Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/130652?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/130652?format=api", "purl": "pkg:ruby/ruby@1.8.8", "type": "ruby", "namespace": "", "name": "ruby", "version": "1.8.8", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86966?format=api", "vulnerability_id": "VCID-2ww6-w1k6-xqbp", "summary": "ruby: safe level bypass via name_err_mesg_to_str()", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089554.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089554.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089887.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089887.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4466.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4466.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4466", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78854", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.7883", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78813", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78803", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78831", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78828", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78826", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01606", "scoring_system": "epss", "scoring_elements": "0.81699", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01606", "scoring_system": "epss", "scoring_elements": "0.81727", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01606", "scoring_system": "epss", "scoring_elements": "0.81676", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01606", "scoring_system": "epss", "scoring_elements": "0.81665", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01606", "scoring_system": "epss", "scoring_elements": "0.81696", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01606", "scoring_system": "epss", "scoring_elements": "0.81723", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4466" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4466", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4466" }, { "reference_url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=37068", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=37068" }, { "reference_url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0294" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:124" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/10/02/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/10/02/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/10/03/9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/10/03/9" }, { "reference_url": "http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=862614", "reference_id": "862614", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=862614" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p160:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p160:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p160:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p173:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p173:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p173:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p174:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p174:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p174:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p248:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p248:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p248:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p249:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p249:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p249:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p299:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p299:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p299:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p301:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p301:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p301:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p302:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p302:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p302:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p330:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p330:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p330:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p334:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p334:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p334:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p352:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p352:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p352:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p357:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p357:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p357:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p358:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p358:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p358:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p370:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p370:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p370:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://usn.ubuntu.com/1602-1/", "reference_id": "USN-1602-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1602-1/" }, { "reference_url": "https://usn.ubuntu.com/1603-1/", "reference_id": "USN-1603-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1603-1/" }, { "reference_url": "https://usn.ubuntu.com/1603-2/", "reference_id": "USN-1603-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1603-2/" }, { "reference_url": "https://usn.ubuntu.com/1614-1/", "reference_id": "USN-1614-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1614-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2012-4466", "GHSA-gm9g-777x-3fp6" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ww6-w1k6-xqbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40990?format=api", "vulnerability_id": "VCID-4yvc-uzev-wua4", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3655", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96641", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96594", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96603", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96608", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96621", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96624", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96627", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96633", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96638", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96642", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3655" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31697" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/32372", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32372" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44369" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0895.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0895.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30644" }, { "reference_url": "http://www.securitytracker.com/id?1020656", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020656" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458948", "reference_id": "458948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458948" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3655", "reference_id": "CVE-2008-3655", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3655" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb", "reference_id": "CVE-2008-3655;OSVDB-47470", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb", "reference_id": "CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0895", "reference_id": "RHSA-2008:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0896", "reference_id": "RHSA-2008:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7305", "reference_id": "RHSA-2026:7305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7307", "reference_id": "RHSA-2026:7307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8838", "reference_id": "RHSA-2026:8838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8838" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-3655", "GHSA-p524-ppf2-w36w" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvc-uzev-wua4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40987?format=api", "vulnerability_id": "VCID-5bte-uex2-f7du", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90958", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90872", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90877", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90887", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90897", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90908", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90915", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90924", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90922", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90947", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90945", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90946", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2664" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43348" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450834", "reference_id": "450834", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450834" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2664", "reference_id": "CVE-2008-2664", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2664" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2664", "GHSA-c4h6-p7gp-39x2", "OSV-46552" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5bte-uex2-f7du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31420?format=api", "vulnerability_id": "VCID-8fbf-8fea-27d9", "summary": "Two