate severity vulnerability that affects activerecord	4.2.5.1 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-c7qj-hcu8-p7hc Aliases: CVE-2022-32224 GHSA-3hhc-qp5v-9p2j GMS-2022-3029		5.2.8.1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.0.0.beta1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.0.5.1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.1.0.rc1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.1.6.1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 7.0.0.alpha1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 7.0.3.1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-cgfh-yfn7-7ke9 Aliases: CVE-2008-4094 GHSA-xf96-32q2-9rw2	Multiple vulnerabilities have been discovered in Rails, the worst of which leading to the execution of arbitrary SQL statements.	There are no reported fixed by versions.
VCID-cvs8-ejdv-uqhy Aliases: CVE-2022-44566 GHSA-579w-22j4-4749 GMS-2023-59		6.1.7.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 7.0.4.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-fbrw-bbm6-fbhp Aliases: CVE-2011-0448 GHSA-jmm9-2p29-vh2w	Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code.	There are no reported fixed by versions.
VCID-nex8-cvgj-f7bc Aliases: GHSA-m8h6-m9p5-p2f8	Moderate severity vulnerability that affects activerecord	4.2.7.1 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-rd4z-yncp-qkfu Aliases: CVE-2012-2695 GHSA-76wq-xw4h-f8wj	activerecord vulnerable to SQL Injection	There are no reported fixed by versions.
VCID-runz-vm7e-a3fs Aliases: CVE-2016-6317 GHSA-pr3r-4wrp-r2pv		4.2.7.1 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-sfaa-e8am-x7gn Aliases: CVE-2010-3933 GHSA-gjxw-5w2q-7grf	Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code.	There are no reported fixed by versions.
VCID-u2gv-wvdc-tfbs Aliases: CVE-2011-2930 GHSA-h6w6-xmqv-7q78	Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-2b1z-1k24-kfb8	The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attacks against Ruby on Rails applications via a crafted value, as demonstrated by unintended interaction between the "typed XML" feature and a MySQL database.	CVE-2013-3221 GHSA-f57c-hx33-hvh8

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-14T00:56:11.569995+00:00	GHSA Importer	Fixing	VCID-2b1z-1k24-kfb8	https://github.com/advisories/GHSA-f57c-hx33-hvh8	38.6.0
2026-06-13T09:26:37.331576+00:00	Ruby Importer	Affected by	VCID-1ua6-6a16-9fde	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2025-55193.yml	38.6.0
2026-06-13T09:22:17.876516+00:00	Ruby Importer	Affected by	VCID-c7qj-hcu8-p7hc	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2022-32224.yml	38.6.0
2026-06-13T09:19:45.079443+00:00	Ruby Importer	Affected by	VCID-fbrw-bbm6-fbhp	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-0448.yml	38.6.0
2026-06-13T09:19:35.704595+00:00	Ruby Importer	Affected by	VCID-sfaa-e8am-x7gn	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2010-3933.yml	38.6.0
2026-06-13T09:19:19.949852+00:00	Ruby Importer	Affected by	VCID-rd4z-yncp-qkfu	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2695.yml	38.6.0
2026-06-13T09:19:12.108305+00:00	Ruby Importer	Affected by	VCID-u2gv-wvdc-tfbs	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2011-2930.yml	38.6.0
2026-06-13T09:18:52.044727+00:00	Ruby Importer	Affected by	VCID-cgfh-yfn7-7ke9	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2008-4094.yml	38.6.0
2026-06-12T20:09:28.668497+00:00	GitLab Importer	Affected by	VCID-1ua6-6a16-9fde	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/activerecord/CVE-2025-55193.yml	38.6.0
2026-06-12T18:44:24.795072+00:00	GitLab Importer	Affected by	VCID-cvs8-ejdv-uqhy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/activerecord/CVE-2022-44566.yml	38.6.0
2026-06-12T18:27:47.917777+00:00	GitLab Importer	Affected by	VCID-c7qj-hcu8-p7hc	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/activerecord/CVE-2022-32224.yml	38.6.0
2026-06-12T17:33:27.951060+00:00	GitLab Importer	Affected by	VCID-8ajf-ebxr-7bgf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/activerecord/CVE-2021-22880.yml	38.6.0
2026-06-12T16:50:49.458576+00:00	GitLab Importer	Affected by	VCID-runz-vm7e-a3fs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/activerecord/CVE-2016-6317.yml	38.6.0
2026-06-12T16:49:34.984242+00:00	GitLab Importer	Affected by	VCID-3qsf-qm7w-y7be	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/activerecord/CVE-2015-7577.yml	38.6.0
2026-06-12T15:45:00.353150+00:00	GitLab Importer	Fixing	VCID-2b1z-1k24-kfb8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/activerecord/CVE-2013-3221.yml	38.6.0
2026-06-12T08:19:10.376931+00:00	GithubOSV Importer	Fixing	VCID-2b1z-1k24-kfb8	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-f57c-hx33-hvh8/GHSA-f57c-hx33-hvh8.json	38.6.0
2026-06-12T03:52:08.638034+00:00	Ruby Importer	Affected by	VCID-8ajf-ebxr-7bgf	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2021-22880.yml	38.6.0
2026-06-12T03:52:08.323592+00:00	Ruby Importer	Affected by	VCID-runz-vm7e-a3fs	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2016-6317.yml	38.6.0
2026-06-11T20:24:18.749593+00:00	GHSA Importer	Affected by	VCID-a78m-qhav-13dm	https://github.com/advisories/GHSA-7phj-gmgx-2r66	38.6.0
2026-06-11T20:24:13.092511+00:00	GHSA Importer	Affected by	VCID-nex8-cvgj-f7bc	https://github.com/advisories/GHSA-m8h6-m9p5-p2f8	38.6.0
2026-06-11T20:23:47.002957+00:00	GHSA Importer	Affected by	VCID-3qsf-qm7w-y7be	https://github.com/advisories/GHSA-xrr6-3pc4-m447	38.6.0
2026-06-11T20:23:42.400841+00:00	GHSA Importer	Affected by	VCID-runz-vm7e-a3fs	https://github.com/advisories/GHSA-pr3r-4wrp-r2pv	38.6.0