Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/ruby3-3-main@3.3.10-23.1?arch=hum1
Typerpm
Namespaceredhat
Nameruby3-3-main
Version3.3.10-23.1
Qualifiers
arch hum1
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-4qm3-nbsk-73he
vulnerability_id VCID-4qm3-nbsk-73he
summary 
Multiple vulnerabilities have been found in Ruby, allowing
    context-dependent attackers to cause a Denial of Service condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4815.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4815.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4815
reference_id
reference_type
scores
0
value 0.01962
scoring_system epss
scoring_elements 0.83445
published_at 2026-04-01T12:55:00Z
1
value 0.01962
scoring_system epss
scoring_elements 0.83458
published_at 2026-04-02T12:55:00Z
2
value 0.01962
scoring_system epss
scoring_elements 0.83472
published_at 2026-04-04T12:55:00Z
3
value 0.01962
scoring_system epss
scoring_elements 0.8347
published_at 2026-04-07T12:55:00Z
4
value 0.01962
scoring_system epss
scoring_elements 0.83495
published_at 2026-04-08T12:55:00Z
5
value 0.01962
scoring_system epss
scoring_elements 0.83504
published_at 2026-04-09T12:55:00Z
6
value 0.01962
scoring_system epss
scoring_elements 0.83519
published_at 2026-04-11T12:55:00Z
7
value 0.01962
scoring_system epss
scoring_elements 0.83513
published_at 2026-04-12T12:55:00Z
8
value 0.01962
scoring_system epss
scoring_elements 0.83509
published_at 2026-04-13T12:55:00Z
9
value 0.01962
scoring_system epss
scoring_elements 0.83544
published_at 2026-04-16T12:55:00Z
10
value 0.01962
scoring_system epss
scoring_elements 0.83545
published_at 2026-04-18T12:55:00Z
11
value 0.01962
scoring_system epss
scoring_elements 0.83546
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4815
2
reference_url https://www.ruby-lang.org/en/news/2011/12/28/denial-of-service-attack-was-found-for-rubys-hash-algorithm-cve-2011-4815
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2011/12/28/denial-of-service-attack-was-found-for-rubys-hash-algorithm-cve-2011-4815
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=750564
reference_id 750564
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=750564
4
reference_url https://security.gentoo.org/glsa/201412-27
reference_id GLSA-201412-27
reference_type
scores
url https://security.gentoo.org/glsa/201412-27
5
reference_url https://access.redhat.com/errata/RHSA-2012:0069
reference_id RHSA-2012:0069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0069
6
reference_url https://access.redhat.com/errata/RHSA-2012:0070
reference_id RHSA-2012:0070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0070
7
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
8
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
9
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
10
reference_url https://usn.ubuntu.com/1377-1/
reference_id USN-1377-1
reference_type
scores
url https://usn.ubuntu.com/1377-1/
fixed_packages
aliases CVE-2011-4815, GHSA-xpr8-vpc7-7vfc, OSV-78118
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qm3-nbsk-73he
1
url VCID-4yvc-uzev-wua4
vulnerability_id VCID-4yvc-uzev-wua4
summary 
Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.
references
0
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
reference_id
reference_type
scores
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
1
reference_url http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-3655
reference_id
reference_type
scores
0
value 0.29733
scoring_system epss
scoring_elements 0.96642
published_at 2026-04-21T12:55:00Z
1
value 0.29733
scoring_system epss
scoring_elements 0.96594
published_at 2026-04-01T12:55:00Z
2
value 0.29733
scoring_system epss
scoring_elements 0.96603
published_at 2026-04-02T12:55:00Z
3
value 0.29733
scoring_system epss
scoring_elements 0.96608
published_at 2026-04-04T12:55:00Z
4
value 0.29733
scoring_system epss
scoring_elements 0.96611
published_at 2026-04-07T12:55:00Z
5
value 0.29733
scoring_system epss
scoring_elements 0.96619
published_at 2026-04-08T12:55:00Z
6
value 0.29733
scoring_system epss
scoring_elements 0.96621
published_at 2026-04-09T12:55:00Z
7
value 0.29733
scoring_system epss
scoring_elements 0.96624
published_at 2026-04-12T12:55:00Z
8
value 0.29733
scoring_system epss
scoring_elements 0.96627
published_at 2026-04-13T12:55:00Z
9
value 0.29733
scoring_system epss
scoring_elements 0.96633
published_at 2026-04-16T12:55:00Z
10
value 0.29733
scoring_system epss
scoring_elements 0.96638
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-3655
4
reference_url http://secunia.com/advisories/31430
reference_id
reference_type
scores
url http://secunia.com/advisories/31430
5
reference_url http://secunia.com/advisories/31697
reference_id
reference_type
scores
url http://secunia.com/advisories/31697
6
reference_url http://secunia.com/advisories/32165
reference_id
reference_type
scores
url http://secunia.com/advisories/32165
7
reference_url http://secunia.com/advisories/32219
reference_id
reference_type
scores
url http://secunia.com/advisories/32219
8
reference_url http://secunia.com/advisories/32255
reference_id
reference_type
scores
url http://secunia.com/advisories/32255
9
reference_url http://secunia.com/advisories/32256
reference_id
reference_type
scores
url http://secunia.com/advisories/32256
10
reference_url http://secunia.com/advisories/32371
reference_id
reference_type
scores
url http://secunia.com/advisories/32371
11
reference_url http://secunia.com/advisories/32372
reference_id
reference_type
scores
url http://secunia.com/advisories/32372
12
reference_url http://secunia.com/advisories/33178
reference_id
reference_type
scores
url http://secunia.com/advisories/33178
13
reference_url http://secunia.com/advisories/35074
reference_id
reference_type
scores
url http://secunia.com/advisories/35074
14
reference_url http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-200812-17.xml
15
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/44369
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/44369
16
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602
17
reference_url http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url http://support.apple.com/kb/HT3549
18
reference_url http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
reference_id
reference_type
scores
url http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
19
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
20
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
21
reference_url https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
22
reference_url http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
reference_id
reference_type
scores
url http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
23
reference_url http://www.debian.org/security/2008/dsa-1651
reference_id
reference_type
scores
url http://www.debian.org/security/2008/dsa-1651
24
reference_url http://www.debian.org/security/2008/dsa-1652
reference_id
reference_type
scores
url http://www.debian.org/security/2008/dsa-1652
25
reference_url http://www.redhat.com/support/errata/RHSA-2008-0895.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2008-0895.html
26
reference_url http://www.redhat.com/support/errata/RHSA-2008-0897.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2008-0897.html
27
reference_url http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
28
reference_url http://www.securityfocus.com/archive/1/495884/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/495884/100/0/threaded
29
reference_url http://www.securityfocus.com/bid/30644
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/30644
30
reference_url http://www.securitytracker.com/id?1020656
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1020656
31
reference_url http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url http://www.us-cert.gov/cas/techalerts/TA09-133A.html
32
reference_url http://www.vupen.com/english/advisories/2008/2334
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/2334
33
reference_url http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2009/1297
34
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=458948
reference_id 458948
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=458948
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-3655
reference_id CVE-2008-3655
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2008-3655
83
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb
reference_id CVE-2008-3655;OSVDB-47470
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb
84
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb
reference_id CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb
85
reference_url https://security.gentoo.org/glsa/200812-17
reference_id GLSA-200812-17
reference_type
scores
url https://security.gentoo.org/glsa/200812-17
86
reference_url https://access.redhat.com/errata/RHSA-2008:0895
reference_id RHSA-2008:0895
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0895
87
reference_url https://access.redhat.com/errata/RHSA-2008:0896
reference_id RHSA-2008:0896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0896
88
reference_url https://access.redhat.com/errata/RHSA-2008:0897
reference_id RHSA-2008:0897
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0897
89
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
90
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
91
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
92
reference_url https://usn.ubuntu.com/651-1/
reference_id USN-651-1
reference_type
scores
url https://usn.ubuntu.com/651-1/
fixed_packages
aliases CVE-2008-3655, GHSA-p524-ppf2-w36w
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvc-uzev-wua4
2
url VCID-5xez-skrj-b3h4
vulnerability_id VCID-5xez-skrj-b3h4
summary 
Entity expansion DoS vulnerability in REXML
`lib/rexml/text.rb` in the REXML parser allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.