vulnerabilities in dnsmasq might allow for a Denial of Service or\n spoofing of DNS replies.", "references": [ { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc" }, { "reference_url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html" }, { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" }, { "reference_url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99427", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99425", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99417", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99416", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99418", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99419", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.9942", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99422", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99423", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037" }, { "reference_url": "http://secunia.com/advisories/30925", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30925" }, { "reference_url": "http://secunia.com/advisories/30973", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30973" }, { "reference_url": "http://secunia.com/advisories/30977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30977" }, { "reference_url": "http://secunia.com/advisories/30979", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30979" }, { "reference_url": "http://secunia.com/advisories/30980", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30980" }, { "reference_url": "http://secunia.com/advisories/30988", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30988" }, { "reference_url": "http://secunia.com/advisories/30989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30989" }, { "reference_url": "http://secunia.com/advisories/30998", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30998" }, { "reference_url": "http://secunia.com/advisories/31011", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31011" }, { "reference_url": "http://secunia.com/advisories/31012", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31012" }, { "reference_url": "http://secunia.com/advisories/31014", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31014" }, { "reference_url": "http://secunia.com/advisories/31019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31019" }, { "reference_url": "http://secunia.com/advisories/31022", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31022" }, { "reference_url": "http://secunia.com/advisories/31030", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31030" }, { "reference_url": "http://secunia.com/advisories/31031", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31031" }, { "reference_url": "http://secunia.com/advisories/31033", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31033" }, { "reference_url": "http://secunia.com/advisories/31052", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31052" }, { "reference_url": "http://secunia.com/advisories/31065", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31065" }, { "reference_url": "http://secunia.com/advisories/31072", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31072" }, { "reference_url": "http://secunia.com/advisories/31093", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31093" }, { "reference_url": "http://secunia.com/advisories/31094", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31094" }, { "reference_url": "http://secunia.com/advisories/31137", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31137" }, { "reference_url": "http://secunia.com/advisories/31143", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31143" }, { "reference_url": "http://secunia.com/advisories/31151", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31151" }, { "reference_url": "http://secunia.com/advisories/31152", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31152" }, { "reference_url": "http://secunia.com/advisories/31153", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31153" }, { "reference_url": "http://secunia.com/advisories/31169", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31169" }, { "reference_url": "http://secunia.com/advisories/31197", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31197" }, { "reference_url": "http://secunia.com/advisories/31199", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31199" }, { "reference_url": "http://secunia.com/advisories/31204", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31204" }, { "reference_url": "http://secunia.com/advisories/31207", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31207" }, { "reference_url": "http://secunia.com/advisories/31209", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31209" }, { "reference_url": "http://secunia.com/advisories/31212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31212" }, { "reference_url": "http://secunia.com/advisories/31213", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31213" }, { "reference_url": "http://secunia.com/advisories/31221", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31221" }, { "reference_url": "http://secunia.com/advisories/31236", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31236" }, { "reference_url": "http://secunia.com/advisories/31237", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31237" }, { "reference_url": "http://secunia.com/advisories/31254", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31254" }, { "reference_url": "http://secunia.com/advisories/31326", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31326" }, { "reference_url": "http://secunia.com/advisories/31354", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31354" }, { "reference_url": "http://secunia.com/advisories/31422", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31422" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31451", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31451" }, { "reference_url": "http://secunia.com/advisories/31482", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31482" }, { "reference_url": "http://secunia.com/advisories/31495", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31495" }, { "reference_url": "http://secunia.com/advisories/31588", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31588" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/31823", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31823" }, { "reference_url": "http://secunia.com/advisories/31882", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31882" }, { "reference_url": "http://secunia.com/advisories/31900", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31900" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/33714", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33714" }, { "reference_url": "http://secunia.com/advisories/33786", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33786" }, { "reference_url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200807-08.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201209-25.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1" }, { "reference_url": "http://support.apple.com/kb/HT3026", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3026" }, { "reference_url": "http://support.apple.com/kb/HT3129", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3129" }, { "reference_url": "http://support.citrix.com/article/CTX117991", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.citrix.com/article/CTX117991" }, { "reference_url": "http://support.citrix.com/article/CTX118183", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.citrix.com/article/CTX118183" }, { "reference_url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152" }, { "reference_url": "https://www.exploit-db.com/exploits/6122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6122" }, { "reference_url": "https://www.exploit-db.com/exploits/6123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6123" }, { "reference_url": "https://www.exploit-db.com/exploits/6130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6130" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018" }, { "reference_url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning" }, { "reference_url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt" }, { "reference_url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt" }, { "reference_url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1603", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1603" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1604", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1604" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1605", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1605" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1619", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1619" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1623" }, { "reference_url": "http://www.doxpara.com/DMK_BO2K8.ppt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.doxpara.com/DMK_BO2K8.ppt" }, { "reference_url": "http://www.doxpara.com/?p=1176", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.doxpara.com/?p=1176" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672" }, { "reference_url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40" }, { "reference_url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php" }, { "reference_url": "http://www.kb.cert.org/vuls/id/800113", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/800113" }, { "reference_url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J" }, { "reference_url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139" }, { "reference_url": "http://www.nominum.com/asset_upload_file741_2661.