Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-ruby23-ruby@2.3.8-69?arch=el6
Typerpm
Namespaceredhat
Namerh-ruby23-ruby
Version2.3.8-69
Qualifiers
arch el6
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1cad-uybu-2uau
vulnerability_id VCID-1cad-uybu-2uau
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17742.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17742.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17742
reference_id
reference_type
scores
0
value 0.01152
scoring_system epss
scoring_elements 0.78524
published_at 2026-04-21T12:55:00Z
1
value 0.01152
scoring_system epss
scoring_elements 0.78527
published_at 2026-04-18T12:55:00Z
2
value 0.01152
scoring_system epss
scoring_elements 0.78508
published_at 2026-04-12T12:55:00Z
3
value 0.01152
scoring_system epss
scoring_elements 0.785
published_at 2026-04-13T12:55:00Z
4
value 0.01152
scoring_system epss
scoring_elements 0.7845
published_at 2026-04-01T12:55:00Z
5
value 0.01152
scoring_system epss
scoring_elements 0.78456
published_at 2026-04-02T12:55:00Z
6
value 0.01152
scoring_system epss
scoring_elements 0.78487
published_at 2026-04-04T12:55:00Z
7
value 0.01152
scoring_system epss
scoring_elements 0.7847
published_at 2026-04-07T12:55:00Z
8
value 0.01152
scoring_system epss
scoring_elements 0.78497
published_at 2026-04-08T12:55:00Z
9
value 0.01152
scoring_system epss
scoring_elements 0.78502
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17742
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
17
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-17742
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-17742
19
reference_url https://www.ruby-lang.org/en/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1561952
reference_id 1561952
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1561952
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972230
reference_id 972230
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972230
22
reference_url https://access.redhat.com/errata/RHSA-2020:1963
reference_id RHSA-2020:1963
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1963
23
reference_url https://access.redhat.com/errata/RHSA-2020:2212
reference_id RHSA-2020:2212
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2212
24
reference_url https://access.redhat.com/errata/RHSA-2020:2288
reference_id RHSA-2020:2288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2288
fixed_packages
aliases CVE-2017-17742, GHSA-7p4c-jf2w-hc3w
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1cad-uybu-2uau
1
url VCID-8d7n-bfhu-dkfd
vulnerability_id VCID-8d7n-bfhu-dkfd
summary 
Loop with Unreachable Exit Condition (Infinite Loop)
RubyGems contains an infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop.
references
0
reference_url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
2
reference_url https://access.redhat.com/errata/RHSA-2018:3729
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3729
3
reference_url https://access.redhat.com/errata/RHSA-2018:3730
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3730
4
reference_url https://access.redhat.com/errata/RHSA-2018:3731
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3731
5
reference_url https://access.redhat.com/errata/RHSA-2019:2028
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2028
6
reference_url https://access.redhat.com/errata/RHSA-2020:0542
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0542
7
reference_url https://access.redhat.com/errata/RHSA-2020:0591
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0591
8
reference_url https://access.redhat.com/errata/RHSA-2020:0663
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0663
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000075.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000075.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000075
reference_id
reference_type
scores
0
value 0.0176
scoring_system epss
scoring_elements 0.82537
published_at 2026-04-01T12:55:00Z
1
value 0.0176
scoring_system epss
scoring_elements 0.82643
published_at 2026-04-21T12:55:00Z
2
value 0.0176
scoring_system epss
scoring_elements 0.82614
published_at 2026-04-11T12:55:00Z
3
value 0.0176
scoring_system epss
scoring_elements 0.82608
published_at 2026-04-12T12:55:00Z
4
value 0.0176
scoring_system epss
scoring_elements 0.82596
published_at 2026-04-09T12:55:00Z
5
value 0.0176
scoring_system epss
scoring_elements 0.82588
published_at 2026-04-08T12:55:00Z
6
value 0.0176
scoring_system epss
scoring_elements 0.82562
published_at 2026-04-07T12:55:00Z
7
value 0.0176
scoring_system epss
scoring_elements 0.82566
published_at 2026-04-04T12:55:00Z
8
value 0.0176
scoring_system epss
scoring_elements 0.82551
published_at 2026-04-02T12:55:00Z
9
value 0.0176
scoring_system epss
scoring_elements 0.82602
published_at 2026-04-13T12:55:00Z
10
value 0.0176
scoring_system epss
scoring_elements 0.82639
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000075
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
28
reference_url https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183
29
reference_url https://github.com/rubygems/rubygems/commit/92e98bf8f810bd812f919120d4832df51bc25d83
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/92e98bf8f810bd812f919120d4832df51bc25d83
30
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00000.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00000.html
31
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00001.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00001.html
32
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html
33
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
34
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html
35
reference_url https://usn.ubuntu.com/3621-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3621-1
36
reference_url https://usn.ubuntu.com/3621-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3621-1/
37
reference_url https://www.debian.org/security/2018/dsa-4219
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4219
38
reference_url https://www.debian.org/security/2018/dsa-4259
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4259
39
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1547420
reference_id 1547420
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1547420
40
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000075
reference_id CVE-2018-1000075
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000075
41
reference_url https://github.com/advisories/GHSA-74pv-v9gh-h25p
reference_id GHSA-74pv-v9gh-h25p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-74pv-v9gh-h25p
fixed_packages
aliases CVE-2018-1000075, GHSA-74pv-v9gh-h25p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8d7n-bfhu-dkfd
2
url VCID-8hm4-c4w4-gfen
vulnerability_id VCID-8hm4-c4w4-gfen
summary 
Cross-site Scripting
RubyGems contains a Cross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appears to be exploitable by the victim browsing to a malicious gem on a vulnerable gem server.