references
0
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702525
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702525
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00001.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00034.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00034.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00036.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00036.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2013-0611.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0611.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2013-0612.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0612.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2013-1028.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-1028.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2013-1147.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1147.html
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1821.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1821.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1821
reference_id
reference_type
scores
0
value 0.20672
scoring_system epss
scoring_elements 0.95603
published_at 2026-04-21T12:55:00Z
1
value 0.20672
scoring_system epss
scoring_elements 0.95557
published_at 2026-04-01T12:55:00Z
2
value 0.20672
scoring_system epss
scoring_elements 0.95565
published_at 2026-04-02T12:55:00Z
3
value 0.20672
scoring_system epss
scoring_elements 0.9557
published_at 2026-04-04T12:55:00Z
4
value 0.20672
scoring_system epss
scoring_elements 0.95573
published_at 2026-04-07T12:55:00Z
5
value 0.20672
scoring_system epss
scoring_elements 0.9558
published_at 2026-04-08T12:55:00Z
6
value 0.20672
scoring_system epss
scoring_elements 0.95583
published_at 2026-04-09T12:55:00Z
7
value 0.20672
scoring_system epss
scoring_elements 0.95587
published_at 2026-04-11T12:55:00Z
8
value 0.20672
scoring_system epss
scoring_elements 0.95588
published_at 2026-04-12T12:55:00Z
9
value 0.20672
scoring_system epss
scoring_elements 0.9559
published_at 2026-04-13T12:55:00Z
10
value 0.20672
scoring_system epss
scoring_elements 0.95598
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1821
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=914716
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=914716
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1821
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1821
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4164
15
reference_url http://secunia.com/advisories/52783
reference_id
reference_type
scores
url http://secunia.com/advisories/52783
16
reference_url http://secunia.com/advisories/52902
reference_id
reference_type
scores
url http://secunia.com/advisories/52902
17
reference_url https://github.com/jruby/jruby
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jruby/jruby
18
reference_url https://github.com/victims/victims-cve-db/blob/master/database/java/2013/1821.yaml
reference_id
reference_type
scores
url https://github.com/victims/victims-cve-db/blob/master/database/java/2013/1821.yaml
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1821
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1821
20
reference_url http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=39384
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=39384
21
reference_url https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0092
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0092
22
reference_url https://www.jruby.org/2013/02/21/jruby-1-7-3.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.jruby.org/2013/02/21/jruby-1-7-3.html
23
reference_url https://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22
24
reference_url http://www.debian.org/security/2013/dsa-2738
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2738
25
reference_url http://www.debian.org/security/2013/dsa-2809
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2809
26
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2013:124
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2013:124
27
reference_url http://www.openwall.com/lists/oss-security/2013/03/06/5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/03/06/5
28
reference_url http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
29
reference_url http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22
30
reference_url http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22/
reference_id
reference_type
scores
url http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22/
31
reference_url http://www.securityfocus.com/bid/58141
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/58141
32
reference_url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.426862
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.426862
33
reference_url http://www.ubuntu.com/usn/USN-1780-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1780-1
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p385:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:p385:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p385:*:*:*:*:*:*
48
reference_url https://github.com/advisories/GHSA-hgg7-cghq-xhf4
reference_id GHSA-hgg7-cghq-xhf4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hgg7-cghq-xhf4
49
reference_url https://security.gentoo.org/glsa/201412-27
reference_id GLSA-201412-27
reference_type
scores
url https://security.gentoo.org/glsa/201412-27
50
reference_url https://access.redhat.com/errata/RHSA-2013:0611
reference_id RHSA-2013:0611
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0611
51
reference_url https://access.redhat.com/errata/RHSA-2013:0612
reference_id RHSA-2013:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0612
52
reference_url https://access.redhat.com/errata/RHSA-2013:1028
reference_id RHSA-2013:1028
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1028
53
reference_url https://access.redhat.com/errata/RHSA-2013:1147
reference_id RHSA-2013:1147
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1147
54
reference_url https://access.redhat.com/errata/RHSA-2013:1185
reference_id RHSA-2013:1185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1185
55
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
56
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
57
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
58
reference_url https://usn.ubuntu.com/1780-1/
reference_id USN-1780-1
reference_type
scores
url https://usn.ubuntu.com/1780-1/
fixed_packages
aliases CVE-2013-1821, GHSA-hgg7-cghq-xhf4, OSV-90587
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5xez-skrj-b3h4
3
url VCID-91b7-xx8t-rqhr
vulnerability_id VCID-91b7-xx8t-rqhr
summary 
Improper Authentication
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:3485
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3485
1
reference_url https://access.redhat.com/errata/RHSA-2018:0378
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0378
2
reference_url https://access.redhat.com/errata/RHSA-2018:0583
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0583
3
reference_url https://access.redhat.com/errata/RHSA-2018:0585
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0585
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10784.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10784.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-10784
reference_id
reference_type
scores
0
value 0.01385
scoring_system epss
scoring_elements 0.8032
published_at 2026-04-09T12:55:00Z
1
value 0.01385
scoring_system epss
scoring_elements 0.80309
published_at 2026-04-08T12:55:00Z
2
value 0.01385
scoring_system epss
scoring_elements 0.80265
published_at 2026-04-01T12:55:00Z
3
value 0.01385
scoring_system epss
scoring_elements 0.80338
published_at 2026-04-11T12:55:00Z
4
value 0.01385
scoring_system epss
scoring_elements 0.80281
published_at 2026-04-07T12:55:00Z
5
value 0.01385
scoring_system epss
scoring_elements 0.80293
published_at 2026-04-04T12:55:00Z
6
value 0.01385
scoring_system epss
scoring_elements 0.80272
published_at 2026-04-02T12:55:00Z
7
value 0.014
scoring_system epss
scoring_elements 0.80425
published_at 2026-04-12T12:55:00Z
8
value 0.014
scoring_system epss
scoring_elements 0.80419
published_at 2026-04-13T12:55:00Z
9
value 0.014
scoring_system epss
scoring_elements 0.80448
published_at 2026-04-16T12:55:00Z
10
value 0.016
scoring_system epss
scoring_elements 0.81733
published_at 2026-04-21T12:55:00Z
11
value 0.016
scoring_system epss
scoring_elements 0.8173
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-10784
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0903
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:P
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/ruby/ruby/commit/6617c41292
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/ruby/commit/6617c41292
12
reference_url https://github.com/ruby/webrick
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/webrick
13
reference_url https://github.com/ruby/webrick/commit/4ac0f3843ab82d1c31e1cfc719409208adef7813
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/webrick/commit/4ac0f3843ab82d1c31e1cfc719409208adef7813
14
reference_url https://hackerone.com/reports/223363
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/223363
15
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
16
reference_url https://security.gentoo.org/glsa/201710-18
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201710-18
17
reference_url https://usn.ubuntu.com/3528-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3528-1
18
reference_url https://usn.ubuntu.com/3528-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3528-1/
19
reference_url https://usn.ubuntu.com/3685-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3685-1
20
reference_url https://usn.ubuntu.com/3685-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3685-1/
21
reference_url https://web.archive.org/web/20210621131814/http://www.securityfocus.com/bid/100853
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210621131814/http://www.securityfocus.com/bid/100853
22
reference_url https://web.archive.org/web/20210919031115/http://www.securitytracker.com/id/1042004
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210919031115/http://www.securitytracker.com/id/1042004
23
reference_url https://web.archive.org/web/20211025092552/http://www.securitytracker.com/id/1039363
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211025092552/http://www.securitytracker.com/id/1039363
24
reference_url https://www.debian.org/security/2017/dsa-4031
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-4031
25
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released
26
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released/
27
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released
28
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released/
29
reference_url https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784
30
reference_url https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/
31
reference_url http://www.securityfocus.com/bid/100853
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100853
32
reference_url http://www.securitytracker.com/id/1039363
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039363
33
reference_url http://www.securitytracker.com/id/1042004
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1042004
34
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1492012
reference_id 1492012
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1492012
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview2:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview3:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:rc1:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-10784
reference_id CVE-2017-10784
reference_type
scores
0
value 9.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:C/I:C/A:C
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-10784
50
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2017-10784.yml
reference_id CVE-2017-10784.YML
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2017-10784.yml
51
reference_url https://github.com/advisories/GHSA-369m-2gv6-mw28
reference_id GHSA-369m-2gv6-mw28
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-369m-2gv6-mw28
52
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
53
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
54
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
55
reference_url https://usn.ubuntu.com/3439-1/
reference_id USN-3439-1
reference_type
scores
url https://usn.ubuntu.com/3439-1/
fixed_packages
aliases CVE-2017-10784, GHSA-369m-2gv6-mw28
risk_score 4.2
exploitability 0.5
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-91b7-xx8t-rqhr
4
url VCID-a15m-bcma-vfa7
vulnerability_id VCID-a15m-bcma-vfa7
summary 
Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.
