Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rubygem-ldap_fluff@0.1.3-1?arch=el6_3
Typerpm
Namespaceredhat
Namerubygem-ldap_fluff
Version0.1.3-1
Qualifiers
arch el6_3
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-3xkv-ckqz-r3dx
vulnerability_id VCID-3xkv-ckqz-r3dx
summary 
Improper Input Validation
The Mail gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080645.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080645.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080648.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080648.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080747.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080747.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2140.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2140.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2140
reference_id
reference_type
scores
0
value 0.03667
scoring_system epss
scoring_elements 0.87915
published_at 2026-04-16T12:55:00Z
1
value 0.03667
scoring_system epss
scoring_elements 0.87901
published_at 2026-04-13T12:55:00Z
2
value 0.03667
scoring_system epss
scoring_elements 0.8787
published_at 2026-04-07T12:55:00Z
3
value 0.03667
scoring_system epss
scoring_elements 0.87913
published_at 2026-04-21T12:55:00Z
4
value 0.03667
scoring_system epss
scoring_elements 0.87914
published_at 2026-04-18T12:55:00Z
5
value 0.03667
scoring_system epss
scoring_elements 0.87867
published_at 2026-04-04T12:55:00Z
6
value 0.03667
scoring_system epss
scoring_elements 0.87892
published_at 2026-04-08T12:55:00Z
7
value 0.03667
scoring_system epss
scoring_elements 0.87903
published_at 2026-04-12T12:55:00Z
8
value 0.03667
scoring_system epss
scoring_elements 0.8791
published_at 2026-04-11T12:55:00Z
9
value 0.03667
scoring_system epss
scoring_elements 0.87898
published_at 2026-04-09T12:55:00Z
10
value 0.03667
scoring_system epss
scoring_elements 0.87844
published_at 2026-04-01T12:55:00Z
11
value 0.03667
scoring_system epss
scoring_elements 0.87854
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2140
5
reference_url https://bugzilla.novell.com/show_bug.cgi?id=759092
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.novell.com/show_bug.cgi?id=759092
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=816352
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=816352
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2140
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2140
8
reference_url http://secunia.com/advisories/48970
reference_id
reference_type
scores
url http://secunia.com/advisories/48970
9
reference_url https://github.com/mikel/mail
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mikel/mail
10
reference_url https://github.com/mikel/mail/blob/9beb079c70d236a5ad2e1ba95b2c977e55deb7af/CHANGELOG.rdoc
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mikel/mail/blob/9beb079c70d236a5ad2e1ba95b2c977e55deb7af/CHANGELOG.rdoc
11
reference_url https://github.com/mikel/mail/commit/39b590ddb08f90ddbe445837359a2c8843e533d0
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mikel/mail/commit/39b590ddb08f90ddbe445837359a2c8843e533d0
12
reference_url https://github.com/mikel/mail/commit/ac56f03bdfc30b379aeecd4ff317d08fdaa328c2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mikel/mail/commit/ac56f03bdfc30b379aeecd4ff317d08fdaa328c2
13
reference_url http://www.openwall.com/lists/oss-security/2012/04/25/8
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/04/25/8
14
reference_url http://www.openwall.com/lists/oss-security/2012/04/26/1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/04/26/1
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2140
reference_id CVE-2012-2140
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2140
16
reference_url https://github.com/advisories/GHSA-rp63-jfmw-532w
reference_id GHSA-rp63-jfmw-532w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rp63-jfmw-532w
17
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
fixed_packages
aliases CVE-2012-2140, GHSA-rp63-jfmw-532w, OSV-81632
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3xkv-ckqz-r3dx
1
url VCID-67r2-k4bt-yqcr
vulnerability_id VCID-67r2-k4bt-yqcr
summary Katello: /etc/katello/secure/passphrase is world readable
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0547.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0547.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5561.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5561.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5561
reference_id
reference_type
scores
0
value 0.00109
scoring_system epss
scoring_elements 0.29086
published_at 2026-04-21T12:55:00Z
1
value 0.00109
scoring_system epss
scoring_elements 0.2918
published_at 2026-04-01T12:55:00Z
2
value 0.00109
scoring_system epss
scoring_elements 0.29256
published_at 2026-04-02T12:55:00Z
3
value 0.00109
scoring_system epss
scoring_elements 0.29306
published_at 2026-04-04T12:55:00Z
4
value 0.00109
scoring_system epss
scoring_elements 0.29119
published_at 2026-04-07T12:55:00Z
5
value 0.00109
scoring_system epss
scoring_elements 0.29184
published_at 2026-04-08T12:55:00Z
6
value 0.00109
scoring_system epss
scoring_elements 0.29224
published_at 2026-04-09T12:55:00Z
7
value 0.00109
scoring_system epss
scoring_elements 0.29229
published_at 2026-04-11T12:55:00Z
8
value 0.00109
scoring_system epss
scoring_elements 0.29183
published_at 2026-04-12T12:55:00Z
9
value 0.00109
scoring_system epss
scoring_elements 0.29131
published_at 2026-04-13T12:55:00Z
10
value 0.00109
scoring_system epss
scoring_elements 0.29157
published_at 2026-04-16T12:55:00Z
11
value 0.00109
scoring_system epss
scoring_elements 0.29134
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5561
4
reference_url https://github.com/Katello/katello/pull/1349
reference_id
reference_type
scores
url https://github.com/Katello/katello/pull/1349
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=879094
reference_id 879094
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=879094
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:katello:katello:1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:katello:katello:1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:katello:katello:1.1:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5561
reference_id CVE-2012-5561
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2012-5561
8
reference_url https://access.redhat.com/errata/RHSA-2013:0547
reference_id RHSA-2013:0547
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0547
fixed_packages
aliases CVE-2012-5561
risk_score 0.9
exploitability 0.5
weighted_severity 1.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-67r2-k4bt-yqcr
2
url VCID-75gs-2gu3-6udx
vulnerability_id VCID-75gs-2gu3-6udx
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
2
reference_url http://puppetlabs.com/security/cve/cve-2012-3865
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2012-3865
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3865.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3865.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3865
reference_id
reference_type
scores
0
value 0.01176
scoring_system epss
scoring_elements 0.7874
published_at 2026-04-16T12:55:00Z
1
value 0.01176
scoring_system epss
scoring_elements 0.78679
published_at 2026-04-07T12:55:00Z
2
value 0.01176
scoring_system epss
scoring_elements 0.78711
published_at 2026-04-13T12:55:00Z
3
value 0.01176
scoring_system epss
scoring_elements 0.78719
published_at 2026-04-12T12:55:00Z
4
value 0.01176
scoring_system epss
scoring_elements 0.78737
published_at 2026-04-11T12:55:00Z
5
value 0.01176
scoring_system epss
scoring_elements 0.78705
published_at 2026-04-08T12:55:00Z
6
value 0.01176
scoring_system epss
scoring_elements 0.78712
published_at 2026-04-09T12:55:00Z
7
value 0.01176
scoring_system epss
scoring_elements 0.78734
published_at 2026-04-21T12:55:00Z
8
value 0.01176
scoring_system epss
scoring_elements 0.78738
published_at 2026-04-18T12:55:00Z
9
value 0.0215
scoring_system epss
scoring_elements 0.84187
published_at 2026-04-02T12:55:00Z
10
value 0.0215
scoring_system epss
scoring_elements 0.84205
published_at 2026-04-04T12:55:00Z
11
value 0.0215
scoring_system epss
scoring_elements 0.84174
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3865
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=839131
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=839131
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3865
7
reference_url http://secunia.com/advisories/50014
reference_id
reference_type
scores
url http://secunia.com/advisories/50014
8
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
9
reference_url https://github.com/puppetlabs/puppet/commit/554eefc55f57ed2b76e5ee04d8f194d36f6ee67f
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/554eefc55f57ed2b76e5ee04d8f194d36f6ee67f
10
reference_url https://github.com/puppetlabs/puppet/commit/d80478208d79a3e6d6cb1fbc525e24817fe8c4c6
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/d80478208d79a3e6d6cb1fbc525e24817fe8c4c6
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/CVE-2012-3865.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/CVE-2012-3865.yml
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3865.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3865.yml
13
reference_url https://www.puppet.com/security/cve/overview-cve-2012-3865-arbitrary-file-delete/dos-puppet-master
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.puppet.com/security/cve/overview-cve-2012-3865-arbitrary-file-delete/dos-puppet-master
14
reference_url http://www.debian.org/security/2012/dsa-2511
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2511
15
reference_url http://www.ubuntu.com/usn/USN-1506-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1506-1
16
reference_url http://puppetlabs.com/security/cve/cve-2012-3865/
reference_id CVE-2012-3865
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2012-3865/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3865
reference_id CVE-2012-3865
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3865
18
reference_url https://github.com/advisories/GHSA-g89m-3wjw-h857
reference_id GHSA-g89m-3wjw-h857
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g89m-3wjw-h857
19
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
20
reference_url https://usn.ubuntu.com/1506-1/
reference_id USN-1506-1
reference_type
scores
url https://usn.ubuntu.com/1506-1/
fixed_packages
aliases CVE-2012-3865, GHSA-g89m-3wjw-h857
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-75gs-2gu3-6udx
3
url VCID-91xe-ev7t-akb9
vulnerability_id VCID-91xe-ev7t-akb9
summary 
Uncontrolled Resource Consumption
lib/rack/multipart.rb in Rack  uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header.