references
0
reference_url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
2
reference_url https://access.redhat.com/errata/RHSA-2018:3729
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3729
3
reference_url https://access.redhat.com/errata/RHSA-2018:3730
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3730
4
reference_url https://access.redhat.com/errata/RHSA-2018:3731
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3731
5
reference_url https://access.redhat.com/errata/RHSA-2019:2028
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2028
6
reference_url https://access.redhat.com/errata/RHSA-2020:0542
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0542
7
reference_url https://access.redhat.com/errata/RHSA-2020:0591
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0591
8
reference_url https://access.redhat.com/errata/RHSA-2020:0663
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0663
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000078.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000078.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000078
reference_id
reference_type
scores
0
value 0.00823
scoring_system epss
scoring_elements 0.74425
published_at 2026-04-08T12:55:00Z
1
value 0.00823
scoring_system epss
scoring_elements 0.7448
published_at 2026-04-18T12:55:00Z
2
value 0.00823
scoring_system epss
scoring_elements 0.74471
published_at 2026-04-21T12:55:00Z
3
value 0.00823
scoring_system epss
scoring_elements 0.74417
published_at 2026-04-04T12:55:00Z
4
value 0.00823
scoring_system epss
scoring_elements 0.7439
published_at 2026-04-02T12:55:00Z
5
value 0.00823
scoring_system epss
scoring_elements 0.74387
published_at 2026-04-01T12:55:00Z
6
value 0.00823
scoring_system epss
scoring_elements 0.74392
published_at 2026-04-07T12:55:00Z
7
value 0.00823
scoring_system epss
scoring_elements 0.74442
published_at 2026-04-09T12:55:00Z
8
value 0.00823
scoring_system epss
scoring_elements 0.74464
published_at 2026-04-11T12:55:00Z
9
value 0.00823
scoring_system epss
scoring_elements 0.74444
published_at 2026-04-12T12:55:00Z
10
value 0.00823
scoring_system epss
scoring_elements 0.74435
published_at 2026-04-13T12:55:00Z
11
value 0.00823
scoring_system epss
scoring_elements 0.74472
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000078
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
28
reference_url https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183
29
reference_url https://github.com/rubygems/rubygems/commit/66a28b9275551384fdab45f3591a82d6b59952cb
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/66a28b9275551384fdab45f3591a82d6b59952cb
30
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00000.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00000.html
31
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00001.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00001.html
32
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html
33
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
34
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html
35
reference_url https://usn.ubuntu.com/3621-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3621-1
36
reference_url https://usn.ubuntu.com/3621-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3621-1/
37
reference_url https://www.debian.org/security/2018/dsa-4219
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4219
38
reference_url https://www.debian.org/security/2018/dsa-4259
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4259
39
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1547425
reference_id 1547425
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1547425
40
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000078
reference_id CVE-2018-1000078
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000078
41
reference_url https://github.com/advisories/GHSA-87qx-g5wg-mwmj
reference_id GHSA-87qx-g5wg-mwmj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-87qx-g5wg-mwmj
fixed_packages
aliases CVE-2018-1000078, GHSA-87qx-g5wg-mwmj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8hm4-c4w4-gfen
3
url VCID-9t45-d5mf-3uar
vulnerability_id VCID-9t45-d5mf-3uar
summary 
Path Traversal
RubyGems contains a Directory Traversal vulnerability in gem installation that can result in the gem being able to write to arbitrary filesystem locations during installation. This attack appears to be exploitable by a victim installing a malicious gem.
references
0
reference_url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
2
reference_url https://access.redhat.com/errata/RHSA-2018:3729
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3729
3
reference_url https://access.redhat.com/errata/RHSA-2018:3730
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3730
4
reference_url https://access.redhat.com/errata/RHSA-2018:3731
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3731
5
reference_url https://access.redhat.com/errata/RHSA-2019:2028
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2028
6
reference_url https://access.redhat.com/errata/RHSA-2020:0542
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0542
7
reference_url https://access.redhat.com/errata/RHSA-2020:0591
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0591
8
reference_url https://access.redhat.com/errata/RHSA-2020:0663
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0663
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000079.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000079.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000079
reference_id
reference_type
scores
0
value 0.00316
scoring_system epss
scoring_elements 0.54731
published_at 2026-04-21T12:55:00Z
1
value 0.00316
scoring_system epss
scoring_elements 0.54624
published_at 2026-04-01T12:55:00Z
2
value 0.00316
scoring_system epss
scoring_elements 0.54695
published_at 2026-04-02T12:55:00Z
3
value 0.00316
scoring_system epss
scoring_elements 0.54717
published_at 2026-04-04T12:55:00Z
4
value 0.00316
scoring_system epss
scoring_elements 0.54687
published_at 2026-04-07T12:55:00Z
5
value 0.00316
scoring_system epss
scoring_elements 0.5474
published_at 2026-04-08T12:55:00Z
6
value 0.00316
scoring_system epss
scoring_elements 0.54735
published_at 2026-04-09T12:55:00Z
7
value 0.00316
scoring_system epss
scoring_elements 0.54748
published_at 2026-04-16T12:55:00Z
8
value 0.00316
scoring_system epss
scoring_elements 0.54732
published_at 2026-04-12T12:55:00Z
9
value 0.00316
scoring_system epss
scoring_elements 0.5471
published_at 2026-04-13T12:55:00Z
10
value 0.00316