references
0
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
reference_id
reference_type
scores
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
1
reference_url http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-3656
reference_id
reference_type
scores
0
value 0.65085
scoring_system epss
scoring_elements 0.98484
published_at 2026-04-21T12:55:00Z
1
value 0.65085
scoring_system epss
scoring_elements 0.98483
published_at 2026-04-16T12:55:00Z
2
value 0.68786
scoring_system epss
scoring_elements 0.98616
published_at 2026-04-04T12:55:00Z
3
value 0.68786
scoring_system epss
scoring_elements 0.98618
published_at 2026-04-07T12:55:00Z
4
value 0.68786
scoring_system epss
scoring_elements 0.9862
published_at 2026-04-08T12:55:00Z
5
value 0.68786
scoring_system epss
scoring_elements 0.98611
published_at 2026-04-01T12:55:00Z
6
value 0.68786
scoring_system epss
scoring_elements 0.98624
published_at 2026-04-11T12:55:00Z
7
value 0.68786
scoring_system epss
scoring_elements 0.98625
published_at 2026-04-12T12:55:00Z
8
value 0.68786
scoring_system epss
scoring_elements 0.98626
published_at 2026-04-13T12:55:00Z
9
value 0.68786
scoring_system epss
scoring_elements 0.98622
published_at 2026-04-09T12:55:00Z
10
value 0.68786
scoring_system epss
scoring_elements 0.98613
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-3656
4
reference_url http://secunia.com/advisories/31430
reference_id
reference_type
scores
url http://secunia.com/advisories/31430
5
reference_url http://secunia.com/advisories/31697
reference_id
reference_type
scores
url http://secunia.com/advisories/31697
6
reference_url http://secunia.com/advisories/32165
reference_id
reference_type
scores
url http://secunia.com/advisories/32165
7
reference_url http://secunia.com/advisories/32219
reference_id
reference_type
scores
url http://secunia.com/advisories/32219
8
reference_url http://secunia.com/advisories/32255
reference_id
reference_type
scores
url http://secunia.com/advisories/32255
9
reference_url http://secunia.com/advisories/32256
reference_id
reference_type
scores
url http://secunia.com/advisories/32256
10
reference_url http://secunia.com/advisories/32371
reference_id
reference_type
scores
url http://secunia.com/advisories/32371
11
reference_url http://secunia.com/advisories/33178
reference_id
reference_type
scores
url http://secunia.com/advisories/33178
12
reference_url http://secunia.com/advisories/35074
reference_id
reference_type
scores
url http://secunia.com/advisories/35074
13
reference_url http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-200812-17.xml
14
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/44371
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/44371
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-3656
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:C
url https://nvd.nist.gov/vuln/detail/CVE-2008-3656
16
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682
17
reference_url http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url http://support.apple.com/kb/HT3549
18
reference_url http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
reference_id
reference_type
scores
url http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
19
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
20
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
21
reference_url http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
reference_id
reference_type
scores
url http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
22
reference_url http://www.debian.org/security/2008/dsa-1651
reference_id
reference_type
scores
url http://www.debian.org/security/2008/dsa-1651
23
reference_url http://www.debian.org/security/2008/dsa-1652
reference_id
reference_type
scores
url http://www.debian.org/security/2008/dsa-1652
24
reference_url http://www.redhat.com/support/errata/RHSA-2008-0897.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2008-0897.html
25
reference_url http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
26
reference_url http://www.securityfocus.com/archive/1/495884/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/495884/100/0/threaded
27
reference_url http://www.securityfocus.com/bid/30644
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/30644
28
reference_url http://www.securitytracker.com/id?1020654
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1020654
29
reference_url http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url http://www.us-cert.gov/cas/techalerts/TA09-133A.html
30
reference_url http://www.vupen.com/english/advisories/2008/2334
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/2334
31
reference_url http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2009/1297
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=458953
reference_id 458953
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=458953
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*
76
reference_url https://www.securityfocus.com/bid/30644/info
reference_id CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470
reference_type exploit
scores
url https://www.securityfocus.com/bid/30644/info
77
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb
reference_id CVE-2008-4310;OSVDB-47471;CVE-2008-3656
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb
78
reference_url https://security.gentoo.org/glsa/200812-17
reference_id GLSA-200812-17
reference_type
scores
url https://security.gentoo.org/glsa/200812-17
79
reference_url https://access.redhat.com/errata/RHSA-2008:0897
reference_id RHSA-2008:0897
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0897
80
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
81
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
82
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
83
reference_url https://usn.ubuntu.com/651-1/
reference_id USN-651-1
reference_type
scores
url https://usn.ubuntu.com/651-1/
fixed_packages
aliases CVE-2008-3656, GHSA-823x-6r7f-v9x6
risk_score 10.0
exploitability 2.0
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a15m-bcma-vfa7
5
url VCID-arjz-geyr-q7e3
vulnerability_id VCID-arjz-geyr-q7e3
summary ruby: Unsafe parsing of long strings via decode_www_form_component method
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6438.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6438.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-6438
reference_id
reference_type
scores
0
value 0.01127
scoring_system epss
scoring_elements 0.78237
published_at 2026-04-01T12:55:00Z
1
value 0.01127
scoring_system epss
scoring_elements 0.78245
published_at 2026-04-02T12:55:00Z
2
value 0.01127
scoring_system epss
scoring_elements 0.78276
published_at 2026-04-04T12:55:00Z
3
value 0.01127
scoring_system epss
scoring_elements 0.78258
published_at 2026-04-07T12:55:00Z
4
value 0.01127
scoring_system epss
scoring_elements 0.78284
published_at 2026-04-08T12:55:00Z
5
value 0.01127
scoring_system epss
scoring_elements 0.7829
published_at 2026-04-09T12:55:00Z
6
value 0.01127
scoring_system epss
scoring_elements 0.78316
published_at 2026-04-11T12:55:00Z
7
value 0.01127
scoring_system epss
scoring_elements 0.78298
published_at 2026-04-12T12:55:00Z
8
value 0.01127
scoring_system epss
scoring_elements 0.78294
published_at 2026-04-13T12:55:00Z
9
value 0.01127
scoring_system epss
scoring_elements 0.78323
published_at 2026-04-16T12:55:00Z
10
value 0.01127
scoring_system epss
scoring_elements 0.78321
published_at 2026-04-18T12:55:00Z
11
value 0.01127
scoring_system epss
scoring_elements 0.78317
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-6438
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-6438
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-6438
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1490845
reference_id 1490845
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1490845
4
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
5
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
6
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
fixed_packages
aliases CVE-2014-6438, GHSA-2j3h-55rq-rj48
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-arjz-geyr-q7e3
6
url VCID-ea13-mua4-1fb9
vulnerability_id VCID-ea13-mua4-1fb9
summary ruby: WEBrick CGI source disclosure
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1891.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1891.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1891
reference_id
reference_type
scores
0
value 0.00291
scoring_system epss
scoring_elements 0.5238
published_at 2026-04-01T12:55:00Z
1
value 0.00291
scoring_system epss
scoring_elements 0.52425
published_at 2026-04-02T12:55:00Z
2
value 0.00291
scoring_system epss
scoring_elements 0.52453
published_at 2026-04-04T12:55:00Z
3
value 0.00291
scoring_system epss
scoring_elements 0.52418
published_at 2026-04-07T12:55:00Z
4
value 0.00291
scoring_system epss
scoring_elements 0.52471
published_at 2026-04-08T12:55:00Z
5
value 0.00291
scoring_system epss
scoring_elements 0.52465
published_at 2026-04-09T12:55:00Z
6
value 0.00291
scoring_system epss
scoring_elements 0.52516
published_at 2026-04-11T12:55:00Z
7
value 0.00291
scoring_system epss
scoring_elements 0.525
published_at 2026-04-12T12:55:00Z
8
value 0.00291
scoring_system epss
scoring_elements 0.52483
published_at 2026-04-13T12:55:00Z
9
value 0.00291
scoring_system epss
scoring_elements 0.52523
published_at 2026-04-16T12:55:00Z
10
value 0.00291
scoring_system epss
scoring_elements 0.52529
published_at 2026-04-18T12:55:00Z
11
value 0.00291
scoring_system epss
scoring_elements 0.52514
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1891
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-1891
reference_id
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2008-1891
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=443829
reference_id 443829
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=443829
4
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
5
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
6
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
fixed_packages
aliases CVE-2008-1891, GHSA-rhf2-x48g-5wr7
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ea13-mua4-1fb9
7
url VCID-fw7k-88kf-1kgg
vulnerability_id VCID-fw7k-88kf-1kgg
summary 
Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.