references
0
reference_url http://rack.github.com/
reference_id
reference_type
scores
url http://rack.github.com/
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0548.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0548.html
3
reference_url https://access.redhat.com/errata/RHSA-2013:0544
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0544
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json
5
reference_url https://access.redhat.com/security/cve/CVE-2012-6109
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-6109
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6109
reference_id
reference_type
scores
0
value 0.00828
scoring_system epss
scoring_elements 0.74542
published_at 2026-04-18T12:55:00Z
1
value 0.00828
scoring_system epss
scoring_elements 0.7445
published_at 2026-04-01T12:55:00Z
2
value 0.00828
scoring_system epss
scoring_elements 0.74454
published_at 2026-04-02T12:55:00Z
3
value 0.00828
scoring_system epss
scoring_elements 0.7448
published_at 2026-04-04T12:55:00Z
4
value 0.00828
scoring_system epss
scoring_elements 0.74455
published_at 2026-04-07T12:55:00Z
5
value 0.00828
scoring_system epss
scoring_elements 0.74487
published_at 2026-04-08T12:55:00Z
6
value 0.00828
scoring_system epss
scoring_elements 0.74503
published_at 2026-04-09T12:55:00Z
7
value 0.00828
scoring_system epss
scoring_elements 0.74524
published_at 2026-04-11T12:55:00Z
8
value 0.00828
scoring_system epss
scoring_elements 0.74506
published_at 2026-04-12T12:55:00Z
9
value 0.00828
scoring_system epss
scoring_elements 0.74497
published_at 2026-04-13T12:55:00Z
10
value 0.00828
scoring_system epss
scoring_elements 0.74535
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6109
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=895277
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=895277
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109
9
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
10
reference_url https://github.com/rack/rack/blob/master/README.rdoc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/blob/master/README.rdoc
11
reference_url https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml
13
reference_url https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
14
reference_url https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
15
reference_url https://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2013-0544.html
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
reference_id 698440
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.1:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.2:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.3:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.4:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:0.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9.1:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-6109
reference_id CVE-2012-6109
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-6109
43
reference_url https://github.com/advisories/GHSA-h77x-m5q8-c29h
reference_id GHSA-h77x-m5q8-c29h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h77x-m5q8-c29h
44
reference_url https://security.gentoo.org/glsa/201405-10
reference_id GLSA-201405-10
reference_type
scores
url https://security.gentoo.org/glsa/201405-10
fixed_packages
aliases CVE-2012-6109, GHSA-h77x-m5q8-c29h, OSV-89317
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-91xe-ev7t-akb9
4
url VCID-9uh8-upzm-7bgd
vulnerability_id VCID-9uh8-upzm-7bgd
summary 
Uncontrolled Resource Consumption
Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack  allows remote attackers to cause a denial of service via unknown vectors related to "symbolized arbitrary strings."
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0548.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0548.html
3
reference_url https://access.redhat.com/errata/RHSA-2013:0544
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0544
4
reference_url https://access.redhat.com/errata/RHSA-2013:0548
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0548
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json
6
reference_url https://access.redhat.com/security/cve/CVE-2013-0184
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-0184
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0184
reference_id
reference_type
scores
0
value 0.00677
scoring_system epss
scoring_elements 0.7153
published_at 2026-04-21T12:55:00Z
1
value 0.00677
scoring_system epss
scoring_elements 0.715
published_at 2026-04-08T12:55:00Z
2
value 0.00677
scoring_system epss
scoring_elements 0.71512
published_at 2026-04-09T12:55:00Z
3
value 0.00677
scoring_system epss
scoring_elements 0.71535
published_at 2026-04-11T12:55:00Z
4
value 0.00677
scoring_system epss
scoring_elements 0.71519
published_at 2026-04-12T12:55:00Z
5
value 0.00677
scoring_system epss
scoring_elements 0.71501
published_at 2026-04-13T12:55:00Z
6
value 0.00677
scoring_system epss
scoring_elements 0.71547
published_at 2026-04-16T12:55:00Z
7
value 0.00677
scoring_system epss
scoring_elements 0.71552
published_at 2026-04-18T12:55:00Z
8
value 0.00677
scoring_system epss
scoring_elements 0.71463
published_at 2026-04-01T12:55:00Z
9
value 0.00677
scoring_system epss
scoring_elements 0.7147
published_at 2026-04-02T12:55:00Z
10
value 0.00677
scoring_system epss
scoring_elements 0.71487
published_at 2026-04-04T12:55:00Z
11
value 0.00677
scoring_system epss
scoring_elements 0.7146
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0184
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=895384
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=895384
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184
10
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
11
reference_url https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d
12
reference_url http://www.debian.org/security/2013/dsa-2783
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2783
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
reference_id 698440
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.3:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0184
reference_id CVE-2013-0184
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0184
38
reference_url https://github.com/advisories/GHSA-v882-ccj6-jc48
reference_id GHSA-v882-ccj6-jc48
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v882-ccj6-jc48
39
reference_url https://security.gentoo.org/glsa/201405-10
reference_id GLSA-201405-10
reference_type
scores
url https://security.gentoo.org/glsa/201405-10
fixed_packages
aliases CVE-2013-0184, GHSA-v882-ccj6-jc48, OSV-89327
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9uh8-upzm-7bgd
5
url VCID-awt1-8bxs-xffs
vulnerability_id VCID-awt1-8bxs-xffs
summary 
actionpack Improper Authentication vulnerability
The `decode_credentials` method in `actionpack/lib/action_controller/metal/http_authentication.rb` in Ruby on Rails before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a `with_http_digest` helper method, as demonstrated by the `authenticate_or_request_with_http_digest` method.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3424.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3424.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3424
reference_id
reference_type
scores
0
value 0.00981
scoring_system epss
scoring_elements 0.76809
published_at 2026-04-21T12:55:00Z
1
value 0.00981
scoring_system epss
scoring_elements 0.7676
published_at 2026-04-08T12:55:00Z
2
value 0.00981
scoring_system epss
scoring_elements 0.76771
published_at 2026-04-13T12:55:00Z
3
value 0.00981
scoring_system epss
scoring_elements 0.76799
published_at 2026-04-11T12:55:00Z
4
value 0.00981
scoring_system epss
scoring_elements 0.76779
published_at 2026-04-12T12:55:00Z
5
value 0.00981
scoring_system epss
scoring_elements 0.76812
published_at 2026-04-16T12:55:00Z
6
value 0.00981
scoring_system epss
scoring_elements 0.76818
published_at 2026-04-18T12:55:00Z
7
value 0.00981
scoring_system epss
scoring_elements 0.76714
published_at 2026-04-01T12:55:00Z
8
value 0.00981
scoring_system epss
scoring_elements 0.76718
published_at 2026-04-02T12:55:00Z
9
value 0.00981
scoring_system epss
scoring_elements 0.76746
published_at 2026-04-04T12:55:00Z
10
value 0.00981
scoring_system epss
scoring_elements 0.76729
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3424
4
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
5
reference_url https://github.com/rails/rails/commit/3719bd3e95523c5518507dbe44f260f252930600
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/3719bd3e95523c5518507dbe44f260f252930600
6
reference_url https://groups.google.com/group/rubyonrails-security/msg/244d32f2fa25147d?hl=en&dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/244d32f2fa25147d?hl=en&dmode=source&output=gplain
7
reference_url http://weblog.rubyonrails.org/2012/7/26/ann-rails-3-2-7-has-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2012/7/26/ann-rails-3-2-7-has-been-released
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=843711
reference_id 843711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=843711
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3424
reference_id CVE-2012-3424
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3424
10
reference_url https://github.com/advisories/GHSA-92w9-2pqw-rhjj
reference_id GHSA-92w9-2pqw-rhjj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-92w9-2pqw-rhjj
11
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
12
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
fixed_packages
aliases CVE-2012-3424, GHSA-92w9-2pqw-rhjj, OSV-84243
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-awt1-8bxs-xffs
6
url VCID-bsxw-gh14-rbef
vulnerability_id VCID-bsxw-gh14-rbef
summary 
activerecord vulnerable to SQL Injection