scoring_system epss
scoring_elements 0.54751
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000079
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895778
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895778
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
27
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
28
reference_url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
29
reference_url https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183
30
reference_url https://github.com/rubygems/rubygems/commit/666ef793cad42eed96f7aee1cdf77865db921099
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements
1
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/666ef793cad42eed96f7aee1cdf77865db921099
31
reference_url https://github.com/rubygems/rubygems/commit/f83f911e19e27cbac1ccce7471d96642241dd759
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/f83f911e19e27cbac1ccce7471d96642241dd759
32
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
33
reference_url https://usn.ubuntu.com/3621-1
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3621-1
34
reference_url https://usn.ubuntu.com/3621-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3621-1/
35
reference_url https://www.debian.org/security/2018/dsa-4219
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4219
36
reference_url https://www.debian.org/security/2018/dsa-4259
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4259
37
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1547426
reference_id 1547426
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1547426
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000079
reference_id CVE-2018-1000079
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000079
39
reference_url https://security-tracker.debian.org/tracker/CVE-2018-1000079
reference_id CVE-2018-1000079
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2018-1000079
40
reference_url https://github.com/advisories/GHSA-8qxg-mff5-j3wc
reference_id GHSA-8qxg-mff5-j3wc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8qxg-mff5-j3wc
fixed_packages
aliases CVE-2018-1000079, GHSA-8qxg-mff5-j3wc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9t45-d5mf-3uar
4
url VCID-af1f-xwwy-jfa8
vulnerability_id VCID-af1f-xwwy-jfa8
summary RubyGems contains a Deserialization of Untrusted Data vulnerability in owner command that can result in code execution. This attack appears to be exploitable when the victim runs the `gem owner` command on a gem with a specially crafted YAML file.
references
0
reference_url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
2
reference_url https://access.redhat.com/errata/RHSA-2018:3729
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3729
3
reference_url https://access.redhat.com/errata/RHSA-2018:3730
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3730
4
reference_url https://access.redhat.com/errata/RHSA-2018:3731
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3731
5
reference_url https://access.redhat.com/errata/RHSA-2019:2028
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2028
6
reference_url https://access.redhat.com/errata/RHSA-2020:0542
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0542
7
reference_url https://access.redhat.com/errata/RHSA-2020:0591
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0591
8
reference_url https://access.redhat.com/errata/RHSA-2020:0663
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0663
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000074.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000074.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000074
reference_id
reference_type
scores
0
value 0.00535
scoring_system epss
scoring_elements 0.67466
published_at 2026-04-21T12:55:00Z
1
value 0.00535
scoring_system epss
scoring_elements 0.6736
published_at 2026-04-01T12:55:00Z
2
value 0.00535
scoring_system epss
scoring_elements 0.67396
published_at 2026-04-07T12:55:00Z
3
value 0.00535
scoring_system epss
scoring_elements 0.67417
published_at 2026-04-04T12:55:00Z
4
value 0.00535
scoring_system epss
scoring_elements 0.67448
published_at 2026-04-08T12:55:00Z
5
value 0.00535
scoring_system epss
scoring_elements 0.67462
published_at 2026-04-09T12:55:00Z
6
value 0.00535
scoring_system epss
scoring_elements 0.67484
published_at 2026-04-11T12:55:00Z
7
value 0.00535
scoring_system epss
scoring_elements 0.67471
published_at 2026-04-12T12:55:00Z
8
value 0.00535
scoring_system epss
scoring_elements 0.67438
published_at 2026-04-13T12:55:00Z
9
value 0.00535
scoring_system epss
scoring_elements 0.67474
published_at 2026-04-16T12:55:00Z
10
value 0.00535
scoring_system epss
scoring_elements 0.67486
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000074
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
28
reference_url https://github.com/rubygems/rubygems/commit/254e3d0ee873c008c0b74e8b8abcbdab4caa0a6d
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements
1
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/254e3d0ee873c008c0b74e8b8abcbdab4caa0a6d
29
reference_url https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183
30
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00017.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00017.html
31
reference_url https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html
32
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html
33
reference_url https://usn.ubuntu.com/3621-1
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3621-1
34
reference_url https://usn.ubuntu.com/3621-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3621-1/
35
reference_url https://usn.ubuntu.com/3621-2
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3621-2
36
reference_url https://usn.ubuntu.com/3621-2/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3621-2/
37
reference_url https://usn.ubuntu.com/3685-1
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3685-1
38
reference_url https://usn.ubuntu.com/3685-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3685-1/
39
reference_url https://www.debian.org/security/2018/dsa-4219
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4219
40
reference_url https://www.debian.org/security/2018/dsa-4259
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4259
41
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1547419
reference_id 1547419
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1547419
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000074
reference_id CVE-2018-1000074
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000074