references
0
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
reference_id
reference_type
scores
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
1
reference_url http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-3657
reference_id
reference_type
scores
0
value 0.22517
scoring_system epss
scoring_elements 0.9586
published_at 2026-04-21T12:55:00Z
1
value 0.22517
scoring_system epss
scoring_elements 0.95804
published_at 2026-04-01T12:55:00Z
2
value 0.22517
scoring_system epss
scoring_elements 0.95813
published_at 2026-04-02T12:55:00Z
3
value 0.22517
scoring_system epss
scoring_elements 0.95821
published_at 2026-04-04T12:55:00Z
4
value 0.22517
scoring_system epss
scoring_elements 0.95823
published_at 2026-04-07T12:55:00Z
5
value 0.22517
scoring_system epss
scoring_elements 0.95832
published_at 2026-04-08T12:55:00Z
6
value 0.22517
scoring_system epss
scoring_elements 0.95836
published_at 2026-04-09T12:55:00Z
7
value 0.22517
scoring_system epss
scoring_elements 0.95839
published_at 2026-04-12T12:55:00Z
8
value 0.22517
scoring_system epss
scoring_elements 0.9584
published_at 2026-04-13T12:55:00Z
9
value 0.22517
scoring_system epss
scoring_elements 0.95852
published_at 2026-04-16T12:55:00Z
10
value 0.22517
scoring_system epss
scoring_elements 0.95858
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-3657
4
reference_url http://secunia.com/advisories/31430
reference_id
reference_type
scores
url http://secunia.com/advisories/31430
5
reference_url http://secunia.com/advisories/31697
reference_id
reference_type
scores
url http://secunia.com/advisories/31697
6
reference_url http://secunia.com/advisories/32165
reference_id
reference_type
scores
url http://secunia.com/advisories/32165
7
reference_url http://secunia.com/advisories/32219
reference_id
reference_type
scores
url http://secunia.com/advisories/32219
8
reference_url http://secunia.com/advisories/32255
reference_id
reference_type
scores
url http://secunia.com/advisories/32255
9
reference_url http://secunia.com/advisories/32256
reference_id
reference_type
scores
url http://secunia.com/advisories/32256
10
reference_url http://secunia.com/advisories/32371
reference_id
reference_type
scores
url http://secunia.com/advisories/32371
11
reference_url http://secunia.com/advisories/33178
reference_id
reference_type
scores
url http://secunia.com/advisories/33178
12
reference_url http://secunia.com/advisories/35074
reference_id
reference_type
scores
url http://secunia.com/advisories/35074
13
reference_url http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-200812-17.xml
14
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/44372
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/44372
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-3657
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2008-3657
16
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793
17
reference_url http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url http://support.apple.com/kb/HT3549
18
reference_url http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
reference_id
reference_type
scores
url http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
19
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
20
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
21
reference_url http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
reference_id
reference_type
scores
url http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
22
reference_url http://www.debian.org/security/2008/dsa-1651
reference_id
reference_type
scores
url http://www.debian.org/security/2008/dsa-1651
23
reference_url http://www.debian.org/security/2008/dsa-1652
reference_id
reference_type
scores
url http://www.debian.org/security/2008/dsa-1652
24
reference_url http://www.redhat.com/support/errata/RHSA-2008-0897.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2008-0897.html
25
reference_url http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
26
reference_url http://www.securityfocus.com/archive/1/495884/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/495884/100/0/threaded
27
reference_url http://www.securityfocus.com/bid/30644
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/30644
28
reference_url http://www.securitytracker.com/id?1020652
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1020652
29
reference_url http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url http://www.us-cert.gov/cas/techalerts/TA09-133A.html
30
reference_url http://www.vupen.com/english/advisories/2008/2334
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/2334
31
reference_url http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2009/1297
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=458966
reference_id 458966
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=458966
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*
76
reference_url https://security.gentoo.org/glsa/200812-17
reference_id GLSA-200812-17
reference_type
scores
url https://security.gentoo.org/glsa/200812-17
77
reference_url https://access.redhat.com/errata/RHSA-2008:0897
reference_id RHSA-2008:0897
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0897
78
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
79
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
80
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
81
reference_url https://usn.ubuntu.com/651-1/
reference_id USN-651-1
reference_type
scores
url https://usn.ubuntu.com/651-1/
fixed_packages
aliases CVE-2008-3657, GHSA-5f6v-fgcw-j5px
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fw7k-88kf-1kgg
8
url VCID-g7ju-q41v-wyhd
vulnerability_id VCID-g7ju-q41v-wyhd
summary security update
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0472.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0472.html
1
reference_url http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2014-12/msg00035.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2014-12/msg00035.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2015-01/msg00000.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2015-01/msg00000.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2015-01/msg00004.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2015-01/msg00004.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2014-1911.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1911.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2014-1912.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1912.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2014-1913.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1913.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-1914.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1914.html
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8090.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8090.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8090
reference_id
reference_type
scores
0
value 0.10488
scoring_system epss
scoring_elements 0.93275
published_at 2026-04-21T12:55:00Z
1
value 0.10488
scoring_system epss
scoring_elements 0.93218
published_at 2026-04-01T12:55:00Z
2
value 0.10488
scoring_system epss
scoring_elements 0.93226
published_at 2026-04-02T12:55:00Z
3
value 0.10488
scoring_system epss
scoring_elements 0.93231
published_at 2026-04-04T12:55:00Z
4
value 0.10488
scoring_system epss
scoring_elements 0.93229
published_at 2026-04-07T12:55:00Z
5
value 0.10488
scoring_system epss
scoring_elements 0.93238
published_at 2026-04-08T12:55:00Z
6
value 0.10488
scoring_system epss
scoring_elements 0.93242
published_at 2026-04-09T12:55:00Z
7
value 0.10488
scoring_system epss
scoring_elements 0.93246
published_at 2026-04-11T12:55:00Z
8
value 0.10488
scoring_system epss
scoring_elements 0.93244
published_at 2026-04-12T12:55:00Z
9
value 0.10488
scoring_system epss
scoring_elements 0.93245
published_at 2026-04-13T12:55:00Z
10
value 0.10488
scoring_system epss
scoring_elements 0.93263
published_at 2026-04-16T12:55:00Z
11
value 0.10488
scoring_system epss
scoring_elements 0.93267
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8090
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8090
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8090
14
reference_url http://secunia.com/advisories/59948
reference_id
reference_type
scores
url http://secunia.com/advisories/59948
15
reference_url http://secunia.com/advisories/62050
reference_id
reference_type
scores
url http://secunia.com/advisories/62050
16
reference_url http://secunia.com/advisories/62748
reference_id
reference_type
scores
url http://secunia.com/advisories/62748
17
reference_url https://support.apple.com/HT205267
reference_id
reference_type
scores
url https://support.apple.com/HT205267
18
reference_url https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090
19
reference_url https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/
20
reference_url http://www.debian.org/security/2015/dsa-3157
reference_id
reference_type
scores
url http://www.debian.org/security/2015/dsa-3157
21
reference_url http://www.debian.org/security/2015/dsa-3159
reference_id
reference_type
scores
url http://www.debian.org/security/2015/dsa-3159
22
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:129
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:129
23
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
24
reference_url http://www.securityfocus.com/bid/71230
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/71230
25
reference_url http://www.ubuntu.com/usn/USN-2412-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2412-1
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1159927
reference_id 1159927
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1159927
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p385:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p385:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p385:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p392:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p392:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p392:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p426:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p426:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p426:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p429:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p429:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p429:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p448:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p448:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p448:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p545:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p545:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p545:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p547:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p547:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p547:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p451:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p451:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p451:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p481:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p481:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p481:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p576:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p576:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p576:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p594:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p594:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p594:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p550:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:p550:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p550:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-8090
reference_id CVE-2014-8090
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-8090
54
reference_url https://security.gentoo.org/glsa/201412-27
reference_id GLSA-201412-27
reference_type
scores
url https://security.gentoo.org/glsa/201412-27
55
reference_url https://access.redhat.com/errata/RHSA-2014:1911
reference_id RHSA-2014:1911
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1911
56
reference_url https://access.redhat.com/errata/RHSA-2014:1912
reference_id RHSA-2014:1912
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1912
57
reference_url https://access.redhat.com/errata/RHSA-2014:1913
reference_id RHSA-2014:1913
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1913
58
reference_url https://access.redhat.com/errata/RHSA-2014:1914
reference_id RHSA-2014:1914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1914
59
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
60
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
61
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
62
reference_url https://usn.ubuntu.com/2412-1/
reference_id USN-2412-1
reference_type
scores
url https://usn.ubuntu.com/2412-1/
fixed_packages
aliases CVE-2014-8090, GHSA-2x97-vvh4-m4q4, OSV-114641
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g7ju-q41v-wyhd
9
url VCID-jj3a-fpsa-a7at
vulnerability_id VCID-jj3a-fpsa-a7at
summary 
Multiple vulnerabilities have been found in Ruby, allowing
    context-dependent attackers to cause a Denial of Service condition.
