Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-postgresql95-postgresql-pglogical@2.1.0-4?arch=el7cf
Typerpm
Namespaceredhat
Namerh-postgresql95-postgresql-pglogical
Version2.1.0-4
Qualifiers
arch el7cf
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-5dmr-8tvd-8uen
vulnerability_id VCID-5dmr-8tvd-8uen
summary 
Cross-site Scripting
Sinatra has XSS via the Bad Request page that occurs upon a params parser exception.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:0212
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0212
1
reference_url https://access.redhat.com/errata/RHSA-2019:0315
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0315
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11627.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11627.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11627
reference_id
reference_type
scores
0
value 0.00398
scoring_system epss
scoring_elements 0.60588
published_at 2026-04-13T12:55:00Z
1
value 0.00398
scoring_system epss
scoring_elements 0.6061
published_at 2026-04-12T12:55:00Z
2
value 0.00398
scoring_system epss
scoring_elements 0.60624
published_at 2026-04-11T12:55:00Z
3
value 0.00398
scoring_system epss
scoring_elements 0.60601
published_at 2026-04-09T12:55:00Z
4
value 0.00398
scoring_system epss
scoring_elements 0.60584
published_at 2026-04-08T12:55:00Z
5
value 0.00398
scoring_system epss
scoring_elements 0.60536
published_at 2026-04-07T12:55:00Z
6
value 0.00398
scoring_system epss
scoring_elements 0.60566
published_at 2026-04-04T12:55:00Z
7
value 0.00398
scoring_system epss
scoring_elements 0.60465
published_at 2026-04-01T12:55:00Z
8
value 0.00398
scoring_system epss
scoring_elements 0.6054
published_at 2026-04-02T12:55:00Z
9
value 0.00398
scoring_system epss
scoring_elements 0.60607
published_at 2026-04-24T12:55:00Z
10
value 0.00398
scoring_system epss
scoring_elements 0.60622
published_at 2026-04-21T12:55:00Z
11
value 0.00398
scoring_system epss
scoring_elements 0.60635
published_at 2026-04-18T12:55:00Z
12
value 0.00398
scoring_system epss
scoring_elements 0.60629
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11627
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sinatra/CVE-2018-11627.yml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sinatra/CVE-2018-11627.yml
6
reference_url https://github.com/sinatra/sinatra
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sinatra/sinatra
7
reference_url https://github.com/sinatra/sinatra/commit/12786867d6faaceaec62c7c2cb5b0e2dc074d71a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sinatra/sinatra/commit/12786867d6faaceaec62c7c2cb5b0e2dc074d71a
8
reference_url https://github.com/sinatra/sinatra/issues/1428
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sinatra/sinatra/issues/1428
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1585218
reference_id 1585218
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1585218
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sinatrarb:sinatra:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sinatrarb:sinatra:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sinatrarb:sinatra:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-11627
reference_id CVE-2018-11627
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-11627
14
reference_url https://github.com/advisories/GHSA-mq35-wqvf-r23c
reference_id GHSA-mq35-wqvf-r23c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mq35-wqvf-r23c
fixed_packages
aliases CVE-2018-11627, GHSA-mq35-wqvf-r23c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5dmr-8tvd-8uen
1
url VCID-q4bk-1qay-ffbh
vulnerability_id VCID-q4bk-1qay-ffbh
summary cfme: Improper access control in dRuby allows local users to execute arbitrary commands as root
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2561
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2561
1
reference_url https://access.redhat.com/errata/RHSA-2018:2745
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2745
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10905.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10905.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10905
reference_id
reference_type
scores
0
value 0.00286
scoring_system epss
scoring_elements 0.51961
published_at 2026-04-01T12:55:00Z
1
value 0.00286
scoring_system epss
scoring_elements 0.52044
published_at 2026-04-24T12:55:00Z
2
value 0.00286
scoring_system epss
scoring_elements 0.52114
published_at 2026-04-18T12:55:00Z
3
value 0.00286
scoring_system epss
scoring_elements 0.52096
published_at 2026-04-21T12:55:00Z
4
value 0.00286
scoring_system epss
scoring_elements 0.52009
published_at 2026-04-02T12:55:00Z
5
value 0.00286
scoring_system epss
scoring_elements 0.52035
published_at 2026-04-04T12:55:00Z
6
value 0.00286
scoring_system epss
scoring_elements 0.52001
published_at 2026-04-07T12:55:00Z
7
value 0.00286
scoring_system epss
scoring_elements 0.52056
published_at 2026-04-08T12:55:00Z
8
value 0.00286
scoring_system epss
scoring_elements 0.52052
published_at 2026-04-09T12:55:00Z
9
value 0.00286
scoring_system epss
scoring_elements 0.52104
published_at 2026-04-11T12:55:00Z
10
value 0.00286
scoring_system epss