43
reference_url https://github.com/advisories/GHSA-qj2w-mw2r-pv39
reference_id GHSA-qj2w-mw2r-pv39
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qj2w-mw2r-pv39
fixed_packages
aliases CVE-2018-1000074, GHSA-qj2w-mw2r-pv39
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-af1f-xwwy-jfa8
5
url VCID-bad1-7aa4-cugv
vulnerability_id VCID-bad1-7aa4-cugv
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6914.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6914.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-6914
reference_id
reference_type
scores
0
value 0.02372
scoring_system epss
scoring_elements 0.84884
published_at 2026-04-01T12:55:00Z
1
value 0.02372
scoring_system epss
scoring_elements 0.84981
published_at 2026-04-21T12:55:00Z
2
value 0.02372
scoring_system epss
scoring_elements 0.84982
published_at 2026-04-16T12:55:00Z
3
value 0.02372
scoring_system epss
scoring_elements 0.84984
published_at 2026-04-18T12:55:00Z
4
value 0.02372
scoring_system epss
scoring_elements 0.849
published_at 2026-04-02T12:55:00Z
5
value 0.02372
scoring_system epss
scoring_elements 0.84918
published_at 2026-04-04T12:55:00Z
6
value 0.02372
scoring_system epss
scoring_elements 0.84922
published_at 2026-04-07T12:55:00Z
7
value 0.02372
scoring_system epss
scoring_elements 0.84945
published_at 2026-04-08T12:55:00Z
8
value 0.02372
scoring_system epss
scoring_elements 0.84952
published_at 2026-04-09T12:55:00Z
9
value 0.02372
scoring_system epss
scoring_elements 0.84967
published_at 2026-04-11T12:55:00Z
10
value 0.02372
scoring_system epss
scoring_elements 0.84966
published_at 2026-04-12T12:55:00Z
11
value 0.02372
scoring_system epss
scoring_elements 0.84961
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-6914
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
17
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
18
reference_url https://www.ruby-lang.org/en/news/2018/03/28/unintentional-file-and-directory-creation-with-directory-traversal-cve-2018-6914/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2018/03/28/unintentional-file-and-directory-creation-with-directory-traversal-cve-2018-6914/
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1561947
reference_id 1561947
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1561947
20
reference_url https://usn.ubuntu.com/3626-1/
reference_id USN-3626-1
reference_type
scores
url https://usn.ubuntu.com/3626-1/
fixed_packages
aliases CVE-2018-6914, GHSA-wpg3-wgm5-rv8w
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bad1-7aa4-cugv
6
url VCID-c3y8-w4b4-3qea
vulnerability_id VCID-c3y8-w4b4-3qea
summary 
Improper Certificate Validation
When two `OpenSSL::X509::Name` objects are compared using `==`, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of `==` will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
1
reference_url https://access.redhat.com/errata/RHSA-2018:3729
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3729
2
reference_url https://access.redhat.com/errata/RHSA-2018:3730
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3730
3
reference_url https://access.redhat.com/errata/RHSA-2018:3731
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3731
4
reference_url https://access.redhat.com/errata/RHSA-2018:3738
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3738
5
reference_url https://access.redhat.com/errata/RHSA-2019:1948
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:1948
6
reference_url https://access.redhat.com/errata/RHSA-2019:2565
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2565
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16395.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16395.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16395
reference_id
reference_type
scores
0
value 0.04424
scoring_system epss
scoring_elements 0.89042
published_at 2026-04-21T12:55:00Z
1
value 0.04424
scoring_system epss
scoring_elements 0.8903
published_at 2026-04-09T12:55:00Z
2
value 0.04424
scoring_system epss
scoring_elements 0.89024
published_at 2026-04-08T12:55:00Z
3
value 0.04424
scoring_system epss
scoring_elements 0.89006
published_at 2026-04-07T12:55:00Z
4
value 0.04424
scoring_system epss
scoring_elements 0.89004
published_at 2026-04-04T12:55:00Z
5
value 0.04424
scoring_system epss
scoring_elements 0.88988
published_at 2026-04-02T12:55:00Z
6
value 0.04424
scoring_system epss
scoring_elements 0.89037
published_at 2026-04-12T12:55:00Z
7
value 0.04424
scoring_system epss
scoring_elements 0.8898
published_at 2026-04-01T12:55:00Z
8
value 0.04424
scoring_system epss
scoring_elements 0.89034
published_at 2026-04-13T12:55:00Z
9
value 0.04424
scoring_system epss
scoring_elements 0.89048
published_at 2026-04-16T12:55:00Z
10
value 0.04424
scoring_system epss
scoring_elements 0.89047
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16395
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16395
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16395
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16396
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://github.com/ruby/openssl/commit/f653cfa43f0f20e8c440122ea982382b6228e7f5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/openssl/commit/f653cfa43f0f20e8c440122ea982382b6228e7f5
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/openssl/CVE-2018-16395.yml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/openssl/CVE-2018-16395.yml
14
reference_url https://hackerone.com/reports/387250
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/387250
15
reference_url https://lists.debian.org/debian-lts-announce/2018/10/msg00020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/10/msg00020.html
16
reference_url https://security.netapp.com/advisory/ntap-20190221-0002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190221-0002
17
reference_url https://security.netapp.com/advisory/ntap-20190221-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190221-0002/
18
reference_url https://usn.ubuntu.com/3808-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3808-1
19
reference_url https://web.archive.org/web/20211206015239/https://securitytracker.com/id/1042105
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211206015239/https://securitytracker.com/id/1042105
20
reference_url https://www.debian.org/security/2018/dsa-4332
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4332
21
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2020.html
22
reference_url https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395
23
reference_url https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/