references
0
reference_url http://2012.appsec-forum.ch/conferences/#c17
reference_id
reference_type
scores
url http://2012.appsec-forum.ch/conferences/#c17
1
reference_url http://asfws12.files.wordpress.com/2012/11/asfws2012-jean_philippe_aumasson-martin_bosslet-hash_flooding_dos_reloaded.pdf
reference_id
reference_type
scores
url http://asfws12.files.wordpress.com/2012/11/asfws2012-jean_philippe_aumasson-martin_bosslet-hash_flooding_dos_reloaded.pdf
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5371.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5371.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5371
reference_id
reference_type
scores
0
value 0.01793
scoring_system epss
scoring_elements 0.82797
published_at 2026-04-21T12:55:00Z
1
value 0.01793
scoring_system epss
scoring_elements 0.82691
published_at 2026-04-01T12:55:00Z
2
value 0.01793
scoring_system epss
scoring_elements 0.82707
published_at 2026-04-02T12:55:00Z
3
value 0.01793
scoring_system epss
scoring_elements 0.8272
published_at 2026-04-04T12:55:00Z
4
value 0.01793
scoring_system epss
scoring_elements 0.82717
published_at 2026-04-07T12:55:00Z
5
value 0.01793
scoring_system epss
scoring_elements 0.82742
published_at 2026-04-08T12:55:00Z
6
value 0.01793
scoring_system epss
scoring_elements 0.82749
published_at 2026-04-09T12:55:00Z
7
value 0.01793
scoring_system epss
scoring_elements 0.82765
published_at 2026-04-11T12:55:00Z
8
value 0.01793
scoring_system epss
scoring_elements 0.8276
published_at 2026-04-12T12:55:00Z
9
value 0.01793
scoring_system epss
scoring_elements 0.82755
published_at 2026-04-13T12:55:00Z
10
value 0.01793
scoring_system epss
scoring_elements 0.82794
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5371
4
reference_url http://secunia.com/advisories/51253
reference_id
reference_type
scores
url http://secunia.com/advisories/51253
5
reference_url http://securitytracker.com/id?1027747
reference_id
reference_type
scores
url http://securitytracker.com/id?1027747
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/79993
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/79993
7
reference_url https://www.131002.net/data/talks/appsec12_slides.pdf
reference_id
reference_type
scores
url https://www.131002.net/data/talks/appsec12_slides.pdf
8
reference_url https://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371
9
reference_url http://www.ocert.org/advisories/ocert-2012-001.html
reference_id
reference_type
scores
url http://www.ocert.org/advisories/ocert-2012-001.html
10
reference_url http://www.osvdb.org/87280
reference_id
reference_type
scores
url http://www.osvdb.org/87280
11
reference_url http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/
reference_id
reference_type
scores
url http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/
12
reference_url http://www.securityfocus.com/bid/56484
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/56484
13
reference_url http://www.ubuntu.com/usn/USN-1733-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1733-1
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=875236
reference_id 875236
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=875236
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5371
reference_id CVE-2012-5371
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2012-5371
25
reference_url https://security.gentoo.org/glsa/201412-27
reference_id GLSA-201412-27
reference_type
scores
url https://security.gentoo.org/glsa/201412-27
26
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
27
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
28
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
29
reference_url https://usn.ubuntu.com/1733-1/
reference_id USN-1733-1
reference_type
scores
url https://usn.ubuntu.com/1733-1/
fixed_packages
aliases CVE-2012-5371, GHSA-phrv-cj28-9h57, OSV-87863
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jj3a-fpsa-a7at
10
url VCID-pegr-f5mh-ekdz
vulnerability_id VCID-pegr-f5mh-ekdz
summary 
Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-3905
reference_id
reference_type
scores
0
value 0.03225
scoring_system epss
scoring_elements 0.87077
published_at 2026-04-21T12:55:00Z
1
value 0.03225
scoring_system epss
scoring_elements 0.87007
published_at 2026-04-01T12:55:00Z
2
value 0.03225
scoring_system epss
scoring_elements 0.87018
published_at 2026-04-02T12:55:00Z
3
value 0.03225
scoring_system epss
scoring_elements 0.87037
published_at 2026-04-04T12:55:00Z
4
value 0.03225
scoring_system epss
scoring_elements 0.8703
published_at 2026-04-07T12:55:00Z
5
value 0.03225
scoring_system epss
scoring_elements 0.8705
published_at 2026-04-08T12:55:00Z
6
value 0.03225
scoring_system epss
scoring_elements 0.87057
published_at 2026-04-09T12:55:00Z
7
value 0.03225
scoring_system epss
scoring_elements 0.87071
published_at 2026-04-11T12:55:00Z
8
value 0.03225
scoring_system epss
scoring_elements 0.87065
published_at 2026-04-12T12:55:00Z
9
value 0.03225
scoring_system epss
scoring_elements 0.8706
published_at 2026-04-13T12:55:00Z
10
value 0.03225
scoring_system epss
scoring_elements 0.87076
published_at 2026-04-16T12:55:00Z
11
value 0.03225
scoring_system epss
scoring_elements 0.8708
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-3905
2
reference_url http://secunia.com/advisories/31430
reference_id
reference_type
scores
url http://secunia.com/advisories/31430
3
reference_url http://secunia.com/advisories/32165
reference_id
reference_type
scores
url http://secunia.com/advisories/32165
4
reference_url http://secunia.com/advisories/32219
reference_id
reference_type
scores
url http://secunia.com/advisories/32219
5
reference_url http://secunia.com/advisories/32255
reference_id
reference_type
scores
url http://secunia.com/advisories/32255
6
reference_url http://secunia.com/advisories/32256
reference_id
reference_type
scores
url http://secunia.com/advisories/32256
7
reference_url http://secunia.com/advisories/32371
reference_id
reference_type
scores
url http://secunia.com/advisories/32371
8
reference_url http://secunia.com/advisories/32948
reference_id
reference_type
scores
url http://secunia.com/advisories/32948
9
reference_url http://secunia.com/advisories/33178
reference_id
reference_type
scores
url http://secunia.com/advisories/33178
10
reference_url http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-200812-17.xml
11
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/45935
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/45935
12
reference_url http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754
reference_id
reference_type
scores
url http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-3905
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2008-3905
14
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034
15
reference_url http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
reference_id
reference_type
scores
url http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
16
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
17
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
18
reference_url http://www.debian.org/security/2008/dsa-1651
reference_id
reference_type
scores
url http://www.debian.org/security/2008/dsa-1651
19
reference_url http://www.debian.org/security/2008/dsa-1652
reference_id
reference_type
scores
url http://www.debian.org/security/2008/dsa-1652
20
reference_url http://www.openwall.com/lists/oss-security/2008/09/03/3
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2008/09/03/3
21
reference_url http://www.openwall.com/lists/oss-security/2008/09/04/9
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2008/09/04/9
22
reference_url http://www.redhat.com/support/errata/RHSA-2008-0897.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2008-0897.html
23
reference_url http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
24
reference_url http://www.securityfocus.com/bid/31699
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/31699
25
reference_url http://www.vupen.com/english/advisories/2008/2334
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/2334
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=461495
reference_id 461495
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=461495
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*
54
reference_url https://security.gentoo.org/glsa/200812-17
reference_id GLSA-200812-17
reference_type
scores
url https://security.gentoo.org/glsa/200812-17
55
reference_url https://access.redhat.com/errata/RHSA-2008:0896
reference_id RHSA-2008:0896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0896
56
reference_url https://access.redhat.com/errata/RHSA-2008:0897
reference_id RHSA-2008:0897
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0897
57
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
58
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
59
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
60
reference_url https://usn.ubuntu.com/651-1/
reference_id USN-651-1
reference_type
scores
url https://usn.ubuntu.com/651-1/
fixed_packages
aliases CVE-2008-3905, GHSA-vwcj-mf69-7rfw
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pegr-f5mh-ekdz
11
url VCID-qyz5-zmnt-qucy
vulnerability_id VCID-qyz5-zmnt-qucy
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8780.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8780.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8780
reference_id
reference_type