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.nominum.com/asset_upload_file741_2661.pdf" }, { "reference_url": "http://www.novell.com/support/viewContent.do?externalId=7000912", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/support/viewContent.do?externalId=7000912" }, { "reference_url": "http://www.openbsd.org/errata42.html#013_bind", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/errata42.html#013_bind" }, { "reference_url": "http://www.openbsd.org/errata43.html#004_bind", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/errata43.html#004_bind" }, { "reference_url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog" }, { "reference_url": "http://www.phys.uu.nl/~rombouts/pdnsd.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html" }, { "reference_url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30131", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30131" }, { "reference_url": "http://www.securitytracker.com/id?1020437", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020437" }, { "reference_url": "http://www.securitytracker.com/id?1020438", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020438" }, { "reference_url": "http://www.securitytracker.com/id?1020440", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020440" }, { "reference_url": "http://www.securitytracker.com/id?1020448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020448" }, { "reference_url": "http://www.securitytracker.com/id?1020449", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020449" }, { "reference_url": "http://www.securitytracker.com/id?1020548", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020548" }, { "reference_url": "http://www.securitytracker.com/id?1020558", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020558" }, { "reference_url": "http://www.securitytracker.com/id?1020560", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020560" }, { "reference_url": "http://www.securitytracker.com/id?1020561", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020561" }, { "reference_url": "http://www.securitytracker.com/id?1020575", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020575" }, { "reference_url": "http://www.securitytracker.com/id?1020576", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020576" }, { "reference_url": "http://www.securitytracker.com/id?1020577", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020577" }, { "reference_url": "http://www.securitytracker.com/id?1020578", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020578" }, { "reference_url": "http://www.securitytracker.com/id?1020579", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020579" }, { "reference_url": "http://www.securitytracker.com/id?1020651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020651" }, { "reference_url": "http://www.securitytracker.com/id?1020653", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020653" }, { "reference_url": "http://www.securitytracker.com/id?1020702", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020702" }, { "reference_url": "http://www.securitytracker.com/id?1020802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020802" }, { "reference_url": "http://www.securitytracker.com/id?1020804", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020804" }, { "reference_url": "http://www.ubuntu.com/usn/usn-622-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-622-1" }, { "reference_url": "http://www.ubuntu.com/usn/usn-627-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-627-1" }, { "reference_url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2019/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2019/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2023/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2023/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2025/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2025/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2029/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2029/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2030/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2030/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2050/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2050/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2051/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2051/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2052/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2052/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2055/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2055/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2092/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2092/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2113/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2113/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2114/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2114/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2123/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2123/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2139/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2139/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2166/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2166/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2195/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2195/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2196/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2196/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2197/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2197/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2268", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2268" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2291", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2291" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2342", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2342" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2377", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2377" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2383", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2383" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2384", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2384" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2466" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2467", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2467" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2482", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2482" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2525", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2525" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2549" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2558", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2558" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2582", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2582" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2584", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2584" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0297" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0311", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0311" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0622", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/0622" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345", "reference_id": "449345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123", "reference_id": "490123", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465", "reference_id": "492465", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698", "reference_id": "492698", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700", "reference_id": "492700", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599", "reference_id": "493599", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1447", "reference_id": "CVE-2008-1447", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1447" }, { "reference_url": "https://security.gentoo.org/glsa/200807-08", "reference_id": "GLSA-200807-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200807-08" }, { "reference_url": "https://security.gentoo.org/glsa/200809-02", "reference_id": "GLSA-200809-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200809-02" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://security.gentoo.org/glsa/200901-03", "reference_id": "GLSA-200901-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200901-03" }, { "reference_url": "https://security.gentoo.org/glsa/201209-25", "reference_id": "GLSA-201209-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-25" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232;OSVDB-46776", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0533", "reference_id": "RHSA-2008:0533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0789", "reference_id": "RHSA-2008:0789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0789" }, { "reference_url": "https://usn.ubuntu.com/622-1/", "reference_id": "USN-622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/622-1/" }, { "reference_url": "https://usn.ubuntu.com/627-1/", "reference_id": "USN-627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/627-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-1447" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fbf-8fea-27d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40988?format=api", "vulnerability_id": "VCID-9gp6-pvw1-ufhs", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85356", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.8532", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85318", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85315", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85335", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85336", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85333", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85305", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86873", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86884", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86902", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86897", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86917", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2725" }, { "reference_url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43350" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=451821", "reference_id": "451821", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=451821" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2725", "reference_id": "CVE-2008-2725", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2725" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2725", "GHSA-924x-9756-qq8p", "OSV-46553" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9gp6-pvw1-ufhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87786?format=api", "vulnerability_id": "VCID-9ukz-9357-aqb6", "summary": "Ruby WEBrick javascript injection flaw", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0541.