Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-ruby23-ruby@2.3.6-67?arch=el7
Typerpm
Namespaceredhat
Namerh-ruby23-ruby
Version2.3.6-67
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-91b7-xx8t-rqhr
vulnerability_id VCID-91b7-xx8t-rqhr
summary 
Improper Authentication
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:3485
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3485
1
reference_url https://access.redhat.com/errata/RHSA-2018:0378
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0378
2
reference_url https://access.redhat.com/errata/RHSA-2018:0583
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0583
3
reference_url https://access.redhat.com/errata/RHSA-2018:0585
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0585
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10784.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10784.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-10784
reference_id
reference_type
scores
0
value 0.01385
scoring_system epss
scoring_elements 0.8032
published_at 2026-04-09T12:55:00Z
1
value 0.01385
scoring_system epss
scoring_elements 0.80309
published_at 2026-04-08T12:55:00Z
2
value 0.01385
scoring_system epss
scoring_elements 0.80265
published_at 2026-04-01T12:55:00Z
3
value 0.01385
scoring_system epss
scoring_elements 0.80338
published_at 2026-04-11T12:55:00Z
4
value 0.01385
scoring_system epss
scoring_elements 0.80281
published_at 2026-04-07T12:55:00Z
5
value 0.01385
scoring_system epss
scoring_elements 0.80293
published_at 2026-04-04T12:55:00Z
6
value 0.01385
scoring_system epss
scoring_elements 0.80272
published_at 2026-04-02T12:55:00Z
7
value 0.014
scoring_system epss
scoring_elements 0.80425
published_at 2026-04-12T12:55:00Z
8
value 0.014
scoring_system epss
scoring_elements 0.80419
published_at 2026-04-13T12:55:00Z
9
value 0.014
scoring_system epss
scoring_elements 0.80448
published_at 2026-04-16T12:55:00Z
10
value 0.016
scoring_system epss
scoring_elements 0.81733
published_at 2026-04-21T12:55:00Z
11
value 0.016
scoring_system epss
scoring_elements 0.8173
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-10784
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0903
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:P
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/ruby/ruby/commit/6617c41292
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/ruby/commit/6617c41292
12
reference_url https://github.com/ruby/webrick
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/webrick
13
reference_url https://github.com/ruby/webrick/commit/4ac0f3843ab82d1c31e1cfc719409208adef7813
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/webrick/commit/4ac0f3843ab82d1c31e1cfc719409208adef7813
14
reference_url https://hackerone.com/reports/223363
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/223363
15
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
16
reference_url https://security.gentoo.org/glsa/201710-18
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201710-18
17
reference_url https://usn.ubuntu.com/3528-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3528-1
18
reference_url https://usn.ubuntu.com/3528-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3528-1/
19
reference_url https://usn.ubuntu.com/3685-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3685-1
20
reference_url https://usn.ubuntu.com/3685-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3685-1/
21
reference_url https://web.archive.org/web/20210621131814/http://www.securityfocus.com/bid/100853
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210621131814/http://www.securityfocus.com/bid/100853
22
reference_url https://web.archive.org/web/20210919031115/http://www.securitytracker.com/id/1042004
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210919031115/http://www.securitytracker.com/id/1042004
23
reference_url https://web.archive.org/web/20211025092552/http://www.securitytracker.com/id/1039363
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211025092552/http://www.securitytracker.com/id/1039363
24
reference_url https://www.debian.org/security/2017/dsa-4031
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-4031
25
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released
26
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released/
27
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released
28
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released/
29
reference_url https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784
30
reference_url https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/
31
reference_url http://www.securityfocus.com/bid/100853
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100853
32
reference_url http://www.securitytracker.com/id/1039363
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039363
33
reference_url http://www.securitytracker.com/id/1042004
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1042004
34
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1492012
reference_id 1492012
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1492012
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview2:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview3:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:rc1:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-10784
reference_id CVE-2017-10784
reference_type
scores
0
value 9.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:C/I:C/A:C
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-10784
50
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2017-10784.yml
reference_id CVE-2017-10784.YML
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2017-10784.yml
51
reference_url https://github.com/advisories/GHSA-369m-2gv6-mw28
reference_id GHSA-369m-2gv6-mw28
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-369m-2gv6-mw28
52
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
53
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
54
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
55
reference_url https://usn.ubuntu.com/3439-1/
reference_id USN-3439-1
reference_type
scores
url https://usn.ubuntu.com/3439-1/
fixed_packages
aliases CVE-2017-10784, GHSA-369m-2gv6-mw28
risk_score 4.2
exploitability 0.5
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-91b7-xx8t-rqhr
1
url VCID-b36p-re17-n7dq
vulnerability_id VCID-b36p-re17-n7dq
summary 
Improper Input Validation
RubyGems is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a `query` command.