24
reference_url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-3-8-released
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-3-8-released
25
reference_url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-3-8-released/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-3-8-released/
26
reference_url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-4-5-released
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-4-5-released
27
reference_url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-4-5-released/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-4-5-released/
28
reference_url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-5-2-released
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-5-2-released
29
reference_url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-5-2-released/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-5-2-released/
30
reference_url https://www.ruby-lang.org/en/news/2018/11/06/ruby-2-6-0-preview3-released
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2018/11/06/ruby-2-6-0-preview3-released
31
reference_url https://www.ruby-lang.org/en/news/2018/11/06/ruby-2-6-0-preview3-released/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2018/11/06/ruby-2-6-0-preview3-released/
32
reference_url http://www.securitytracker.com/id/1042105
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1042105
33
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1643086
reference_id 1643086
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1643086
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16395
reference_id CVE-2018-16395
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-16395
35
reference_url https://github.com/advisories/GHSA-mmrq-6999-72v8
reference_id GHSA-mmrq-6999-72v8
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mmrq-6999-72v8
36
reference_url https://usn.ubuntu.com/3808-1/
reference_id USN-3808-1
reference_type
scores
url https://usn.ubuntu.com/3808-1/
fixed_packages
aliases CVE-2018-16395, GHSA-mmrq-6999-72v8
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c3y8-w4b4-3qea
7
url VCID-kamp-zmtx-aqbz
vulnerability_id VCID-kamp-zmtx-aqbz
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16396.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16396.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16396
reference_id
reference_type
scores
0
value 0.03288
scoring_system epss
scoring_elements 0.87143
published_at 2026-04-01T12:55:00Z
1
value 0.03288
scoring_system epss
scoring_elements 0.87211
published_at 2026-04-21T12:55:00Z
2
value 0.03288
scoring_system epss
scoring_elements 0.87212
published_at 2026-04-16T12:55:00Z
3
value 0.03288
scoring_system epss
scoring_elements 0.87217
published_at 2026-04-18T12:55:00Z
4
value 0.03288
scoring_system epss
scoring_elements 0.87154
published_at 2026-04-02T12:55:00Z
5
value 0.03288
scoring_system epss
scoring_elements 0.87171
published_at 2026-04-04T12:55:00Z
6
value 0.03288
scoring_system epss
scoring_elements 0.87168
published_at 2026-04-07T12:55:00Z
7
value 0.03288
scoring_system epss
scoring_elements 0.87188
published_at 2026-04-08T12:55:00Z
8
value 0.03288
scoring_system epss
scoring_elements 0.87195
published_at 2026-04-09T12:55:00Z
9
value 0.03288
scoring_system epss
scoring_elements 0.87208
published_at 2026-04-11T12:55:00Z
10
value 0.03288
scoring_system epss
scoring_elements 0.87202
published_at 2026-04-12T12:55:00Z
11
value 0.03288
scoring_system epss
scoring_elements 0.87198
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16396
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16395
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16395
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16396
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://www.ruby-lang.org/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1643089
reference_id 1643089
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1643089
7
reference_url https://access.redhat.com/errata/RHSA-2020:2769
reference_id RHSA-2020:2769
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2769
8
reference_url https://access.redhat.com/errata/RHSA-2020:2839
reference_id RHSA-2020:2839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2839
9
reference_url https://usn.ubuntu.com/3808-1/
reference_id USN-3808-1
reference_type
scores
url https://usn.ubuntu.com/3808-1/
fixed_packages
aliases CVE-2018-16396, GHSA-xh4x-ph6p-vmxh
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kamp-zmtx-aqbz
8
url VCID-mamm-cvdr-subf
vulnerability_id VCID-mamm-cvdr-subf
summary RubyGems contains an Improper Input Validation vulnerability in ruby gems specification homepage attribute that can result in a malicious gem being able to set an invalid homepage URL.
references
0
reference_url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
2
reference_url https://access.redhat.com/errata/RHSA-2018:3729
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3729
3
reference_url https://access.redhat.com/errata/RHSA-2018:3730
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3730
4
reference_url https://access.redhat.com/errata/RHSA-2018:3731
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3731
5
reference_url https://access.redhat.com/errata/RHSA-2019:2028
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2028
6
reference_url https://access.redhat.com/errata/RHSA-2020:0542
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0542
7
reference_url https://access.redhat.com/errata/RHSA-2020:0591
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0591
8
reference_url https://access.redhat.com/errata/RHSA-2020:0663
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0663
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000077.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000077.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000077
reference_id
reference_type
scores
0
value 0.01066
scoring_system epss
scoring_elements 0.77725
published_at 2026-04-21T12:55:00Z
1
value 0.01066
scoring_system epss
scoring_elements 0.77636
published_at 2026-04-01T12:55:00Z
2
value 0.01066
scoring_system epss
scoring_elements 0.77643
published_at 2026-04-02T12:55:00Z
3
value 0.01066
scoring_system epss
scoring_elements 0.7767
published_at 2026-04-04T12:55:00Z
4
value 0.01066
scoring_system epss
scoring_elements 0.77652
published_at 2026-04-07T12:55:00Z
5
value 0.01066
scoring_system epss
scoring_elements 0.7768
published_at 2026-04-08T12:55:00Z
6
value 0.01066
scoring_system epss
scoring_elements 0.77686