The Active Record component in Ruby on Rails efore 2.3.15, 3.0.x before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2695.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2695.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2695
reference_id
reference_type
scores
0
value 0.00637
scoring_system epss
scoring_elements 0.70503
published_at 2026-04-21T12:55:00Z
1
value 0.00637
scoring_system epss
scoring_elements 0.70462
published_at 2026-04-08T12:55:00Z
2
value 0.00637
scoring_system epss
scoring_elements 0.70478
published_at 2026-04-09T12:55:00Z
3
value 0.00637
scoring_system epss
scoring_elements 0.70502
published_at 2026-04-11T12:55:00Z
4
value 0.00637
scoring_system epss
scoring_elements 0.70487
published_at 2026-04-12T12:55:00Z
5
value 0.00637
scoring_system epss
scoring_elements 0.70473
published_at 2026-04-13T12:55:00Z
6
value 0.00637
scoring_system epss
scoring_elements 0.70515
published_at 2026-04-16T12:55:00Z
7
value 0.00637
scoring_system epss
scoring_elements 0.70523
published_at 2026-04-18T12:55:00Z
8
value 0.00637
scoring_system epss
scoring_elements 0.70408
published_at 2026-04-01T12:55:00Z
9
value 0.00637
scoring_system epss
scoring_elements 0.70422
published_at 2026-04-02T12:55:00Z
10
value 0.00637
scoring_system epss
scoring_elements 0.70439
published_at 2026-04-04T12:55:00Z
11
value 0.00637
scoring_system epss
scoring_elements 0.70417
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2695
7
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
8
reference_url https://github.com/rails/rails/commit/62f81f4d6b3ee40e9887ffd92ab14714bad93f18
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/62f81f4d6b3ee40e9887ffd92ab14714bad93f18
9
reference_url https://groups.google.com/group/rubyonrails-security/msg/aee3413fb038bf56?dmode=source&output=gplain
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/aee3413fb038bf56?dmode=source&output=gplain
10
reference_url https://groups.google.com/g/rubyonrails-security/c/l4L0TEVAz1k/m/Vr84sD9B464J
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/rubyonrails-security/c/l4L0TEVAz1k/m/Vr84sD9B464J
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=831573
reference_id 831573
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=831573
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2695
reference_id CVE-2012-2695
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2695
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2695.yml
reference_id CVE-2012-2695.YML
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2695.yml
14
reference_url https://github.com/advisories/GHSA-76wq-xw4h-f8wj
reference_id GHSA-76wq-xw4h-f8wj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-76wq-xw4h-f8wj
15
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
16
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
fixed_packages
aliases CVE-2012-2695, GHSA-76wq-xw4h-f8wj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bsxw-gh14-rbef
7
url VCID-c1w4-z275-tqg7
vulnerability_id VCID-c1w4-z275-tqg7
summary 
Ruby on Rails Potential XSS Vulnerability in select_tag prompt
When a value for the `prompt` field is supplied to the `select_tag` helper, the value is not escaped. If untrusted data is not escaped, and is supplied as the prompt value, there is a potential for XSS attacks.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3463.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3463.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3463
reference_id
reference_type
scores
0
value 0.00333
scoring_system epss
scoring_elements 0.56143
published_at 2026-04-21T12:55:00Z
1
value 0.00333
scoring_system epss
scoring_elements 0.56166
published_at 2026-04-09T12:55:00Z
2
value 0.00333
scoring_system epss
scoring_elements 0.56177
published_at 2026-04-11T12:55:00Z
3
value 0.00333
scoring_system epss
scoring_elements 0.56153
published_at 2026-04-12T12:55:00Z
4
value 0.00333
scoring_system epss
scoring_elements 0.56137
published_at 2026-04-13T12:55:00Z
5
value 0.00333
scoring_system epss
scoring_elements 0.56171
published_at 2026-04-16T12:55:00Z
6
value 0.00333
scoring_system epss
scoring_elements 0.56174
published_at 2026-04-18T12:55:00Z
7
value 0.00333
scoring_system epss
scoring_elements 0.56001
published_at 2026-04-01T12:55:00Z
8
value 0.00333
scoring_system epss
scoring_elements 0.5611
published_at 2026-04-07T12:55:00Z
9
value 0.00333
scoring_system epss
scoring_elements 0.5613
published_at 2026-04-04T12:55:00Z
10
value 0.00333
scoring_system epss
scoring_elements 0.56161
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3463
3
reference_url https://github.com/rails/rails/commit/6d0526db91afb0675c2ad3d871529d1536303c64
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/6d0526db91afb0675c2ad3d871529d1536303c64
4
reference_url https://groups.google.com/forum/?fromgroups=#!searchin/rubyonrails-security/3463/rubyonrails-security/fV3QUToSMSw/eHBSFOUYHpYJ
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!searchin/rubyonrails-security/3463/rubyonrails-security/fV3QUToSMSw/eHBSFOUYHpYJ
5
reference_url https://groups.google.com/group/rubyonrails-security/msg/961e18e514527078?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/961e18e514527078?dmode=source&output=gplain
6
reference_url https://groups.google.com/g/rubyonrails-security/c/fV3QUToSMSw/m/eHBSFOUYHpYJ?pli=1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/rubyonrails-security/c/fV3QUToSMSw/m/eHBSFOUYHpYJ?pli=1
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3463
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3463
8
reference_url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released
9
reference_url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released/
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released/
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=847196
reference_id 847196
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=847196
11
reference_url https://github.com/advisories/GHSA-98mf-8f57-64qf
reference_id GHSA-98mf-8f57-64qf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-98mf-8f57-64qf
12
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
13
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
fixed_packages
aliases CVE-2012-3463, GHSA-98mf-8f57-64qf, OSV-84515
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c1w4-z275-tqg7
8
url VCID-cwa7-9d2t-rfhb
vulnerability_id VCID-cwa7-9d2t-rfhb
summary 
actionpack Cross-site Scripting vulnerability
Cross-site scripting (XSS) vulnerability in `actionpack/lib/action_view/helpers/sanitize_helper.rb` in the `strip_tags` helper in Ruby on Rails before 2.3.16, 3.0.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3465.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3465.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3465
reference_id
reference_type
scores
0
value 0.00333
scoring_system epss
scoring_elements 0.56143
published_at 2026-04-21T12:55:00Z
1
value 0.00333
scoring_system epss
scoring_elements 0.56161
published_at 2026-04-08T12:55:00Z
2
value 0.00333
scoring_system epss
scoring_elements 0.56166
published_at 2026-04-09T12:55:00Z
3
value 0.00333
scoring_system epss
scoring_elements 0.56177
published_at 2026-04-11T12:55:00Z
4
value 0.00333
scoring_system epss
scoring_elements 0.56153
published_at 2026-04-12T12:55:00Z
5
value 0.00333
scoring_system epss
scoring_elements 0.56137
published_at 2026-04-13T12:55:00Z
6
value 0.00333
scoring_system epss
scoring_elements 0.56171
published_at 2026-04-16T12:55:00Z
7
value 0.00333
scoring_system epss
scoring_elements 0.56174
published_at 2026-04-18T12:55:00Z
8
value 0.00333
scoring_system epss
scoring_elements 0.56001
published_at 2026-04-01T12:55:00Z
9
value 0.00333
scoring_system epss
scoring_elements 0.5611
published_at 2026-04-07T12:55:00Z
10
value 0.00333
scoring_system epss
scoring_elements 0.5613
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3465
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3465
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3465
4
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
5
reference_url https://github.com/rails/rails/commit/cf48c9c7dcbef8543171f7f7de8d3d9a16b58e77
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/cf48c9c7dcbef8543171f7f7de8d3d9a16b58e77
6
reference_url https://github.com/rails/rails/commit/e91e4e8bbee12ce1496bf384c04da6be296b687a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/e91e4e8bbee12ce1496bf384c04da6be296b687a
7
reference_url https://groups.google.com/group/rubyonrails-security/msg/7fbb5392d4d282b5?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/7fbb5392d4d282b5?dmode=source&output=gplain
8
reference_url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=847200
reference_id 847200
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=847200
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3465
reference_id CVE-2012-3465
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3465
11
reference_url https://github.com/advisories/GHSA-7g65-ghrg-hpf5
reference_id GHSA-7g65-ghrg-hpf5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7g65-ghrg-hpf5
12
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
13
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
fixed_packages
aliases CVE-2012-3465, GHSA-7g65-ghrg-hpf5, OSV-84513
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cwa7-9d2t-rfhb
9
url VCID-h88b-abes-3bgr
vulnerability_id VCID-h88b-abes-3bgr
summary 
Puppet Denial of Service and Arbitrary File Write
Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (memory consumption) via a REST request to a stream that triggers a thread block, as demonstrated using CVE-2012-1986 and /dev/random; or (2) cause a denial of service (filesystem consumption) via crafted REST requests that use "a marshaled form of a Puppet::FileBucket::File object" to write to arbitrary file locations.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1987.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1987.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1987
reference_id