references
0
reference_url http://blog.rubygems.org/2017/08/27/2.6.13-released.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2017/08/27/2.6.13-released.html
1
reference_url https://access.redhat.com/errata/RHSA-2017:3485
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3485
2
reference_url https://access.redhat.com/errata/RHSA-2018:0378
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0378
3
reference_url https://access.redhat.com/errata/RHSA-2018:0583
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0583
4
reference_url https://access.redhat.com/errata/RHSA-2018:0585
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0585
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0900.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0900.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-0900
reference_id
reference_type
scores
0
value 0.11232
scoring_system epss
scoring_elements 0.93539
published_at 2026-04-21T12:55:00Z
1
value 0.11232
scoring_system epss
scoring_elements 0.93476
published_at 2026-04-01T12:55:00Z
2
value 0.11232
scoring_system epss
scoring_elements 0.93484
published_at 2026-04-02T12:55:00Z
3
value 0.11232
scoring_system epss
scoring_elements 0.93491
published_at 2026-04-07T12:55:00Z
4
value 0.11232
scoring_system epss
scoring_elements 0.93499
published_at 2026-04-08T12:55:00Z
5
value 0.11232
scoring_system epss
scoring_elements 0.93502
published_at 2026-04-09T12:55:00Z
6
value 0.11232
scoring_system epss
scoring_elements 0.93507
published_at 2026-04-12T12:55:00Z
7
value 0.11232
scoring_system epss
scoring_elements 0.93508
published_at 2026-04-13T12:55:00Z
8
value 0.11232
scoring_system epss
scoring_elements 0.93527
published_at 2026-04-16T12:55:00Z
9
value 0.11232
scoring_system epss
scoring_elements 0.93533
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-0900
7
reference_url https://blog.rubygems.org/2017/08/27/2.6.13-released.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://blog.rubygems.org/2017/08/27/2.6.13-released.html
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://github.com/rubygems/rubygems
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems
17
reference_url https://github.com/rubygems/rubygems/commit/8a38a4fc24c6591e6c8f43d1fadab6efeb4d6251
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/8a38a4fc24c6591e6c8f43d1fadab6efeb4d6251
18
reference_url https://hackerone.com/reports/243003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/243003
19
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
20
reference_url https://web.archive.org/web/20190212090616/http://www.securitytracker.com/id/1039249
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20190212090616/http://www.securitytracker.com/id/1039249
21
reference_url https://web.archive.org/web/20200227143907/http://www.securityfocus.com/bid/100579
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227143907/http://www.securityfocus.com/bid/100579
22
reference_url https://www.debian.org/security/2017/dsa-3966
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-3966
23
reference_url http://www.securityfocus.com/bid/100579
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100579
24
reference_url http://www.securitytracker.com/id/1039249
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039249
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1487588
reference_id 1487588
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1487588
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-0900
reference_id CVE-2017-0900
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-0900
27
reference_url https://github.com/advisories/GHSA-p7f2-rr42-m9xm
reference_id GHSA-p7f2-rr42-m9xm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p7f2-rr42-m9xm
28
reference_url https://security.gentoo.org/glsa/201710-01
reference_id GLSA-201710-01
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201710-01
29
reference_url https://usn.ubuntu.com/3439-1/
reference_id USN-3439-1
reference_type
scores
url https://usn.ubuntu.com/3439-1/
fixed_packages
aliases CVE-2017-0900, GHSA-p7f2-rr42-m9xm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b36p-re17-n7dq
2
url VCID-beub-d11r-nbe4
vulnerability_id VCID-beub-d11r-nbe4
summary security update
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0378
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0378
1
reference_url https://access.redhat.com/errata/RHSA-2018:0583
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0583
2
reference_url https://access.redhat.com/errata/RHSA-2018:0585
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0585
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17790.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17790.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17790
reference_id
reference_type
scores
0
value 0.04656
scoring_system epss
scoring_elements 0.89267
published_at 2026-04-01T12:55:00Z
1
value 0.04656
scoring_system epss
scoring_elements 0.89321
published_at 2026-04-21T12:55:00Z
2
value 0.04656
scoring_system epss
scoring_elements 0.8932
published_at 2026-04-11T12:55:00Z
3
value 0.04656
scoring_system epss
scoring_elements 0.89317
published_at 2026-04-12T12:55:00Z
4
value 0.04656
scoring_system epss
scoring_elements 0.89314
published_at 2026-04-13T12:55:00Z
5
value 0.04656
scoring_system epss
scoring_elements 0.89327
published_at 2026-04-16T12:55:00Z
6
value 0.04656
scoring_system epss
scoring_elements 0.89326
published_at 2026-04-18T12:55:00Z
7
value 0.04656
scoring_system epss
scoring_elements 0.89273
published_at 2026-04-02T12:55:00Z
8
value 0.04656
scoring_system epss
scoring_elements 0.89286
published_at 2026-04-04T12:55:00Z
9
value 0.04656
scoring_system epss
scoring_elements 0.89289
published_at 2026-04-07T12:55:00Z
10
value 0.04656
scoring_system epss
scoring_elements 0.89306
published_at 2026-04-08T12:55:00Z
11
value 0.04656
scoring_system epss
scoring_elements 0.89311
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17790
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
20
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:P/I:P/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
21
reference_url https://github.com/ruby/ruby/pull/1777
reference_id
reference_type
scores
url https://github.com/ruby/ruby/pull/1777
22
reference_url https://lists.debian.org/debian-lts-announce/2017/12/msg00024.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2017/12/msg00024.html
23
reference_url https://lists.debian.org/debian-lts-announce/2017/12/msg00025.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2017/12/msg00025.html
24
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-17790
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-17790
26
reference_url https://www.debian.org/security/2018/dsa-4259
reference_id
reference_type
scores
url https://www.debian.org/security/2018/dsa-4259
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1528218
reference_id 1528218
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1528218
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.5.0:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.5.0:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.5.0:preview1:*:*:*:*:*:*
30
reference_url https://access.redhat.com/errata/RHSA-2018:0584
reference_id RHSA-2018:0584
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0584
fixed_packages
aliases CVE-2017-17790, GHSA-47cm-jxff-w8wg
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-beub-d11r-nbe4
3
url VCID-cde2-rv4n-tkau
vulnerability_id VCID-cde2-rv4n-tkau
summary 
Deserialization of Untrusted Data
rubygems-update is vulnerable to a remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.