published_at 2026-04-09T12:55:00Z
7
value 0.01066
scoring_system epss
scoring_elements 0.77712
published_at 2026-04-11T12:55:00Z
8
value 0.01066
scoring_system epss
scoring_elements 0.77695
published_at 2026-04-12T12:55:00Z
9
value 0.01066
scoring_system epss
scoring_elements 0.77694
published_at 2026-04-13T12:55:00Z
10
value 0.01066
scoring_system epss
scoring_elements 0.77731
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000077
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
28
reference_url https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183
29
reference_url https://github.com/rubygems/rubygems/commit/feadefc2d351dcb95d6492f5ad17ebca546eb964
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/feadefc2d351dcb95d6492f5ad17ebca546eb964
30
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00000.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00000.html
31
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00001.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00001.html
32
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html
33
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
34
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html
35
reference_url https://usn.ubuntu.com/3621-1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3621-1
36
reference_url https://usn.ubuntu.com/3621-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3621-1/
37
reference_url https://www.debian.org/security/2018/dsa-4219
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4219
38
reference_url https://www.debian.org/security/2018/dsa-4259
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4259
39
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1547422
reference_id 1547422
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1547422
40
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000077
reference_id CVE-2018-1000077
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000077
41
reference_url https://github.com/advisories/GHSA-gv86-43rv-79m2
reference_id GHSA-gv86-43rv-79m2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gv86-43rv-79m2
fixed_packages
aliases CVE-2018-1000077, GHSA-gv86-43rv-79m2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mamm-cvdr-subf
9
url VCID-qyz5-zmnt-qucy
vulnerability_id VCID-qyz5-zmnt-qucy
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8780.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8780.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8780
reference_id
reference_type
scores
0
value 0.01344
scoring_system epss
scoring_elements 0.80001
published_at 2026-04-01T12:55:00Z
1
value 0.01344
scoring_system epss
scoring_elements 0.80081
published_at 2026-04-21T12:55:00Z
2
value 0.01344
scoring_system epss
scoring_elements 0.80052
published_at 2026-04-13T12:55:00Z
3
value 0.01344
scoring_system epss
scoring_elements 0.8008
published_at 2026-04-18T12:55:00Z
4
value 0.01344
scoring_system epss
scoring_elements 0.80009
published_at 2026-04-02T12:55:00Z
5
value 0.01344
scoring_system epss
scoring_elements 0.8003
published_at 2026-04-04T12:55:00Z
6
value 0.01344
scoring_system epss
scoring_elements 0.8002
published_at 2026-04-07T12:55:00Z
7
value 0.01344
scoring_system epss
scoring_elements 0.80048
published_at 2026-04-08T12:55:00Z
8
value 0.01344
scoring_system epss
scoring_elements 0.80057
published_at 2026-04-09T12:55:00Z
9
value 0.01344
scoring_system epss
scoring_elements 0.80076
published_at 2026-04-11T12:55:00Z
10
value 0.01344
scoring_system epss
scoring_elements 0.80061
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8780
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
17
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
18
reference_url https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1561949
reference_id 1561949
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1561949
20
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
21
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
22
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
23
reference_url https://usn.ubuntu.com/3626-1/
reference_id USN-3626-1
reference_type
scores
url https://usn.ubuntu.com/3626-1/
fixed_packages
aliases CVE-2018-8780, GHSA-fphx-j9v2-w2cx
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qyz5-zmnt-qucy
10
url VCID-rdme-1q3s-43d8
vulnerability_id VCID-rdme-1q3s-43d8
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8777.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8777.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8777
reference_id
reference_type
scores
0
value 0.01449
scoring_system epss
scoring_elements 0.80806
published_at 2026-04-21T12:55:00Z
1
value 0.01449
scoring_system epss
scoring_elements 0.80765
published_at 2026-04-13T12:55:00Z
2
value 0.01449
scoring_system epss
scoring_elements 0.80802
published_at 2026-04-16T12:55:00Z
3
value 0.01449
scoring_system epss
scoring_elements 0.80805
published_at 2026-04-18T12:55:00Z
4
value 0.01864
scoring_system epss
scoring_elements 0.8301
published_at 2026-04-02T12:55:00Z
5
value 0.01864
scoring_system epss
scoring_elements 0.83021
published_at 2026-04-07T12:55:00Z
6
value 0.01864
scoring_system epss
scoring_elements 0.83046
published_at 2026-04-08T12:55:00Z
7
value 0.01864
scoring_system epss
scoring_elements 0.83053
published_at 2026-04-09T12:55:00Z
8
value 0.01864
scoring_system epss
scoring_elements 0.83069
published_at 2026-04-11T12:55:00Z
9
value 0.01864
scoring_system epss
scoring_elements 0.83063
published_at 2026-04-12T12:55:00Z
10
value 0.01864
scoring_system epss
scoring_elements 0.82993
published_at 2026-04-01T12:55:00Z
11
value 0.01864
scoring_system epss
scoring_elements 0.83023
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8777
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
17
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
18
reference_url https://www.ruby-lang.org/en/news/2018/03/28/large-request-dos-in-webrick-cve-2018-8777/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2018/03/28/large-request-dos-in-webrick-cve-2018-8777/
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1561950
reference_id 1561950
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1561950
fixed_packages
aliases CVE-2018-8777, GHSA-9j6f-82h4-9mw2
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rdme-1q3s-43d8
11
url VCID-tq93-h2ag-s3bx
vulnerability_id VCID-tq93-h2ag-s3bx
summary 
Path Traversal
RubyGems contains a Directory Traversal vulnerability in install_location function of `package.rb` that can result in path traversal when writing to a symlinked basedir outside the root.