scores
0
value 0.01344
scoring_system epss
scoring_elements 0.80001
published_at 2026-04-01T12:55:00Z
1
value 0.01344
scoring_system epss
scoring_elements 0.80081
published_at 2026-04-21T12:55:00Z
2
value 0.01344
scoring_system epss
scoring_elements 0.80052
published_at 2026-04-13T12:55:00Z
3
value 0.01344
scoring_system epss
scoring_elements 0.8008
published_at 2026-04-18T12:55:00Z
4
value 0.01344
scoring_system epss
scoring_elements 0.80009
published_at 2026-04-02T12:55:00Z
5
value 0.01344
scoring_system epss
scoring_elements 0.8003
published_at 2026-04-04T12:55:00Z
6
value 0.01344
scoring_system epss
scoring_elements 0.8002
published_at 2026-04-07T12:55:00Z
7
value 0.01344
scoring_system epss
scoring_elements 0.80048
published_at 2026-04-08T12:55:00Z
8
value 0.01344
scoring_system epss
scoring_elements 0.80057
published_at 2026-04-09T12:55:00Z
9
value 0.01344
scoring_system epss
scoring_elements 0.80076
published_at 2026-04-11T12:55:00Z
10
value 0.01344
scoring_system epss
scoring_elements 0.80061
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8780
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
17
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
18
reference_url https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1561949
reference_id 1561949
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1561949
20
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
21
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
22
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
23
reference_url https://usn.ubuntu.com/3626-1/
reference_id USN-3626-1
reference_type
scores
url https://usn.ubuntu.com/3626-1/
fixed_packages
aliases CVE-2018-8780, GHSA-fphx-j9v2-w2cx
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qyz5-zmnt-qucy
12
url VCID-rwak-wvuw-qbcg
vulnerability_id VCID-rwak-wvuw-qbcg
summary security update
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0472.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0472.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-1912.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1912.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-1913.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1913.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-1914.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1914.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4975.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4975.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4975
reference_id
reference_type
scores
0
value 0.03449
scoring_system epss
scoring_elements 0.87525
published_at 2026-04-18T12:55:00Z
1
value 0.03449
scoring_system epss
scoring_elements 0.87454
published_at 2026-04-01T12:55:00Z
2
value 0.03449
scoring_system epss
scoring_elements 0.87464
published_at 2026-04-02T12:55:00Z
3
value 0.03449
scoring_system epss
scoring_elements 0.87478
published_at 2026-04-04T12:55:00Z
4
value 0.03449
scoring_system epss
scoring_elements 0.8748
published_at 2026-04-07T12:55:00Z
5
value 0.03449
scoring_system epss
scoring_elements 0.87499
published_at 2026-04-08T12:55:00Z
6
value 0.03449
scoring_system epss
scoring_elements 0.87505
published_at 2026-04-09T12:55:00Z
7
value 0.03449
scoring_system epss
scoring_elements 0.87517
published_at 2026-04-11T12:55:00Z
8
value 0.03449
scoring_system epss
scoring_elements 0.87512
published_at 2026-04-12T12:55:00Z
9
value 0.03449
scoring_system epss
scoring_elements 0.87508
published_at 2026-04-13T12:55:00Z
10
value 0.03449
scoring_system epss
scoring_elements 0.87523
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4975
6
reference_url https://bugs.ruby-lang.org/issues/10019
reference_id
reference_type
scores
url https://bugs.ruby-lang.org/issues/10019
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8090
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8090
10
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/94706
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/94706
11
reference_url http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778
reference_id
reference_type
scores
url http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778
12
reference_url http://www.debian.org/security/2015/dsa-3157
reference_id
reference_type
scores
url http://www.debian.org/security/2015/dsa-3157
13
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:129
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:129
14
reference_url http://www.openwall.com/lists/oss-security/2014/07/09/13
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/07/09/13
15
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
16
reference_url http://www.securityfocus.com/bid/68474
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68474
17
reference_url http://www.ubuntu.com/usn/USN-2397-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2397-1
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1118158
reference_id 1118158
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1118158
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1:-:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.1:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1:-:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.1:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1:preview1:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-4975
reference_id CVE-2014-4975
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2014-4975
43
reference_url https://access.redhat.com/errata/RHSA-2014:1912
reference_id RHSA-2014:1912
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1912
44
reference_url https://access.redhat.com/errata/RHSA-2014:1913
reference_id RHSA-2014:1913
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1913
45
reference_url https://access.redhat.com/errata/RHSA-2014:1914
reference_id RHSA-2014:1914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1914
46
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
47
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
48
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
49
reference_url https://usn.ubuntu.com/2397-1/
reference_id USN-2397-1
reference_type
scores
url https://usn.ubuntu.com/2397-1/
fixed_packages
aliases CVE-2014-4975, GHSA-gxj7-mcpg-jpr6, OSV-108971
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rwak-wvuw-qbcg
13
url VCID-sf98-mryd-yfb3
vulnerability_id VCID-sf98-mryd-yfb3
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9096.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9096.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-9096
reference_id
reference_type
scores
0
value 0.01592
scoring_system epss
scoring_elements 0.81593
published_at 2026-04-01T12:55:00Z
1
value 0.01592
scoring_system epss
scoring_elements 0.81698
published_at 2026-04-21T12:55:00Z
2
value 0.01592
scoring_system epss
scoring_elements 0.81662
published_at 2026-04-12T12:55:00Z
3
value 0.01592
scoring_system epss
scoring_elements 0.81656
published_at 2026-04-13T12:55:00Z
4
value 0.01592
scoring_system epss
scoring_elements 0.81694
published_at 2026-04-18T12:55:00Z
5
value 0.01592
scoring_system epss
scoring_elements 0.81604
published_at 2026-04-02T12:55:00Z
6
value 0.01592
scoring_system epss
scoring_elements 0.81625
published_at 2026-04-04T12:55:00Z
7
value 0.01592
scoring_system epss
scoring_elements 0.81623
published_at 2026-04-07T12:55:00Z
8
value 0.01592
scoring_system epss
scoring_elements 0.8165
published_at 2026-04-08T12:55:00Z
9
value 0.01592
scoring_system epss
scoring_elements 0.81655
published_at 2026-04-09T12:55:00Z
10
value 0.01592
scoring_system epss
scoring_elements 0.81676
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-9096
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://hackerone.com/reports/137631
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
url https://hackerone.com/reports/137631
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1461846
reference_id 1461846
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1461846
12
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
13
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
14
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
15
reference_url https://usn.ubuntu.com/3365-1/
reference_id USN-3365-1
reference_type
scores
url https://usn.ubuntu.com/3365-1/
fixed_packages
aliases CVE-2015-9096, GHSA-2h3c-5vqm-gqfh
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sf98-mryd-yfb3
14
url VCID-sfzh-hn56-hbak
vulnerability_id VCID-sfzh-hn56-hbak
summary 
Buffer overflow vulnerability in Zlib::GzipReader
A buffer overflow vulnerability exists in Zlib::GzipReader.
This vulnerability has been assigned the CVE identifier
CVE-2026-27820. We recommend upgrading the zlib gem.

## Details

The zstream_buffer_ungets function prepends caller-provided bytes
ahead of previously produced output but fails to guarantee the
backing Ruby string has enough capacity before the memmove shifts
the existing data. This can lead to memory corruption when the
buffer length exceeds capacity.

## Recommended action

We recommend to update the zlib gem to version 3.2.3 or later.
In order to ensure compatibility with bundled version in older
Ruby series, you may update as follows instead:

* For Ruby 3.2 users: Update to zlib 3.0.1
* For Ruby 3.3 users: Update to zlib 3.1.2
* You can use gem update zlib to update it. If you are using
   bundler, please add gem "zlib", ">= 3.2.3" to your Gemfile.

