{
  "canonical_id": "rails--CVE-2009-3009",
  "system_id": "rails",
  "title": "CVE-2009-3009",
  "reasons": [
    "missing affected/fixed version details"
  ],
  "candidate_count": 1,
  "references": [
    "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545063",
    "http://groups.google.com/group/rubyonrails-security/msg/7f57cd7794e1d1b4?dmode=source",
    "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html",
    "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html",
    "http://secunia.com/advisories/36600",
    "http://secunia.com/advisories/36717",
    "http://securitytracker.com/id?1022824",
    "http://support.apple.com/kb/HT4077",
    "http://weblog.rubyonrails.org/2009/9/4/xss-vulnerability-in-ruby-on-rails",
    "http://www.debian.org/security/2009/dsa-1887",
    "http://www.osvdb.org/57666",
    "http://www.securityfocus.com/bid/36278",
    "http://www.vupen.com/english/advisories/2009/2544",
    "https://exchange.xforce.ibmcloud.com/vulnerabilities/53036"
  ]
}