reference_type
scores
0
value 0.00763
scoring_system epss
scoring_elements 0.73445
published_at 2026-04-21T12:55:00Z
1
value 0.00763
scoring_system epss
scoring_elements 0.73351
published_at 2026-04-01T12:55:00Z
2
value 0.00763
scoring_system epss
scoring_elements 0.7336
published_at 2026-04-02T12:55:00Z
3
value 0.00763
scoring_system epss
scoring_elements 0.73384
published_at 2026-04-04T12:55:00Z
4
value 0.00763
scoring_system epss
scoring_elements 0.73355
published_at 2026-04-07T12:55:00Z
5
value 0.00763
scoring_system epss
scoring_elements 0.73392
published_at 2026-04-08T12:55:00Z
6
value 0.00763
scoring_system epss
scoring_elements 0.73406
published_at 2026-04-09T12:55:00Z
7
value 0.00763
scoring_system epss
scoring_elements 0.73429
published_at 2026-04-11T12:55:00Z
8
value 0.00763
scoring_system epss
scoring_elements 0.73409
published_at 2026-04-12T12:55:00Z
9
value 0.00763
scoring_system epss
scoring_elements 0.73401
published_at 2026-04-13T12:55:00Z
10
value 0.00763
scoring_system epss
scoring_elements 0.73443
published_at 2026-04-16T12:55:00Z
11
value 0.00763
scoring_system epss
scoring_elements 0.73451
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1987
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1987
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1987
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/74794
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/74794
7
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
8
reference_url https://github.com/puppetlabs/puppet/commit/0d6d29933e613fe177e9235415919a5428db67bc
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/0d6d29933e613fe177e9235415919a5428db67bc
9
reference_url https://github.com/puppetlabs/puppet/commit/568ded50ec6cc498ad32ff7f086d9f73b5d24c14
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/568ded50ec6cc498ad32ff7f086d9f73b5d24c14
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1987.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1987.yml
11
reference_url https://hermes.opensuse.org/messages/14523305
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://hermes.opensuse.org/messages/14523305
12
reference_url https://hermes.opensuse.org/messages/15087408
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://hermes.opensuse.org/messages/15087408
13
reference_url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
14
reference_url https://web.archive.org/web/20120513213318/http://projects.puppetlabs.com/issues/13553
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513213318/http://projects.puppetlabs.com/issues/13553
15
reference_url https://web.archive.org/web/20120513224202/http://projects.puppetlabs.com/issues/13552
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513224202/http://projects.puppetlabs.com/issues/13552
16
reference_url https://web.archive.org/web/20121005145241/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121005145241/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
17
reference_url https://web.archive.org/web/20160808163232/https://puppet.com/security/cve/cve-2012-1987
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160808163232/https://puppet.com/security/cve/cve-2012-1987
18
reference_url http://ubuntu.com/usn/usn-1419-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1419-1
19
reference_url http://www.debian.org/security/2012/dsa-2451
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2451
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=810070
reference_id 810070
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=810070
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1987
reference_id CVE-2012-1987
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1987
22
reference_url https://web.archive.org/web/20160808163232/https://puppet.com/security/cve/cve-2012-1987/
reference_id CVE-2012-1987
reference_type
scores
url https://web.archive.org/web/20160808163232/https://puppet.com/security/cve/cve-2012-1987/
23
reference_url https://github.com/advisories/GHSA-v58w-6xc2-w799
reference_id GHSA-v58w-6xc2-w799
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-v58w-6xc2-w799
24
reference_url https://security.gentoo.org/glsa/201208-02
reference_id GLSA-201208-02
reference_type
scores
url https://security.gentoo.org/glsa/201208-02
25
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
26
reference_url https://usn.ubuntu.com/1419-1/
reference_id USN-1419-1
reference_type
scores
url https://usn.ubuntu.com/1419-1/
fixed_packages
aliases CVE-2012-1987, GHSA-v58w-6xc2-w799
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h88b-abes-3bgr
10
url VCID-hr2h-y693-sbgc
vulnerability_id VCID-hr2h-y693-sbgc
summary 
activesupport Cross-site Scripting vulnerability
Cross-site scripting (XSS) vulnerability in `activesupport/lib/active_support/core_ext/string/output_safety.rb` in Ruby on Rails before 2.3.16, 3.0.x before , 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ' (quote) character.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3464.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3464.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3464
reference_id
reference_type
scores
0
value 0.00333
scoring_system epss
scoring_elements 0.56143
published_at 2026-04-21T12:55:00Z
1
value 0.00333
scoring_system epss
scoring_elements 0.56174
published_at 2026-04-18T12:55:00Z
2
value 0.00333
scoring_system epss
scoring_elements 0.56171
published_at 2026-04-16T12:55:00Z
3
value 0.00333
scoring_system epss
scoring_elements 0.56137
published_at 2026-04-13T12:55:00Z
4
value 0.00333
scoring_system epss
scoring_elements 0.56153
published_at 2026-04-12T12:55:00Z
5
value 0.00333
scoring_system epss
scoring_elements 0.56177
published_at 2026-04-11T12:55:00Z
6
value 0.00333
scoring_system epss
scoring_elements 0.56166
published_at 2026-04-09T12:55:00Z
7
value 0.00333
scoring_system epss
scoring_elements 0.56161
published_at 2026-04-08T12:55:00Z
8
value 0.00333
scoring_system epss
scoring_elements 0.5613
published_at 2026-04-04T12:55:00Z
9
value 0.00333
scoring_system epss
scoring_elements 0.56001
published_at 2026-04-01T12:55:00Z
10
value 0.00333
scoring_system epss
scoring_elements 0.5611
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3464
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3464
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3464
4
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
5
reference_url https://github.com/rails/rails/commit/28f2c6f4037081da0a82104a3f473165ed4ed2ce
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/28f2c6f4037081da0a82104a3f473165ed4ed2ce
6
reference_url https://github.com/rails/rails/commit/780a718723cf87b49cfe204d355948c4e0932d23
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/780a718723cf87b49cfe204d355948c4e0932d23
7
reference_url https://github.com/rails/rails/commit/d0c9759d3aeb6327d68dd6c0de0fe2fed4e3c870
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/d0c9759d3aeb6327d68dd6c0de0fe2fed4e3c870
8
reference_url https://github.com/rails/rails/commit/d549df7133f2b0bad8112890d478c33e990e12bc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/d549df7133f2b0bad8112890d478c33e990e12bc
9
reference_url https://github.com/rails/rails/issues/7215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/issues/7215
10
reference_url https://groups.google.com/group/rubyonrails-security/msg/8f1bbe1cef8c6caf?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/8f1bbe1cef8c6caf?dmode=source&output=gplain
11
reference_url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=847199
reference_id 847199
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=847199
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3464
reference_id CVE-2012-3464
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3464
14
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activesupport/CVE-2012-3464.yml
reference_id CVE-2012-3464.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activesupport/CVE-2012-3464.yml
15
reference_url https://github.com/advisories/GHSA-h835-75hw-pj89
reference_id GHSA-h835-75hw-pj89
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h835-75hw-pj89
16
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
17
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
fixed_packages
aliases CVE-2012-3464, GHSA-h835-75hw-pj89, OSV-84516
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hr2h-y693-sbgc
11
url VCID-kt2h-k72f-tqc7
vulnerability_id VCID-kt2h-k72f-tqc7
summary 
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full pathname contains shell metacharacters, then performing a filebucket request.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
3
reference_url http://projects.puppetlabs.com/issues/13518
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://projects.puppetlabs.com/issues/13518
4
reference_url http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
5
reference_url http://puppetlabs.com/security/cve/cve-2012-1988
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2012-1988
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1988.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1988.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1988
reference_id
reference_type
scores
0
value 0.00492
scoring_system epss
scoring_elements 0.65684
published_at 2026-04-21T12:55:00Z
1
value 0.00492
scoring_system epss
scoring_elements 0.65568
published_at 2026-04-01T12:55:00Z
2
value 0.00492
scoring_system epss
scoring_elements 0.65616
published_at 2026-04-02T12:55:00Z
3
value 0.00492
scoring_system epss
scoring_elements 0.65646
published_at 2026-04-04T12:55:00Z
4
value 0.00492
scoring_system epss
scoring_elements 0.65612
published_at 2026-04-07T12:55:00Z
5
value 0.00492
scoring_system epss
scoring_elements 0.65664
published_at 2026-04-08T12:55:00Z
6
value 0.00492
scoring_system epss
scoring_elements 0.65676
published_at 2026-04-09T12:55:00Z
7
value 0.00492
scoring_system epss