references
0
reference_url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
2
reference_url https://access.redhat.com/errata/RHSA-2018:3729
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3729
3
reference_url https://access.redhat.com/errata/RHSA-2018:3730
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3730
4
reference_url https://access.redhat.com/errata/RHSA-2018:3731
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3731
5
reference_url https://access.redhat.com/errata/RHSA-2019:2028
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2028
6
reference_url https://access.redhat.com/errata/RHSA-2020:0542
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0542
7
reference_url https://access.redhat.com/errata/RHSA-2020:0591
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0591
8
reference_url https://access.redhat.com/errata/RHSA-2020:0663
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0663
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000073.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000073.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000073
reference_id
reference_type
scores
0
value 0.01057
scoring_system epss
scoring_elements 0.77584
published_at 2026-04-04T12:55:00Z
1
value 0.01057
scoring_system epss
scoring_elements 0.77558
published_at 2026-04-02T12:55:00Z
2
value 0.01057
scoring_system epss
scoring_elements 0.77551
published_at 2026-04-01T12:55:00Z
3
value 0.01057
scoring_system epss
scoring_elements 0.77612
published_at 2026-04-12T12:55:00Z
4
value 0.01057
scoring_system epss
scoring_elements 0.77611
published_at 2026-04-13T12:55:00Z
5
value 0.01057
scoring_system epss
scoring_elements 0.77649
published_at 2026-04-16T12:55:00Z
6
value 0.01057
scoring_system epss
scoring_elements 0.77647
published_at 2026-04-18T12:55:00Z
7
value 0.01057
scoring_system epss
scoring_elements 0.77629
published_at 2026-04-11T12:55:00Z
8
value 0.01057
scoring_system epss
scoring_elements 0.77641
published_at 2026-04-21T12:55:00Z
9
value 0.01057
scoring_system epss
scoring_elements 0.77602
published_at 2026-04-09T12:55:00Z
10
value 0.01057
scoring_system epss
scoring_elements 0.77594
published_at 2026-04-08T12:55:00Z
11
value 0.01057
scoring_system epss
scoring_elements 0.77564
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000073
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925986
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925986
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
27
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
28
reference_url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
29
reference_url https://github.com/rubygems/rubygems
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems
30
reference_url https://github.com/rubygems/rubygems/commit/1b931fc03b819b9a0214be3eaca844ef534175e2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/1b931fc03b819b9a0214be3eaca844ef534175e2
31
reference_url https://github.com/rubygems/rubygems/commit/666ef793cad42eed96f7aee1cdf77865db921099
reference_id
reference_type
scores
url https://github.com/rubygems/rubygems/commit/666ef793cad42eed96f7aee1cdf77865db921099
32
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2018-1000073.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2018-1000073.yml
33
reference_url https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html
34
reference_url https://usn.ubuntu.com/3621-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3621-1
35
reference_url https://usn.ubuntu.com/3621-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3621-1/
36
reference_url https://www.debian.org/security/2018/dsa-4219
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4219
37
reference_url https://www.debian.org/security/2018/dsa-4259
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4259
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1547418
reference_id 1547418
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1547418
39
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000073
reference_id CVE-2018-1000073
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000073
40
reference_url https://github.com/advisories/GHSA-gx69-6cp4-hxrj
reference_id GHSA-gx69-6cp4-hxrj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gx69-6cp4-hxrj
fixed_packages
aliases CVE-2018-1000073, GHSA-gx69-6cp4-hxrj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tq93-h2ag-s3bx
12
url VCID-w4ns-f42m-pyec
vulnerability_id VCID-w4ns-f42m-pyec
summary RubyGems contains an Improper Verification of Cryptographic Signature vulnerability in `package.rb` that can result in a mis-signed gem being installed, as the tarball would contain multiple gem signatures.
references
0
reference_url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2018/02/15/2.7.6-released.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
2
reference_url https://access.redhat.com/errata/RHSA-2018:3729
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3729
3
reference_url https://access.redhat.com/errata/RHSA-2018:3730
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3730
4
reference_url https://access.redhat.com/errata/RHSA-2018:3731
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3731
5
reference_url https://access.redhat.com/errata/RHSA-2019:2028
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2028
6
reference_url https://access.redhat.com/errata/RHSA-2020:0542
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0542
7
reference_url https://access.redhat.com/errata/RHSA-2020:0591
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0591
8
reference_url https://access.redhat.com/errata/RHSA-2020:0663
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0663
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000076.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000076.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000076
reference_id
reference_type
scores
0
value 0.00929
scoring_system epss
scoring_elements 0.76108
published_at 2026-04-21T12:55:00Z
1
value 0.00929
scoring_system epss
scoring_elements 0.76019
published_at 2026-04-01T12:55:00Z
2
value 0.00929
scoring_system epss
scoring_elements 0.76022
published_at 2026-04-02T12:55:00Z
3
value 0.00929
scoring_system epss
scoring_elements 0.76055
published_at 2026-04-04T12:55:00Z
4
value 0.00929
scoring_system epss
scoring_elements 0.76034
published_at 2026-04-07T12:55:00Z
5
value 0.00929
scoring_system epss
scoring_elements 0.76068
published_at 2026-04-08T12:55:00Z
6
value 0.00929
scoring_system epss
scoring_elements 0.76082
published_at 2026-04-09T12:55:00Z
7
value 0.00929
scoring_system epss
scoring_elements 0.76107
published_at 2026-04-11T12:55:00Z
8
value 0.00929
scoring_system epss