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82447", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82315", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82329", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82347", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82342", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82369", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82376", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82395", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82391", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82386", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.8242", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82421", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82425", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0541" }, { "reference_url": "http://secunia.com/advisories/40220", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40220" }, { "reference_url": "https://support.apple.com/en-us/HT4188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/en-us/HT4188" }, { "reference_url": "http://support.apple.com/kb/HT4188", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT4188" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:097", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:097" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:098", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:098" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0908.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0908.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html" }, { "reference_url": "http://www.securityfocus.com/bid/40871", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40871" }, { "reference_url": "http://www.securityfocus.com/bid/40895", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40895" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1481", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1481" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=587731", "reference_id": "587731", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=587731" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0541", "reference_id": "CVE-2010-0541", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0541" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0908", "reference_id": "RHSA-2011:0908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0909", "reference_id": "RHSA-2011:0909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0909" }, { "reference_url": "https://usn.ubuntu.com/1377-1/", "reference_id": "USN-1377-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1377-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2010-0541", "GHSA-h9r2-943c-qg8v", "OSV-65556" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ukz-9357-aqb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40992?format=api", "vulnerability_id": "VCID-a15m-bcma-vfa7", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3656", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.65085", "scoring_system": "epss", "scoring_elements": "0.98488", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.65085", "scoring_system": "epss", "scoring_elements": "0.98483", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.65085", "scoring_system": "epss", "scoring_elements": "0.98484", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98618", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.9862", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98611", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98624", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98625", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98626", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98613", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98616", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3656" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31697" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44371" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3656", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3656" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30644" }, { "reference_url": "http://www.securitytracker.com/id?1020654", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020654" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458953", "reference_id": "458953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458953" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://www.securityfocus.com/bid/30644/info", "reference_id": "CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/30644/info" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb", "reference_id": "CVE-2008-4310;OSVDB-47471;CVE-2008-3656", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7305", "reference_id": "RHSA-2026:7305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7307", "reference_id": "RHSA-2026:7307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8838", "reference_id": "RHSA-2026:8838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8838" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-3656", "GHSA-823x-6r7f-v9x6" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a15m-bcma-vfa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87344?format=api", "vulnerability_id": "VCID-ar57-vndq-yka6", "summary": "ruby: Properly initialize the random number generator when forking new process", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2705.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2705.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76804", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.7681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76838", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76819", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.7685", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76861", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.7689", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76869", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76864", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76905", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.7691", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76902", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76934", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2705" }, { "reference_url": "https://redmine.ruby-lang.org/issues/4579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://redmine.ruby-lang.org/issues/4579" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=722415", "reference_id": "722415", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=722415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1581", "reference_id": "RHSA-2011:1581", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1581" }, { "reference_url": "https://usn.ubuntu.com/1377-1/", "reference_id": "USN-1377-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1377-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2011-2705", "GHSA-wj5x-c2v9-7wwr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ar57-vndq-yka6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54797?format=api", "vulnerability_id": "VCID-bjts-v9q2-9yg8", "summary": "several", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4073.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4073.