references
0
reference_url http://blog.rubygems.org/2017/10/09/2.6.14-released.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2017/10/09/2.6.14-released.html
1
reference_url http://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html
2
reference_url https://access.redhat.com/errata/RHSA-2017:3485
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3485
3
reference_url https://access.redhat.com/errata/RHSA-2018:0378
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0378
4
reference_url https://access.redhat.com/errata/RHSA-2018:0583
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0583
5
reference_url https://access.redhat.com/errata/RHSA-2018:0585
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0585
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0903.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0903.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-0903
reference_id
reference_type
scores
0
value 0.04623
scoring_system epss
scoring_elements 0.89264
published_at 2026-04-08T12:55:00Z
1
value 0.04623
scoring_system epss
scoring_elements 0.89268
published_at 2026-04-09T12:55:00Z
2
value 0.04623
scoring_system epss
scoring_elements 0.89277
published_at 2026-04-11T12:55:00Z
3
value 0.04623
scoring_system epss
scoring_elements 0.89246
published_at 2026-04-07T12:55:00Z
4
value 0.04623
scoring_system epss
scoring_elements 0.89243
published_at 2026-04-04T12:55:00Z
5
value 0.04623
scoring_system epss
scoring_elements 0.89229
published_at 2026-04-02T12:55:00Z
6
value 0.04623
scoring_system epss
scoring_elements 0.89223
published_at 2026-04-01T12:55:00Z
7
value 0.05545
scoring_system epss
scoring_elements 0.90285
published_at 2026-04-18T12:55:00Z
8
value 0.05545
scoring_system epss
scoring_elements 0.90281
published_at 2026-04-21T12:55:00Z
9
value 0.05545
scoring_system epss
scoring_elements 0.90268
published_at 2026-04-13T12:55:00Z
10
value 0.05545
scoring_system epss
scoring_elements 0.90274
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-0903
8
reference_url https://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
url https://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0903
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
13
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
14
reference_url https://github.com/rubygems/rubygems
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems
15
reference_url https://github.com/rubygems/rubygems/commit/510b1638ac9bba3ceb7a5d73135dafff9e5bab49
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/510b1638ac9bba3ceb7a5d73135dafff9e5bab49
16
reference_url https://hackerone.com/reports/274990
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/274990
17
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
18
reference_url https://usn.ubuntu.com/3553-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3553-1
19
reference_url https://usn.ubuntu.com/3553-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3553-1/
20
reference_url https://usn.ubuntu.com/3685-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3685-1
21
reference_url https://usn.ubuntu.com/3685-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3685-1/
22
reference_url https://web.archive.org/web/20200227143351/http://www.securityfocus.com/bid/101275
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227143351/http://www.securityfocus.com/bid/101275
23
reference_url https://www.debian.org/security/2017/dsa-4031
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-4031
24
reference_url http://www.securityfocus.com/bid/101275
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/101275
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1500488
reference_id 1500488
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1500488
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.0:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:preview2:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:preview2.1:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.0:preview2.1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:preview2.1:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:preview2.2:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.0:preview2.2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:preview2.2:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:rc1:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.0:rc2:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.10:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.11:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.12:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.13:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.14:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.15:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.16:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.17:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.2:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.3:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.4:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.5:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.6:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.7:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.8:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.0.9:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.0:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.0.rc.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.0.rc.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.0.rc.1:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.0.rc.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.0.rc.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.0.rc.2:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.1:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.10:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.11:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.2:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.3:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.4:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.5:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.6:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.7:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.8:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.1.9:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.0:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.0.preiew.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.2.0.preiew.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.0.preiew.1:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.0.rc.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.2.0.rc.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.0.rc.1:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.1:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.2:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.3:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.4:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.2.5:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.3.0:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.0:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.1:*:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.2:*:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.3:*:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.4:*:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.4.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.5:*:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.6:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.7:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.4.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.4.8:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.5.0:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.5.1:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.5.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.5.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.5.2:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.0:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.1:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.10:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.11:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.12:*:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.13:*:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.2:*:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.3:*:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.4:*:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.5:*:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.6:*:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.7:*:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.8:*:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rubygems:rubygems:2.6.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rubygems:rubygems:2.6.9:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