## Affected versions:

zlib gem 3.2.2 or lower

## Credits

Thanks to calysteon for reporting this issue. Also thanks to
nobu for creating the patch.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27820.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27820.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27820
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02466
published_at 2026-04-21T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.12746
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27820
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27820
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27820
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/zlib/CVE-2026-27820.yml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/zlib/CVE-2026-27820.yml
5
reference_url https://github.com/ruby/zlib
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/zlib
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-27820
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-27820
7
reference_url https://www.ruby-lang.org/en/news/2026/03/05/buffer-overflow-zlib-cve-2026-27820
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2026/03/05/buffer-overflow-zlib-cve-2026-27820
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134341
reference_id 1134341
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134341
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2459002
reference_id 2459002
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2459002
10
reference_url https://hackerone.com/reports/3467067
reference_id 3467067
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T18:20:13Z/
url https://hackerone.com/reports/3467067
11
reference_url https://github.com/advisories/GHSA-g857-hhfv-j68w
reference_id GHSA-g857-hhfv-j68w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g857-hhfv-j68w
12
reference_url https://github.com/ruby/zlib/security/advisories/GHSA-g857-hhfv-j68w
reference_id GHSA-g857-hhfv-j68w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T18:20:13Z/
url https://github.com/ruby/zlib/security/advisories/GHSA-g857-hhfv-j68w
13
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
14
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
15
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
fixed_packages
aliases CVE-2026-27820, GHSA-g857-hhfv-j68w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sfzh-hn56-hbak
15
url VCID-t9y5-hd9b-bkc4
vulnerability_id VCID-t9y5-hd9b-bkc4
summary Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31810.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31810.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-31810
reference_id
reference_type
scores
0
value 0.00632
scoring_system epss
scoring_elements 0.70265
published_at 2026-04-01T12:55:00Z
1
value 0.00632
scoring_system epss
scoring_elements 0.7036
published_at 2026-04-21T12:55:00Z
2
value 0.00632
scoring_system epss
scoring_elements 0.70354
published_at 2026-04-11T12:55:00Z
3
value 0.00632
scoring_system epss
scoring_elements 0.70339
published_at 2026-04-12T12:55:00Z
4
value 0.00632
scoring_system epss
scoring_elements 0.70326
published_at 2026-04-13T12:55:00Z
5
value 0.00632
scoring_system epss
scoring_elements 0.7037
published_at 2026-04-16T12:55:00Z
6
value 0.00632
scoring_system epss
scoring_elements 0.70379
published_at 2026-04-18T12:55:00Z
7
value 0.00632
scoring_system epss
scoring_elements 0.70277
published_at 2026-04-02T12:55:00Z
8
value 0.00632
scoring_system epss
scoring_elements 0.70295
published_at 2026-04-04T12:55:00Z
9
value 0.00632
scoring_system epss
scoring_elements 0.70271
published_at 2026-04-07T12:55:00Z
10
value 0.00632
scoring_system epss
scoring_elements 0.70316
published_at 2026-04-08T12:55:00Z
11
value 0.00632
scoring_system epss
scoring_elements 0.70331
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-31810
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-31810
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements
1
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2021-31810
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014818
reference_id 1014818
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014818
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1980126
reference_id 1980126
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1980126
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990815
reference_id 990815
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990815
13
reference_url https://security.archlinux.org/ASA-202107-23
reference_id ASA-202107-23
reference_type
scores
url https://security.archlinux.org/ASA-202107-23
14
reference_url https://security.archlinux.org/AVG-1906
reference_id AVG-1906
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1906
15
reference_url https://security.archlinux.org/AVG-2138
reference_id AVG-2138
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2138
16
reference_url https://access.redhat.com/errata/RHSA-2021:3020
reference_id RHSA-2021:3020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3020
17
reference_url https://access.redhat.com/errata/RHSA-2021:3559
reference_id RHSA-2021:3559
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3559
18
reference_url https://access.redhat.com/errata/RHSA-2021:3982
reference_id RHSA-2021:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3982
19
reference_url https://access.redhat.com/errata/RHSA-2022:0543
reference_id RHSA-2022:0543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0543
20
reference_url https://access.redhat.com/errata/RHSA-2022:0544
reference_id RHSA-2022:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0544
21
reference_url https://access.redhat.com/errata/RHSA-2022:0581
reference_id RHSA-2022:0581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0581
22
reference_url https://access.redhat.com/errata/RHSA-2022:0582
reference_id RHSA-2022:0582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0582
23
reference_url https://access.redhat.com/errata/RHSA-2022:0672
reference_id RHSA-2022:0672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0672
24
reference_url https://access.redhat.com/errata/RHSA-2022:0708
reference_id RHSA-2022:0708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0708
25
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
26
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
27
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
28
reference_url https://usn.ubuntu.com/5020-1/
reference_id USN-5020-1
reference_type
scores
url https://usn.ubuntu.com/5020-1/
fixed_packages
aliases CVE-2021-31810, GHSA-wr95-679j-87v9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t9y5-hd9b-bkc4
16
url VCID-wzdf-d9fv-u3hh
vulnerability_id VCID-wzdf-d9fv-u3hh
summary security update
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0443.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0443.html
1
reference_url http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2014-12/msg00035.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2014-12/msg00035.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2015-01/msg00000.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2015-01/msg00000.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2015-01/msg00004.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2015-01/msg00004.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2014-1911.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1911.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2014-1912.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1912.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2014-1913.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1913.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-1914.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1914.html
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8080.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8080.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8080
reference_id
reference_type
scores
0
value 0.10784
scoring_system epss
scoring_elements 0.93378
published_at 2026-04-21T12:55:00Z
1
value 0.10784
scoring_system epss
scoring_elements 0.93317
published_at 2026-04-01T12:55:00Z
2
value 0.10784
scoring_system epss
scoring_elements 0.93326
published_at 2026-04-02T12:55:00Z
3
value 0.10784
scoring_system epss
scoring_elements 0.93332
published_at 2026-04-04T12:55:00Z
4
value 0.10784
scoring_system epss
scoring_elements 0.93331
published_at 2026-04-07T12:55:00Z
5
value 0.10784
scoring_system epss
scoring_elements 0.93339
published_at 2026-04-08T12:55:00Z
6
value 0.10784
scoring_system epss
scoring_elements 0.93344
published_at 2026-04-09T12:55:00Z
7
value 0.10784
scoring_system epss
scoring_elements 0.93349
published_at 2026-04-11T12:55:00Z
8
value 0.10784
scoring_system epss
scoring_elements 0.93347
published_at 2026-04-12T12:55:00Z
9
value 0.10784
scoring_system epss
scoring_elements 0.93348
published_at 2026-04-13T12:55:00Z
10
value 0.10784
scoring_system epss
scoring_elements 0.93366
published_at 2026-04-16T12:55:00Z
11
value 0.10784
scoring_system epss
scoring_elements 0.93371
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8080
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8090
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8090
14
reference_url http://secunia.com/advisories/61607
reference_id
reference_type
scores
url http://secunia.com/advisories/61607
15
reference_url http://secunia.com/advisories/62050
reference_id
reference_type
scores
url http://secunia.com/advisories/62050
16
reference_url http://secunia.com/advisories/62748
reference_id
reference_type
scores
url http://secunia.com/advisories/62748
17
reference_url https://support.apple.com/HT205267
reference_id
reference_type
scores
url https://support.apple.com/HT205267
18
reference_url https://www.ruby-lang.org/en/news/2014/10/27/rexml-dos-cve-2014-8080
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2014/10/27/rexml-dos-cve-2014-8080
19
reference_url https://www.ruby-lang.org/en/news/2014/10/27/rexml-dos-cve-2014-8080/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2014/10/27/rexml-dos-cve-2014-8080/
20
reference_url http://www.debian.org/security/2015/dsa-3157
reference_id
reference_type
scores
url http://www.debian.org/security/2015/dsa-3157
21
reference_url http://www.debian.org/security/2015/dsa-3159
reference_id
reference_type
scores
url http://www.debian.org/security/2015/dsa-3159
22
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:129
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:129
23
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
24
reference_url http://www.securityfocus.com/bid/70935
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/70935
25
reference_url http://www.ubuntu.com/usn/USN-2397-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2397-1
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1157709
reference_id 1157709
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1157709
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p385:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p385:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p385:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p392:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p392:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p392:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p426:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p426:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p426:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p429:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p429:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p429:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p448:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p448:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p448:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p545:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p545:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p545:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p547:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p547:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p547:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p451:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p451:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p451:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p481:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p481:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p481:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p576:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:p576:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p576:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p550:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:p550:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p550:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-8080