scoring_elements 0.65696
published_at 2026-04-11T12:55:00Z
8
value 0.00492
scoring_system epss
scoring_elements 0.65682
published_at 2026-04-12T12:55:00Z
9
value 0.00492
scoring_system epss
scoring_elements 0.65653
published_at 2026-04-13T12:55:00Z
10
value 0.00492
scoring_system epss
scoring_elements 0.65688
published_at 2026-04-16T12:55:00Z
11
value 0.00492
scoring_system epss
scoring_elements 0.65701
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1988
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1988
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1988
9
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/74796
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/74796
10
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
11
reference_url https://github.com/puppetlabs/puppet/commit/0d6d29933e613fe177e9235415919a5428db67bc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/0d6d29933e613fe177e9235415919a5428db67bc
12
reference_url https://github.com/puppetlabs/puppet/commit/568ded50ec6cc498ad32ff7f086d9f73b5d24c14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/568ded50ec6cc498ad32ff7f086d9f73b5d24c14
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1988.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1988.yml
14
reference_url https://hermes.opensuse.org/messages/14523305
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://hermes.opensuse.org/messages/14523305
15
reference_url https://hermes.opensuse.org/messages/15087408
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://hermes.opensuse.org/messages/15087408
16
reference_url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
17
reference_url https://web.archive.org/web/20120513213112/http://projects.puppetlabs.com/issues/13518
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513213112/http://projects.puppetlabs.com/issues/13518
18
reference_url https://web.archive.org/web/20120816020421/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120816020421/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
19
reference_url https://web.archive.org/web/20121013181707/http://puppetlabs.com/security/cve/cve-2012-1988
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121013181707/http://puppetlabs.com/security/cve/cve-2012-1988
20
reference_url https://web.archive.org/web/20121025112409/http://secunia.com/advisories/48789
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121025112409/http://secunia.com/advisories/48789
21
reference_url https://web.archive.org/web/20121025113446/http://secunia.com/advisories/48748
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121025113446/http://secunia.com/advisories/48748
22
reference_url https://web.archive.org/web/20121025194830/http://secunia.com/advisories/49136
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121025194830/http://secunia.com/advisories/49136
23
reference_url https://web.archive.org/web/20121025194938/http://secunia.com/advisories/48743
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121025194938/http://secunia.com/advisories/48743
24
reference_url https://web.archive.org/web/20121031092646/http://www.securityfocus.com/bid/52975
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121031092646/http://www.securityfocus.com/bid/52975
25
reference_url http://ubuntu.com/usn/usn-1419-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1419-1
26
reference_url http://www.debian.org/security/2012/dsa-2451
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2451
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=810071
reference_id 810071
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=810071
28
reference_url http://puppetlabs.com/security/cve/cve-2012-1988/
reference_id CVE-2012-1988
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2012-1988/
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1988
reference_id CVE-2012-1988
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1988
30
reference_url https://web.archive.org/web/20121013181707/http://puppetlabs.com/security/cve/cve-2012-1988/
reference_id CVE-2012-1988
reference_type
scores
url https://web.archive.org/web/20121013181707/http://puppetlabs.com/security/cve/cve-2012-1988/
31
reference_url https://github.com/advisories/GHSA-6xxq-j39w-g3f6
reference_id GHSA-6xxq-j39w-g3f6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6xxq-j39w-g3f6
32
reference_url https://security.gentoo.org/glsa/201208-02
reference_id GLSA-201208-02
reference_type
scores
url https://security.gentoo.org/glsa/201208-02
33
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
34
reference_url https://usn.ubuntu.com/1419-1/
reference_id USN-1419-1
reference_type
scores
url https://usn.ubuntu.com/1419-1/
fixed_packages
aliases CVE-2012-1988, GHSA-6xxq-j39w-g3f6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kt2h-k72f-tqc7
12
url VCID-phxs-zet8-ryh3
vulnerability_id VCID-phxs-zet8-ryh3
summary 
SQL Injection
Ruby on Rails contains a flaw related to the way ActiveRecord handles parameters in conjunction with the way Rack parses query parameters. This issue may allow an attacker to inject arbitrary `IS NULL` clauses in to application SQL queries. This may also allow an attacker to have the SQL query check for `NULL` in arbitrary places.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2660.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2660.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2660
reference_id
reference_type
scores
0
value 0.00294
scoring_system epss
scoring_elements 0.52796
published_at 2026-04-11T12:55:00Z
1
value 0.00294
scoring_system epss
scoring_elements 0.52745
published_at 2026-04-09T12:55:00Z
2
value 0.00294
scoring_system epss
scoring_elements 0.52663
published_at 2026-04-01T12:55:00Z
3
value 0.00294
scoring_system epss
scoring_elements 0.52708
published_at 2026-04-02T12:55:00Z
4
value 0.00294
scoring_system epss
scoring_elements 0.52734
published_at 2026-04-04T12:55:00Z
5
value 0.00294
scoring_system epss
scoring_elements 0.52751
published_at 2026-04-08T12:55:00Z
6
value 0.00294
scoring_system epss
scoring_elements 0.527
published_at 2026-04-07T12:55:00Z
7
value 0.00294
scoring_system epss
scoring_elements 0.52792
published_at 2026-04-21T12:55:00Z
8
value 0.00294
scoring_system epss
scoring_elements 0.52808
published_at 2026-04-18T12:55:00Z
9
value 0.00294
scoring_system epss
scoring_elements 0.52801
published_at 2026-04-16T12:55:00Z
10
value 0.00294
scoring_system epss
scoring_elements 0.52763
published_at 2026-04-13T12:55:00Z
11
value 0.00294
scoring_system epss
scoring_elements 0.5278
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2660
8
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
9
reference_url https://github.com/rails/rails/commit/61eed87ce32caf534bf1f52dd8134097b4ad9e1b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/61eed87ce32caf534bf1f52dd8134097b4ad9e1b
10
reference_url https://github.com/rails/rails/commit/dff6db18840e2fd1dd3f3e4ef0ae7a9a3986d01d#diff-3179d24efacadd64068c4d9c1184eac3
reference_id
reference_type
scores
url https://github.com/rails/rails/commit/dff6db18840e2fd1dd3f3e4ef0ae7a9a3986d01d#diff-3179d24efacadd64068c4d9c1184eac3
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/OSVDB-82610.yml
reference_id
reference_type
scores
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/OSVDB-82610.yml
12
reference_url https://groups.google.com/forum/#!original/rubyonrails-security/8SA-M3as7A8/Mr9fi9X4kNgJ
reference_id
reference_type
scores
url https://groups.google.com/forum/#!original/rubyonrails-security/8SA-M3as7A8/Mr9fi9X4kNgJ
13
reference_url https://groups.google.com/group/rubyonrails-security/msg/d890f8d58b5fbf32?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/d890f8d58b5fbf32?dmode=source&output=gplain
14
reference_url https://groups.google.com/g/rubyonrails-security/c/8SA-M3as7A8/m/Mr9fi9X4kNgJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/rubyonrails-security/c/8SA-M3as7A8/m/Mr9fi9X4kNgJ
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=827353
reference_id 827353
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=827353
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2660
reference_id CVE-2012-2660
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2660
17
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2012-2660.yml
reference_id CVE-2012-2660.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2012-2660.yml
18
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2660.yml
reference_id CVE-2012-2660.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2012-2660.yml
19
reference_url https://github.com/advisories/GHSA-hgpp-pp89-4fgf
reference_id GHSA-hgpp-pp89-4fgf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hgpp-pp89-4fgf
20
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
21
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
fixed_packages
aliases CVE-2012-2660, GHSA-hgpp-pp89-4fgf, OSV-82610
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-phxs-zet8-ryh3
13
url VCID-rq7w-zmh4-17e1
vulnerability_id VCID-rq7w-zmh4-17e1
summary 
SQL injection vulnerability in Active Record
Due to the way Active Record handles nested query parameters, an attacker can use a specially crafted request to inject some forms of SQL into your application's SQL queries.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2661.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2661.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2661
reference_id
reference_type
scores
0
value 0.0073
scoring_system epss
scoring_elements 0.72697
published_at 2026-04-21T12:55:00Z
1
value 0.0073
scoring_system epss
scoring_elements 0.72652
published_at 2026-04-13T12:55:00Z
2
value 0.0073
scoring_system epss
scoring_elements 0.72694
published_at 2026-04-16T12:55:00Z
3
value 0.0073
scoring_system epss
scoring_elements 0.72705
published_at 2026-04-18T12:55:00Z
4
value 0.0073
scoring_system epss
scoring_elements 0.72604