99
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
100
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
101
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
102
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
103
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
104
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
105
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
106
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
107
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
108
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
109
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
110
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
111
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
112
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
113
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-0903
reference_id CVE-2017-0903
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-0903
114
reference_url https://github.com/advisories/GHSA-mqwr-4qf2-2hcv
reference_id GHSA-mqwr-4qf2-2hcv
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mqwr-4qf2-2hcv
115
reference_url https://usn.ubuntu.com/3685-2/
reference_id USN-3685-2
reference_type
scores
url https://usn.ubuntu.com/3685-2/
fixed_packages
aliases CVE-2017-0903, GHSA-mqwr-4qf2-2hcv
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cde2-rv4n-tkau
4
url VCID-fapg-pt6b-rfb2
vulnerability_id VCID-fapg-pt6b-rfb2
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows attackers to cause a denial of service (interpreter crash) via a crafted string.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0378
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0378
1
reference_url https://access.redhat.com/errata/RHSA-2018:0583
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0583
2
reference_url https://access.redhat.com/errata/RHSA-2018:0585
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0585
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14033.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14033.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14033
reference_id
reference_type
scores
0
value 0.07822
scoring_system epss
scoring_elements 0.91946
published_at 2026-04-01T12:55:00Z
1
value 0.07822
scoring_system epss
scoring_elements 0.91983
published_at 2026-04-13T12:55:00Z
2
value 0.07822
scoring_system epss
scoring_elements 0.92002
published_at 2026-04-16T12:55:00Z
3
value 0.07822
scoring_system epss
scoring_elements 0.91981
published_at 2026-04-08T12:55:00Z
4
value 0.07822
scoring_system epss
scoring_elements 0.91968
published_at 2026-04-07T12:55:00Z
5
value 0.07822
scoring_system epss
scoring_elements 0.91962
published_at 2026-04-04T12:55:00Z
6
value 0.07822
scoring_system epss
scoring_elements 0.91954
published_at 2026-04-02T12:55:00Z
7
value 0.07822
scoring_system epss
scoring_elements 0.91986
published_at 2026-04-12T12:55:00Z
8
value 0.07822
scoring_system epss
scoring_elements 0.91987
published_at 2026-04-11T12:55:00Z
9
value 0.07822
scoring_system epss
scoring_elements 0.91984
published_at 2026-04-09T12:55:00Z
10
value 0.0818
scoring_system epss
scoring_elements 0.92204
published_at 2026-04-18T12:55:00Z
11
value 0.0818
scoring_system epss
scoring_elements 0.92207
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14033
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0903
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/ruby/openssl
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/openssl
11
reference_url https://github.com/ruby/openssl/commit/36bf7f403ebb6cefcaa1e7af9d8ec99e6b4bc1ed
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/openssl/commit/36bf7f403ebb6cefcaa1e7af9d8ec99e6b4bc1ed
12
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
13
reference_url https://security.gentoo.org/glsa/201710-18
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201710-18
14
reference_url https://web.archive.org/web/20210509153849/http://www.securityfocus.com/bid/100868
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210509153849/http://www.securityfocus.com/bid/100868
15
reference_url https://web.archive.org/web/20210622181826/http://www.securitytracker.com/id/1042004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210622181826/http://www.securitytracker.com/id/1042004
16
reference_url https://web.archive.org/web/20210724095519/http://www.securitytracker.com/id/1039363
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210724095519/http://www.securitytracker.com/id/1039363
17
reference_url https://www.debian.org/security/2017/dsa-4031
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-4031
18
reference_url https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033
19
reference_url https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/
20
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released
21
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released/
22
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released
23
reference_url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released/
24
reference_url http://www.securityfocus.com/bid/100868
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100868
25
reference_url http://www.securitytracker.com/id/1039363
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039363
26
reference_url http://www.securitytracker.com/id/1042004
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1042004
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1491866
reference_id 1491866
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1491866
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.0:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:preview1:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.0:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:preview2:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:rc1:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.2:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.3:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.4:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.5:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.6:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.7:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:preview2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview2:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview3:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:preview3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:preview3:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:rc1:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-14033
reference_id CVE-2017-14033
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-14033
53
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/openssl/CVE-2017-14033.yml
reference_id CVE-2017-14033.YML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/openssl/CVE-2017-14033.yml
54
reference_url https://github.com/advisories/GHSA-v6rp-3r3v-hf4p
reference_id GHSA-v6rp-3r3v-hf4p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v6rp-3r3v-hf4p
55
reference_url https://usn.ubuntu.com/3439-1/
reference_id USN-3439-1
reference_type
scores
url https://usn.ubuntu.com/3439-1/
fixed_packages
aliases CVE-2017-14033, GHSA-v6rp-3r3v-hf4p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fapg-pt6b-rfb2
5
url VCID-fhyd-6fyt-byhp
vulnerability_id VCID-fhyd-6fyt-byhp
summary 
A vulnerability has been found in Ruby which may allow for
    arbitrary command execution.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0378
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0378
1
reference_url https://access.redhat.com/errata/RHSA-2018:0583
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0583
2
reference_url https://access.redhat.com/errata/RHSA-2018:0585
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0585
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17405.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17405.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17405
reference_id
reference_type
scores
0
value 0.88646
scoring_system epss
scoring_elements 0.99503
published_at 2026-04-02T12:55:00Z
1
value 0.88646
scoring_system epss
scoring_elements 0.99513
published_at 2026-04-21T12:55:00Z
2
value 0.88646
scoring_system epss
scoring_elements 0.99507
published_at 2026-04-11T12:55:00Z
3
value 0.88646
scoring_system epss