scoring_elements 0.52087
published_at 2026-04-12T12:55:00Z
11
value 0.00286
scoring_system epss
scoring_elements 0.5207
published_at 2026-04-13T12:55:00Z
12
value 0.00286
scoring_system epss
scoring_elements 0.5211
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10905
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10905
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10905
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1602190
reference_id 1602190
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1602190
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms:4.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.5:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms_management_engine:5.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.8:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms_management_engine:5.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.9:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10905
reference_id CVE-2018-10905
reference_type
scores
0
value 7.2
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:C/I:C/A:C
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-10905
fixed_packages
aliases CVE-2018-10905
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q4bk-1qay-ffbh
2
url VCID-s6cp-dk5r-v3aw
vulnerability_id VCID-s6cp-dk5r-v3aw
summary 
Information Exposure
The package sprockets may leak confidential information. Specially crafted requests can be used to access files that exist on the filesystem that are outside an application's root directory when the server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2244
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2244
1
reference_url https://access.redhat.com/errata/RHSA-2018:2245
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2245
2
reference_url https://access.redhat.com/errata/RHSA-2018:2561
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2561
3
reference_url https://access.redhat.com/errata/RHSA-2018:2745
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2745
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3760.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3760.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-3760
reference_id
reference_type
scores
0
value 0.93829
scoring_system epss
scoring_elements 0.99863
published_at 2026-04-21T12:55:00Z
1
value 0.93829
scoring_system epss
scoring_elements 0.99864
published_at 2026-04-24T12:55:00Z
2
value 0.93829
scoring_system epss
scoring_elements 0.99861
published_at 2026-04-11T12:55:00Z
3
value 0.93829
scoring_system epss
scoring_elements 0.99862
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-3760
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3760
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3760
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/rails/sprockets
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/sprockets
9
reference_url https://github.com/rails/sprockets/commit/18b8a7f07a50c245e9aee7854ecdbe606bbd8bb5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/sprockets/commit/18b8a7f07a50c245e9aee7854ecdbe606bbd8bb5
10
reference_url https://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441
11
reference_url https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5f
12
reference_url https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5fhttps://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441https://github.com/rails/sprockets/commit/18b8a7f07a50c245e9aee7854ecdbe606bbd8bb5
reference_id
reference_type
scores
url https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5fhttps://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441https://github.com/rails/sprockets/commit/18b8a7f07a50c245e9aee7854ecdbe606bbd8bb5
13
reference_url https://groups.google.com/d/msg/rubyonrails-security/ft_J--l55fM/7roDfQ50BwAJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/d/msg/rubyonrails-security/ft_J--l55fM/7roDfQ50BwAJ
14
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/2S9Pwz2i16k
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://groups.google.com/forum/#!topic/ruby-security-ann/2S9Pwz2i16k
15
reference_url https://groups.google.com/g/ruby-security-ann/c/2S9Pwz2i16k
reference_id
reference_type
scores
url https://groups.google.com/g/ruby-security-ann/c/2S9Pwz2i16k
16
reference_url https://www.debian.org/security/2018/dsa-4242
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4242
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1593058
reference_id 1593058
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1593058
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901913
reference_id 901913
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901913
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms:4.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.5:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta1:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta2:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta3:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta4:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta5:*:*:*:*:*:*