reference_id CVE-2014-8080
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-8080
59
reference_url https://security.gentoo.org/glsa/201412-27
reference_id GLSA-201412-27
reference_type
scores
url https://security.gentoo.org/glsa/201412-27
60
reference_url https://access.redhat.com/errata/RHSA-2014:1911
reference_id RHSA-2014:1911
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1911
61
reference_url https://access.redhat.com/errata/RHSA-2014:1912
reference_id RHSA-2014:1912
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1912
62
reference_url https://access.redhat.com/errata/RHSA-2014:1913
reference_id RHSA-2014:1913
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1913
63
reference_url https://access.redhat.com/errata/RHSA-2014:1914
reference_id RHSA-2014:1914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1914
64
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
65
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
66
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
67
reference_url https://usn.ubuntu.com/2397-1/
reference_id USN-2397-1
reference_type
scores
url https://usn.ubuntu.com/2397-1/
fixed_packages
aliases CVE-2014-8080, GHSA-ggvr-v7qh-jwjh, OSV-113747
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wzdf-d9fv-u3hh
17
url VCID-x126-x9qm-e7d3
vulnerability_id VCID-x126-x9qm-e7d3
summary ruby: Arbitrary memory address read vulnerability with Regex search
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27282.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27282.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-27282
reference_id
reference_type
scores
0
value 0.0057
scoring_system epss
scoring_elements 0.68642
published_at 2026-04-21T12:55:00Z
1
value 0.00619
scoring_system epss
scoring_elements 0.70042
published_at 2026-04-11T12:55:00Z
2
value 0.00619
scoring_system epss
scoring_elements 0.70066
published_at 2026-04-18T12:55:00Z
3
value 0.00619
scoring_system epss
scoring_elements 0.70057
published_at 2026-04-16T12:55:00Z
4
value 0.00619
scoring_system epss
scoring_elements 0.70013
published_at 2026-04-13T12:55:00Z
5
value 0.00619
scoring_system epss
scoring_elements 0.70027
published_at 2026-04-12T12:55:00Z
6
value 0.00619
scoring_system epss
scoring_elements 0.69962
published_at 2026-04-02T12:55:00Z
7
value 0.00619
scoring_system epss
scoring_elements 0.69977
published_at 2026-04-04T12:55:00Z
8
value 0.00619
scoring_system epss
scoring_elements 0.69954
published_at 2026-04-07T12:55:00Z
9
value 0.00619
scoring_system epss
scoring_elements 0.70002
published_at 2026-04-08T12:55:00Z
10
value 0.00619
scoring_system epss
scoring_elements 0.70018
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-27282
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27282
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27282
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements
1
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T18:26:58Z/
url https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069969
reference_id 1069969
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069969
6
reference_url https://hackerone.com/reports/2122624
reference_id 2122624
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T18:26:58Z/
url https://hackerone.com/reports/2122624
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2276810
reference_id 2276810
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2276810
8
reference_url https://access.redhat.com/errata/RHSA-2024:3500
reference_id RHSA-2024:3500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3500
9
reference_url https://access.redhat.com/errata/RHSA-2024:3546
reference_id RHSA-2024:3546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3546
10
reference_url https://access.redhat.com/errata/RHSA-2024:3668
reference_id RHSA-2024:3668
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3668
11
reference_url https://access.redhat.com/errata/RHSA-2024:3670
reference_id RHSA-2024:3670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3670
12
reference_url https://access.redhat.com/errata/RHSA-2024:3671
reference_id RHSA-2024:3671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3671
13
reference_url https://access.redhat.com/errata/RHSA-2024:3838
reference_id RHSA-2024:3838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3838
14
reference_url https://access.redhat.com/errata/RHSA-2024:4499
reference_id RHSA-2024:4499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4499
15
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
16
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
17
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
18
reference_url https://usn.ubuntu.com/6838-1/
reference_id USN-6838-1
reference_type
scores
url https://usn.ubuntu.com/6838-1/
19
reference_url https://usn.ubuntu.com/7734-1/
reference_id USN-7734-1
reference_type
scores
url https://usn.ubuntu.com/7734-1/
fixed_packages
aliases CVE-2024-27282, GHSA-63cq-cj6g-qfr2
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x126-x9qm-e7d3
18
url VCID-xkd6-jvma-skfk
vulnerability_id VCID-xkd6-jvma-skfk
summary 
Multiple vulnerabilities have been found in Ruby, the worst of
    which could lead to the remote execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14064.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14064.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14064
reference_id
reference_type
scores
0
value 0.01205
scoring_system epss
scoring_elements 0.78898
published_at 2026-04-01T12:55:00Z
1
value 0.01205
scoring_system epss
scoring_elements 0.78941
published_at 2026-04-08T12:55:00Z
2
value 0.01205
scoring_system epss
scoring_elements 0.78947
published_at 2026-04-09T12:55:00Z
3
value 0.01205
scoring_system epss
scoring_elements 0.7897
published_at 2026-04-11T12:55:00Z
4
value 0.01205
scoring_system epss
scoring_elements 0.78955
published_at 2026-04-12T12:55:00Z
5
value 0.01205
scoring_system epss
scoring_elements 0.78945
published_at 2026-04-13T12:55:00Z
6
value 0.01205
scoring_system epss
scoring_elements 0.78974
published_at 2026-04-16T12:55:00Z
7
value 0.01205
scoring_system epss
scoring_elements 0.78904
published_at 2026-04-02T12:55:00Z
8
value 0.01205
scoring_system epss
scoring_elements 0.78933
published_at 2026-04-04T12:55:00Z
9
value 0.01205
scoring_system epss
scoring_elements 0.78916
published_at 2026-04-07T12:55:00Z
10
value 0.01477
scoring_system epss
scoring_elements 0.81013
published_at 2026-04-21T12:55:00Z
11
value 0.01477
scoring_system epss
scoring_elements 0.81012
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14064
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-14064
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-14064
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1487552
reference_id 1487552
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1487552
12
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
13
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
14
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
15
reference_url https://usn.ubuntu.com/3439-1/
reference_id USN-3439-1
reference_type
scores
url https://usn.ubuntu.com/3439-1/
fixed_packages
aliases CVE-2017-14064, GHSA-954h-8gv7-2q75
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xkd6-jvma-skfk
19
url VCID-y56y-5am7-wkhr
vulnerability_id VCID-y56y-5am7-wkhr
summary 
Multiple vulnerabilities have been found in Ruby, the worst of
    which could lead to the remote execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16254.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16254.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-16254
reference_id
reference_type
scores
0
value 0.00707
scoring_system epss
scoring_elements 0.72109
published_at 2026-04-01T12:55:00Z
1
value 0.00707
scoring_system epss
scoring_elements 0.72189
published_at 2026-04-21T12:55:00Z
2
value 0.00707
scoring_system epss
scoring_elements 0.72168
published_at 2026-04-12T12:55:00Z
3
value 0.00707
scoring_system epss
scoring_elements 0.72154
published_at 2026-04-13T12:55:00Z
4
value 0.00707
scoring_system epss
scoring_elements 0.72196
published_at 2026-04-16T12:55:00Z
5
value 0.00707
scoring_system epss
scoring_elements 0.72204
published_at 2026-04-18T12:55:00Z
6
value 0.00707
scoring_system epss
scoring_elements 0.72115
published_at 2026-04-02T12:55:00Z
7
value 0.00707
scoring_system epss
scoring_elements 0.72135
published_at 2026-04-04T12:55:00Z
8
value 0.00707
scoring_system epss
scoring_elements 0.72113
published_at 2026-04-07T12:55:00Z
9
value 0.00707
scoring_system epss
scoring_elements 0.7215
published_at 2026-04-08T12:55:00Z
10
value 0.00707
scoring_system epss
scoring_elements 0.72162
published_at 2026-04-09T12:55:00Z
11
value 0.00707
scoring_system epss
scoring_elements 0.72184
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-16254
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15845
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15845
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16201
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16201
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16254
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16254
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16255
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-16254
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-16254
8
reference_url https://www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1789556
reference_id 1789556
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1789556
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972230
reference_id 972230
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972230
11
reference_url https://security.archlinux.org/ASA-201910-2
reference_id ASA-201910-2
reference_type
scores
url https://security.archlinux.org/ASA-201910-2
12
reference_url https://security.archlinux.org/AVG-1039
reference_id AVG-1039
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1039
13
reference_url https://security.gentoo.org/glsa/202003-06
reference_id GLSA-202003-06
reference_type
scores
url https://security.gentoo.org/glsa/202003-06
14
reference_url https://access.redhat.com/errata/RHSA-2021:2104
reference_id RHSA-2021:2104
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2104
15
reference_url https://access.redhat.com/errata/RHSA-2021:2230
reference_id RHSA-2021:2230
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2230
16
reference_url https://access.redhat.com/errata/RHSA-2021:2587
reference_id RHSA-2021:2587
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2587
17
reference_url https://access.redhat.com/errata/RHSA-2021:2588
reference_id RHSA-2021:2588
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2588
18
reference_url https://access.redhat.com/errata/RHSA-2022:0581
reference_id RHSA-2022:0581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0581
19
reference_url https://access.redhat.com/errata/RHSA-2022:0582
reference_id RHSA-2022:0582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0582
20
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
21
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
22
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
23
reference_url https://usn.ubuntu.com/4201-1/
reference_id USN-4201-1
reference_type
scores
url https://usn.ubuntu.com/4201-1/
fixed_packages
aliases CVE-2019-16254, GHSA-w9fp-2996-hhwx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y56y-5am7-wkhr
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby3-3-main@3.3.10-23.1%3Farch=hum1