scoring_elements 0.99508
published_at 2026-04-13T12:55:00Z
4
value 0.88646
scoring_system epss
scoring_elements 0.99511
published_at 2026-04-16T12:55:00Z
5
value 0.88646
scoring_system epss
scoring_elements 0.99512
published_at 2026-04-18T12:55:00Z
6
value 0.88646
scoring_system epss
scoring_elements 0.99504
published_at 2026-04-04T12:55:00Z
7
value 0.88646
scoring_system epss
scoring_elements 0.99505
published_at 2026-04-07T12:55:00Z
8
value 0.88646
scoring_system epss
scoring_elements 0.99506
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17405
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
20
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
21
reference_url https://lists.debian.org/debian-lts-announce/2017/12/msg00024.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2017/12/msg00024.html
22
reference_url https://lists.debian.org/debian-lts-announce/2017/12/msg00025.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2017/12/msg00025.html
23
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
24
reference_url https://www.debian.org/security/2018/dsa-4259
reference_id
reference_type
scores
url https://www.debian.org/security/2018/dsa-4259
25
reference_url https://www.exploit-db.com/exploits/43381/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/43381/
26
reference_url https://www.ruby-lang.org/en/news/2017/12/14/net-ftp-command-injection-cve-2017-17405/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2017/12/14/net-ftp-command-injection-cve-2017-17405/
27
reference_url https://www.ruby-lang.org/en/news/2017/12/14/ruby-2-4-3-released/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2017/12/14/ruby-2-4-3-released/
28
reference_url http://www.securityfocus.com/bid/102204
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102204
29
reference_url http://www.securitytracker.com/id/1042004
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1042004
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1526189
reference_id 1526189
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1526189
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.5.0:preview1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.5.0:preview1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.5.0:preview1:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
46
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/ruby/local/43381.md
reference_id CVE-2017-17405
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/ruby/local/43381.md
47
reference_url https://hackerone.com/reports/294462
reference_id CVE-2017-17405
reference_type exploit
scores
url https://hackerone.com/reports/294462
48
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-17405
reference_id CVE-2017-17405
reference_type
scores
0
value 9.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:C/I:C/A:C
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-17405
49
reference_url https://security.gentoo.org/glsa/201802-05
reference_id GLSA-201802-05
reference_type
scores
url https://security.gentoo.org/glsa/201802-05
50
reference_url https://access.redhat.com/errata/RHSA-2018:0584
reference_id RHSA-2018:0584
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0584
51
reference_url https://access.redhat.com/errata/RHSA-2019:2806
reference_id RHSA-2019:2806
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2806
52
reference_url https://usn.ubuntu.com/3515-1/
reference_id USN-3515-1
reference_type
scores
url https://usn.ubuntu.com/3515-1/
fixed_packages
aliases CVE-2017-17405
risk_score 10.0
exploitability 2.0
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fhyd-6fyt-byhp
6
url VCID-jmzh-89dm-r7g2
vulnerability_id VCID-jmzh-89dm-r7g2
summary 
Origin Validation Error
RubyGems is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls.
references
0
reference_url http://blog.rubygems.org/2017/08/27/2.6.13-released.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2017/08/27/2.6.13-released.html
1
reference_url https://access.redhat.com/errata/RHSA-2017:3485
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3485
2
reference_url https://access.redhat.com/errata/RHSA-2018:0378
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0378
3
reference_url https://access.redhat.com/errata/RHSA-2018:0583
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0583
4
reference_url https://access.redhat.com/errata/RHSA-2018:0585
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0585
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0902.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0902.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-0902
reference_id
reference_type
scores
0
value 0.05207
scoring_system epss
scoring_elements 0.89915
published_at 2026-04-07T12:55:00Z
1
value 0.05207
scoring_system epss
scoring_elements 0.89947
published_at 2026-04-21T12:55:00Z
2
value 0.05207
scoring_system epss
scoring_elements 0.89952
published_at 2026-04-18T12:55:00Z
3
value 0.05207
scoring_system epss
scoring_elements 0.8995
published_at 2026-04-16T12:55:00Z
4
value 0.05207
scoring_system epss
scoring_elements 0.89936
published_at 2026-04-13T12:55:00Z
5
value 0.05207
scoring_system epss
scoring_elements 0.89943
published_at 2026-04-12T12:55:00Z
6
value 0.05207
scoring_system epss
scoring_elements 0.89945
published_at 2026-04-11T12:55:00Z
7
value 0.05207
scoring_system epss
scoring_elements 0.89937
published_at 2026-04-09T12:55:00Z
8
value 0.05207
scoring_system epss
scoring_elements 0.89894
published_at 2026-04-01T12:55:00Z
9
value 0.05207
scoring_system epss
scoring_elements 0.89898
published_at 2026-04-02T12:55:00Z
10
value 0.05207
scoring_system epss
scoring_elements 0.89932
published_at 2026-04-08T12:55:00Z
11
value 0.05207
scoring_system epss
scoring_elements 0.8991
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-0902
7
reference_url https://blog.rubygems.org/2017/08/27/2.6.13-released.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements
url https://blog.rubygems.org/2017/08/27/2.6.13-released.html
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:C/I:C/A:C
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://github.com/rubygems/rubygems
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems
17
reference_url https://github.com/rubygems/rubygems/commit/8d91516fb7037ecfb27622f605dc40245e0f8d32
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/8d91516fb7037ecfb27622f605dc40245e0f8d32
18
reference_url https://hackerone.com/reports/218088
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/218088
19
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
20
reference_url https://usn.ubuntu.com/3553-1
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3553-1
21
reference_url https://usn.ubuntu.com/3553-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3553-1/
22
reference_url https://usn.ubuntu.com/3685-1
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3685-1
23
reference_url https://usn.ubuntu.com/3685-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3685-1/
24
reference_url https://web.archive.org/web/20170907040741/http://www.securityfocus.com/bid/100586
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170907040741/http://www.securityfocus.com/bid/100586
25
reference_url https://web.archive.org/web/20170907215801/http://www.securitytracker.com/id/1039249
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170907215801/http://www.securitytracker.com/id/1039249
26
reference_url https://www.debian.org/security/2017/dsa-3966
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-3966
27
reference_url http://www.securityfocus.com/bid/100586
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100586
28
reference_url http://www.securitytracker.com/id/1039249
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039249
29
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1487589
reference_id 1487589
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1487589
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-0902
reference_id CVE-2017-0902
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-0902
31
reference_url https://github.com/advisories/GHSA-73w7-6w9g-gc8w
reference_id GHSA-73w7-6w9g-gc8w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-73w7-6w9g-gc8w
32
reference_url https://security.gentoo.org/glsa/201710-01
reference_id GLSA-201710-01
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201710-01
fixed_packages
aliases CVE-2017-0902, GHSA-73w7-6w9g-gc8w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jmzh-89dm-r7g2
7
url VCID-xgsa-5umz-qffr
vulnerability_id VCID-xgsa-5umz-qffr
summary 
Code Injection
RubyGems is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences.