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4073", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.8572", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85732", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85751", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85757", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85776", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85786", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85801", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85798", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85794", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85812", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85817", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85811", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02664", "scoring_system": "epss", "scoring_elements": "0.85834", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1821", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1821" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4164" }, { "reference_url": "https://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=979251", "reference_id": "979251", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=979251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1090", "reference_id": "RHSA-2013:1090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1103", "reference_id": "RHSA-2013:1103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1137", "reference_id": "RHSA-2013:1137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1137" }, { "reference_url": "https://usn.ubuntu.com/1902-1/", "reference_id": "USN-1902-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1902-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2013-4073", "GHSA-3gpq-xx45-4rr9", "OSV-94628" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bjts-v9q2-9yg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8434?format=api", "vulnerability_id": "VCID-bv9s-j5yk-m3aw", "summary": "WEBrick Improper Input Validation vulnerability\nWEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4492.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95076", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95123", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95121", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95118", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.9511", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95107", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95105", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95099", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95096", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95089", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95087", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95086", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4492" }, { "reference_url": "https://github.com/ruby/webrick", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ruby/webrick" }, { "reference_url": "https://web.archive.org/web/20100113155532/http://www.vupen.com/english/advisories/2010/0089", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20100113155532/http://www.vupen.com/english/advisories/2010/0089" }, { "reference_url": "https://web.archive.org/web/20100815010948/http://secunia.com/advisories/37949", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20100815010948/http://secunia.com/advisories/37949" }, { "reference_url": "https://web.archive.org/web/20170402100552/http://securitytracker.com/id?1023429", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20170402100552/http://securitytracker.com/id?1023429" }, { "reference_url": "https://web.archive.org/web/20170908140655/http://www.securityfocus.com/archive/1/508830/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20170908140655/http://www.securityfocus.com/archive/1/508830/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20200228145937/http://www.securityfocus.com/bid/37710", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228145937/http://www.securityfocus.com/bid/37710" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0908.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0908.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection" }, { "reference_url": "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=554485", "reference_id": "554485", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=554485" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4492", "reference_id": "CVE-2009-4492", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4492" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33489.txt", "reference_id": "CVE-2009-4492;OSVDB-61774", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33489.txt" }, { "reference_url": "https://www.securityfocus.com/bid/37710/info", "reference_id": "CVE-2009-4492;OSVDB-61774", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/37710/info" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2009-4492.yml", "reference_id": "CVE-2009-4492.YML", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2009-4492.yml" }, { "reference_url": "https://github.com/advisories/GHSA-6mq2-37j5-w6r6", "reference_id": "GHSA-6mq2-37j5-w6r6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6mq2-37j5-w6r6" }, { "reference_url": "https://security.gentoo.org/glsa/201001-09", "reference_id": "GLSA-201001-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201001-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0908", "reference_id": "RHSA-2011:0908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0909", "reference_id": "RHSA-2011:0909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0909" }, { "reference_url": "https://usn.ubuntu.com/900-1/", "reference_id": "USN-900-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/900-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-4492", "GHSA-6mq2-37j5-w6r6", "OSV-61774" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bv9s-j5yk-m3aw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40989?format=api", "vulnerability_id": "VCID-c9sy-czbr-tfer", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2726", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86189", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86158", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86154", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86171", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86176", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86168", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86145", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86182", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86192", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86206", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86225", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2726" }, { "reference_url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43351" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=451828", "reference_id": "451828", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=451828" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2726", "reference_id": "CVE-2008-2726", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2726" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2726", "GHSA-v2mw-g73g-923h", "OSV-46554" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c9sy-czbr-tfer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88490?format=api", "vulnerability_id": "VCID-ea13-mua4-1fb9", "summary": "ruby: WEBrick CGI source disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1891.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1891.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1891", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5238", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52425", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52418", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52471", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52465", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52516", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.525", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52483", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52523", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52529", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52514", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52462", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1891" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1891" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=443829", "reference_id": "443829", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=443829" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7305", "reference_id": "RHSA-2026:7305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7307", "reference_id": "RHSA-2026:7307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8838", "reference_id": "RHSA-2026:8838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8838" } ], "fixed_packages": [], "aliases": [ "CVE-2008-1891", "GHSA-rhf2-x48g-5wr7" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ea13-mua4-1fb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40993?format=api", "vulnerability_id": "VCID-fw7k-88kf-1kgg", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3657", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95862", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95804", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95813", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95821", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95823", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95832", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95836", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.9584", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95852", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95858", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.9586", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3657" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31697" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44372" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3657", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3657" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30644" }, { "reference_url": "http://www.securitytracker.com/id?1020652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020652" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458966", "reference_id": "458966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458966" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7305", "reference_id": "RHSA-2026:7305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7307", "reference_id": "RHSA-2026:7307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