published_at 2026-04-01T12:55:00Z
5
value 0.0073
scoring_system epss
scoring_elements 0.72611
published_at 2026-04-02T12:55:00Z
6
value 0.0073
scoring_system epss
scoring_elements 0.72628
published_at 2026-04-04T12:55:00Z
7
value 0.0073
scoring_system epss
scoring_elements 0.72605
published_at 2026-04-07T12:55:00Z
8
value 0.0073
scoring_system epss
scoring_elements 0.72644
published_at 2026-04-08T12:55:00Z
9
value 0.0073
scoring_system epss
scoring_elements 0.72656
published_at 2026-04-09T12:55:00Z
10
value 0.0073
scoring_system epss
scoring_elements 0.72679
published_at 2026-04-11T12:55:00Z
11
value 0.0073
scoring_system epss
scoring_elements 0.72662
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2661
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2661
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2661
7
reference_url https://github.com/rails/rails/commit/71f7917c553cdc9a0ee49e87af0efb7429759718#diff-2ec9993375ecb711e08452788d625581
reference_id
reference_type
scores
url https://github.com/rails/rails/commit/71f7917c553cdc9a0ee49e87af0efb7429759718#diff-2ec9993375ecb711e08452788d625581
8
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/OSVDB-82403.yml
reference_id
reference_type
scores
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/OSVDB-82403.yml
9
reference_url https://groups.google.com/group/rubyonrails-security/msg/fc2da6c627fc92df?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/fc2da6c627fc92df?dmode=source&output=gplain
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2661
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2661
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=827363
reference_id 827363
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=827363
12
reference_url https://github.com/advisories/GHSA-fh39-v733-mxfr
reference_id GHSA-fh39-v733-mxfr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fh39-v733-mxfr
13
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
14
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
fixed_packages
aliases CVE-2012-2661, GHSA-fh39-v733-mxfr, OSV-82403
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rq7w-zmh4-17e1
14
url VCID-rrky-upea-nfd4
vulnerability_id VCID-rrky-upea-nfd4
summary puppet: authenticated clients allowed to read arbitrary files from the puppet master
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3864.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3864.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3864
reference_id
reference_type
scores
0
value 0.00314
scoring_system epss
scoring_elements 0.54466
published_at 2026-04-01T12:55:00Z
1
value 0.00314
scoring_system epss
scoring_elements 0.54542
published_at 2026-04-02T12:55:00Z
2
value 0.00314
scoring_system epss
scoring_elements 0.54565
published_at 2026-04-04T12:55:00Z
3
value 0.00314
scoring_system epss
scoring_elements 0.54534
published_at 2026-04-07T12:55:00Z
4
value 0.00314
scoring_system epss
scoring_elements 0.54586
published_at 2026-04-08T12:55:00Z
5
value 0.00314
scoring_system epss
scoring_elements 0.5458
published_at 2026-04-09T12:55:00Z
6
value 0.00314
scoring_system epss
scoring_elements 0.54592
published_at 2026-04-18T12:55:00Z
7
value 0.00314
scoring_system epss
scoring_elements 0.54574
published_at 2026-04-12T12:55:00Z
8
value 0.00314
scoring_system epss
scoring_elements 0.54553
published_at 2026-04-13T12:55:00Z
9
value 0.00314
scoring_system epss
scoring_elements 0.5459
published_at 2026-04-16T12:55:00Z
10
value 0.00314
scoring_system epss
scoring_elements 0.54569
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3864
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3864
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=839130
reference_id 839130
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=839130
4
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
5
reference_url https://usn.ubuntu.com/1506-1/
reference_id USN-1506-1
reference_type
scores
url https://usn.ubuntu.com/1506-1/
fixed_packages
aliases CVE-2012-3864
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rrky-upea-nfd4
15
url VCID-teq8-nqhf-xbbq
vulnerability_id VCID-teq8-nqhf-xbbq
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
multipart/parser.rb in Rack allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
1
reference_url http://rack.github.com
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rack.github.com
2
reference_url http://rack.github.com/
reference_id
reference_type
scores
url http://rack.github.com/
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-0548.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0548.html
5
reference_url https://access.redhat.com/errata/RHSA-2013:0544
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0544
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0183.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0183.json
7
reference_url https://access.redhat.com/security/cve/CVE-2013-0183
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-0183
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0183
reference_id
reference_type
scores
0
value 0.01824
scoring_system epss
scoring_elements 0.82924
published_at 2026-04-21T12:55:00Z
1
value 0.01824
scoring_system epss
scoring_elements 0.82816
published_at 2026-04-01T12:55:00Z
2
value 0.01824
scoring_system epss
scoring_elements 0.82833
published_at 2026-04-02T12:55:00Z
3
value 0.01824
scoring_system epss
scoring_elements 0.82846
published_at 2026-04-04T12:55:00Z
4
value 0.01824
scoring_system epss
scoring_elements 0.82842
published_at 2026-04-07T12:55:00Z
5
value 0.01824
scoring_system epss
scoring_elements 0.82868
published_at 2026-04-08T12:55:00Z
6
value 0.01824
scoring_system epss
scoring_elements 0.82874
published_at 2026-04-09T12:55:00Z
7
value 0.01824
scoring_system epss
scoring_elements 0.8289
published_at 2026-04-11T12:55:00Z
8
value 0.01824
scoring_system epss
scoring_elements 0.82885
published_at 2026-04-12T12:55:00Z
9
value 0.01824
scoring_system epss
scoring_elements 0.82881
published_at 2026-04-13T12:55:00Z
10
value 0.01824
scoring_system epss
scoring_elements 0.8292
published_at 2026-04-16T12:55:00Z
11
value 0.01824
scoring_system epss
scoring_elements 0.82921
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0183
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=895282
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=895282
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183
11
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
12
reference_url https://github.com/rack/rack/commit/548b9af2dc0059f4c0c19728624448d84de450ff
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/548b9af2dc0059f4c0c19728624448d84de450ff
13
reference_url https://github.com/rack/rack/commit/f95113402b7239f225282806673e1b6424522b18
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/f95113402b7239f225282806673e1b6424522b18
14
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0183.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0183.yml
15
reference_url https://groups.google.com/forum/#%21topic/rack-devel/7ZKPNAjgRSs
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21topic/rack-devel/7ZKPNAjgRSs
16
reference_url https://groups.google.com/forum/#%21topic/rack-devel/-MWPHDeGWtI
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21topic/rack-devel/-MWPHDeGWtI
17
reference_url https://groups.google.com/forum/#!topic/rack-devel/7ZKPNAjgRSs
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rack-devel/7ZKPNAjgRSs
18
reference_url https://groups.google.com/forum/#!topic/rack-devel/-MWPHDeGWtI
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rack-devel/-MWPHDeGWtI
19
reference_url http://www.debian.org/security/2013/dsa-2783
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2783
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
reference_id 698440
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0183
reference_id CVE-2013-0183
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0183
33
reference_url https://github.com/advisories/GHSA-3pxh-h8hw-mj8w
reference_id GHSA-3pxh-h8hw-mj8w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3pxh-h8hw-mj8w
34
reference_url https://security.gentoo.org/glsa/201405-10
reference_id GLSA-201405-10
reference_type
scores
url https://security.gentoo.org/glsa/201405-10
fixed_packages
aliases CVE-2013-0183, GHSA-3pxh-h8hw-mj8w, OSV-89320
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-teq8-nqhf-xbbq
16
url VCID-tt6r-bytq-4fa4
vulnerability_id VCID-tt6r-bytq-4fa4
summary 
actionpack allows remote attackers to bypass database-query restrictions, perform NULL checks via crafted request
`actionpack/lib/action_dispatch/http/request.rb` in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain `['xyz', nil]` values, a related issue to CVE-2012-2660.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2013-0154.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0154.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2694.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2694.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2694
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44701
published_at 2026-04-11T12:55:00Z
1
value 0.0022
scoring_system epss
scoring_elements 0.44684
published_at 2026-04-09T12:55:00Z
2
value 0.0022
scoring_system epss
scoring_elements 0.44593
published_at 2026-04-01T12:55:00Z
3
value 0.0022
scoring_system epss
scoring_elements 0.44673
published_at 2026-04-02T12:55:00Z
4
value 0.0022
scoring_system epss
scoring_elements 0.44693
published_at 2026-04-04T12:55:00Z
5
value 0.0022
scoring_system epss
scoring_elements 0.44682
published_at 2026-04-08T12:55:00Z
6
value 0.0022
scoring_system epss
scoring_elements 0.44631
published_at 2026-04-07T12:55:00Z
7
value 0.0022
scoring_system epss
scoring_elements 0.4465
published_at 2026-04-21T12:55:00Z
8
value 0.0022
scoring_system epss
scoring_elements 0.4472
published_at 2026-04-18T12:55:00Z