references
0
reference_url http://blog.rubygems.org/2017/08/27/2.6.13-released.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2017/08/27/2.6.13-released.html
1
reference_url https://access.redhat.com/errata/RHSA-2017:3485
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3485
2
reference_url https://access.redhat.com/errata/RHSA-2018:0378
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0378
3
reference_url https://access.redhat.com/errata/RHSA-2018:0583
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0583
4
reference_url https://access.redhat.com/errata/RHSA-2018:0585
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0585
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0899.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0899.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-0899
reference_id
reference_type
scores
0
value 0.07362
scoring_system epss
scoring_elements 0.9173
published_at 2026-04-21T12:55:00Z
1
value 0.07362
scoring_system epss
scoring_elements 0.91672
published_at 2026-04-01T12:55:00Z
2
value 0.07362
scoring_system epss
scoring_elements 0.9168
published_at 2026-04-02T12:55:00Z
3
value 0.07362
scoring_system epss
scoring_elements 0.91686
published_at 2026-04-04T12:55:00Z
4
value 0.07362
scoring_system epss
scoring_elements 0.91695
published_at 2026-04-07T12:55:00Z
5
value 0.07362
scoring_system epss
scoring_elements 0.91707
published_at 2026-04-08T12:55:00Z
6
value 0.07362
scoring_system epss
scoring_elements 0.91714
published_at 2026-04-09T12:55:00Z
7
value 0.07362
scoring_system epss
scoring_elements 0.91717
published_at 2026-04-11T12:55:00Z
8
value 0.07362
scoring_system epss
scoring_elements 0.9172
published_at 2026-04-12T12:55:00Z
9
value 0.07362
scoring_system epss
scoring_elements 0.91716
published_at 2026-04-13T12:55:00Z
10
value 0.07362
scoring_system epss
scoring_elements 0.91736
published_at 2026-04-16T12:55:00Z
11
value 0.07362
scoring_system epss
scoring_elements 0.91729
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-0899
7
reference_url https://blog.rubygems.org/2017/08/27/2.6.13-released.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
url https://blog.rubygems.org/2017/08/27/2.6.13-released.html
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://github.com/rubygems/rubygems
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems
17
reference_url https://github.com/rubygems/rubygems/commit/1bcbc7fe637b03145401ec9c094066285934a7f1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/1bcbc7fe637b03145401ec9c094066285934a7f1
18
reference_url https://github.com/rubygems/rubygems/commit/ef0aa611effb5f54d40c7fba6e8235eb43c5a491
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/ef0aa611effb5f54d40c7fba6e8235eb43c5a491
19
reference_url https://hackerone.com/reports/226335
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/226335
20
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
21
reference_url https://web.archive.org/web/20170907215801/http://www.securitytracker.com/id/1039249
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170907215801/http://www.securitytracker.com/id/1039249
22
reference_url https://web.archive.org/web/20170915000000*/http://www.securityfocus.com/bid/100576#:~:text=1%20snapshot-,11%3A49%3A33,-Note
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170915000000*/http://www.securityfocus.com/bid/100576#:~:text=1%20snapshot-,11%3A49%3A33,-Note
23
reference_url https://www.debian.org/security/2017/dsa-3966
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-3966
24
reference_url http://www.securityfocus.com/bid/100576
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100576
25
reference_url http://www.securitytracker.com/id/1039249
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039249
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1487590
reference_id 1487590
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1487590
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-0899
reference_id CVE-2017-0899
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-0899
28
reference_url https://github.com/advisories/GHSA-7gcp-2gmq-w3xh
reference_id GHSA-7gcp-2gmq-w3xh
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7gcp-2gmq-w3xh
29
reference_url https://security.gentoo.org/glsa/201710-01
reference_id GLSA-201710-01
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201710-01
30
reference_url https://usn.ubuntu.com/3439-1/
reference_id USN-3439-1
reference_type
scores
url https://usn.ubuntu.com/3439-1/
fixed_packages
aliases CVE-2017-0899, GHSA-7gcp-2gmq-w3xh
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xgsa-5umz-qffr
8
url VCID-xkd6-jvma-skfk
vulnerability_id VCID-xkd6-jvma-skfk
summary 
Multiple vulnerabilities have been found in Ruby, the worst of
    which could lead to the remote execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14064.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14064.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14064
reference_id
reference_type
scores
0
value 0.01205
scoring_system epss
scoring_elements 0.78898
published_at 2026-04-01T12:55:00Z
1
value 0.01205
scoring_system epss
scoring_elements 0.78941
published_at 2026-04-08T12:55:00Z
2
value 0.01205
scoring_system epss
scoring_elements 0.78947
published_at 2026-04-09T12:55:00Z
3
value 0.01205
scoring_system epss
scoring_elements 0.7897
published_at 2026-04-11T12:55:00Z
4
value 0.01205
scoring_system epss
scoring_elements 0.78955
published_at 2026-04-12T12:55:00Z
5
value 0.01205
scoring_system epss
scoring_elements 0.78945
published_at 2026-04-13T12:55:00Z
6
value 0.01205
scoring_system epss
scoring_elements 0.78974
published_at 2026-04-16T12:55:00Z
7
value 0.01205
scoring_system epss
scoring_elements 0.78904