8838", "reference_id": "RHSA-2026:8838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8838" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-3657", "GHSA-5f6v-fgcw-j5px" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fw7k-88kf-1kgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40985?format=api", "vulnerability_id": "VCID-jx79-wpg7-2yaa", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86072", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.85973", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.85985", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86001", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.8602", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.8603", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86044", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86042", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86037", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86055", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.8606", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86052", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2662" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43345" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601" }, { "reference_url": "https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450821", "reference_id": "450821", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450821" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2662", "reference_id": "CVE-2008-2662", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2662" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2662", "GHSA-6wwf-x53r-5qqq", "OSV-46550" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jx79-wpg7-2yaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40986?format=api", "vulnerability_id": "VCID-mzqm-gc4w-fbfp", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87217", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.8713", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.8714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87157", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87174", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87182", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87195", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87189", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87185", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.872", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87205", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87199", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2663" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43346" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450825", "reference_id": "450825", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450825" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2663", "reference_id": "CVE-2008-2663", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2663" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2663", "GHSA-8rh4-h2wx-5jpx", "OSV-46551" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mzqm-gc4w-fbfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40984?format=api", "vulnerability_id": "VCID-nsa4-b31c-37g2", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2376", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93584", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93515", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93524", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93532", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.9354", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93543", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93549", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93569", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93574", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93579", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2376" }, { "reference_url": "http://secunia.com/advisories/30927", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30927" }, { "reference_url": "http://secunia.com/advisories/31006", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31006" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2639", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2639" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2376", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2376" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863" }, { "reference_url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2008-0218", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0218" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/07/02/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/07/02/3" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/494104/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/494104/100/0/threaded" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2584", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2584" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=453589", "reference_id": "453589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453589" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2376", "GHSA-f7wf-fwmg-r7g3" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nsa4-b31c-37g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62210?format=api", "vulnerability_id": "VCID-nxub-6qsu-hbhk", "summary": "Multiple vulnerabilities have been found in Ruby, allowing\n context-dependent attackers to cause a Denial of Service condition.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0188.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0188.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01937", "scoring_system": "epss", "scoring_elements": "0.83469", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01937", "scoring_system": "epss", "scoring_elements": "0.83445", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01937", "scoring_system": "epss", "scoring_elements": "0.83446", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02608", "scoring_system": "epss", "scoring_elements": "0.85596", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02608", "scoring_system": "epss", "scoring_elements": "0.85616", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02608", "scoring_system": "epss", "scoring_elements": "0.85561", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02608", "scoring_system": "epss", "scoring_elements": "0.8564", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02608", "scoring_system": "epss", "scoring_elements": "0.85637", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02608", "scoring_system": "epss", "scoring_elements": "0.85633", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02608", "scoring_system": "epss", "scoring_elements": "0.85627", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02608", "scoring_system": "epss", "scoring_elements": "0.85573", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02608", "scoring_system": "epss", "scoring_elements": "0.85591", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0188" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0188", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0188" }, { "reference_url": "http://support.apple.com/kb/HT4581", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT4581" }, { "reference_url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/ext/bigdecimal/bigdecimal.c?r1=29364&r2=30993", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/ext/bigdecimal/bigdecimal.c?r1=29364&r2=30993" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:097", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:097" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:098", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:098" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0908.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0908.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0910.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0910.html" }, { "reference_url": "http://www.securitytracker.com/id?1025236", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1025236" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=682332", "reference_id": "682332", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=682332" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0-0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0-1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0-2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:dev:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.2:dev:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:dev:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:r18423:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9:r18423:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:r18423:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/201412-27", "reference_id": "GLSA-201412-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0908", "reference_id": "RHSA-2011:0908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0909", "reference_id": "RHSA-2011:0909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0910", "reference_id": "RHSA-2011:0910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0910" }, { "reference_url": "https://usn.ubuntu.com/1377-1/", "reference_id": "USN-1377-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1377-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2011-0188", "GHSA-6vch-6cgr-x9c3" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nxub-6qsu-hbhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40996?format=api", "vulnerability_id": "VCID-pegr-f5mh-ekdz", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87096", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87007", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87018", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87037", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.8703", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.8705", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87057", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87071", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87065", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.8706", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87076", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.8708", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87077", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3905" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/32948", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32948" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45935" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3905", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3905" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/09/03/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/09/03/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/09/04/9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/09/04/9" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/bid/31699", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31699" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=461495", "reference_id": "461495", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=461495" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0896", "reference_id": "RHSA-2008:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7305", "reference_id": "RHSA-2026:7305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7307", "reference_id": "RHSA-2026:7307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8838", "reference_id": "RHSA-2026:8838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8838" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-3905", "GHSA-vwcj-mf69-7rfw" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pegr-f5mh-ekdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88381?format=api", "vulnerability_id": "VCID-qjwb-ph9u-bubf", "summary": "ruby: Memory allocation failure in Ruby regex engine (remotely exploitable DoS)", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3443.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96609", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.9656", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.9657", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96575", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96578", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96586", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96588", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.9659", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96591", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96593", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.966", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96605", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/32372", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32372" }, { "reference_url": "http://secunia.com/advisories/33185", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33185" }, { "reference_url": "http://secunia.com/advisories/33398", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33398" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://securityreason.com/securityalert/4158", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/4158" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44688" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9570" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.exploit-db.com/exploits/6239", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6239" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1695", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1695" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0895.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0895.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.securityfocus.com/bid/30682", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30682" }, { "reference_url": "http://www.securitytracker.com/id?1021075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1021075" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=459266", "reference_id": "459266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=459266" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p231:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p231:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p231:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p52:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p52:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p52:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3443", "reference_id": "CVE-2008-3443", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3443" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6239.txt", "reference_id": "OSVDB-47800;CVE-2008-3443", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6239.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0895", "reference_id": "RHSA-2008:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0896", "reference_id": "RHSA-2008:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" }, { "reference_url": "https://usn.ubuntu.com/691-1/", "reference_id": "USN-691-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/691-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-3443" ], "risk_score": 9.0, "exploitability": "2.0", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjwb-ph9u-bubf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40995?format=api", "vulnerability_id": "VCID-r8r3-3x8p-ebh5", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://groups.google.com/group/comp.lang.ruby/browse_thread/thread/19f69e8a081fc0d1/e138e014b74352ca", "reference_id": "", "reference_type": "", "scores": [], "url": "http://groups.google.com/group/comp.lang.ruby/browse_thread/thread/19f69e8a081fc0d1/e138e014b74352ca" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3790.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3790.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96572", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96523", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96537", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96541", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96549", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96551", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96554", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96556", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96563", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96569", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96571", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3790" }, { "reference_url": "http://secunia.com/advisories/31602", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31602" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/33185", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33185" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44628" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10393", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10393" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml" }, { "reference_url": "http://weblog.rubyonrails.org/2008/9/3/rails-2-0-4-maintenance-release", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/9/3/rails-2-0-4-maintenance-release" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/08/25/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/08/25/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/08/26/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/08/26/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/08/26/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/08/26/4" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/" }, { "reference_url": "http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb" }, { "reference_url": "http://www.securityfocus.com/bid/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30802" }, { "reference_url": "http://www.securitytracker.com/id?1020735", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020735" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2428", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2428" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2483", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2483" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=460134", "reference_id": "460134", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=460134" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p287:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p287:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p287:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3790", "reference_id": "CVE-2008-3790", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3790" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32292.rb", "reference_id": "CVE-2008-3790;OSVDB-47753", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32292.rb" }, { "reference_url": "https://www.securityfocus.com/bid/30802/info", "reference_id": "CVE-2008-3790;OSVDB-47753", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/30802/info" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" }, { "reference_url": "https://usn.ubuntu.com/691-1/", "reference_id": "USN-691-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/691-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-3790", "GHSA-96jc-f6m3-pf2w", "OSV-47753" ], "risk_score": 9.0, "exploitability": "2.0", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r8r3-3x8p-ebh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62211?format=api", "vulnerability_id": "VCID-rh8q-s45v-xbhg", "summary": "Multiple vulnerabilities have been found in Ruby, allowing\n context-dependent attackers to cause a Denial of Service condition.