reference_id cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta5:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta6:*:*:*:*:*:*
reference_id cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta6:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta7:*:*:*:*:*:*
reference_id cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:4.0.0:beta7:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-3760
reference_id CVE-2018-3760
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-3760
38
reference_url https://github.com/advisories/GHSA-pr3h-jjhj-573x
reference_id GHSA-pr3h-jjhj-573x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pr3h-jjhj-573x
fixed_packages
aliases CVE-2018-3760, GHSA-pr3h-jjhj-573x
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s6cp-dk5r-v3aw
3
url VCID-sqa5-8yrd-qyfz
vulnerability_id VCID-sqa5-8yrd-qyfz
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In the Loofah gem for Ruby, denylisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8048.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8048.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8048
reference_id
reference_type
scores
0
value 0.00689
scoring_system epss
scoring_elements 0.71833
published_at 2026-04-24T12:55:00Z
1
value 0.00689
scoring_system epss
scoring_elements 0.71755
published_at 2026-04-08T12:55:00Z
2
value 0.00689
scoring_system epss
scoring_elements 0.71786
published_at 2026-04-21T12:55:00Z
3
value 0.00689
scoring_system epss
scoring_elements 0.71804
published_at 2026-04-18T12:55:00Z
4
value 0.00689
scoring_system epss
scoring_elements 0.71799
published_at 2026-04-16T12:55:00Z
5
value 0.00689
scoring_system epss
scoring_elements 0.71756
published_at 2026-04-13T12:55:00Z
6
value 0.00689
scoring_system epss
scoring_elements 0.71774
published_at 2026-04-12T12:55:00Z
7
value 0.00689
scoring_system epss
scoring_elements 0.7179
published_at 2026-04-11T12:55:00Z
8
value 0.00689
scoring_system epss
scoring_elements 0.71721
published_at 2026-04-01T12:55:00Z
9
value 0.00689
scoring_system epss
scoring_elements 0.71728
published_at 2026-04-02T12:55:00Z
10
value 0.00689
scoring_system epss
scoring_elements 0.71747
published_at 2026-04-04T12:55:00Z
11
value 0.00689
scoring_system epss
scoring_elements 0.71716
published_at 2026-04-07T12:55:00Z
12
value 0.00689
scoring_system epss
scoring_elements 0.71766
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8048
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8048
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-x7rv-cr6v-4vm4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-x7rv-cr6v-4vm4
5
reference_url https://github.com/flavorjones/loofah
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/flavorjones/loofah
6
reference_url https://github.com/flavorjones/loofah/commit/f739cf8eac5851f328b8044281d6653f74eff116
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/flavorjones/loofah/commit/f739cf8eac5851f328b8044281d6653f74eff116
7
reference_url https://github.com/flavorjones/loofah/issues/144
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/flavorjones/loofah/issues/144
8
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/loofah/CVE-2018-8048.yml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/loofah/CVE-2018-8048.yml
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-8048.yml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-8048.yml
10
reference_url https://github.com/sparklemotion/nokogiri/pull/1746
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/pull/1746
11
reference_url https://security.netapp.com/advisory/ntap-20191122-0003
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20191122-0003
12
reference_url https://security.netapp.com/advisory/ntap-20191122-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20191122-0003/
13
reference_url https://www.debian.org/security/2018/dsa-4171
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4171
14
reference_url http://www.openwall.com/lists/oss-security/2018/03/19/5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2018/03/19/5
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1559071
reference_id 1559071
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1559071
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893596
reference_id 893596
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893596
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-8048
reference_id CVE-2018-8048
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-8048
fixed_packages
aliases CVE-2018-8048, GHSA-x7rv-cr6v-4vm4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sqa5-8yrd-qyfz
4
url VCID-xby9-avva-a3e5
vulnerability_id VCID-xby9-avva-a3e5
summary 
XSS vulnerability
The gem allows attributes that are not specified in the allowlist to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications. This issue is similar to CVE-2018-8048 in Loofah.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3741.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3741.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-3741
reference_id
reference_type
scores
0
value 0.00129
scoring_system epss
scoring_elements 0.32093
published_at 2026-04-24T12:55:00Z
1
value 0.00129
scoring_system epss
scoring_elements 0.32271