published_at 2026-04-02T12:55:00Z
8
value 0.01205
scoring_system epss
scoring_elements 0.78933
published_at 2026-04-04T12:55:00Z
9
value 0.01205
scoring_system epss
scoring_elements 0.78916
published_at 2026-04-07T12:55:00Z
10
value 0.01477
scoring_system epss
scoring_elements 0.81013
published_at 2026-04-21T12:55:00Z
11
value 0.01477
scoring_system epss
scoring_elements 0.81012
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14064
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-14064
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-14064
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1487552
reference_id 1487552
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1487552
12
reference_url https://access.redhat.com/errata/RHSA-2026:7305
reference_id RHSA-2026:7305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7305
13
reference_url https://access.redhat.com/errata/RHSA-2026:7307
reference_id RHSA-2026:7307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7307
14
reference_url https://access.redhat.com/errata/RHSA-2026:8838
reference_id RHSA-2026:8838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8838
15
reference_url https://usn.ubuntu.com/3439-1/
reference_id USN-3439-1
reference_type
scores
url https://usn.ubuntu.com/3439-1/
fixed_packages
aliases CVE-2017-14064, GHSA-954h-8gv7-2q75
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xkd6-jvma-skfk
9
url VCID-xz68-vwz2-2ke4
vulnerability_id VCID-xz68-vwz2-2ke4
summary 
Improper Input Validation
RubyGems fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.
references
0
reference_url http://blog.rubygems.org/2017/08/27/2.6.13-released.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.rubygems.org/2017/08/27/2.6.13-released.html
1
reference_url https://access.redhat.com/errata/RHSA-2017:3485
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3485
2
reference_url https://access.redhat.com/errata/RHSA-2018:0378
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0378
3
reference_url https://access.redhat.com/errata/RHSA-2018:0583
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0583
4
reference_url https://access.redhat.com/errata/RHSA-2018:0585
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0585
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0901.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0901.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-0901
reference_id
reference_type
scores
0
value 0.18555
scoring_system epss
scoring_elements 0.95267
published_at 2026-04-21T12:55:00Z
1
value 0.18555
scoring_system epss
scoring_elements 0.95262
published_at 2026-04-16T12:55:00Z
2
value 0.18555
scoring_system epss
scoring_elements 0.95265
published_at 2026-04-18T12:55:00Z
3
value 0.18555
scoring_system epss
scoring_elements 0.95254
published_at 2026-04-13T12:55:00Z
4
value 0.18555
scoring_system epss
scoring_elements 0.95251
published_at 2026-04-12T12:55:00Z
5
value 0.18555
scoring_system epss
scoring_elements 0.9525
published_at 2026-04-11T12:55:00Z
6
value 0.18555
scoring_system epss
scoring_elements 0.95245
published_at 2026-04-09T12:55:00Z
7
value 0.18555
scoring_system epss
scoring_elements 0.95242
published_at 2026-04-08T12:55:00Z
8
value 0.18555
scoring_system epss
scoring_elements 0.95234
published_at 2026-04-07T12:55:00Z
9
value 0.18555
scoring_system epss
scoring_elements 0.95231
published_at 2026-04-04T12:55:00Z
10
value 0.18555
scoring_system epss
scoring_elements 0.95229
published_at 2026-04-02T12:55:00Z
11
value 0.18555
scoring_system epss
scoring_elements 0.95217
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-0901
7
reference_url https://blog.rubygems.org/2017/08/27/2.6.13-released.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://blog.rubygems.org/2017/08/27/2.6.13-released.html
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9096
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7798
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:C/A:N
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://github.com/rubygems/rubygems
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems
17
reference_url https://github.com/rubygems/rubygems/commit/ad5c0a53a86ca5b218c7976765c0365b91d22cb2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems/commit/ad5c0a53a86ca5b218c7976765c0365b91d22cb2
18
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
19
reference_url https://usn.ubuntu.com/3553-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3553-1
20
reference_url https://usn.ubuntu.com/3553-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3553-1/
21
reference_url https://usn.ubuntu.com/3685-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3685-1
22
reference_url https://usn.ubuntu.com/3685-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3685-1/
23
reference_url https://web.archive.org/web/20170907215801/http://www.securitytracker.com/id/1039249
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170907215801/http://www.securitytracker.com/id/1039249
24
reference_url https://web.archive.org/web/20170915000000*/http://www.securityfocus.com/bid/100580#:~:text=1%20snapshot-,16%3A05%3A26,-Note
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170915000000*/http://www.securityfocus.com/bid/100580#:~:text=1%20snapshot-,16%3A05%3A26,-Note
25
reference_url https://www.debian.org/security/2017/dsa-3966
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-3966
26
reference_url https://www.exploit-db.com/exploits/42611
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/42611
27
reference_url https://www.exploit-db.com/exploits/42611/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/42611/
28
reference_url http://www.securityfocus.com/bid/100580
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100580