9
value 0.0022
scoring_system epss
scoring_elements 0.44728
published_at 2026-04-16T12:55:00Z
10
value 0.0022
scoring_system epss
scoring_elements 0.44671
published_at 2026-04-13T12:55:00Z
11
value 0.0022
scoring_system epss
scoring_elements 0.4467
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2694
8
reference_url https://github.com/rails/rails
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails
9
reference_url https://github.com/rails/rails/commit/2f3bc0467311781ac1ceb2c8c2b09002c8fe143a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/2f3bc0467311781ac1ceb2c8c2b09002c8fe143a
10
reference_url https://github.com/rails/rails/commit/c202638225519b5e1a03ebe523b109c948fb0e52
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/commit/c202638225519b5e1a03ebe523b109c948fb0e52
11
reference_url https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source&output=gplain
12
reference_url https://groups.google.com/g/rubyonrails-security/c/jILZ34tAHF4/m/7x0hLH-o0-IJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/rubyonrails-security/c/jILZ34tAHF4/m/7x0hLH-o0-IJ
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=831581
reference_id 831581
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=831581
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2694
reference_id CVE-2012-2694
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2694
15
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2012-2694.yml
reference_id CVE-2012-2694.YML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2012-2694.yml
16
reference_url https://github.com/advisories/GHSA-q34c-48gc-m9g8
reference_id GHSA-q34c-48gc-m9g8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q34c-48gc-m9g8
17
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
18
reference_url https://access.redhat.com/errata/RHSA-2013:0154
reference_id RHSA-2013:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0154
fixed_packages
aliases CVE-2012-2694, GHSA-q34c-48gc-m9g8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tt6r-bytq-4fa4
17
url VCID-vspr-h3ds-dudq
vulnerability_id VCID-vspr-h3ds-dudq
summary 
Incorrect temporary file usage
The ruby_parser Gem does not create temporary files securely. In the `diff_pp` function contained in `lib/gauntlet_rubyparser.rb` function, it creates files as `/tmp/a.[pid]` and `/tmp/b.[pid]` which can be predicted and used for either a denial of service (file cannot be overwritten), or to change the contents of files that are writable.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0548.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0548.html
2
reference_url https://access.redhat.com/errata/RHSA-2013:0544
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0544
3
reference_url https://access.redhat.com/errata/RHSA-2013:0582
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0582
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0162.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0162.json
5
reference_url https://access.redhat.com/security/cve/CVE-2013-0162
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-0162
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0162
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.35374
published_at 2026-04-21T12:55:00Z
1
value 0.00149
scoring_system epss
scoring_elements 0.35386
published_at 2026-04-07T12:55:00Z
2
value 0.00149
scoring_system epss
scoring_elements 0.35432
published_at 2026-04-08T12:55:00Z
3
value 0.00149
scoring_system epss
scoring_elements 0.35457
published_at 2026-04-09T12:55:00Z
4
value 0.00149
scoring_system epss
scoring_elements 0.35465
published_at 2026-04-11T12:55:00Z
5
value 0.00149
scoring_system epss
scoring_elements 0.35423
published_at 2026-04-12T12:55:00Z
6
value 0.00149
scoring_system epss
scoring_elements 0.35399
published_at 2026-04-13T12:55:00Z
7
value 0.00149
scoring_system epss
scoring_elements 0.35439
published_at 2026-04-16T12:55:00Z
8
value 0.00149
scoring_system epss
scoring_elements 0.35427
published_at 2026-04-18T12:55:00Z
9
value 0.00149
scoring_system epss
scoring_elements 0.35279
published_at 2026-04-01T12:55:00Z
10
value 0.00149
scoring_system epss
scoring_elements 0.35478
published_at 2026-04-02T12:55:00Z
11
value 0.00149
scoring_system epss
scoring_elements 0.35503
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0162
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=892806
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=892806
8
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby_parser/CVE-2013-0162.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby_parser/CVE-2013-0162.yml
9
reference_url https://github.com/seattlerb/ruby_parser
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/seattlerb/ruby_parser
10
reference_url https://github.com/seattlerb/ruby_parser/commit/506c7e13cff6f8715385fa8488b621028b4ad280
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/seattlerb/ruby_parser/commit/506c7e13cff6f8715385fa8488b621028b4ad280
11
reference_url https://github.com/seattlerb/ruby_parser/commit/c35acd878d50a8e4ea35933e3fbdc493421d422c
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/seattlerb/ruby_parser/commit/c35acd878d50a8e4ea35933e3fbdc493421d422c
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0162
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:P/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0162
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:1.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:1.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:1.0.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:2.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.1:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:2.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.2:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:2.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.3:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:2.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.4:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:2.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.5:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:2.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.6:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:2.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.1.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:2.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.2.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.3.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:2.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.3.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a1:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a10:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a2:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a3:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a4:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a5:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a6:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a7:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a8:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a9:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.1:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.2:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.4:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ryan_davis:ruby_parser:3.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.1.0:*:*:*:*:*:*:*
42
reference_url https://github.com/advisories/GHSA-8mvw-22r7-w6fq
reference_id GHSA-8mvw-22r7-w6fq
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8mvw-22r7-w6fq
fixed_packages
aliases CVE-2013-0162, GHSA-8mvw-22r7-w6fq, OSV-90561
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vspr-h3ds-dudq
18
url VCID-wage-71h9-6qay
vulnerability_id VCID-wage-71h9-6qay
summary 
Moderate severity vulnerability that affects puppet
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequences.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
2
reference_url http://puppetlabs.com/security/cve/cve-2012-3867
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2012-3867
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3867.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3867.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3867
reference_id
reference_type
scores
0
value 0.01418
scoring_system epss
scoring_elements 0.80599
published_at 2026-04-16T12:55:00Z
1
value 0.01418
scoring_system epss
scoring_elements 0.80571
published_at 2026-04-13T12:55:00Z
2
value 0.01418
scoring_system epss
scoring_elements 0.80578
published_at 2026-04-12T12:55:00Z
3
value 0.01418
scoring_system epss
scoring_elements 0.80544
published_at 2026-04-04T12:55:00Z
4
value 0.01418
scoring_system epss
scoring_elements 0.80604
published_at 2026-04-21T12:55:00Z
5
value 0.01418
scoring_system epss
scoring_elements 0.80601
published_at 2026-04-18T12:55:00Z
6
value 0.01418
scoring_system epss
scoring_elements 0.80536
published_at 2026-04-07T12:55:00Z
7
value 0.01418
scoring_system epss
scoring_elements 0.80592
published_at 2026-04-11T12:55:00Z
8
value 0.01418
scoring_system epss
scoring_elements 0.80575
published_at 2026-04-09T12:55:00Z
9
value 0.01418
scoring_system epss
scoring_elements 0.80565
published_at 2026-04-08T12:55:00Z
10
value 0.01418
scoring_system epss
scoring_elements 0.80516
published_at 2026-04-01T12:55:00Z
11
value 0.01418
scoring_system epss
scoring_elements 0.80522
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3867
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=839158
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=839158
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3867
7
reference_url http://secunia.com/advisories/50014
reference_id
reference_type
scores
url http://secunia.com/advisories/50014
8
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
9