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054422.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054422.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054436.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054436.html" }, { "reference_url": "http://osvdb.org/70958", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/70958" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1004.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1004.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13461", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13495", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13595", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13656", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13455", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13536", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13586", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13558", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1352", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13474", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13385", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13383", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13456", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1004" }, { "reference_url": "http://secunia.com/advisories/43434", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43434" }, { "reference_url": "http://secunia.com/advisories/43573", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43573" }, { "reference_url": "http://support.apple.com/kb/HT5281", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT5281" }, { "reference_url": "https://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:097", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:097" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/02/21/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2011/02/21/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/02/21/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2011/02/21/5" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0910.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0910.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/" }, { "reference_url": "http://www.securityfocus.com/bid/46460", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/46460" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0539", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0539" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=678913", "reference_id": "678913", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678913" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.8:dev:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.8:dev:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.8:dev:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:dev:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.3:dev:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:dev:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1004", "reference_id": "CVE-2011-1004", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1004" }, { "reference_url": "https://security.gentoo.org/glsa/201412-27", "reference_id": "GLSA-201412-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0909", "reference_id": "RHSA-2011:0909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0910", "reference_id": "RHSA-2011:0910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0910" }, { "reference_url": "https://usn.ubuntu.com/1377-1/", "reference_id": "USN-1377-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1377-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2011-1004", "GHSA-45wv-gc6w-fq7m", "OSV-70958" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rh8q-s45v-xbhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86968?format=api", "vulnerability_id": "VCID-weh8-bs3g-a3hp", "summary": "1.9.3: Possibility to bypass Ruby's $SAFE (level 4) semantics", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089554.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089554.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089887.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089887.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4464.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4464.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4464", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59327", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59364", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59347", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59329", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59362", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59368", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59349", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66494", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66527", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66467", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66428", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66464", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66513", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4464" }, { "reference_url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=37068", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=37068" }, { "reference_url": "https://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/10/02/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/10/02/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/10/03/9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/10/03/9" }, { "reference_url": "http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=862598", "reference_id": "862598", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=862598" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4464", "reference_id": "CVE-2012-4464", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4464" }, { "reference_url": "https://usn.ubuntu.com/1602-1/", "reference_id": "USN-1602-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1602-1/" }, { "reference_url": "https://usn.ubuntu.com/1614-1/", "reference_id": "USN-1614-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1614-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2012-4464", "GHSA-gjcp-rx5c-g849" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-weh8-bs3g-a3hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88232?format=api", "vulnerability_id": "VCID-xtny-ychb-fff1", "summary": "ruby: Incorrect checks for validity of X.509 certificates", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528" }, { "reference_url": "http://redmine.ruby-lang.org/issues/show/1091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://redmine.ruby-lang.org/issues/show/1091" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0642.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0642.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0642", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76742", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76618", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.7665", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76632", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76664", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76676", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76702", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76682", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76674", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76716", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76721", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76711", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0642" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528" }, { "reference_url": "http://secunia.com/advisories/33750", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33750" }, { "reference_url": "http://secunia.com/advisories/35699", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35699" }, { "reference_url": "http://secunia.com/advisories/35937", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35937" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48761" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11450" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:193", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:193" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2009-1140.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2009-1140.html" }, { "reference_url": "http://www.securityfocus.com/bid/33769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/33769" }, { "reference_url": "http://www.securitytracker.com/id?1022505", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1022505" }, { "reference_url": "http://www.ubuntu.com/usn/USN-805-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-805-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=486183", "reference_id": "486183", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=486183" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0642", "reference_id": "CVE-2009-0642", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1140", "reference_id": "RHSA-2009:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1140" }, { "reference_url": "https://usn.ubuntu.com/805-1/", "reference_id": "USN-805-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/805-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-0642", "GHSA-4gvm-4mw2-9fpv" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xtny-ychb-fff1" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.8.8" }