29
reference_url http://www.securitytracker.com/id/1039249
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039249
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1487587
reference_id 1487587
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1487587
31
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/42611.txt
reference_id CVE-2017-0901
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/42611.txt
32
reference_url https://hackerone.com/reports/243156
reference_id CVE-2017-0901
reference_type exploit
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/243156
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-0901
reference_id CVE-2017-0901
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-0901
34
reference_url https://github.com/advisories/GHSA-pm9x-4392-2c2p
reference_id GHSA-pm9x-4392-2c2p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pm9x-4392-2c2p
35
reference_url https://security.gentoo.org/glsa/201710-01
reference_id GLSA-201710-01
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201710-01
36
reference_url https://usn.ubuntu.com/3439-1/
reference_id USN-3439-1
reference_type
scores
url https://usn.ubuntu.com/3439-1/
fixed_packages
aliases CVE-2017-0901, GHSA-pm9x-4392-2c2p
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xz68-vwz2-2ke4
10
url VCID-zybm-uuxu-67gh
vulnerability_id VCID-zybm-uuxu-67gh
summary 
Multiple vulnerabilities have been found in Ruby, the worst of
    which could lead to the remote execution of arbitrary code.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:3485
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3485
1
reference_url https://access.redhat.com/errata/RHSA-2018:0378
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0378
2
reference_url https://access.redhat.com/errata/RHSA-2018:0583
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0583
3
reference_url https://access.redhat.com/errata/RHSA-2018:0585
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0585
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0898.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0898.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-0898
reference_id
reference_type
scores
0
value 0.00806
scoring_system epss
scoring_elements 0.74189
published_at 2026-04-21T12:55:00Z
1
value 0.00806
scoring_system epss
scoring_elements 0.74198
published_at 2026-04-18T12:55:00Z
2
value 0.00846
scoring_system epss
scoring_elements 0.74779
published_at 2026-04-01T12:55:00Z
3
value 0.00846
scoring_system epss
scoring_elements 0.74782
published_at 2026-04-02T12:55:00Z
4
value 0.00846
scoring_system epss
scoring_elements 0.74809
published_at 2026-04-04T12:55:00Z
5
value 0.00846
scoring_system epss
scoring_elements 0.74783
published_at 2026-04-07T12:55:00Z
6
value 0.00846
scoring_system epss
scoring_elements 0.74815
published_at 2026-04-08T12:55:00Z
7
value 0.00846
scoring_system epss
scoring_elements 0.7483
published_at 2026-04-09T12:55:00Z
8
value 0.00846
scoring_system epss
scoring_elements 0.74853
published_at 2026-04-11T12:55:00Z
9
value 0.01104
scoring_system epss
scoring_elements 0.7811
published_at 2026-04-16T12:55:00Z
10
value 0.01104
scoring_system epss
scoring_elements 0.78078
published_at 2026-04-12T12:55:00Z
11
value 0.01104
scoring_system epss
scoring_elements 0.78075
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-0898
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0903
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:P/I:P/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/mruby/mruby/issues/3722
reference_id
reference_type
scores
url https://github.com/mruby/mruby/issues/3722
12
reference_url https://hackerone.com/reports/212241
reference_id
reference_type
scores
url https://hackerone.com/reports/212241
13
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-0898
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:P
1
value 9.1
scoring_system cvssv3
scoring_elements
2
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-0898
15
reference_url https://security.gentoo.org/glsa/201710-18
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/201710-18
16
reference_url https://usn.ubuntu.com/3685-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3685-1/
17
reference_url https://www.debian.org/security/2017/dsa-4031
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-4031
18
reference_url https://www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/
reference_id
reference_type
scores
url https://www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/
19
reference_url http://www.securityfocus.com/bid/100862
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100862
20
reference_url http://www.securitytracker.com/id/1039363
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039363
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1492015
reference_id 1492015
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1492015
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.1:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.2:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.3:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.4:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.5:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.6:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.2.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.7:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
37
reference_url https://usn.ubuntu.com/3439-1/
reference_id USN-3439-1
reference_type
scores
url https://usn.ubuntu.com/3439-1/
fixed_packages
aliases CVE-2017-0898, GHSA-wvmx-3rv2-5jgf
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zybm-uuxu-67gh
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-ruby23-ruby@2.3.6-67%3Farch=el7