published_at 2026-04-07T12:55:00Z
2
value 0.00129
scoring_system epss
scoring_elements 0.3232
published_at 2026-04-08T12:55:00Z
3
value 0.00129
scoring_system epss
scoring_elements 0.32349
published_at 2026-04-09T12:55:00Z
4
value 0.00129
scoring_system epss
scoring_elements 0.3235
published_at 2026-04-11T12:55:00Z
5
value 0.00129
scoring_system epss
scoring_elements 0.32312
published_at 2026-04-12T12:55:00Z
6
value 0.00129
scoring_system epss
scoring_elements 0.32284
published_at 2026-04-13T12:55:00Z
7
value 0.00129
scoring_system epss
scoring_elements 0.32321
published_at 2026-04-16T12:55:00Z
8
value 0.00129
scoring_system epss
scoring_elements 0.32297
published_at 2026-04-18T12:55:00Z
9
value 0.00129
scoring_system epss
scoring_elements 0.32268
published_at 2026-04-21T12:55:00Z
10
value 0.00129
scoring_system epss
scoring_elements 0.32257
published_at 2026-04-01T12:55:00Z
11
value 0.00129
scoring_system epss
scoring_elements 0.32408
published_at 2026-04-02T12:55:00Z
12
value 0.00129
scoring_system epss
scoring_elements 0.32444
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-3741
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3741
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rails/rails-html-sanitizer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails-html-sanitizer
5
reference_url https://github.com/rails/rails-html-sanitizer/commit/f3ba1a839a35f2ba7f941c15e239a1cb379d56ae
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails-html-sanitizer/commit/f3ba1a839a35f2ba7f941c15e239a1cb379d56ae
6
reference_url https://groups.google.com/d/msg/rubyonrails-security/tP7W3kLc5u4/uDy2Br7xBgAJ
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
url https://groups.google.com/d/msg/rubyonrails-security/tP7W3kLc5u4/uDy2Br7xBgAJ
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-3741
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-3741
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1568842
reference_id 1568842
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1568842
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893994
reference_id 893994
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893994
10
reference_url https://github.com/advisories/GHSA-px3r-jm9g-c8w8
reference_id GHSA-px3r-jm9g-c8w8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-px3r-jm9g-c8w8
fixed_packages
aliases CVE-2018-3741, GHSA-px3r-jm9g-c8w8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xby9-avva-a3e5
5
url VCID-zrsc-vqxk-vkgx
vulnerability_id VCID-zrsc-vqxk-vkgx
summary 
Nokogiri is vulnerable to XML External Entity (XXE) attack
Nokogiri before 1.5.4 is vulnerable to XXE attacks.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6685.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6685.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6685
reference_id
reference_type
scores
0
value 0.00323
scoring_system epss
scoring_elements 0.55232
published_at 2026-04-01T12:55:00Z
1
value 0.00323
scoring_system epss
scoring_elements 0.55314
published_at 2026-04-24T12:55:00Z
2
value 0.00323
scoring_system epss
scoring_elements 0.55393
published_at 2026-04-16T12:55:00Z
3
value 0.00323
scoring_system epss
scoring_elements 0.55357
published_at 2026-04-13T12:55:00Z
4
value 0.00323
scoring_system epss
scoring_elements 0.55376
published_at 2026-04-21T12:55:00Z
5
value 0.00323
scoring_system epss
scoring_elements 0.55355
published_at 2026-04-04T12:55:00Z
6
value 0.00323
scoring_system epss
scoring_elements 0.5533
published_at 2026-04-02T12:55:00Z
7
value 0.00323
scoring_system epss
scoring_elements 0.55397
published_at 2026-04-18T12:55:00Z
8
value 0.00323
scoring_system epss
scoring_elements 0.55387
published_at 2026-04-09T12:55:00Z
9
value 0.00323
scoring_system epss
scoring_elements 0.55336
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6685
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1178970
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1178970
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6685
4
reference_url https://github.com/sparklemotion/nokogiri
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri
5
reference_url https://github.com/sparklemotion/nokogiri/commit/599856367150709497a3a03bee930bd76504d95d
reference_id
reference_type
scores
url https://github.com/sparklemotion/nokogiri/commit/599856367150709497a3a03bee930bd76504d95d
6
reference_url https://github.com/sparklemotion/nokogiri/issues/693
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/693
7
reference_url https://nokogiri.org/CHANGELOG.html#154-2012-06-12
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nokogiri.org/CHANGELOG.html#154-2012-06-12
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-6685
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-6685
9
reference_url https://github.com/advisories/GHSA-6wj9-77wq-jq7p
reference_id GHSA-6wj9-77wq-jq7p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6wj9-77wq-jq7p
fixed_packages
aliases CVE-2012-6685, GHSA-6wj9-77wq-jq7p, OSV-90946
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zrsc-vqxk-vkgx
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-postgresql95-postgresql-pglogical@2.1.0-4%3Farch=el7cf