reference_url https://github.com/puppetlabs/puppet/commit/dfedaa5fa841ccf335245a748b347b7c7c236640
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/dfedaa5fa841ccf335245a748b347b7c7c236640
10
reference_url https://github.com/puppetlabs/puppet/commit/f3419620b42080dad3b0be14470b20a972f13c50
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/f3419620b42080dad3b0be14470b20a972f13c50
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3867.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3867.yml
12
reference_url https://www.puppet.com/security/cve/cve-2012-3867-insufficient-input-validation
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.puppet.com/security/cve/cve-2012-3867-insufficient-input-validation
13
reference_url http://www.debian.org/security/2012/dsa-2511
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2511
14
reference_url http://www.ubuntu.com/usn/USN-1506-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1506-1
15
reference_url http://puppetlabs.com/security/cve/cve-2012-3867/
reference_id CVE-2012-3867
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2012-3867/
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3867
reference_id CVE-2012-3867
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3867
17
reference_url https://github.com/advisories/GHSA-q44r-f2hm-v76v
reference_id GHSA-q44r-f2hm-v76v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q44r-f2hm-v76v
18
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
19
reference_url https://usn.ubuntu.com/1506-1/
reference_id USN-1506-1
reference_type
scores
url https://usn.ubuntu.com/1506-1/
fixed_packages
aliases CVE-2012-3867, GHSA-q44r-f2hm-v76v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wage-71h9-6qay
19
url VCID-y93x-twrw-bfbf
vulnerability_id VCID-y93x-twrw-bfbf
summary Katello: lack of authorization in proxies_controller.rb
references
0
reference_url http://osvdb.org/88140
reference_id
reference_type
scores
url http://osvdb.org/88140
1
reference_url http://osvdb.org/88142
reference_id
reference_type
scores
url http://osvdb.org/88142
2
reference_url http://rhn.redhat.com/errata/RHSA-2012-1543.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2012-1543.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5603.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5603.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5603
reference_id
reference_type
scores
0
value 0.00253
scoring_system epss
scoring_elements 0.4867
published_at 2026-04-18T12:55:00Z
1
value 0.00253
scoring_system epss
scoring_elements 0.48555
published_at 2026-04-01T12:55:00Z
2
value 0.00253
scoring_system epss
scoring_elements 0.48596
published_at 2026-04-02T12:55:00Z
3
value 0.00253
scoring_system epss
scoring_elements 0.4862
published_at 2026-04-04T12:55:00Z
4
value 0.00253
scoring_system epss
scoring_elements 0.48572
published_at 2026-04-07T12:55:00Z
5
value 0.00253
scoring_system epss
scoring_elements 0.48626
published_at 2026-04-21T12:55:00Z
6
value 0.00253
scoring_system epss
scoring_elements 0.48621
published_at 2026-04-09T12:55:00Z
7
value 0.00253
scoring_system epss
scoring_elements 0.48639
published_at 2026-04-11T12:55:00Z
8
value 0.00253
scoring_system epss
scoring_elements 0.48612
published_at 2026-04-12T12:55:00Z
9
value 0.00253
scoring_system epss
scoring_elements 0.48625
published_at 2026-04-13T12:55:00Z
10
value 0.00253
scoring_system epss
scoring_elements 0.48674
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5603
6
reference_url http://secunia.com/advisories/51472
reference_id
reference_type
scores
url http://secunia.com/advisories/51472
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/80549
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/80549
8
reference_url http://www.securityfocus.com/bid/56819
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/56819
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=882129
reference_id 882129
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=882129
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5603
reference_id CVE-2012-5603
reference_type
scores
0
value 5.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2012-5603
12
reference_url https://access.redhat.com/errata/RHSA-2012:1543
reference_id RHSA-2012:1543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1543
fixed_packages
aliases CVE-2012-5603
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y93x-twrw-bfbf
20
url VCID-yycs-ny3v-pyeh
vulnerability_id VCID-yycs-ny3v-pyeh
summary 
Multiple vulnerabilities have been found in Puppet, the worst of
    which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1986.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1986.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1986
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.58974
published_at 2026-04-01T12:55:00Z
1
value 0.00374
scoring_system epss
scoring_elements 0.59049
published_at 2026-04-02T12:55:00Z
2
value 0.00374
scoring_system epss
scoring_elements 0.59071
published_at 2026-04-04T12:55:00Z
3
value 0.00374
scoring_system epss
scoring_elements 0.59036
published_at 2026-04-07T12:55:00Z
4
value 0.00374
scoring_system epss
scoring_elements 0.59087
published_at 2026-04-08T12:55:00Z
5
value 0.00374
scoring_system epss
scoring_elements 0.59093
published_at 2026-04-12T12:55:00Z
6
value 0.00374
scoring_system epss
scoring_elements 0.59111
published_at 2026-04-11T12:55:00Z
7
value 0.00374
scoring_system epss
scoring_elements 0.59075
published_at 2026-04-13T12:55:00Z
8
value 0.00374
scoring_system epss
scoring_elements 0.5911
published_at 2026-04-16T12:55:00Z
9
value 0.00374
scoring_system epss
scoring_elements 0.59115
published_at 2026-04-18T12:55:00Z
10
value 0.00374
scoring_system epss
scoring_elements 0.59095
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1986
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1986
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1986
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=810069
reference_id 810069
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=810069
4
reference_url https://security.gentoo.org/glsa/201208-02
reference_id GLSA-201208-02
reference_type
scores
url https://security.gentoo.org/glsa/201208-02
5
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
6
reference_url https://usn.ubuntu.com/1419-1/
reference_id USN-1419-1
reference_type
scores
url https://usn.ubuntu.com/1419-1/
fixed_packages
aliases CVE-2012-1986
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yycs-ny3v-pyeh
21
url VCID-z8cv-3uer-pqbm
vulnerability_id VCID-z8cv-3uer-pqbm
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080645.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080645.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080648.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080648.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080747.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080747.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2139.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2139.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2139
reference_id
reference_type
scores
0
value 0.03527
scoring_system epss
scoring_elements 0.87666
published_at 2026-04-21T12:55:00Z
1
value 0.03527
scoring_system epss
scoring_elements 0.87622
published_at 2026-04-04T12:55:00Z
2
value 0.03527
scoring_system epss
scoring_elements 0.87624
published_at 2026-04-07T12:55:00Z
3
value 0.03527
scoring_system epss
scoring_elements 0.87644
published_at 2026-04-08T12:55:00Z
4
value 0.03527
scoring_system epss
scoring_elements 0.8765
published_at 2026-04-09T12:55:00Z
5
value 0.03527
scoring_system epss
scoring_elements 0.87661
published_at 2026-04-11T12:55:00Z
6
value 0.03527
scoring_system epss
scoring_elements 0.87656
published_at 2026-04-12T12:55:00Z
7
value 0.03527
scoring_system epss
scoring_elements 0.87653
published_at 2026-04-13T12:55:00Z
8
value 0.03527
scoring_system epss
scoring_elements 0.87669
published_at 2026-04-18T12:55:00Z
9
value 0.03527
scoring_system epss
scoring_elements 0.87598
published_at 2026-04-01T12:55:00Z
10
value 0.03527
scoring_system epss
scoring_elements 0.87608
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2139
5
reference_url https://bugzilla.novell.com/show_bug.cgi?id=759092
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.novell.com/show_bug.cgi?id=759092
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=816352
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=816352
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2139
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2139
8
reference_url https://github.com/mikel/mail
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mikel/mail
9
reference_url https://github.com/mikel/mail/commit/29aca25218e4c82991400eb9b0c933626aefc98f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mikel/mail/commit/29aca25218e4c82991400eb9b0c933626aefc98f
10
reference_url http://www.openwall.com/lists/oss-security/2012/04/25/8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/04/25/8
11
reference_url http://www.openwall.com/lists/oss-security/2012/04/26/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/04/26/1
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=891762
reference_id 891762
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=891762
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2139
reference_id CVE-2012-2139
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2139
14
reference_url https://github.com/advisories/GHSA-cj92-c4fj-w9c5
reference_id GHSA-cj92-c4fj-w9c5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cj92-c4fj-w9c5
15
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
fixed_packages
aliases CVE-2012-2139, GHSA-cj92-c4fj-w9c5, OSV-81631
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z8cv-3uer-pqbm
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-ldap_fluff@0.1.3-1%3Farch=el6_3