{"package":"activerecord","ecosystem":"rubygems","latest_version":"8.1.3","description":"Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.","license":"MIT","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://rubyonrails.org","repository":"https://github.com/rails/rails/tree/v8.1.3/activerecord","downloads_weekly":2503469,"health":{"score":79,"risk":"moderate","breakdown":{"maintenance":20,"popularity":17,"security":23,"maturity":9,"community":10},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":0,"medium":1,"low":0,"details":[{"vuln_id":"CVE-2015-7577","severity":"medium","summary":"Active Record Improper Access Control","affected_versions":">=3.1.0,<3.2.22.1|>=4.0.0,<4.1.14.1|>=4.2.0,<4.2.5.1|>=5.0.0.beta1,<5.0.0.beta1.1|=3.1.0|=3.1.1|=3.1.1.rc1|=3.1.1.rc2|=3.1.1.rc3|=3.1.10|=3.1.11|=3.1.12|=3.1.2|=3.1.2.rc1|=3.1.2.rc2|=3.1.3|=3.1.4|=3.1.4.rc1|=3.1.5|=3.1.5.rc1|=3.1.6|=3.1.7|=3.1.8|=3.1.9|=3.2.0|=3.2.0.rc1|=3.2.0.rc2|=3.2.1|=3.2.10|=3.2.11|=3.2.12|=3.2.13|=3.2.13.rc1|=3.2.13.rc2|=3.2.14|=3.2.14.rc1|=3.2.14.rc2|=3.2.15|=3.2.15.rc1|=3.2.15.rc2|=3.2.15.rc3|=3.2.16|=3.2.17|=3.2.18|=3.2.19|=3.2.2|=3.2.2.rc1|=3.2.20|=3.2.21|=3.2.22|=3.2.3|=3.2.3.rc1|=3.2.3.rc2|=3.2.4|=3.2.4.rc1|=3.2.5|=3.2.6|=3.2.7|=3.2.7.rc1|=3.2.8|=3.2.8.rc1|=3.2.8.rc2|=3.2.9|=3.2.9.rc1|=3.2.9.rc2|=3.2.9.rc3|=4.0.0|=4.0.1|=4.0.1.rc1|=4.0.1.rc2|=4.0.1.rc3|=4.0.1.rc4|=4.0.10|=4.0.10.rc1|=4.0.10.rc2|=4.0.11|=4.0.11.1|=4.0.12|=4.0.13|=4.0.13.rc1|=4.0.2|=4.0.3|=4.0.4|=4.0.4.rc1|=4.0.5|=4.0.6|=4.0.6.rc1|=4.0.6.rc2|=4.0.6.rc3|=4.0.7|=4.0.8|=4.0.9|=4.1.0|=4.1.0.beta1|=4.1.0.beta2|=4.1.0.rc1|=4.1.0.rc2|=4.1.1|=4.1.10|=4.1.10.rc1|=4.1.10.rc2|=4.1.10.rc3|=4.1.10.rc4|=4.1.11|=4.1.12|=4.1.12.rc1|=4.1.13|=4.1.13.rc1|=4.1.14|=4.1.14.rc1|=4.1.14.rc2|=4.1.2|=4.1.2.rc1|=4.1.2.rc2|=4.1.2.rc3|=4.1.3|=4.1.4|=4.1.5|=4.1.6|=4.1.6.rc1|=4.1.6.rc2|=4.1.7|=4.1.7.1|=4.1.8|=4.1.9|=4.1.9.rc1|=4.2.0|=4.2.1|=4.2.1.rc1|=4.2.1.rc2|=4.2.1.rc3|=4.2.1.rc4|=4.2.2|=4.2.3|=4.2.3.rc1|=4.2.4|=4.2.4.rc1|=4.2.5|=4.2.5.rc1|=4.2.5.rc2|=5.0.0.beta1","fixed_version":"5.0.0.beta1.1","source":"osv","published_at":"2017-10-24T18:33:36Z","in_kev":false,"epss_prob":0.01209,"epss_percentile":0.79039,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"8.1.3","total_count":20,"recent":["8.1.3","8.1.2.1","8.1.2","8.1.1","8.1.0","8.1.0.rc1","8.1.0.beta1","8.0.5","8.0.4.1","8.0.4","8.0.3","8.0.2.1","8.0.2","8.0.1","8.0.0.1","8.0.0","8.0.0.rc2","8.0.0.rc1","8.0.0.beta1","7.2.3.1"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":0,"first_published":null,"last_published":"2026-03-24T20:26:59.805Z","dependencies_count":3,"dependencies":["activemodel","activesupport","timeout"]},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"8.1.3","version_hint":"Update to >= 5.0.0.beta1.1 to fix known vulnerabilities","summary":"activerecord@8.1.3 is safe to use (health: 79/100)"},"version_scoped":null,"requested_version":null,"_cache":"hit","_response_ms":0,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":true,"criticality_score":0.424,"criticality_tier":"medium","velocity_pct":null,"velocity_trend":null,"publish_security":null}}