scoring_elements 0.76083
published_at 2026-04-12T12:55:00Z
9
value 0.00929
scoring_system epss
scoring_elements 0.7608
published_at 2026-04-13T12:55:00Z
10
value 0.00929
scoring_system epss
scoring_elements 0.76121
published_at 2026-04-16T12:55:00Z
11
value 0.00929
scoring_system epss
scoring_elements 0.76125
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000076
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7
28
reference_url https://github.com/rubygems/rubygems
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems
29
reference_url https://github.com/rubygems/rubygems/commit/f5042b879259b1f1ce95a0c5082622c646376693
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/f5042b879259b1f1ce95a0c5082622c646376693
30
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00000.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00000.html
31
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00001.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00001.html
32
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html
33
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
34
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html
35
reference_url https://usn.ubuntu.com/3621-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3621-1
36
reference_url https://usn.ubuntu.com/3621-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3621-1/
37
reference_url https://www.debian.org/security/2018/dsa-4219
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4219
38
reference_url https://www.debian.org/security/2018/dsa-4259
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4259
39
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1547421
reference_id 1547421
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1547421
40
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000076
reference_id CVE-2018-1000076
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000076
41
reference_url https://github.com/advisories/GHSA-mc6j-h948-v2p6
reference_id GHSA-mc6j-h948-v2p6
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mc6j-h948-v2p6
fixed_packages
aliases CVE-2018-1000076, GHSA-mc6j-h948-v2p6
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w4ns-f42m-pyec
13
url VCID-y29u-wpkt-rkgp
vulnerability_id VCID-y29u-wpkt-rkgp
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8779.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8779.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8779
reference_id
reference_type
scores
0
value 0.01284
scoring_system epss
scoring_elements 0.79555
published_at 2026-04-01T12:55:00Z
1
value 0.01284
scoring_system epss
scoring_elements 0.79637
published_at 2026-04-21T12:55:00Z
2
value 0.01284
scoring_system epss
scoring_elements 0.79604
published_at 2026-04-13T12:55:00Z
3
value 0.01284
scoring_system epss
scoring_elements 0.79634
published_at 2026-04-18T12:55:00Z
4
value 0.01284
scoring_system epss
scoring_elements 0.79561
published_at 2026-04-02T12:55:00Z
5
value 0.01284
scoring_system epss
scoring_elements 0.79584
published_at 2026-04-04T12:55:00Z
6
value 0.01284
scoring_system epss
scoring_elements 0.79571
published_at 2026-04-07T12:55:00Z
7
value 0.01284
scoring_system epss
scoring_elements 0.79599
published_at 2026-04-08T12:55:00Z
8
value 0.01284
scoring_system epss
scoring_elements 0.79607
published_at 2026-04-09T12:55:00Z
9
value 0.01284
scoring_system epss
scoring_elements 0.79628
published_at 2026-04-11T12:55:00Z
10
value 0.01284
scoring_system epss
scoring_elements 0.79612
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8779
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
17
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
18
reference_url https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-unixsocket-cve-2018-8779/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-unixsocket-cve-2018-8779/
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1561948
reference_id 1561948
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1561948
20
reference_url https://usn.ubuntu.com/3626-1/
reference_id USN-3626-1
reference_type
scores
url https://usn.ubuntu.com/3626-1/
fixed_packages
aliases CVE-2018-8779
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y29u-wpkt-rkgp
14
url VCID-zwxw-299r-wfgx
vulnerability_id VCID-zwxw-299r-wfgx
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8778.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8778.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8778
reference_id
reference_type
scores
0
value 0.00537
scoring_system epss
scoring_elements 0.67534
published_at 2026-04-21T12:55:00Z
1
value 0.00537
scoring_system epss
scoring_elements 0.67507
published_at 2026-04-13T12:55:00Z
2
value 0.00537
scoring_system epss
scoring_elements 0.67543
published_at 2026-04-16T12:55:00Z
3
value 0.00537
scoring_system epss
scoring_elements 0.67555
published_at 2026-04-18T12:55:00Z
4
value 0.00537
scoring_system epss
scoring_elements 0.67429
published_at 2026-04-01T12:55:00Z
5
value 0.00537
scoring_system epss
scoring_elements 0.67465
published_at 2026-04-07T12:55:00Z
6
value 0.00537
scoring_system epss
scoring_elements 0.67486
published_at 2026-04-04T12:55:00Z
7
value 0.00537
scoring_system epss
scoring_elements 0.67516
published_at 2026-04-08T12:55:00Z
8
value 0.00537
scoring_system epss
scoring_elements 0.67531
published_at 2026-04-09T12:55:00Z
9
value 0.00537
scoring_system epss
scoring_elements 0.67553
published_at 2026-04-11T12:55:00Z
10
value 0.00537
scoring_system epss
scoring_elements 0.6754
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8778
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
17
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-8778
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-8778
19
reference_url https://www.ruby-lang.org/en/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1561953
reference_id 1561953
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1561953
21
reference_url https://access.redhat.com/errata/RHSA-2020:1963
reference_id RHSA-2020:1963
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1963
22
reference_url https://access.redhat.com/errata/RHSA-2020:2212
reference_id RHSA-2020:2212
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2212
23
reference_url https://access.redhat.com/errata/RHSA-2020:2288
reference_id RHSA-2020:2288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2288
24
reference_url https://usn.ubuntu.com/3626-1/
reference_id USN-3626-1
reference_type
scores
url https://usn.ubuntu.com/3626-1/
fixed_packages
aliases CVE-2018-8778, GHSA-wvhq-ch4h-8pwr
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwxw-299r-wfgx
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-ruby23-ruby@2.3.8-69%3Farch=el6